Package org.sdase.commons.server.security.handler

Class ObscuringErrorHandler

  • All Implemented Interfaces:
    org.eclipse.jetty.server.Handler, org.eclipse.jetty.util.component.Container, org.eclipse.jetty.util.component.Destroyable, org.eclipse.jetty.util.component.Dumpable, org.eclipse.jetty.util.component.Dumpable.DumpableContainer, org.eclipse.jetty.util.component.LifeCycle
    public class ObscuringErrorHandler
extends org.eclipse.jetty.server.handler.ErrorHandler
    Error handle that replaces default error pages of Jetty with custom ApiError.

    This handler is invoked for explicitly defined error responses like return Response.status(404).build(); and is not invoked for response indirectly create by throw new NotFoundException().

    This handler addresses risks identified in the security guide as:

    • "Risiko: Erkennung von vertraulichen Komponenten ... Entfernen von applikations-bezogenen Fehlermeldungen"

    • Nested Class Summary

      • Nested classes/interfaces inherited from class org.eclipse.jetty.server.handler.ErrorHandler

        org.eclipse.jetty.server.handler.ErrorHandler.ErrorPageMapper

      • Nested classes/interfaces inherited from class org.eclipse.jetty.server.handler.AbstractHandler

        org.eclipse.jetty.server.handler.AbstractHandler.ErrorDispatchHandler

      • Nested classes/interfaces inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

        org.eclipse.jetty.util.component.AbstractLifeCycle.AbstractLifeCycleListener

      • Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Container

        org.eclipse.jetty.util.component.Container.InheritedListener, org.eclipse.jetty.util.component.Container.Listener

      • Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.Dumpable

        org.eclipse.jetty.util.component.Dumpable.DumpableContainer

      • Nested classes/interfaces inherited from interface org.eclipse.jetty.util.component.LifeCycle

        org.eclipse.jetty.util.component.LifeCycle.Listener

    • Field Summary

      • Fields inherited from class org.eclipse.jetty.server.handler.ErrorHandler

        ERROR_CHARSET, ERROR_CONTEXT, ERROR_PAGE

      • Fields inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

        FAILED, RUNNING, STARTED, STARTING, STOPPED, STOPPING

      • Fields inherited from interface org.eclipse.jetty.util.component.Dumpable

        KEY

    • Constructor Summary

      Constructors 
      Constructor Description
      ObscuringErrorHandler​(com.fasterxml.jackson.databind.ObjectMapper objectMapper)  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void handle​(java.lang.String target, org.eclipse.jetty.server.Request baseRequest, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)  

      • Methods inherited from class org.eclipse.jetty.server.handler.ErrorHandler

        badMessageError, doError, errorPageForMethod, generateAcceptableResponse, generateAcceptableResponse, getAcceptableWriter, getCacheControl, getErrorHandler, getShowMessageInTitle, handleErrorPage, isShowServlet, isShowStacks, setCacheControl, setShowMessageInTitle, setShowServlet, setShowStacks, write, writeErrorPage, writeErrorPageBody, writeErrorPageHead, writeErrorPageMessage, writeErrorPageStacks

      • Methods inherited from class org.eclipse.jetty.server.handler.AbstractHandler

        destroy, doStart, doStop, getServer, setServer

      • Methods inherited from class org.eclipse.jetty.util.component.ContainerLifeCycle

        addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dump, dump, dumpBeans, dumpObject, dumpObjects, dumpStdErr, dumpThis, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, start, stop, unmanage, updateBean, updateBean, updateBeans

      • Methods inherited from class org.eclipse.jetty.util.component.AbstractLifeCycle

        addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop, toString

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

      • Methods inherited from interface org.eclipse.jetty.util.component.Dumpable

        dumpSelf

      • Methods inherited from interface org.eclipse.jetty.util.component.Dumpable.DumpableContainer

        isDumpable

      • Methods inherited from interface org.eclipse.jetty.util.component.LifeCycle

        addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

    • Constructor Detail

      • ObscuringErrorHandler

        public ObscuringErrorHandler​(com.fasterxml.jackson.databind.ObjectMapper objectMapper)

    • Method Detail

      • handle

        public void handle​(java.lang.String target,
                   org.eclipse.jetty.server.Request baseRequest,
                   javax.servlet.http.HttpServletRequest request,
                   javax.servlet.http.HttpServletResponse response)
            throws java.io.IOException
        Specified by:
        handle in interface org.eclipse.jetty.server.Handler
        Overrides:
        handle in class org.eclipse.jetty.server.handler.ErrorHandler
        Throws:
        java.io.IOException