This is an automated email from the ASF dual-hosted git repository. exceptionfactory pushed a commit to branch support/nifi-1.x in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/support/nifi-1.x by this push: new 7e0976490a NIFI-12293 Standardized HTTP error response messages (#7957) 7e0976490a is described below commit 7e0976490a8dce8d7ff4b287d019ea63ef72b094 Author: exceptionfactory <exceptionfact...@apache.org> AuthorDate: Fri Nov 3 09:09:47 2023 -0500 NIFI-12293 Standardized HTTP error response messages (#7957) - Updated ExceptionFilter and AuthenticationFilter with standard messages This closes #7957 (cherry picked from commit 97dd543c6a850f1076b05c7a9bcc28d37e184d5b) --- .../bootstrap/configuration/ListenerHandleResult.java | 2 +- .../org/apache/nifi/web/filter/ExceptionFilter.java | 18 ++++-------------- .../nifi/web/security/NiFiAuthenticationFilter.java | 6 +++--- 3 files changed, 8 insertions(+), 18 deletions(-) diff --git a/minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/configuration/ListenerHandleResult.java b/minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/configuration/ListenerHandleResult.java index c0a7e74078..b685544ac3 100644 --- a/minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/configuration/ListenerHandleResult.java +++ b/minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/configuration/ListenerHandleResult.java @@ -49,7 +49,7 @@ public class ListenerHandleResult { if (failureCause == null) { return getDescriptor() + " successfully handled the configuration change"; } else { - return getDescriptor() + " FAILED to handle the configuration change due to: '" + failureCause.getMessage() + "'"; + return getDescriptor() + " FAILED to handle the configuration change"; } } } diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/filter/ExceptionFilter.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/filter/ExceptionFilter.java index 17d7dc5ed3..68bedb7f54 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/filter/ExceptionFilter.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/filter/ExceptionFilter.java @@ -17,8 +17,6 @@ package org.apache.nifi.web.filter; import java.io.IOException; -import java.io.PrintWriter; -import java.io.StringWriter; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; @@ -44,20 +42,12 @@ public class ExceptionFilter implements Filter { try { filterChain.doFilter(req, resp); - } catch (RequestRejectedException e) { - if (logger.isDebugEnabled()) { - logger.debug("An exception was caught performing the HTTP request security filter check and the stacktrace has been suppressed from the response"); - } + } catch (final RequestRejectedException e) { + logger.warn("Client request rejected", e); - HttpServletResponse filteredResponse = (HttpServletResponse) resp; + final HttpServletResponse filteredResponse = (HttpServletResponse) resp; filteredResponse.setStatus(500); - filteredResponse.getWriter().write(e.getMessage()); - - StringWriter sw = new StringWriter(); - sw.write("Exception caught by ExceptionFilter:\n"); - PrintWriter pw = new PrintWriter(sw); - e.printStackTrace(pw); - logger.error(sw.toString()); + filteredResponse.getWriter().write("Client request rejected"); } } diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/NiFiAuthenticationFilter.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/NiFiAuthenticationFilter.java index 391191fe8d..a1fc513513 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/NiFiAuthenticationFilter.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/NiFiAuthenticationFilter.java @@ -138,14 +138,14 @@ public abstract class NiFiAuthenticationFilter extends GenericFilterBean { // use the type of authentication exception to determine the response code if (ae instanceof InvalidAuthenticationException) { response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); - out.println(ae.getMessage()); + out.println("Authentication credentials invalid"); } else if (ae instanceof UntrustedProxyException) { response.setStatus(HttpServletResponse.SC_FORBIDDEN); - out.println(ae.getMessage()); + out.println("Authentication Proxy Server not trusted"); } else if (ae instanceof AuthenticationServiceException) { log.error("Authentication Service Failed: {}", ae.getMessage(), ae); response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - out.println(String.format("Unable to authenticate: %s", ae.getMessage())); + out.println("Authentication service processing failed"); } else { log.error("Authentication Exception: {}", ae.getMessage(), ae); response.setStatus(HttpServletResponse.SC_FORBIDDEN);