[jboss-jira] [JBoss JIRA] (WFCORE-4045) Make ExtensibleHttpManagement.addManagementHandler() return error code 500

Kabir Khan (JIRA) issues at jboss.org
Mon Aug 20 15:58:00 EDT 2018 

    [ https://issues.jboss.org/browse/WFCORE-4045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13621706#comment-13621706 ] 

Kabir Khan edited comment on WFCORE-4045 at 8/20/18 3:57 PM:
-------------------------------------------------------------

See WFLY-10861 for the background information resulting in this.

The output with https://github.com/wildfly/wildfly-core/pull/3465 is now:
{code}
$curl -v  http://127.0.0.1:9990/health
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 9990 (#0)
> GET /health HTTP/1.1
> Host: 127.0.0.1:9990
> User-Agent: curl/7.54.0
> Accept: */*
> 
< HTTP/1.1 500 Internal Server Error
< Connection: keep-alive
< Content-Type: application/json; charset=utf-8
< Content-Length: 408
< Date: Mon, 20 Aug 2018 19:39:30 GMT
< 
* Connection #0 to host 127.0.0.1 left intact
"WFLYDMHTTP0016: Your Application Server is running. However you have not yet added any users to be able to access the HTTP management interface. To add a new user execute the add-user.sh script within the bin folder of your WildFly installation and enter the requested information. By default the realm name used by WildFly is 'ManagementRealm' and this is already selected by default by the add-user tool."
{code}
{code}
[~]
$curl -v  -L http://127.0.0.1:9990/health
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 9990 (#0)
> GET /health HTTP/1.1
> Host: 127.0.0.1:9990
> User-Agent: curl/7.54.0
> Accept: */*
> 
< HTTP/1.1 500 Internal Server Error
< Connection: keep-alive
< Content-Type: application/json; charset=utf-8
< Content-Length: 408
< Date: Mon, 20 Aug 2018 19:51:30 GMT
< 
* Connection #0 to host 127.0.0.1 left intact
"WFLYDMHTTP0016: Your Application Server is running. However you have not yet added any users to be able to access the HTTP management interface. To add a new user execute the add-user.sh script within the bin folder of your WildFly installation and enter the requested information. By default the realm name used by WildFly is 'ManagementRealm' and this is already selected by default by the add-user tool."
{code}

As discussed with [~rsvoboda] the API exposed to register http handlers from the subsystems is new and we want to keep it as simple as possible at the moment. The new ManagementHttpServer.addManagementHandler() was reusing the logic from the console to redirect to the standard error mechanism used for the console. This mechanism ends up loading the page https://github.com/wildfly/wildfly-core/blob/master/domain-http/error-context/src/main/resources/index.html (linux) or https://github.com/wildfly/wildfly-core/blob/master/domain-http/error-context/src/main/resources/index_win.html (windows).

For this use-case, which will also be used by other subsystems which want to register a custom HttpHandler, the mechanism is to simply send a 500 status code with the text shown above. If something more advanced is needed in the future we can expand the API, but it is too early to do so without knowing the use-cases.


was (Author: kabirkhan):
See WFLY-10861 for the background information resulting in this.

The output with https://github.com/wildfly/wildfly-core/pull/3465 is now:
{code}
$curl -v  http://127.0.0.1:9990/health
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 9990 (#0)
> GET /health HTTP/1.1
> Host: 127.0.0.1:9990
> User-Agent: curl/7.54.0
> Accept: */*
> 
< HTTP/1.1 500 Internal Server Error
< Connection: keep-alive
< Content-Type: application/json; charset=utf-8
< Content-Length: 408
< Date: Mon, 20 Aug 2018 19:39:30 GMT
< 
* Connection #0 to host 127.0.0.1 left intact
"WFLYDMHTTP0016: Your Application Server is running. However you have not yet added any users to be able to access the HTTP management interface. To add a new user execute the add-user.sh script within the bin folder of your WildFly installation and enter the requested information. By default the realm name used by WildFly is 'ManagementRealm' and this is already selected by default by the add-user tool."
{code}
{code}
[~]
$curl -v  -L http://127.0.0.1:9990/health
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 9990 (#0)
> GET /health HTTP/1.1
> Host: 127.0.0.1:9990
> User-Agent: curl/7.54.0
> Accept: */*
> 
< HTTP/1.1 500 Internal Server Error
< Connection: keep-alive
< Content-Type: application/json; charset=utf-8
< Content-Length: 408
< Date: Mon, 20 Aug 2018 19:51:30 GMT
< 
* Connection #0 to host 127.0.0.1 left intact
"WFLYDMHTTP0016: Your Application Server is running. However you have not yet added any users to be able to access the HTTP management interface. To add a new user execute the add-user.sh script within the bin folder of your WildFly installation and enter the requested information. By default the realm name used by WildFly is 'ManagementRea
{code}

As discussed with [~rsvoboda] the API exposed to register http handlers from the subsystems is new and we want to keep it as simple as possible at the moment. The new ManagementHttpServer.addManagementHandler() was reusing the logic from the console to redirect to the standard error mechanism used for the console. This mechanism ends up loading the page https://github.com/wildfly/wildfly-core/blob/master/domain-http/error-context/src/main/resources/index.html (linux) or https://github.com/wildfly/wildfly-core/blob/master/domain-http/error-context/src/main/resources/index_win.html (windows).

For this use-case, which will also be used by other subsystems which want to register a custom HttpHandler, the mechanism is to simply send a 500 status code with the text shown above. If something more advanced is needed in the future we can expand the API, but it is too early to do so without knowing the use-cases.

> Make ExtensibleHttpManagement.addManagementHandler() return error code 500
> --------------------------------------------------------------------------
>
>                 Key: WFCORE-4045
>                 URL: https://issues.jboss.org/browse/WFCORE-4045
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Management
>            Reporter: Kabir Khan
>            Assignee: Kabir Khan
>
> The security checks done by the handlers added via ExtensibleHttpManagement.addManagementHandler() currently redirect to the standard html page with an error code of 200. This behaviour is impossible to change.
> This is currently only used by MP Health, for which the ExtensibleHttpManagement API was added. Rather than expand this API we will change the behaviour of handlers added with this mechanism to return 500. The standard error page will be updated in WFCORE-4046 to be more generic.



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list