Konstantin Kolinko wrote:
> 2012/4/12 Osipov, Michael <michael.osi...@siemens.com>:
>> Hi folks,
>>
>> I am sending a custom error message in my authenticator but it gets
>> removed by the StandardHostValve.
>> This is what I do in my authenticator:
>>
>> catch (PrivilegedActionException e) {
>> logger.error("Unable to login as the service principal",
>> e.getException());
>>
>> response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
>> "Unable to login as the service principal");
>> request.setAttribute(Globals.EXCEPTION_ATTR, e);
>
> What happens if you switch the order of the above two lines?
Same behavior. The method setAttribute does not trigger anything which modifies
the above error state.
>> return false;
>> }
>>
>> The message is not diplayed because in line 282 to 286 the message
>> is killed by:
>> else {
>> // A custom error-page has not been defined for the
>> exception
>> // that was thrown during request processing. Check if an
>> // error-page for error code 500 was specified and if so,
>> // send that page back as the response.
>>
>> response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
>> // The response is an error
>> response.setError();
>>
>> status(request, response);
>> }
>>
>> It seems like this valve does not care if it handles an uncaught
>> exception or a deliberate exception.
>> Can this be fixed without patching the valve?
>>
>> I guess not. I would file a ticket about that: A mere
>> response#isError call would suffice to wrap that behavior and pass
>> the response as is.
>>
>
>
> My understanding is that it is responsibility of the Container to
> provide the value for the request attribute
> "javax.servlet.error.exception"
>
> You cannot set it.
>
> See 10.9.1 in Servlet 3.0 spec.
Maybe, but the message field is not automatically populated by the valve if no
custom error page exists nor does the ErrorReportValue retrieves the throwable
message as message. The HTML area is, in that case, simply blank:
HTTP 500 - <empty>
Not really helpful.
> Can't you just throw new ServletException(PrivilegedActionException);
I can't, ServletException cannot be thrown in the authenticate method. A
RuntimeException results in blank page. Anyway, there would be no change
because the valve will still be stuck in the else block and no one ever assigns
the throwable#getMessage to reponse#setMessage.
In my option, both the StandardHostValve and maybe the ErrorReportValve deserve
some improvement.
With best regards,
Michael Osipov
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
