diff options
Diffstat (limited to 'eaaf_core')
3 files changed, 93 insertions, 37 deletions
diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java index 673b53c2..8bcb5305 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ErrorTicketService.java @@ -68,13 +68,15 @@ public class ErrorTicketService { if (StringUtils.isEmpty(ticketConfPath)) { log.error("Error: Path to errorhandling action configuration not known"); - throw new EaafException("Error: Path to errorhandling action configuration not known"); + throw new EaafException("internal.configuration.00", + new Object[]{CONFIG_PROP_ERRORHANDLING_ACTION_PATH}); } else { Properties getProperties = new Properties(); + String fullFilePath = null; try { - final String fullFilePath = FileUtils + fullFilePath = FileUtils .makeAbsoluteUrl(ticketConfPath, basicConfig.getConfigurationRootDirectory()); final Resource ressource = resourceLoader.getResource(fullFilePath); final InputStream is = ressource.getInputStream(); @@ -86,8 +88,9 @@ public class ErrorTicketService { // log.error("working: " + propertyMap.get("auth.00")); } catch (Exception e) { - log.error("Error: something went wrong", e); - throw new EaafException("Error: Parsing errorhandling actions failed", new Object[]{}, e); + log.error("Error: could not found file.", e); + throw new EaafException("internal.configuration.01", + new Object[]{CONFIG_PROP_ERRORHANDLING_ACTION_PATH, "File cloud not be found."}); } } } @@ -153,7 +156,7 @@ public class ErrorTicketService { } else { data.generateSupportTicket(); throw new EaafException("internal.configuration.00", - new Object[]{data.errorCode + "in on_error_action" + ".properties"}); + new Object[]{data.errorCode + " in on_error_action" + ".properties"}); } } diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java index 6cbd72a5..d078d085 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/auth/services/ProtocolAuthenticationService.java @@ -33,6 +33,7 @@ import at.gv.egiz.eaaf.core.api.idp.IAction; import at.gv.egiz.eaaf.core.api.idp.IAuthData; import at.gv.egiz.eaaf.core.api.idp.IAuthenticationDataBuilder; import at.gv.egiz.eaaf.core.api.idp.IConfiguration; +import at.gv.egiz.eaaf.core.api.idp.IModulInfo; import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration; import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager; import at.gv.egiz.eaaf.core.api.idp.auth.ISsoManager; @@ -231,14 +232,9 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer public void buildProtocolSpecificErrorResponse(final Throwable throwable, final HttpServletRequest req, final HttpServletResponse resp, final IRequest protocolRequest) throws EaafException, IOException { try { - ErrorTicketService.HandleData errorData = errorTicketService.createHandleData(throwable, req); - - if (errorData.getActionType().equals(ErrorTicketService.ActionType.NOTICKET_REDIRECT) || errorData.getActionType() - .equals(ErrorTicketService.ActionType.TICKET_REDIRECT)) { - - displayException(req, resp, errorData); + if (errorData.getActionType().equals(ErrorTicketService.ActionType.TICKET_REDIRECT)) { // Put pending request ExceptionContainer exceptionContainer = new ExceptionContainer(protocolRequest, throwable); @@ -255,6 +251,27 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer // log Error Message statisticLogger.logErrorOperation(throwable, protocolRequest); + displayException(req, resp, errorData); + + } else if (errorData.getActionType().equals(ErrorTicketService.ActionType.NOTICKET_REDIRECT)) { + IModulInfo handlingModule = extractShibbolethHandling(protocolRequest, applicationContext); + + if (handlingModule.generateErrorMessage(throwable, req, resp, protocolRequest)) { + + // log Error to technical log + logExceptionToTechnicalLog(errorData); + + // log Error Message + statisticLogger.logErrorOperation(throwable, protocolRequest); + + // write revision log entries + revisionsLogger.logEvent(protocolRequest, EventConstants.TRANSACTION_ERROR, + protocolRequest.getUniqueTransactionIdentifier()); + + } else { + throw throwable; //through it on to handleErrorNoRedirect + + } } else { throw throwable; //through it on to handleErrorNoRedirect @@ -262,32 +279,73 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer } } catch (final Throwable e) { // - handleErrorNoRedirect(throwable, req, resp, true); + // if building error response results in error, we try with with handleErrorNoRedirect + handleErrorNoRedirect(e, req, resp, true); } } + /** + * Retrieves shibboleth module info. + * @param protocolRequest current request + * @param applicationContext spring context + * @return IModulInfo + * @throws ClassNotFoundException If no shibboleth handling implementation found + */ + public static IModulInfo extractShibbolethHandling(IRequest protocolRequest, + ApplicationContext applicationContext) throws ClassNotFoundException { + final Class<?