use of org.springframework.security.web.firewall.RequestRejectedException in project gocd by gocd.
the class MainFilterChain method doFilter.
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
try {
super.doFilter(request, response, chain);
} catch (RequestRejectedException e) {
REQUEST_REJECTED_EXCEPTION_HANDLER.handle(request, response, e.getMessage(), HttpStatus.BAD_REQUEST);
} catch (HttpRequestMethodNotSupportedException e) {
REQUEST_REJECTED_EXCEPTION_HANDLER.handle(request, response, e.getMessage(), HttpStatus.METHOD_NOT_ALLOWED);
}
}
use of org.springframework.security.web.firewall.RequestRejectedException in project spring-security by spring-projects.
the class MiscHttpConfigTests method getWhenUsingCustomRequestRejectedHandlerThenRequestRejectedHandlerIsInvoked.
@Test
public void getWhenUsingCustomRequestRejectedHandlerThenRequestRejectedHandlerIsInvoked() throws Exception {
this.spring.configLocations(xml("RequestRejectedHandler")).autowire();
HttpServletResponse response = new MockHttpServletResponse();
RequestRejectedException rejected = new RequestRejectedException("failed");
HttpFirewall firewall = this.spring.getContext().getBean(HttpFirewall.class);
RequestRejectedHandler requestRejectedHandler = this.spring.getContext().getBean(RequestRejectedHandler.class);
given(firewall.getFirewalledRequest(any(HttpServletRequest.class))).willThrow(rejected);
this.mvc.perform(get("/unprotected"));
verify(requestRejectedHandler).handle(any(), any(), any());
}
use of org.springframework.security.web.firewall.RequestRejectedException in project spring-security by spring-projects.
the class FilterChainProxyTests method requestRejectedHandlerIsCalledIfFirewallThrowsRequestRejectedException.
@Test
public void requestRejectedHandlerIsCalledIfFirewallThrowsRequestRejectedException() throws Exception {
HttpFirewall fw = mock(HttpFirewall.class);
RequestRejectedHandler rjh = mock(RequestRejectedHandler.class);
this.fcp.setFirewall(fw);
this.fcp.setRequestRejectedHandler(rjh);
RequestRejectedException requestRejectedException = new RequestRejectedException("Contains illegal chars");
given(fw.getFirewalledRequest(this.request)).willThrow(requestRejectedException);
this.fcp.doFilter(this.request, this.response, this.chain);
verify(rjh).handle(eq(this.request), eq(this.response), eq((requestRejectedException)));
}
Aggregations