NIFI-12293 Standardized HTTP error response messages (#7957)

- Updated ExceptionFilter and AuthenticationFilter with standard messages

This closes #7957

minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/configuration/ListenerHandleResult.java

@@ -49,7 +49,7 @@ public class ListenerHandleResult {
         if (failureCause == null) {
             return getDescriptor() + " successfully handled the configuration change";
         } else {
-            return getDescriptor() + " FAILED to handle the configuration change due to: '" + failureCause.getMessage() + "'";
+            return getDescriptor() + " FAILED to handle the configuration change";
         }
     }
 }

nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/filter/ExceptionFilter.java

@@ -17,8 +17,6 @@
 package org.apache.nifi.web.filter;
 
 import java.io.IOException;
-import java.io.PrintWriter;
-import java.io.StringWriter;
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
@@ -44,20 +42,12 @@ public class ExceptionFilter implements Filter {
 
         try {
             filterChain.doFilter(req, resp);
-        } catch (RequestRejectedException e) {
+        } catch (final RequestRejectedException e) {
-            if (logger.isDebugEnabled()) {
+            logger.warn("Client request rejected", e);
-                logger.debug("An exception was caught performing the HTTP request security filter check and the stacktrace has been suppressed from the response");
-            }
 
-            HttpServletResponse filteredResponse = (HttpServletResponse) resp;
+            final HttpServletResponse filteredResponse = (HttpServletResponse) resp;
             filteredResponse.setStatus(500);
-            filteredResponse.getWriter().write(e.getMessage());
+            filteredResponse.getWriter().write("Client request rejected");
-
-            StringWriter sw = new StringWriter();
-            sw.write("Exception caught by ExceptionFilter:\n");
-            PrintWriter pw = new PrintWriter(sw);
-            e.printStackTrace(pw);
-            logger.error(sw.toString());
         }
     }
 

nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/NiFiAuthenticationFilter.java

@@ -138,14 +138,14 @@ public abstract class NiFiAuthenticationFilter extends GenericFilterBean {
         // use the type of authentication exception to determine the response code
         if (ae instanceof InvalidAuthenticationException) {
             response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-            out.println(ae.getMessage());
+            out.println("Authentication credentials invalid");
         } else if (ae instanceof UntrustedProxyException) {
             response.setStatus(HttpServletResponse.SC_FORBIDDEN);
-            out.println(ae.getMessage());
+            out.println("Authentication Proxy Server not trusted");
         } else if (ae instanceof AuthenticationServiceException) {
             log.error("Authentication Service Failed: {}", ae.getMessage(), ae);
             response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
-            out.println(String.format("Unable to authenticate: %s", ae.getMessage()));
+            out.println("Authentication service processing failed");
         } else {
             log.error("Authentication Exception: {}", ae.getMessage(), ae);
             response.setStatus(HttpServletResponse.SC_FORBIDDEN);