diff --git a/src/opendap/auth/IdFilter.java b/src/opendap/auth/IdFilter.java
index 953677a65..798904a0e 100644
--- a/src/opendap/auth/IdFilter.java
+++ b/src/opendap/auth/IdFilter.java
@@ -159,8 +159,25 @@ private void init() throws IOException, JDOMException {
}
+ void doUnathorized(Exception e, HttpServletResponse resp, IdProvider idProvider) throws IOException {
+ String msg = "Your Login Transaction FAILED! " +
+ "Authentication Context: '"+idProvider.getAuthContext()+
+ "' Message: "+ e.getMessage();
+ log.error("doUnathorized() - {}", msg);
+ OPeNDAPException.setCachedErrorMessage(msg);
+ resp.sendError(HttpServletResponse.SC_UNAUTHORIZED,msg);
+ }
+
+ void doForbidden(Exception e, HttpServletResponse resp, IdProvider idProvider) throws IOException {
+ String msg = "Your Login Transaction FAILED! " +
+ "Authentication Context: '" + idProvider.getAuthContext() +
+ "' Message: "+ e.getMessage();
+ log.error("doForbidden() - {}", msg);
+ OPeNDAPException.setCachedErrorMessage(msg);
+ resp.sendError(HttpServletResponse.SC_FORBIDDEN,msg);
+ }
- public void doFilter(ServletRequest sreq, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
+ public void doFilter(ServletRequest sreq, ServletResponse sresp, FilterChain filterChain) throws IOException, ServletException {
// Ensure initialization has been accomplished
if (!isInitialized) {
@@ -178,6 +195,7 @@ public void doFilter(ServletRequest sreq, ServletResponse response, FilterChain
try {
HttpServletRequest request = (HttpServletRequest) sreq;
+ HttpServletResponse response = (HttpServletResponse) sresp;
RequestCache.open(request);
RequestId requestId = RequestCache.getRequestId();
@@ -277,13 +295,8 @@ else if (enableGuestProfile && requestURI.equals(guestEndpoint)) {
} catch (IOException | Forbidden e) {
- String msg = "Your Login Transaction FAILED! " +
- "Authentication Context: '"+idProvider.getAuthContext()+
- "' Message: "+ e.getMessage();
- log.error("doFilter() - {}", msg);
- OPeNDAPException.setCachedErrorMessage(msg);
- ((HttpServletResponse)response).sendError(HttpServletResponse.SC_UNAUTHORIZED,msg);
- log.debug("END (session: {})",session.getId());
+ doForbidden(e, response, idProvider);
+ log.debug("END (session: {})", session.getId());
return;
}
}
@@ -313,10 +326,11 @@ else if (enableGuestProfile && requestURI.equals(guestEndpoint)) {
log.debug("No UserProfile object found in Session. Request is not yet authenticated. " +
"Checking Authorization headers...");
if (IdPManager.hasDefaultProvider()) {
+ IdProvider idProvider = IdPManager.getDefaultProvider();
try {
UserProfile userProfile = new UserProfile();
boolean retVal;
- retVal = IdPManager.getDefaultProvider().doTokenAuthentication(request, userProfile);
+ retVal = idProvider.doTokenAuthentication(request, userProfile);
if(retVal){
log.info("Validated Authorization header. uid: {}", userProfile.getUID());
// By adding the UserProfile to the session here
@@ -340,7 +354,9 @@ else if (enableGuestProfile && requestURI.equals(guestEndpoint)) {
}
}
catch (Forbidden http_403){
- log.error("Unable to validate Authorization header. Message: "+http_403.getMessage());
+ log.error("Unable to validate Authorization header. Message: {}", http_403.getMessage());
+ doForbidden(http_403, response, idProvider);
+ log.debug("END (session: {})", session.getId());
}
}
}
diff --git a/src/opendap/auth/UrsIdP.java b/src/opendap/auth/UrsIdP.java
index a20a50967..f2045a256 100644
--- a/src/opendap/auth/UrsIdP.java
+++ b/src/opendap/auth/UrsIdP.java
@@ -627,7 +627,6 @@ public boolean doLogin(HttpServletRequest request, HttpServletResponse response)
log.info("URS Token: {}", contents);
-
// Parse the json to extract the token.
JsonParser jparse = new JsonParser();
JsonObject json = jparse.parse(contents).getAsJsonObject();
diff --git a/src/opendap/coreServlet/OPeNDAPException.java b/src/opendap/coreServlet/OPeNDAPException.java
index a34bab808..e09496157 100644
--- a/src/opendap/coreServlet/OPeNDAPException.java
+++ b/src/opendap/coreServlet/OPeNDAPException.java
@@ -36,6 +36,7 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import javax.servlet.ServletContext;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
@@ -187,7 +188,6 @@ public final void setErrorMessage(String msg) {
}
-
/**
* ************************************************************************
* Recasts any Throwable to be an OPeNDAPException and then transmits it
@@ -195,18 +195,29 @@ public final void setErrorMessage(String msg) {
* is already an OPeNDAPException, it is not recast.
*
* @param t The Exception that caused the problem.
+ * @param servlet The current servlet. Used to find things shipped in the deployment.
* @param response The HttpServletResponse for the client.
*/
public static int anyExceptionHandler(Throwable t, HttpServlet servlet, HttpServletResponse response) {
+ return anyExceptionHandler(t, servlet.getServletContext(), response);
+ }
- Logger log = org.slf4j.LoggerFactory.getLogger(OPeNDAPException.class);
-
+ /**
+ * ************************************************************************
+ * Recasts any Throwable to be an OPeNDAPException and then transmits it
+ * on to the passed stream as a DAP2 error object. If the passed Throwable
+ * is already an OPeNDAPException, it is not recast.
+ *
+ * @param t The Exception that caused the problem.
+ * @param servletContext The servlet context. Used to find things shipped in the deployment.
+ * @param response The HttpServletResponse for the client.
+ */
+ public static int anyExceptionHandler(Throwable t, ServletContext servletContext, HttpServletResponse response) {
+ Logger log = org.slf4j.LoggerFactory.getLogger(OPeNDAPException.class);
try {
-
log.error("anyExceptionHandler(): " + t);
-
ByteArrayOutputStream baos =new ByteArrayOutputStream();
PrintStream ps = new PrintStream( baos, true, HyraxStringEncoding.getCharsetName());
t.printStackTrace(ps);
@@ -232,14 +243,13 @@ public static int anyExceptionHandler(Throwable t, HttpServlet servlet, HttpServ
oe = new OPeNDAPException(UNDEFINED_ERROR, msg);
oe.setHttpStatusCode(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
-
}
if(!response.isCommitted()){
response.reset();
- oe.setSystemPath(ServletUtil.getSystemPath(servlet,""));
+ oe.setSystemPath(ServletUtil.getSystemPath(servletContext,""));
try {
oe.sendHttpErrorResponse(response);
}
@@ -504,7 +514,7 @@ public void sendAsHtmlErrorPage(HttpServletResponse response) throws Exception {
// for the JSP to retrieve. The RequestCache for this thread gets destroyed when the doGet/doPost
// methods exit which is normal and expected behavior, but the JSP page is invoked afterward so we
// need a rendezvous for the message. We utilize this errorMessage cache for this purpose. The only
- // public method for retrieving the message is tied to the thread of execution and it removes the
+ // public method for retrieving the message is tied to the thread of execution, and it removes the
// message from the cache (clears the cache for the thread) once it is retrieved.
_errorMessageCache.put(Thread.currentThread(), getMessage());