git commit: Add an error handler for Jetty 9 that doesn't let the details escape. ALL tests now pass with Jetty 9

dkulp Mon, 11 Aug 2014 09:44:40 -0700

Repository: cxf
Updated Branches:
  refs/heads/master 670788329 -> 161e10bb2



Add an error handler for Jetty 9 that doesn't let the details escape.
ALL tests now pass with Jetty 9


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/161e10bb
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/161e10bb
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/161e10bb

Branch: refs/heads/master
Commit: 161e10bb2d87573974b8a1748f023c47ebbe5d49
Parents: 6707883
Author: Daniel Kulp <dk...@apache.org>
Authored: Mon Aug 11 12:43:03 2014 -0400
Committer: Daniel Kulp <dk...@apache.org>
Committed: Mon Aug 11 12:43:30 2014 -0400

----------------------------------------------------------------------
 .../http_jetty/JettyHTTPServerEngine.java       | 31 ++++++++++++++++++++
 .../jaxrs/JAXRSClientServerBookTest.java        | 20 ++++++++++---
 2 files changed, 47 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/161e10bb/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
----------------------------------------------------------------------
diff --git 
a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
 
b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
index 26d72a0..a3c77c9 100644
--- 
a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
+++ 
b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
@@ -21,6 +21,7 @@ package org.apache.cxf.transport.http_jetty;
 
 import java.io.Closeable;
 import java.io.IOException;
+import java.io.Writer;
 import java.net.URL;
 import java.security.GeneralSecurityException;
 import java.util.ArrayList;
@@ -34,7 +35,10 @@ import javax.annotation.PostConstruct;
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.X509KeyManager;
+import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletContext;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 import org.apache.cxf.Bus;
 import org.apache.cxf.common.classloader.ClassLoaderUtils;
@@ -49,15 +53,19 @@ import 
org.apache.cxf.configuration.security.ClientAuthentication;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.transport.HttpUriMapper;
 import org.apache.cxf.transport.https.AliasedX509ExtendedKeyManager;
+import org.eclipse.jetty.http.HttpStatus;
 import org.eclipse.jetty.security.SecurityHandler;
 import org.eclipse.jetty.server.AbstractConnector;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.Handler;
+import org.eclipse.jetty.server.Request;
+import org.eclipse.jetty.server.Response;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.SessionManager;
 import org.eclipse.jetty.server.handler.ContextHandler;
 import org.eclipse.jetty.server.handler.ContextHandlerCollection;
 import org.eclipse.jetty.server.handler.DefaultHandler;
+import org.eclipse.jetty.server.handler.ErrorHandler;
 import org.eclipse.jetty.server.handler.HandlerCollection;
 import org.eclipse.jetty.server.session.HashSessionIdManager;
 import org.eclipse.jetty.server.session.HashSessionManager;
@@ -337,6 +345,29 @@ public class JettyHTTPServerEngine
         if (s == null) {
             s = new Server();
         }
+        if (!Server.getVersion().startsWith("8")) {
+            //need an error handler that won't leak information about the 
exception 
+            //back to the client.
+            ErrorHandler eh = new ErrorHandler() {
+                @SuppressWarnings("deprecation")
+                public void handle(String target, Request baseRequest, 
+                                   HttpServletRequest request, 
HttpServletResponse response) 
+                    throws IOException {
+                    String msg = HttpStatus.getMessage(response.getStatus());
+                    request.setAttribute(RequestDispatcher.ERROR_MESSAGE, msg);
+                    if (response instanceof Response) {
+                        ((Response)response).setStatus(response.getStatus(), 
msg);
+                    }
+                    super.handle(target, baseRequest, request, response);
+                }
+                protected void writeErrorPage(HttpServletRequest request, 
Writer writer, int code,
+                                              String message, boolean 
showStacks)
+                    throws IOException {
+                    super.writeErrorPage(request, writer, code, message, 
false);
+                }
+            };
+            s.addBean(eh);
+        }
         return s;
     }
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/161e10bb/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/JAXRSClientServerBookTest.java
----------------------------------------------------------------------
diff --git 
a/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/JAXRSClientServerBookTest.java
 
b/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/JAXRSClientServerBookTest.java
index c2f355c..ddb4d6c 100644
--- 
a/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/JAXRSClientServerBookTest.java
+++ 
b/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/JAXRSClientServerBookTest.java
@@ -805,9 +805,22 @@ public class JAXRSClientServerBookTest extends 
AbstractBusClientServerTestBase {
     }
     
     @Test
-    public void testPropogateException() throws Exception {
-        getAndCompare("http://localhost:"; + PORT + 
"/bookstore/propagate-exception",
-                      "Error: 500", "application/xml", 500);
+    public void testPropogateException() throws Exception {       
+        GetMethod get = new GetMethod("http://localhost:"; + PORT + 
"/bookstore/propagate-exception");
+        get.setRequestHeader("Accept", "application/xml");
+        get.addRequestHeader("Cookie", "a=b;c=d");
+        get.addRequestHeader("Cookie", "e=f");
+        get.setRequestHeader("Accept-Language", "da;q=0.8,en");
+        get.setRequestHeader("Book", "1,2,3");
+        HttpClient httpClient = new HttpClient();
+        try {
+            int result = httpClient.executeMethod(get);
+            assertEquals(500, result);
+            String content = 
getStringFromInputStream(get.getResponseBodyAsStream());
+            assertTrue(content.contains("Error") && content.contains("500"));
+        } finally {
+            get.releaseConnection();
+        }        
     }
     
     @Test
@@ -1643,7 +1656,6 @@ public class JAXRSClientServerBookTest extends 
AbstractBusClientServerTestBase {
     @Test
     public void testEmptyResponseProxyNullable() {
         BookStore store = JAXRSClientFactory.create("http://localhost:"; + 
PORT, BookStore.class);
-        WebClient.getConfig(store).getInInterceptors().add(new 
ReplaceStatusInterceptor());
         assertNull(store.getEmptyBookNullable());
     }

git commit: Add an error handler for Jetty 9 that doesn't let the details escape. ALL tests now pass with Jetty 9

Reply via email to