Package org.owasp.esapi.errors
Class IntrusionException
- java.lang.Object
-
- java.lang.Throwable
-
- java.lang.Exception
-
- java.lang.RuntimeException
-
- org.owasp.esapi.errors.EnterpriseSecurityRuntimeException
-
- org.owasp.esapi.errors.IntrusionException
-
- All Implemented Interfaces:
java.io.Serializable
public class IntrusionException extends EnterpriseSecurityRuntimeException
An IntrusionException should be thrown anytime an error condition arises that is likely to be the result of an attack in progress. IntrusionExceptions are handled specially by the IntrusionDetector, which is equipped to respond by either specially logging the event, logging out the current user, or invalidating the current user's account.Unlike other exceptions in the ESAPI, the IntrusionException is a RuntimeException so that it can be thrown from anywhere and will not require a lot of special exception handling.
- Author:
- Jeff Williams (jeff.williams@aspectsecurity.com)
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description protected Logger
logger
The logger.protected java.lang.String
logMessage
-
Constructor Summary
Constructors Constructor Description IntrusionException(java.lang.String userMessage, java.lang.String logMessage)
Creates a new instance of IntrusionException.IntrusionException(java.lang.String userMessage, java.lang.String logMessage, java.lang.Throwable cause)
Instantiates a new intrusion exception.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.String
getLogMessage()
Returns a String that is safe to display in logs, but probably not to usersjava.lang.String
getUserMessage()
Returns a String containing a message that is safe to display to users
-
-
-
Field Detail
-
logger
protected final transient Logger logger
The logger.
-
logMessage
protected java.lang.String logMessage
-
-
Constructor Detail
-
IntrusionException
public IntrusionException(java.lang.String userMessage, java.lang.String logMessage)
Creates a new instance of IntrusionException.- Parameters:
userMessage
- the message to display to userslogMessage
- the message logged
-
IntrusionException
public IntrusionException(java.lang.String userMessage, java.lang.String logMessage, java.lang.Throwable cause)
Instantiates a new intrusion exception.- Parameters:
userMessage
- the message to display to userslogMessage
- the message loggedcause
- the cause
-
-
Method Detail
-
getUserMessage
public java.lang.String getUserMessage()
Returns a String containing a message that is safe to display to users- Overrides:
getUserMessage
in classEnterpriseSecurityRuntimeException
- Returns:
- a String containing a message that is safe to display to users
-
getLogMessage
public java.lang.String getLogMessage()
Returns a String that is safe to display in logs, but probably not to users- Overrides:
getLogMessage
in classEnterpriseSecurityRuntimeException
- Returns:
- a String containing a message that is safe to display in logs, but probably not to users
-
-