diff options
Diffstat (limited to 'eaaf_core/src/main')
3 files changed, 93 insertions, 37 deletions
| diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java index 673b53c2..8bcb5305 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java @@ -68,13 +68,15 @@ public class ErrorTicketService {      if (StringUtils.isEmpty(ticketConfPath)) {        log.error("Error: Path to errorhandling action configuration not known"); -      throw new EaafException("Error: Path to errorhandling action configuration not known"); +      throw new EaafException("internal.configuration.00", +          new Object[]{CONFIG_PROP_ERRORHANDLING_ACTION_PATH});      } else {        Properties getProperties = new Properties(); +      String fullFilePath = null;        try { -        final String fullFilePath = FileUtils +        fullFilePath = FileUtils              .makeAbsoluteUrl(ticketConfPath, basicConfig.getConfigurationRootDirectory());          final Resource ressource = resourceLoader.getResource(fullFilePath);          final InputStream is = ressource.getInputStream(); @@ -86,8 +88,9 @@ public class ErrorTicketService {          //        log.error("working: " + propertyMap.get("auth.00"));        } catch (Exception e) { -        log.error("Error: something went wrong", e); -        throw new EaafException("Error: Parsing errorhandling actions failed", new Object[]{}, e); +        log.error("Error: could not found file.", e); +        throw new EaafException("internal.configuration.01", +            new Object[]{CONFIG_PROP_ERRORHANDLING_ACTION_PATH, "File cloud not be found."});        }      }    } @@ -153,7 +156,7 @@ public class ErrorTicketService {      } else {        data.generateSupportTicket();        throw new EaafException("internal.configuration.00", -          new Object[]{data.errorCode + "in on_error_action" + ".properties"}); +          new Object[]{data.errorCode + " in on_error_action" + ".properties"});      }    } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index 6cbd72a5..d078d085 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -33,6 +33,7 @@ import at.gv.egiz.eaaf.core.api.idp.IAction;  import at.gv.egiz.eaaf.core.api.idp.IAuthData;  import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder;  import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.IModulInfo;  import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;  import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;  import at.gv.egiz.eaaf.core.api.idp.auth.ISsoManager; @@ -231,14 +232,9 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer    public void buildProtocolSpecificErrorResponse(final Throwable throwable, final HttpServletRequest req,        final HttpServletResponse resp, final IRequest protocolRequest) throws EaafException, IOException {      try { -        ErrorTicketService.HandleData errorData = errorTicketService.createHandleData(throwable, req); - -      if (errorData.getActionType().equals(ErrorTicketService.ActionType.NOTICKET_REDIRECT) || errorData.getActionType() -          .equals(ErrorTicketService.ActionType.TICKET_REDIRECT)) { - -        displayException(req, resp, errorData); +      if (errorData.getActionType().equals(ErrorTicketService.ActionType.TICKET_REDIRECT)) {          // Put pending request          ExceptionContainer exceptionContainer = new ExceptionContainer(protocolRequest, throwable); @@ -255,6 +251,27 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer          // log Error Message          statisticLogger.logErrorOperation(throwable, protocolRequest); +        displayException(req, resp, errorData); + +      } else if (errorData.getActionType().equals(ErrorTicketService.ActionType.NOTICKET_REDIRECT)) { +        IModulInfo handlingModule = extractShibbolethHandling(protocolRequest, applicationContext); + +        if (handlingModule.generateErrorMessage(throwable, req, resp, protocolRequest)) { + +          // log Error to technical log +          logExceptionToTechnicalLog(errorData); + +          // log Error Message +          statisticLogger.logErrorOperation(throwable, protocolRequest); + +          // write revision log entries +          revisionsLogger.logEvent(protocolRequest, EventConstants.TRANSACTION_ERROR, +              protocolRequest.getUniqueTransactionIdentifier()); + +        } else { +          throw throwable; //through it on to handleErrorNoRedirect + +        }        } else {          throw throwable; //through it on to handleErrorNoRedirect @@ -262,32 +279,73 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer        }      } catch (final Throwable e) { // -      handleErrorNoRedirect(throwable, req, resp, true); +      // if building error response results in error, we try with with handleErrorNoRedirect +      handleErrorNoRedirect(e, req, resp, true);      }    } +  /** +   * Retrieves shibboleth module info. +   * @param protocolRequest current request +   * @param applicationContext spring context +   * @return IModulInfo +   * @throws ClassNotFoundException If no shibboleth handling implementation found +   */ +  public static IModulInfo extractShibbolethHandling(IRequest protocolRequest, +      ApplicationContext applicationContext) throws ClassNotFoundException { +    final Class<?