[undertow-dev] how to use ExceptionHandler & security together

[Michael Grove]

I have a pretty basic server set up:

ExceptionHandler -> Security Handlers * -> PathTemplateHandler -> my routes

* The security handlers are set up as shown in the examples [1] and I'm
also using the same `IdentityManager` for my tinkering.

What I'm seeing is that in ExceptionHandler [2] the request is just passed
directly onto the next handler, which in this case, is the start of the
security handlers.

The request is passed through each handler until it hits
`AuthenticationCallHandler` and is moved off the IO thread [3]. The call
then returns, and all the invocations to the next handler finish back up
the stack until `ExceptionHandler`, where the call completes successfully.

Trouble is, the request was malformed and the route handling it threw an
exception and it wasn't handled as expected.

I guess the correct answer is that I shouldn't have allowed it to get
thrown out of the handler for the route; catch it there and send the
expected error response.

But, I'm curious if there was a way to do this with the handlers, or
perhaps, more generally, what are the expectations along the call chain of
handlers when some may move off the initial IO thread.

Thanks.

Mike


[1]
https://github.com/undertow-io/undertow/blob/master/examples/src/main/java/io/undertow/examples/security/basic/BasicAuthServer.java
[2]
https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io/undertow/server/handlers/ExceptionHandler.java#L29
[3]
https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io/undertow/security/handlers/AuthenticationCallHandler.java#L45-L48
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/undertow-dev/attachments/20160331/746e95eb/attachment.html