Commit 0130d5f6 authored by Gradl, Tobias's avatar Gradl, Tobias
Browse files

712: Implement error handling

Task-Url: https://minfba.de.dariah.eu/mantisbt/view.php?id=712
parent 3bead8f1
......@@ -2,20 +2,92 @@ package eu.dariah.de.dariahsp.sample.exceptions;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.opensaml.common.SAMLException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.web.WebAttributes;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
/**
*
* @author tobias
*
* Requires web.xml adaption:
* <error-page>
* <location>/errors</location>
* </error-page>
*
*/
@Controller
@RequestMapping(value="/error")
@RequestMapping(value="/errors")
public class SampleExceptionController {
protected static final Logger logger = LoggerFactory.getLogger(SampleExceptionController.class);
@RequestMapping(value = {"", "/"}, method = {RequestMethod.GET, RequestMethod.POST })
public ModelAndView renderErrorPage(HttpServletRequest httpRequest) {
ModelAndView errorPage = new ModelAndView("error");
String errorMsg = "";
int httpErrorCode = getErrorCode(httpRequest);
switch (httpErrorCode) {
case 400: {
errorMsg = "Http Error Code: 400. Bad Request";
break;
}
case 401: {
errorMsg = "Http Error Code: 401. Unauthorized";
break;
}
case 403: {
errorMsg = "Http Error Code: 403. Forbidden";
break;
}
case 404: {
errorMsg = "Http Error Code: 404. Resource not found";
break;
}
default: {
errorMsg = "Internal Server Error";
break;
}
}
if (httpRequest.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION)!=null) {
Exception authEx = (Exception)httpRequest.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
if (authEx.getCause()!=null && authEx.getCause() instanceof SAMLException) {
this.handleSAMLException((SAMLException)authEx.getCause());
}
errorMsg = authEx.getMessage();
}
errorPage.addObject("errorMsg", errorMsg);
return errorPage;
}
@RequestMapping(value = {"", "/"}, method = RequestMethod.GET)
public String getHome(HttpServletResponse response) throws IOException {
return "error";
private void handleSAMLException(SAMLException exception) {
// Special exception: IDP Authentication too old, needs refresh
if (exception.getCause()!=null && exception.getCause() instanceof CredentialsExpiredException) {
}
}
private int getErrorCode(HttpServletRequest httpRequest) {
if (httpRequest.getAttribute("javax.servlet.error.status_code")==null) {
return -1;
}
return (Integer) httpRequest.getAttribute("javax.servlet.error.status_code");
}
}
......@@ -3,6 +3,8 @@ package eu.dariah.de.dariahsp.sample.exceptions;
import javax.activity.InvalidActivityException;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.annotation.AnnotationUtils;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
......@@ -13,6 +15,8 @@ import org.springframework.http.HttpStatus;
@ControllerAdvice
public class SampleExceptionHandler {
protected static final Logger logger = LoggerFactory.getLogger(SampleExceptionHandler.class);
public static final String DEFAULT_ERROR_VIEW = "error";
@ResponseStatus(HttpStatus.CONFLICT) // 409
......@@ -33,7 +37,7 @@ public class SampleExceptionHandler {
// Otherwise setup and send the user to a default error-view.
ModelAndView mav = new ModelAndView();
mav.addObject("exception", e);
mav.addObject("errorMsg", e);
mav.addObject("url", req.getRequestURL());
mav.setViewName(DEFAULT_ERROR_VIEW);
return mav;
......
......@@ -20,6 +20,8 @@
<security:http entry-point-ref="securityEntryPoint" use-expressions="false" access-decision-manager-ref="accessDecisionManager" >
<security:intercept-url pattern="/protected/**" access="IS_AUTHENTICATED_FULLY"/>
<security:intercept-url pattern="/overprotected/**" access="ROLE_UBERROLE"/>
<security:intercept-url pattern="/saml/web/**" access="IS_AUTHENTICATED_FULLY"/>
<!-- <security:intercept-url pattern="/saml/web/**" access="ROLE_ADMIN"/> -->
......@@ -76,6 +78,8 @@
<bean id="roleLevelVoter" class="eu.dariah.de.dariahsp.web.RoleLevelVoter">
<property name="roleLevels">
<map>
<!-- First role for demonstration only, remove in implementations -->
<entry key="ROLE_UBERROLE" value="1000" />
<entry key="ROLE_ADMINISTRATOR" value="100" />
<entry key="ROLE_CONTRIBUTOR" value="60" />
<entry key="ROLE_USER" value="20" />
......
<%@ page language="java" contentType="text/html;charset=UTF-8" pageEncoding="UTF-8" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="s" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="sf" uri="http://www.springframework.org/tags/form" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="tiles" uri="http://tiles.apache.org/tags-tiles" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<tiles:importAttribute name="fluidLayout" />
<div class="jumbotron">
<div class="container<c:if test="${fluidLayout==true}">-fluid</c:if>">
<div class="row">
<div class="xs-hidden sm-visible col-sm-3 col-lg-2 col-sm-offset-1">
<div class="pull-right dariah-flower-white-83">DARIAHSP Test App</div>
</div>
</div>
</div>
</div>
<div class="container<c:if test="${fluidLayout==true}">-fluid</c:if>">
<div class="row">
<div id="main-content-wrapper" class="col-sm-10 col-sm-offset-1">
<ul class="breadcrumb">
<li class="active">Home</li>
</ul>
<div id="main-content">
<h2>Error</h2>
<p>
${errorMsg}
</p>
</div>
</div>
</div>
</div>
......@@ -50,7 +50,10 @@
</definition>
<!-- Errors -->
<definition name="error" extends="template_simple">
<put-attribute name="content" value="/WEB-INF/view/jsp/error.jsp" />
</definition>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment