(nifi) branch support/nifi-1.x updated: NIFI-12293 Standardized HTTP error response messages (#7957)

Fri, 03 Nov 2023 12:27:44 -0700 

This is an automated email from the ASF dual-hosted git repository.

exceptionfactory pushed a commit to branch support/nifi-1.x
in repository https://gitbox.apache.org/repos/asf/nifi.git


The following commit(s) were added to refs/heads/support/nifi-1.x by this push:
     new 7e0976490a NIFI-12293 Standardized HTTP error response messages (#7957)
7e0976490a is described below

commit 7e0976490a8dce8d7ff4b287d019ea63ef72b094
Author: exceptionfactory <exceptionfact...@apache.org>
AuthorDate: Fri Nov 3 09:09:47 2023 -0500

    NIFI-12293 Standardized HTTP error response messages (#7957)
    
    - Updated ExceptionFilter and AuthenticationFilter with standard messages
    
    This closes #7957
    
    (cherry picked from commit 97dd543c6a850f1076b05c7a9bcc28d37e184d5b)
---
 .../bootstrap/configuration/ListenerHandleResult.java  |  2 +-
 .../org/apache/nifi/web/filter/ExceptionFilter.java    | 18 ++++--------------
 .../nifi/web/security/NiFiAuthenticationFilter.java    |  6 +++---
 3 files changed, 8 insertions(+), 18 deletions(-)

diff --git 
a/minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/configuration/ListenerHandleResult.java
 
b/minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/configuration/ListenerHandleResult.java
index c0a7e74078..b685544ac3 100644
--- 
a/minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/configuration/ListenerHandleResult.java
+++ 
b/minifi/minifi-bootstrap/src/main/java/org/apache/nifi/minifi/bootstrap/configuration/ListenerHandleResult.java
@@ -49,7 +49,7 @@ public class ListenerHandleResult {
         if (failureCause == null) {
             return getDescriptor() + " successfully handled the configuration 
change";
         } else {
-            return getDescriptor() + " FAILED to handle the configuration 
change due to: '" + failureCause.getMessage() + "'";
+            return getDescriptor() + " FAILED to handle the configuration 
change";
         }
     }
 }
diff --git 
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/filter/ExceptionFilter.java
 
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/filter/ExceptionFilter.java
index 17d7dc5ed3..68bedb7f54 100644
--- 
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/filter/ExceptionFilter.java
+++ 
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-api/src/main/java/org/apache/nifi/web/filter/ExceptionFilter.java
@@ -17,8 +17,6 @@
 package org.apache.nifi.web.filter;
 
 import java.io.IOException;
-import java.io.PrintWriter;
-import java.io.StringWriter;
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
@@ -44,20 +42,12 @@ public class ExceptionFilter implements Filter {
 
         try {
             filterChain.doFilter(req, resp);
-        } catch (RequestRejectedException e) {
-            if (logger.isDebugEnabled()) {
-                logger.debug("An exception was caught performing the HTTP 
request security filter check and the stacktrace has been suppressed from the 
response");
-            }
+        } catch (final RequestRejectedException e) {
+            logger.warn("Client request rejected", e);
 
-            HttpServletResponse filteredResponse = (HttpServletResponse) resp;
+            final HttpServletResponse filteredResponse = (HttpServletResponse) 
resp;
             filteredResponse.setStatus(500);
-            filteredResponse.getWriter().write(e.getMessage());
-
-            StringWriter sw = new StringWriter();
-            sw.write("Exception caught by ExceptionFilter:\n");
-            PrintWriter pw = new PrintWriter(sw);
-            e.printStackTrace(pw);
-            logger.error(sw.toString());
+            filteredResponse.getWriter().write("Client request rejected");
         }
     }
 
diff --git 
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/NiFiAuthenticationFilter.java
 
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/NiFiAuthenticationFilter.java
index 391191fe8d..a1fc513513 100644
--- 
a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/NiFiAuthenticationFilter.java
+++ 
b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-web-security/src/main/java/org/apache/nifi/web/security/NiFiAuthenticationFilter.java
@@ -138,14 +138,14 @@ public abstract class NiFiAuthenticationFilter extends 
GenericFilterBean {
         // use the type of authentication exception to determine the response 
code
         if (ae instanceof InvalidAuthenticationException) {
             response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-            out.println(ae.getMessage());
+            out.println("Authentication credentials invalid");
         } else if (ae instanceof UntrustedProxyException) {
             response.setStatus(HttpServletResponse.SC_FORBIDDEN);
-            out.println(ae.getMessage());
+            out.println("Authentication Proxy Server not trusted");
         } else if (ae instanceof AuthenticationServiceException) {
             log.error("Authentication Service Failed: {}", ae.getMessage(), 
ae);
             response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
-            out.println(String.format("Unable to authenticate: %s", 
ae.getMessage()));
+            out.println("Authentication service processing failed");
         } else {
             log.error("Authentication Exception: {}", ae.getMessage(), ae);
             response.setStatus(HttpServletResponse.SC_FORBIDDEN);

Reply via email to