Hi folks,
I am sending a custom error message in my authenticator but it gets removed by
the StandardHostValve.
This is what I do in my authenticator:
catch (PrivilegedActionException e) {
logger.error("Unable to login as the service principal", e.getException());
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
"Unable to login as the service principal");
request.setAttribute(Globals.EXCEPTION_ATTR, e);
return false;
}
The message is not diplayed because in line 282 to 286 the message is killed by:
else {
// A custom error-page has not been defined for the exception
// that was thrown during request processing. Check if an
// error-page for error code 500 was specified and if so,
// send that page back as the response.
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
// The response is an error
response.setError();
status(request, response);
}
It seems like this valve does not care if it handles an uncaught exception or a
deliberate exception.
Can this be fixed without patching the valve?
I guess not. I would file a ticket about that: A mere response#isError call
would suffice to wrap that behavior and pass the response as is.
With best regards,
Michael Osipov
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
