• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Application running on Tomcat handles response.sendError() differently than when on Jetty

 
Greenhorn
Posts: 29
Hibernate Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Issue: Application running Apache CXF webservices handles response.sendError() differently when running in Jetty 6.1.21 than in Tomcat 6.0.29 or SpringSource tc Runtime 2.1.0.RELEASE, where as the Jetty response has a status code of HTTP 403 Forbidden and Tomcat has a status code of HTTP 500 Internal Server Error. My client is GWT, and I am trying to detect the HTTP 403 status, which works with the server application running on Jetty but not on Tomcat or SpringSource tc.

Questions: Is this a configuration issue for Tomcat? Do I need to write my own ErrorReportValve implementation?

I have searched various forums (here, and via Google search) for a solution, to no avail. I have tried setting " errorReportValveClass = "" in Tomcat server.xml, and I still get HTTP 500 but with a blank page. I have also tried various settings for cfx.xml to propogate the response status, but that did not work either. I know these are not "Tomcat" changes per se, but I did not want to cross post and Tomcat forum seemed to be the right place to start.

Note: responses captured using Chrome Poster 1.4 running on Google Chrome 8.0.552.224

My application (Spring 3) is generating the following in a Spring Security Filter Bean (extends org.springframework.web.filter.GenericFilterBean):

response.sendError(403, "System Lockout");
throw new WebApplicationException();

Additional configuration details:

web.xml
-------
<servlet>
<servlet-name>CXFServlet</servlet-name>
<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>CXFServlet</servlet-name>
<url-pattern>/secure/*</url-pattern>
</servlet-mapping>

<!-- The following two tags configure Spring security. -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>

<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

applicationContext-resource.xml
-------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxrs="http://cxf.apache.org/jaxrs"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxrs
http://cxf.apache.org/schemas/jaxrs.xsd">

<import resource="classpath:META-INF/cxf/cxf.xml" />
<import resource="classpath:META-INF/cxf/cxf-extension-jaxrs-binding.xml" />
<import resource="classpath:META-INF/cxf/cxf-servlet.xml" />

<jaxrs:server id="user" address="/">
<jaxrs:serviceBeans>
<ref bean="userResource" />
</jaxrs:serviceBeans>
<jaxrs:extensionMappings>
<entry key="xml" value="application/xml" />
<entry key="json" value="application/json" />
</jaxrs:extensionMappings>
</jaxrs:server>

</beans>



Jetty 6.1.21 Response:

status: 403 System Lockout
Content-Length: 1393
Server: Jetty(6.1.21)
Content-Type: text/html; charset=iso-8859-1
Cache-Control: must-revalidate,no-cache,no-store

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/>
<title>Error 403 System Lockout</title>
</head>
<body><h2>HTTP ERROR 403</h2>
<p>Problem accessing /agency/secure/user. Reason:
<pre> System Lockout</pre></p><hr /><i><small>Powered by Jetty://</small></i><br/>;
</body>
</html>

SpringSource tc Runtime 2.1.0.RELEASE Response (please note that this is about the same response I get from Tomcat, except for the error page--it is still seen as HTTP 500 instead of HTTP 403):

status: 500 Internal Server Error
Date: Fri, 31 Dec 2010 15:48:36 GMT
Content-Encoding: gzip
Connection: close
Content-Length: 793
Vary: Accept-Encoding
Content-Type: text/html;charset=utf-8

<html><head><title>SpringSource tc Runtime 2.1.0.RELEASE/6.0.29.B.RELEASE - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 500 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Exception report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>The server encountered an internal error () that prevented it from fulfilling this request.</u></p><p><b>exception</b> <pre>javax.ws.rs.WebApplicationException
net.dds.commons.security.PidCidAuthenticationFilter.doFilter(PidCidAuthenticationFilter.java:105)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter.doFilter(DefaultLoginPageGeneratingFilter.java:91)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:187)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
</pre></p><p><b>note</b> <u>The full stack trace of the root cause is available in the SpringSource tc Runtime 2.1.0.RELEASE/6.0.29.B.RELEASE logs.</u></p><HR size="1" noshade="noshade"><h3>SpringSource tc Runtime 2.1.0.RELEASE/6.0.29.B.RELEASE</h3></body></html>
 
It runs on an internal combustion engine. This ad does not:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic