fix access token error

2016-01-05 22:36:50 +09:00 · 2016-01-05 22:36:50 +09:00 · 2ccddc8381
commit 2ccddc8381
parent a5d6e51772
2 changed files with 33 additions and 17 deletions
--- a/src/main/java/org/codelibs/fess/api/es/EsApiManager.java
+++ b/src/main/java/org/codelibs/fess/api/es/EsApiManager.java
@ -74,23 +74,28 @@ public class EsApiManager extends BaseApiManager {
    @Override
    public void process(final HttpServletRequest request, final HttpServletResponse response, final FilterChain chain) throws IOException,
            ServletException {
-        getSessionManager().getAttribute(Constants.ES_API_ACCESS_TOKEN, String.class).ifPresent(token -> {
-            final String servletPath = request.getServletPath();
-            final String pathPrefix = ADMIN_SERVER + token;
-            if (!servletPath.startsWith(pathPrefix)) {
-                throw new WebApiException(HttpServletResponse.SC_FORBIDDEN, "Invalid access token.");
-            }
-            final String path;
-            final String value = servletPath.substring(pathPrefix.length());
-            if (!value.startsWith("/")) {
-                path = "/" + value;
-            } else {
-                path = value;
-            }
-            processRequest(request, response, path);
-        }).orElse(() -> {
-            throw new WebApiException(HttpServletResponse.SC_FORBIDDEN, "Invalid session.");
-        });
+        try {
+            getSessionManager().getAttribute(Constants.ES_API_ACCESS_TOKEN, String.class).ifPresent(token -> {
+                final String servletPath = request.getServletPath();
+                final String pathPrefix = ADMIN_SERVER + token;
+                if (!servletPath.startsWith(pathPrefix)) {
+                    throw new WebApiException(HttpServletResponse.SC_FORBIDDEN, "Invalid access token.");
+                }
+                final String path;
+                final String value = servletPath.substring(pathPrefix.length());
+                if (!value.startsWith("/")) {
+                    path = "/" + value;
+                } else {
+                    path = value;
+                }
+                processRequest(request, response, path);
+            }).orElse(() -> {
+                throw new WebApiException(HttpServletResponse.SC_FORBIDDEN, "Invalid session.");
+            });
+        } catch (WebApiException e) {
+            logger.debug("Web API access error. ", e);
+            e.sendError(response);
+        }
    }

    protected void processRequest(final HttpServletRequest request, final HttpServletResponse response, final String path) {
--- a/src/main/java/org/codelibs/fess/exception/WebApiException.java
+++ b/src/main/java/org/codelibs/fess/exception/WebApiException.java
@ -15,6 +15,10 @@
 */
 package org.codelibs.fess.exception;

+import java.io.IOException;
+
+import javax.servlet.http.HttpServletResponse;
+
 public class WebApiException extends FessSystemException {

    private static final long serialVersionUID = 1L;
@ -39,4 +43,11 @@ public class WebApiException extends FessSystemException {
        this(statusCode, e.getMessage(), e);
    }

+    public void sendError(HttpServletResponse response) {
+        try {
+            response.sendError(statusCode, getMessage());
+        } catch (IOException e) {
+            throw new FessSystemException("SC:" + statusCode + ": " + getMessage(), e);
+        }
+    }
 }