|
[mule-scm] [mule] [15949] branches/mule-3.x/core/src/main/java/org/mule: MULE-4561 Synchronous transports return request message rather than error when security exceptions occurs
Some parts of this message have been removed.
Learn more about Nabble's security policy.
[mule] [15949] branches/mule-3.x/core/src/main/java/org/mule: MULE-4561 Synchronous transports return request message rather than error when security exceptions occurs
- Revision
- 15949
- Author
- dfeist
- Date
- 2009-11-03 09:11:08 -0600 (Tue, 03 Nov 2009)
Log Message
MULE-4561 Synchronous transports return request message rather than error when security exceptions occurs
Modified Paths
Diff
Modified: branches/mule-3.x/core/src/main/java/org/mule/AbstractExceptionListener.java (15948 => 15949)
--- branches/mule-3.x/core/src/main/java/org/mule/AbstractExceptionListener.java 2009-11-03 14:21:32 UTC (rev 15948)
+++ branches/mule-3.x/core/src/main/java/org/mule/AbstractExceptionListener.java 2009-11-03 15:11:08 UTC (rev 15949)
@@ -21,7 +21,6 @@
import org.mule.api.context.MuleContextAware;
import org.mule.api.endpoint.EndpointURI;
import org.mule.api.endpoint.ImmutableEndpoint;
-import org.mule.api.endpoint.InboundEndpoint;
import org.mule.api.endpoint.InvalidEndpointTypeException;
import org.mule.api.endpoint.OutboundEndpoint;
import org.mule.api.lifecycle.Disposable;
@@ -30,7 +29,6 @@
import org.mule.api.lifecycle.LifecycleException;
import org.mule.api.routing.OutboundRouter;
import org.mule.api.routing.RoutingException;
-import org.mule.api.security.SecurityException;
import org.mule.api.service.Service;
import org.mule.api.transaction.Transaction;
import org.mule.api.transaction.TransactionException;
@@ -338,13 +336,13 @@
catch (Exception e)
{
logFatal(message, e);
- closeStream(message, t);
+ closeStream(message);
}
}
else
{
handleTransaction(t);
- closeStream(message, t);
+ closeStream(message);
}
}
@@ -423,7 +421,7 @@
return router;
}
- protected void closeStream(MuleMessage message, Throwable t)
+ protected void closeStream(MuleMessage message)
{
if (muleContext == null || muleContext.isDisposing() || muleContext.isDisposed())
{
@@ -432,18 +430,6 @@
if (message != null
&& muleContext.getRegistry().lookupObject(MuleProperties.OBJECT_MULE_STREAM_CLOSER_SERVICE) != null)
{
- // Workaround for MULE-4561
- MuleEvent event = RequestContext.getEvent();
- if (event != null &&
- event.getEndpoint() != null &&
- event.getEndpoint() instanceof InboundEndpoint &&
- event.getEndpoint().isSynchronous()
- && t instanceof SecurityException)
- {
- // Don't close stream because it may be needed for response payload
- return;
- }
-
((StreamCloserService) muleContext.getRegistry().lookupObject(
MuleProperties.OBJECT_MULE_STREAM_CLOSER_SERVICE)).closeStream(message.getPayload());
}
Modified: branches/mule-3.x/core/src/main/java/org/mule/transport/AbstractMessageReceiver.java (15948 => 15949)
--- branches/mule-3.x/core/src/main/java/org/mule/transport/AbstractMessageReceiver.java 2009-11-03 14:21:32 UTC (rev 15948)
+++ branches/mule-3.x/core/src/main/java/org/mule/transport/AbstractMessageReceiver.java 2009-11-03 15:11:08 UTC (rev 15949)
@@ -337,6 +337,7 @@
SecurityNotification.SECURITY_AUTHENTICATION_FAILED));
handleException(e);
resultMessage = RequestContext.getEvent().getMessage();
+ resultMessage.setPayload(e.getLocalizedMessage());
}
}
else
Modified: branches/mule-3.x/transports/cxf/src/test/java/org/mule/transport/cxf/HttpSecurityFilterFunctionalTestCase.java (15948 => 15949)
--- branches/mule-3.x/transports/cxf/src/test/java/org/mule/transport/cxf/HttpSecurityFilterFunctionalTestCase.java 2009-11-03 14:21:32 UTC (rev 15948)
+++ branches/mule-3.x/transports/cxf/src/test/java/org/mule/transport/cxf/HttpSecurityFilterFunctionalTestCase.java 2009-11-03 15:11:08 UTC (rev 15949)
@@ -60,7 +60,11 @@
{
int status = client.executeMethod(get);
assertEquals(HttpConstants.SC_UNAUTHORIZED, status);
- assertEquals("/services/Echo", get.getResponseBodyAsString());
+ assertEquals(
+ "Registered authentication is set to org.mule.module.acegi.filters.http.HttpBasicAuthenticationFilter "
+ + "but there was no security context on the session. Authentication denied on "
+ + "endpoint http://localhost:60443/services/Echo. Message payload is of type: "
+ + "String", get.getResponseBodyAsString());
}
finally
{
@@ -83,8 +87,11 @@
{
int status = client.executeMethod(post);
assertEquals(HttpConstants.SC_UNAUTHORIZED, status);
- // TODO MULE-4561 Why do we return request and not an error?
- assertEquals(soapRequest, post.getResponseBodyAsString());
+ assertEquals(
+ "Registered authentication is set to org.mule.module.acegi.filters.http.HttpBasicAuthenticationFilter "
+ + "but there was no security context on the session. Authentication denied on "
+ + "endpoint http://localhost:60443/services/Echo. Message payload is of type: "
+ + "ContentLengthInputStream", post.getResponseBodyAsString());
}
finally
{
@@ -207,7 +214,6 @@
{
int status = client.executeMethod(post);
assertEquals(result, status);
- // TODO MULE-4561 Why do we return request and not an error?
assertNotNull(post.getResponseBodyAsString());
}
finally
Modified: branches/mule-3.x/transports/http/src/main/java/org/mule/transport/http/transformers/MuleMessageToHttpResponse.java (15948 => 15949)
--- branches/mule-3.x/transports/http/src/main/java/org/mule/transport/http/transformers/MuleMessageToHttpResponse.java 2009-11-03 14:21:32 UTC (rev 15948)
+++ branches/mule-3.x/transports/http/src/main/java/org/mule/transport/http/transformers/MuleMessageToHttpResponse.java 2009-11-03 15:11:08 UTC (rev 15949)
@@ -72,11 +72,6 @@
public Object transform(MuleMessage msg, String outputEncoding) throws TransformerException
{
Object src = msg.getPayload();
- // Send back the exception payload if one has been set
- if (msg.getExceptionPayload() != null)
- {
- // src = context.getMessage().getExceptionPayload();
- }
// Note this transformer excepts Null as we must always return a result
// from the Http
To unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email
|
