HomeSupportForumsCoreWeb

Exceptions Being Swallowed?

Tue, 02/26/2008 - 9:01pm — wmathot

Hello,

I am currently using a few of the HTTP Filters provided by JSecurity, and am finding that they swallow exceptions that are thrown by the underlying servlet's service method (doGet, doPost, etc.). As a result, the exception is logged and the browser is displayed a blank screen instead of the regular error page. In looking at the code, it would seem that the responsible class is WebInterceptorFilter, which catches exceptions and then logs it (never throwing it back out, thus percolating up to the servlet container).

This is causing a problem for my particular case, and would seem to be a bad practice in general. Is this a known issue, and something that is going to be addressed in future releases? I believe I can work around this for my current project, but would like to see JSecurity handle this better if possible. If I'm way off base here and am missing something, please let me know. I am new to JSecurity.

For what its worth, this is JSF application I am currently using.

Thanks,
Witt

‹ Taglib & cache? Filters vs Interceptors ›
Wed, 02/27/2008 - 1:34am — lhazlewood

Good catch!

(Pun intended, sorry :) ).

Thanks very much for catching this - you're right, it should not be swallowed and logged, but instead propagated as the Filter doFilter call allows for.

The code has been changed to handle this properly now. The catch block, instead of logging to trace, now looks like the following:

} catch (Exception e) {
    exception = e;
    if ( e instanceof ServletException ) {
        throw (ServletException)e;
    } else if ( e instanceof IOException ) {
        throw (IOException)e;
    } else {
        String msg = "Filter execution resulted in a Exception (not IOException or ServletException).  " +
                            "Wrapping in ServletException and propagating.";
        throw new ServletException( msg, e );
    }
} finally {
    ...
}

Thanks again Witt, this was very helpful

Les

Fri, 02/29/2008 - 8:03pm — wmathot

Sure thing, happy to help.

Sure thing, happy to help. Thanks for the quick reply and turnaround on the fix.