I think I'm -1 to this change. To me, this looks like it may leak security
information and such to the client.
The only message sent back to the client should be the top level message.
The "causes" should be logged server side and not reflected back. If there
are certain places where we CAN send back a specific cause, we should just do
that. We specifically don't send the stacks and such back to the client (by
default) exactly for that reason.
In the case of the SAAJIn, if it's an XMLStreamException, just do something
like:
throw new SoapFault(new org.apache.cxf.common.i18n.Message(
e.getMessage(), BUNDLE), e, message
.getVersion().getSender());
Dan
On Wednesday 06 April 2011 6:21:42 AM [email protected] wrote:
> Author: ningjiang
> Date: Wed Apr 6 10:21:42 2011
> New Revision: 1089385
>
> URL: http://svn.apache.org/viewvc?rev=1089385&view=rev
> Log:
> CXF-3442 Fault should not swallow the cause exception message
>
> Modified:
> cxf/trunk/api/src/main/java/org/apache/cxf/interceptor/Fault.java
>
> Modified: cxf/trunk/api/src/main/java/org/apache/cxf/interceptor/Fault.java
> URL:
> http://svn.apache.org/viewvc/cxf/trunk/api/src/main/java/org/apache/cxf/in
> terceptor/Fault.java?rev=1089385&r1=1089384&r2=1089385&view=diff
> ==========================================================================
> ==== --- cxf/trunk/api/src/main/java/org/apache/cxf/interceptor/Fault.java
> (original) +++
> cxf/trunk/api/src/main/java/org/apache/cxf/interceptor/Fault.java Wed Apr
> 6 10:21:42 2011 @@ -44,7 +44,13 @@ public class Fault extends
> UncheckedExce
>
> public Fault(Message message, Throwable throwable) {
> super(message, throwable);
> - this.message = message.toString();
> + StringBuffer buffer = new StringBuffer();
> + buffer.append(message.toString());
> + if (throwable != null) {
> + buffer.append(" Caused by :");
> + buffer.append(throwable.getMessage());
> + }
> + this.message = buffer.toString();
> code = FAULT_CODE_SERVER;
> }
--
Daniel Kulp
[email protected]
http://dankulp.com/blog
Talend - http://www.talend.com
