Hello Romain.
I tried with something like this:
@Provider
public class EjbAccessExceptionMapper implements
ExceptionMapper<EJBAccessException> {
@Override
public Response toResponse(EJBAccessException t) {
return
Response.status(Status.BAD_REQUEST).entity(t.getMessage()).build();
}
}
But I don't tnik the Error message is returned from the REST /CXF domain.
javax.servlet.ServletException: Error processing webservice request
org.apache.openejb.server.rest.RsServlet.service(RsServlet.java:59)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
*root cause*
java.lang.RuntimeException: org.apache.cxf.interceptor.Fault:
Unauthorized Access by Principal Denied while invoking public
javax.ws.rs.core.Response
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:116)
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:322)
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:237)
org.apache.openejb.server.cxf.rs.CxfRsHttpListener.onMessage(CxfRsHttpListener.java:170)
org.apache.openejb.server.rest.RsServlet.service(RsServlet.java:53)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
*root cause*
org.apache.cxf.interceptor.Fault: Unauthorized Access by Principal
Denied while invoking public
javax.ws.rs.core.Response.getEmployeeTimesheet(long,long) with params
[0, 0].
org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractInvoker.java:166)
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:140)
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:165)
org.apache.openejb.server.cxf.rs.OpenEJBEJBInvoker.invoke(OpenEJBEJBInvoker.java:67)
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:89)
org.apache.openejb.server.cxf.rs.AutoJAXRSInvoker.invoke(AutoJAXRSInvoker.java:63)
org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57)
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:93)
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:237)
org.apache.openejb.server.cxf.rs.CxfRsHttpListener.onMessage(CxfRsHttpListener.java:170)
org.apache.openejb.server.rest.RsServlet.service(RsServlet.java:53)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
*root cause*
javax.ejb.EJBAccessException: Unauthorized Access by Principal Denied
org.apache.openejb.core.stateless.StatelessContainer.invoke(StatelessContainer.java:158)
org.apache.openejb.util.proxy.ProxyEJB$Handler.invoke(ProxyEJB.java:73)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.lang.reflect.Method.invoke(Method.java:606)
org.apache.openejb.server.cxf.rs.OpenEJBEJBInvoker.performInvocation(OpenEJBEJBInvoker.java:93)
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:165)
org.apache.openejb.server.cxf.rs.OpenEJBEJBInvoker.invoke(OpenEJBEJBInvoker.java:67)
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:89)
org.apache.openejb.server.cxf.rs.AutoJAXRSInvoker.invoke(AutoJAXRSInvoker.java:63)
org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57)
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:93)
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:237)
org.apache.openejb.server.cxf.rs.CxfRsHttpListener.onMessage(CxfRsHttpListener.java:170)
org.apache.openejb.server.rest.RsServlet.service(RsServlet.java:53)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
2013/12/27 Romain Manni-Bucau <[email protected]>
> Hi
>
> I'd add a custom ExceptionMapper or Filter.
> Le 27 déc. 2013 20:31, "Matej" <[email protected]> a écrit :
>
> > Hello everyone.
> >
> > Anybody knows how to make Tomee/cxf return a forbidden HTTP status code
> 401
> > or 403 instead of this:
> >
> > STATUS 500
> >
> > java.lang.RuntimeException: org.apache.cxf.interceptor.Fault:
> > Unauthorized Access by Principal Denied
> >
> > I manage to do this in glassfish using this:
> >
> > <init-param>
> >
> > <param-name>com.sun.jersey.spi.container.ResourceFilters</param-name>
> >
> >
> <param-value>com.sun.jersey.api.container.filter.RolesAllowedResourceFilterFactory</param-value>
> > </init-param>
> >
> > But Tomee is currently new-land for me.
> >
> > BR
> >
> > Matej
> >
>
