blame | history | raw | HEAD
rsanchez
2016-03-03 2c9782e63437da9ef4c885fd5f793e7f7e79a6cb 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

package net.curisit.securis;



import javax.persistence.EntityManager;

import javax.servlet.http.HttpServletRequest;

import javax.ws.rs.ForbiddenException;

import javax.ws.rs.core.Context;

import javax.ws.rs.core.MediaType;

import javax.ws.rs.core.Response;

import javax.ws.rs.core.Response.Status;

import javax.ws.rs.core.SecurityContext;

import javax.ws.rs.ext.ExceptionMapper;

import javax.ws.rs.ext.Provider;



import net.curisit.securis.services.exception.SeCurisServiceException;

import net.curisit.securis.services.exception.SeCurisServiceException.ErrorCodes;



import org.apache.logging.log4j.LogManager;

import org.apache.logging.log4j.Logger;



@Provider

public class DefaultExceptionHandler implements ExceptionMapper<Exception> {

    private static final Logger LOG = LogManager.getLogger(DefaultExceptionHandler.class);



    public static final int DEFAULT_APP_ERROR_STATUS_CODE = 418;

    public static final String ERROR_MESSAGE_HEADER = "X-SECURIS-ERROR-MSG";

    public static final String ERROR_CODE_MESSAGE_HEADER = "X-SECURIS-ERROR-CODE";



    public DefaultExceptionHandler() {

        LOG.info("Creating DefaultExceptionHandler ");

    }



    @Context

    HttpServletRequest request;

    @Context

    SecurityContext bsc;

    @Context

    EntityManager em;



    @Override

    public Response toResponse(Exception e) {

        releaseEntityManager();

        if (e instanceof ForbiddenException) {

            LOG.warn("ForbiddenException: {}", e);

            return Response.status(Status.UNAUTHORIZED).header(ERROR_CODE_MESSAGE_HEADER, ErrorCodes.INVALID_CREDENTIALS)

                    .header(ERROR_MESSAGE_HEADER, "Unathorized access to the application").type(MediaType.APPLICATION_JSON).build();

        }



        if (e instanceof SeCurisServiceException) {

            LOG.warn("SeCurisServiceException: {}", e);

            return Response.status(DEFAULT_APP_ERROR_STATUS_CODE).header(ERROR_CODE_MESSAGE_HEADER, ((SeCurisServiceException) e).getStatus())

                    .header(ERROR_MESSAGE_HEADER, e.getMessage()).type(MediaType.APPLICATION_JSON).build();

        }



        LOG.error("Unexpected error accesing to '{}' by user: {}", request.getPathInfo(), bsc.getUserPrincipal());

        LOG.error("Request sent from {}, with User-Agent: {}", request.getRemoteHost(), request.getHeader("User-Agent"));

        LOG.error("Request url: " + request.getRequestURL(), e);

        return Response.serverError().header(ERROR_MESSAGE_HEADER, "Unexpected error: " + e.toString()).type(MediaType.APPLICATION_JSON).build();

    }



    private void releaseEntityManager() {

        try {

            if (em != null && em.isOpen()) {

                LOG.debug("CLOSING EM: {}, trans: {}", em, em.isJoinedToTransaction());

                if (em.isJoinedToTransaction()) {

                    em.getTransaction().rollback();

                    LOG.info("ROLLBACK");

                }

                em.close();

            }

        } catch (Exception ex) {

            ex.printStackTrace();

            LOG.error("Error closing EM: {}, {}", em, ex);

        }

    }

}