> clazz = Class.forName(protocolRequest.requestedModule()); + +    if (clazz == null || !IModulInfo.class.isAssignableFrom(clazz)) { +      log.error( +          "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); +      throw new ClassCastException( +          "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); + +    } + +    return (IModulInfo) applicationContext.getBean(clazz); +  } +    @Override    public void handleErrorNoRedirect(final Throwable throwable, final HttpServletRequest req, -      final HttpServletResponse resp, final boolean writeExceptionToStatisticLog) throws IOException, EaafException { +      final HttpServletResponse resp, final boolean writeExceptionToStatisticLog) { +    handleErrorNoRedirect(throwable, req, resp, writeExceptionToStatisticLog, false); +  } -    ErrorTicketService.HandleData errorData = errorTicketService.createHandleData(throwable, req); +  private void handleErrorNoRedirect(final Throwable throwable, final HttpServletRequest req, +      final HttpServletResponse resp, final boolean writeExceptionToStatisticLog, final boolean recall) { +    ErrorTicketService.HandleData errorData = null; +    try { +      errorData = errorTicketService.createHandleData(throwable, req); -    // log Exception into statistic database -    if (writeExceptionToStatisticLog) { -      statisticLogger.logErrorOperation(throwable); -    } +      // log Exception into statistic database +      if (writeExceptionToStatisticLog) { +        statisticLogger.logErrorOperation(throwable); +      } -    // write errror to console -    logExceptionToTechnicalLog(errorData); +      // write errror to console +      logExceptionToTechnicalLog(errorData); + +      if (errorData.getActionType().equals(ErrorTicketService.ActionType.NOTICKET_NOREDIRECT) || errorData +          .getActionType().equals(ErrorTicketService.ActionType.TICKET_NOREDIRECT) || recall) { +        // return error to Web browser +        displayException(req, resp, errorData); +      } else { +        // TODO introduce separate error type? +        throw new EaafException("internal.configuration.01", new Object[]{ +            errorData.getErrorCode() + " in on_error_action" + ".properties", "Erroraction mapping mismatch"}); +      } + +    } catch (EaafException e) { +      // retry +      handleErrorNoRedirect(e, req, resp, writeExceptionToStatisticLog, true); + +    } catch (IOException e) { +      // retry +      handleErrorNoRedirect(new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, null, e), req, resp, +          writeExceptionToStatisticLog, true); -    if (errorData.getActionType().equals(ErrorTicketService.ActionType.NOTICKET_NOREDIRECT) || errorData.getActionType() -        .equals(ErrorTicketService.ActionType.TICKET_NOREDIRECT)) { -      // return error to Web browser -      displayException(req, resp, errorData); -    } else { -      throw new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, null, -          new Exception("On Erroraction mapping mismatch", throwable));      }    } @@ -475,6 +533,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer          ModifyableGuiBuilderConfiguration c = (ModifyableGuiBuilderConfiguration) config;          c.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG, PARAM_GUI_ERROMSG, msg);          c.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG, PARAM_GUI_ERRORCODE, errorCode); +        // TODO: should we keep the internal errorcode secret?          c.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG, PARAM_GUI_EXTERNAL_ERRORCODE,              externalErrorCode);          c.putCustomParameterWithOutEscaption(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG, diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java index acb9b84c..20f4c6ea 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java @@ -28,6 +28,7 @@ import at.gv.egiz.eaaf.core.api.data.ExceptionContainer;  import at.gv.egiz.eaaf.core.api.idp.IModulInfo;  import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy;  import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.idp.auth.services.ProtocolAuthenticationService;  import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils;  import org.apache.commons.text.StringEscapeUtils;  import org.slf4j.Logger; @@ -59,6 +60,7 @@ public class ProtocolFinalizationController extends AbstractController {    @Autowired    IPendingRequestIdGenerationStrategy requestIdValidationStragegy; +    /**     * Handles incoming requests for redirects to IDP.     * @param req  http request @@ -96,16 +98,8 @@ public class ProtocolFinalizationController extends AbstractController {              pendingReq = container.getPendingRequest();              if (pendingReq != null) { -              final Class<?> clazz = Class.forName(pendingReq.requestedModule()); - -              if (clazz == null || !IModulInfo.class.isAssignableFrom(clazz)) { -                log.error("Requested protocol module Class is NULL or does not implement the IModulInfo interface."); -                throw new ClassCastException( -                    "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); - -              } - -              final IModulInfo handlingModule = (IModulInfo) applicationContext.getBean(clazz); +              IModulInfo handlingModule = ProtocolAuthenticationService +                  .extractShibbolethHandling(pendingReq, applicationContext);                handlingModule.generateErrorMessage(throwable, req, resp, pendingReq);              } | 
