401643 Improved Authentication exception messages and provided quiet servlet exception

This commit is contained in:
Greg Wilkins 2013-02-25 13:59:56 +11:00
parent c60f18e7dd
commit 859710c2c5
5 changed files with 84 additions and 7 deletions

View File

@ -18,6 +18,7 @@
package org.eclipse.jetty.server;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
@ -35,6 +36,15 @@ import javax.servlet.http.HttpServletResponse;
*/
public interface Authentication
{
/* ------------------------------------------------------------ */
public static class Failed extends QuietServletException
{
public Failed(String message)
{
super(message);
}
}
/* ------------------------------------------------------------ */
/** A successful Authentication with User information.
*/

View File

@ -0,0 +1,53 @@
//
// ========================================================================
// Copyright (c) 1995-2013 Mort Bay Consulting Pty. Ltd.
// ------------------------------------------------------------------------
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
//
// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
//
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
//
// You may elect to redistribute this code under either of these licenses.
// ========================================================================
//
package org.eclipse.jetty.server;
import javax.servlet.ServletException;
/* ------------------------------------------------------------ */
/** A ServletException that is logged less verbosely than
* a normal ServletException.
* <p>
* Used for container generated exceptions that need only a message rather
* than a stack trace.
* </p>
*/
public class QuietServletException extends ServletException
{
public QuietServletException()
{
super();
}
public QuietServletException(String message, Throwable rootCause)
{
super(message,rootCause);
}
public QuietServletException(String message)
{
super(message);
}
public QuietServletException(Throwable rootCause)
{
super(rootCause);
}
}

View File

@ -2096,11 +2096,11 @@ public class Request implements HttpServletRequest
{
_authentication=((Authentication.Deferred)_authentication).login(username,password,this);
if (_authentication == null)
throw new ServletException("Authentication failed for "+username+" in "+_authentication);
throw new Authentication.Failed("Authentication failed for username '"+username+"'");
}
else
{
throw new ServletException("Already authenticated as "+_authentication);
throw new Authentication.Failed("Authenticated failed for username '"+username+"'. Already authenticated as "+_authentication);
}
}

View File

@ -185,7 +185,7 @@ public abstract class HttpServerTestBase extends HttpServerTestFixture
@Override
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
{
throw new ServletException("TEST handler exception");
throw new QuietServletException("TEST handler exception");
}
});

View File

@ -54,6 +54,7 @@ import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.SecurityHandler;
import org.eclipse.jetty.server.Dispatcher;
import org.eclipse.jetty.server.HttpChannel;
import org.eclipse.jetty.server.QuietServletException;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.ServletRequestHttpWrapper;
import org.eclipse.jetty.server.ServletResponseHttpWrapper;
@ -476,10 +477,20 @@ public class ServletHandler extends ScopedHandler
}
else if (th instanceof ServletException)
{
LOG.warn(th);
Throwable cause=((ServletException)th).getRootCause();
if (cause!=null)
if (th instanceof QuietServletException)
{
LOG.debug(th);
LOG.warn(th.toString());
}
else
LOG.warn(th);
while (th instanceof ServletException)
{
Throwable cause=((ServletException)th).getRootCause();
if (cause==null)
break;
th=cause;
}
}
// handle or log exception
else if (th instanceof EofException)
@ -1392,6 +1403,7 @@ public class ServletHandler extends ScopedHandler
}
/* ------------------------------------------------------------ */
@Override
public void doFilter(ServletRequest request, ServletResponse response)
throws IOException, ServletException
{
@ -1443,6 +1455,7 @@ public class ServletHandler extends ScopedHandler
}
@Override
public String toString()
{
if (_filterHolder!=null)
@ -1471,6 +1484,7 @@ public class ServletHandler extends ScopedHandler
}
/* ------------------------------------------------------------ */
@Override
public void doFilter(ServletRequest request, ServletResponse response)
throws IOException, ServletException
{
@ -1524,6 +1538,7 @@ public class ServletHandler extends ScopedHandler
}
/* ------------------------------------------------------------ */
@Override
public String toString()
{
StringBuilder b = new StringBuilder();
@ -1572,5 +1587,4 @@ public class ServletHandler extends ScopedHandler
_contextHandler.destroyFilter(filter);
}
}