Uses of Class
org.owasp.esapi.errors.AccessControlException
-
Packages that use AccessControlException Package Description org.owasp.esapi The ESAPI interfaces andException
classes model the most important security functions to enterprise web applications.org.owasp.esapi.reference This package contains reference implementations of the ESAPI interfaces.org.owasp.esapi.reference.accesscontrol org.owasp.esapi.reference.accesscontrol.policyloader -
-
Uses of AccessControlException in org.owasp.esapi
Methods in org.owasp.esapi that throw AccessControlException Modifier and Type Method Description void
AccessController. assertAuthorized(java.lang.Object key, java.lang.Object runtimeParameter)
assertAuthorized
executes theAccessControlRule
that is identified bykey
and listed in theresources/ESAPI-AccessControlPolicy.xml
file.void
AccessController. assertAuthorizedForData(java.lang.String action, java.lang.Object data)
Deprecated.void
AccessController. assertAuthorizedForFile(java.lang.String filepath)
Deprecated.void
AccessController. assertAuthorizedForFunction(java.lang.String functionName)
Deprecated.void
AccessController. assertAuthorizedForService(java.lang.String serviceName)
Deprecated.void
AccessController. assertAuthorizedForURL(java.lang.String url)
Deprecated.void
HTTPUtilities. assertSecureChannel()
Calls assertSecureChannel with the *current* request.void
HTTPUtilities. assertSecureChannel(javax.servlet.http.HttpServletRequest request)
Ensures the use of SSL to protect any sensitive parameters in the request and any sensitive data in the response.void
HTTPUtilities. assertSecureRequest()
Calls assertSecureRequest with the *current* request.void
HTTPUtilities. assertSecureRequest(javax.servlet.http.HttpServletRequest request)
Ensures that the request uses both SSL and POST to protect any sensitive parameters in the querystring from being sniffed, logged, bookmarked, included in referer header, etc...<T> T
AccessReferenceMap. getDirectReference(K indirectReference)
Get the original direct object reference from an indirect reference.<T> K
AccessReferenceMap. removeDirectReference(T direct)
Removes a direct reference and its associated indirect reference from the AccessReferenceMap.void
HTTPUtilities. sendForward(java.lang.String location)
Calls sendForward with the *current* request and response.void
HTTPUtilities. sendForward(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String location)
This method performs a forward to any resource located inside the WEB-INF directory.void
HTTPUtilities. sendRedirect(java.lang.String location)
Calls sendRedirect with the *current* response.void
HTTPUtilities. sendRedirect(javax.servlet.http.HttpServletResponse response, java.lang.String location)
This method performs a forward to any resource located inside the WEB-INF directory. -
Uses of AccessControlException in org.owasp.esapi.reference
Methods in org.owasp.esapi.reference that throw AccessControlException Modifier and Type Method Description void
DefaultAccessController. assertAuthorized(java.lang.Object key, java.lang.Object runtimeParameter)
assertAuthorized
executes theAccessControlRule
that is identified bykey
and listed in theresources/ESAPI-AccessControlPolicy.xml
file.void
DefaultAccessController. assertAuthorizedForData(java.lang.String action, java.lang.Object data)
Checks if the current user is authorized to access the referenced data.void
DefaultAccessController. assertAuthorizedForFile(java.lang.String filepath)
Deprecated.void
DefaultAccessController. assertAuthorizedForFunction(java.lang.String functionName)
Checks if the current user is authorized to access the referenced function.void
DefaultAccessController. assertAuthorizedForService(java.lang.String serviceName)
Checks if the current user is authorized to access the referenced service.void
DefaultAccessController. assertAuthorizedForURL(java.lang.String url)
Checks if the current user is authorized to access the referenced URL.void
DefaultHTTPUtilities. assertSecureChannel()
Calls assertSecureChannel with the *current* request.void
DefaultHTTPUtilities. assertSecureChannel(javax.servlet.http.HttpServletRequest request)
Ensures the use of SSL to protect any sensitive parameters in the request and any sensitive data in the response.void
DefaultHTTPUtilities. assertSecureRequest()
Calls assertSecureRequest with the *current* request.void
DefaultHTTPUtilities. assertSecureRequest(javax.servlet.http.HttpServletRequest request)
Ensures that the request uses both SSL and POST to protect any sensitive parameters in the querystring from being sniffed, logged, bookmarked, included in referer header, etc...<T> T
AbstractAccessReferenceMap. getDirectReference(K indirectReference)
Get the original direct object reference from an indirect reference.static AccessController
DefaultAccessController. getInstance()
<T> K
AbstractAccessReferenceMap. removeDirectReference(T direct)
Removes a direct reference and its associated indirect reference from the AccessReferenceMap.void
DefaultHTTPUtilities. sendForward(java.lang.String location)
Calls sendForward with the *current* request and response.void
DefaultHTTPUtilities. sendForward(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.lang.String location)
This method performs a forward to any resource located inside the WEB-INF directory.void
DefaultHTTPUtilities. sendRedirect(java.lang.String location)
Calls sendRedirect with the *current* response.void
DefaultHTTPUtilities. sendRedirect(javax.servlet.http.HttpServletResponse response, java.lang.String location)
This method performs a forward to any resource located inside the WEB-INF directory. -
Uses of AccessControlException in org.owasp.esapi.reference.accesscontrol
Methods in org.owasp.esapi.reference.accesscontrol that throw AccessControlException Modifier and Type Method Description void
ExperimentalAccessController. assertAuthorized(java.lang.Object key, java.lang.Object runtimeParameter)
void
ExperimentalAccessController. assertAuthorizedForData(java.lang.String action, java.lang.Object data)
Deprecated.void
ExperimentalAccessController. assertAuthorizedForFile(java.lang.String filepath)
Deprecated.void
ExperimentalAccessController. assertAuthorizedForFunction(java.lang.String functionName)
Deprecated.void
ExperimentalAccessController. assertAuthorizedForService(java.lang.String serviceName)
Deprecated.void
ExperimentalAccessController. assertAuthorizedForURL(java.lang.String url)
Deprecated.boolean
FileBasedACRs. isAuthorizedForData(java.lang.String action, java.lang.Object data)
TODO Javadocboolean
FileBasedACRs. isAuthorizedForFile(java.lang.String filepath)
TODO Javadocboolean
FileBasedACRs. isAuthorizedForFunction(java.lang.String functionName)
TODO Javadocboolean
FileBasedACRs. isAuthorizedForService(java.lang.String serviceName)
TODO JavadocConstructors in org.owasp.esapi.reference.accesscontrol that throw AccessControlException Constructor Description ExperimentalAccessController()
-
Uses of AccessControlException in org.owasp.esapi.reference.accesscontrol.policyloader
Methods in org.owasp.esapi.reference.accesscontrol.policyloader that throw AccessControlException Modifier and Type Method Description void
PolicyDTO. addAccessControlRule(java.lang.String key, java.lang.String accessControlRuleClassName, java.lang.Object policyParameter)
PolicyDTO
ACRPolicyFileLoader. load()
-