> clazz = Class.forName(protocolRequest.requestedModule()); + + if (clazz == null || !IModulInfo.class.isAssignableFrom(clazz)) { + log.error( + "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); + throw new ClassCastException( + "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); + + } + + return (IModulInfo) applicationContext.getBean(clazz); + } + @Override public void handleErrorNoRedirect(final Throwable throwable, final HttpServletRequest req, - final HttpServletResponse resp, final boolean writeExceptionToStatisticLog) throws IOException, EaafException { + final HttpServletResponse resp, final boolean writeExceptionToStatisticLog) { + handleErrorNoRedirect(throwable, req, resp, writeExceptionToStatisticLog, false); + } - ErrorTicketService.HandleData errorData = errorTicketService.createHandleData(throwable, req); + private void handleErrorNoRedirect(final Throwable throwable, final HttpServletRequest req, + final HttpServletResponse resp, final boolean writeExceptionToStatisticLog, final boolean recall) { + ErrorTicketService.HandleData errorData = null; + try { + errorData = errorTicketService.createHandleData(throwable, req); - // log Exception into statistic database - if (writeExceptionToStatisticLog) { - statisticLogger.logErrorOperation(throwable); - } + // log Exception into statistic database + if (writeExceptionToStatisticLog) { + statisticLogger.logErrorOperation(throwable); + } - // write errror to console - logExceptionToTechnicalLog(errorData); + // write errror to console + logExceptionToTechnicalLog(errorData); + + if (errorData.getActionType().equals(ErrorTicketService.ActionType.NOTICKET_NOREDIRECT) || errorData + .getActionType().equals(ErrorTicketService.ActionType.TICKET_NOREDIRECT) || recall) { + // return error to Web browser + displayException(req, resp, errorData); + } else { + // TODO introduce separate error type? + throw new EaafException("internal.configuration.01", new Object[]{ + errorData.getErrorCode() + " in on_error_action" + ".properties", "Erroraction mapping mismatch"}); + } + + } catch (EaafException e) { + // retry + handleErrorNoRedirect(e, req, resp, writeExceptionToStatisticLog, true); + + } catch (IOException e) { + // retry + handleErrorNoRedirect(new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, null, e), req, resp, + writeExceptionToStatisticLog, true); - if (errorData.getActionType().equals(ErrorTicketService.ActionType.NOTICKET_NOREDIRECT) || errorData.getActionType() - .equals(ErrorTicketService.ActionType.TICKET_NOREDIRECT)) { - // return error to Web browser - displayException(req, resp, errorData); - } else { - throw new EaafException(IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC, null, - new Exception("On Erroraction mapping mismatch", throwable)); } } @@ -475,6 +533,7 @@ public class ProtocolAuthenticationService implements IProtocolAuthenticationSer ModifyableGuiBuilderConfiguration c = (ModifyableGuiBuilderConfiguration) config; c.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG, PARAM_GUI_ERROMSG, msg); c.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG, PARAM_GUI_ERRORCODE, errorCode); + // TODO: should we keep the internal errorcode secret? c.putCustomParameter(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG, PARAM_GUI_EXTERNAL_ERRORCODE, externalErrorCode); c.putCustomParameterWithOutEscaption(AbstractGuiFormBuilderConfiguration.PARAM_GROUP_MSG, diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java index acb9b84c..20f4c6ea 100644 --- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java +++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/ProtocolFinalizationController.java @@ -28,6 +28,7 @@ import at.gv.egiz.eaaf.core.api.data.ExceptionContainer; import at.gv.egiz.eaaf.core.api.idp.IModulInfo; import at.gv.egiz.eaaf.core.api.utils.IPendingRequestIdGenerationStrategy; import at.gv.egiz.eaaf.core.exceptions.EaafException; +import at.gv.egiz.eaaf.core.impl.idp.auth.services.ProtocolAuthenticationService; import at.gv.egiz.eaaf.core.impl.utils.TransactionIdUtils; import org.apache.commons.text.StringEscapeUtils; import org.slf4j.Logger; @@ -59,6 +60,7 @@ public class ProtocolFinalizationController extends AbstractController { @Autowired IPendingRequestIdGenerationStrategy requestIdValidationStragegy; + /** * Handles incoming requests for redirects to IDP. * @param req http request @@ -96,16 +98,8 @@ public class ProtocolFinalizationController extends AbstractController { pendingReq = container.getPendingRequest(); if (pendingReq != null) { - final Class<?> clazz = Class.forName(pendingReq.requestedModule()); - - if (clazz == null || !IModulInfo.class.isAssignableFrom(clazz)) { - log.error("Requested protocol module Class is NULL or does not implement the IModulInfo interface."); - throw new ClassCastException( - "Requested protocol module Class is NULL or does not implement the IModulInfo interface."); - - } - - final IModulInfo handlingModule = (IModulInfo) applicationContext.getBean(clazz); + IModulInfo handlingModule = ProtocolAuthenticationService + .extractShibbolethHandling(pendingReq, applicationContext); handlingModule.generateErrorMessage(throwable, req, resp, pendingReq); } |