IntrusionException (ESAPI 2.1.0.1 API)

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- java.lang.Throwable
- - java.lang.Exception
  - - java.lang.RuntimeException
    - - org.owasp.esapi.errors.EnterpriseSecurityRuntimeException
      - org.owasp.esapi.errors.IntrusionException

All Implemented Interfaces:

Serializable
```
public class IntrusionException
extends EnterpriseSecurityRuntimeException
```
An IntrusionException should be thrown anytime an error condition arises that is likely to be the result of an attack in progress. IntrusionExceptions are handled specially by the IntrusionDetector, which is equipped to respond by either specially logging the event, logging out the current user, or invalidating the current user's account.
Unlike other exceptions in the ESAPI, the IntrusionException is a RuntimeException so that it can be thrown from anywhere and will not require a lot of special exception handling.

Author:

Jeff Williams (jeff.williams@aspectsecurity.com)

See Also:
Serialized Form

Field Summary

Fields
Modifier and Type Field and Description

protected Logger logger
The logger.

protected String logMessage

Constructor Summary

Constructors
Constructor and Description
`IntrusionException(String userMessage, String logMessage)` Creates a new instance of IntrusionException.
`IntrusionException(String userMessage, String logMessage, Throwable cause)` Instantiates a new intrusion exception.

Method Summary

Methods
Modifier and Type	Method and Description
`String`	`getLogMessage()` Returns a String that is safe to display in logs, but probably not to users
`String`	`getUserMessage()` Returns a String containing a message that is safe to display to users

Methods inherited from class java.lang.Throwable
addSuppressed, fillInStackTrace, getCause, getLocalizedMessage, getMessage, getStackTrace, getSuppressed, initCause, printStackTrace, printStackTrace, printStackTrace, setStackTrace, toString

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Field Detail
  - logger
```
protected final transient Logger logger
```
    The logger.
  - logMessage
```
protected String logMessage
```
- Constructor Detail
  - IntrusionException
```
public IntrusionException(String userMessage,
                  String logMessage)
```
    Creates a new instance of IntrusionException.
    
    Parameters:
    userMessage - the message to display to users
    logMessage - the message logged
  - IntrusionException
```
public IntrusionException(String userMessage,
                  String logMessage,
                  Throwable cause)
```
    Instantiates a new intrusion exception.
    
    Parameters:
    userMessage - the message to display to users
    logMessage - the message logged
    cause - the cause
- Method Detail
  - getUserMessage
```
public String getUserMessage()
```
    Returns a String containing a message that is safe to display to users
    
    Overrides:
    
    getUserMessage in class EnterpriseSecurityRuntimeException
    
    Returns:
    a String containing a message that is safe to display to users
  - getLogMessage
```
public String getLogMessage()
```
    Returns a String that is safe to display in logs, but probably not to users
    
    Overrides:
    
    getLogMessage in class EnterpriseSecurityRuntimeException
    
    Returns:
    a String containing a message that is safe to display in logs, but probably not to users

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Copyright © 2016 The Open Web Application Security Project (OWASP). All rights reserved.