Class IntrusionException

  extended by java.lang.Throwable
      extended by java.lang.Exception
          extended by java.lang.RuntimeException
              extended by org.owasp.esapi.errors.IntrusionException
All Implemented Interfaces:

public class IntrusionException
extends java.lang.RuntimeException

An IntrusionException should be thrown anytime an error condition arises that is likely to be the result of an attack in progress. IntrusionExceptions are handled specially by the IntrusionDetector, which is equipped to respond by either specially logging the event, logging out the current user, or invalidating the current user's account.

Unlike other exceptions in the ESAPI, the IntrusionException is a RuntimeException so that it can be thrown from anywhere and will not require a lot of special exception handling.

Jeff Williams ([email protected])
See Also:
Serialized Form

Field Summary
protected  Logger logger
          The logger.
protected  java.lang.String logMessage
Constructor Summary
IntrusionException(java.lang.String userMessage, java.lang.String logMessage)
          Creates a new instance of IntrusionException.
IntrusionException(java.lang.String userMessage, java.lang.String logMessage, java.lang.Throwable cause)
          Instantiates a new intrusion exception.
Method Summary
 java.lang.String getLogMessage()
          Returns a String that is safe to display in logs, but probably not to users
 java.lang.String getUserMessage()
          Returns a String containing a message that is safe to display to users
Methods inherited from class java.lang.Throwable
fillInStackTrace, getCause, getLocalizedMessage, getMessage, getStackTrace, initCause, printStackTrace, printStackTrace, printStackTrace, setStackTrace, toString
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail


protected final transient Logger logger
The logger.


protected java.lang.String logMessage
Constructor Detail


public IntrusionException(java.lang.String userMessage,
                          java.lang.String logMessage)
Creates a new instance of IntrusionException.

userMessage - the message to display to users
logMessage - the message logged


public IntrusionException(java.lang.String userMessage,
                          java.lang.String logMessage,
                          java.lang.Throwable cause)
Instantiates a new intrusion exception.

userMessage - the message to display to users
logMessage - the message logged
cause - the cause
Method Detail


public java.lang.String getUserMessage()
Returns a String containing a message that is safe to display to users

a String containing a message that is safe to display to users


public java.lang.String getLogMessage()
Returns a String that is safe to display in logs, but probably not to users

a String containing a message that is safe to display in logs, but probably not to users

Copyright © 2010 The Open Web Application Security Project (OWASP). All Rights Reserved.