Improve error handle on security errors.

2022-03-15 10:30:18 -03:00
parent 4cab5299c4
commit a9d091a187
6 changed files with 64 additions and 107 deletions
--- a/wise-webapp/src/main/webapp/WEB-INF/wisemapping-servlet.xml
+++ b/wise-webapp/src/main/webapp/WEB-INF/wisemapping-servlet.xml
@@ -22,29 +22,25 @@
        <bean id="requestInterceptor" class="com.wisemapping.filter.RequestPropertiesInterceptor"/>
    </mvc:interceptors>

-    <bean id="exceptionHandlerResolver"
-          class="com.wisemapping.mail.NotifyingExceptionResolver">
+    <bean id="simpleMappingExceptionResolver"
+          class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
        <property name="defaultStatusCode" value="500"/>
        <property name="defaultErrorView" value="unexpectedError"/>
+        <property name="warnLogCategory" value="com.wisemapping.mvc.Exceptions"/>
+
        <property name="exceptionMappings">
            <props>
-                <!-- Security exceptions are wrapped in this exceptions -->
+                <!-- Security access exceptions must not handled as unexpected errors -->
+                <prop key="com.wisemapping.exceptions.MapNonPublicException">securityError</prop>
                <prop key="com.wisemapping.exceptions.AccessDeniedSecurityException">securityError</prop>
            </props>
        </property>

        <property name="statusCodes">
            <props>
-                <prop key="securityError">404</prop>
+                <prop key="securityError">403</prop>
            </props>
        </property>
-
-        <property name="exclude">
-            <set>
-                <value>java.lang.reflect.UndeclaredThrowableException</value>
-            </set>
-        </property>
-        <property name="notificationService" ref="notificationService"/>
    </bean>

    <bean id="viewResolver" class="org.springframework.web.servlet.view.UrlBasedViewResolver">