Skip to content

Commit d0786de

Browse files
alexrobinalexrobin
committed
Properly logs unauthorized access in admin servlet
1 parent 1fdf528 commit d0786de

2 files changed

Lines changed: 25 additions & 2 deletions

File tree

sensorhub-webui-core/src/main/java/org/sensorhub/ui/AdminUIModule.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -156,7 +156,7 @@ public void start() throws SensorHubException
156156
// reset java util logging config so we don't get annoying atmosphere logs
157157
LogManager.getLogManager().reset();//.getLogger("org.atmosphere").setLevel(Level.OFF);
158158

159-
vaadinServlet = new AdminUIServlet(securityHandler);
159+
vaadinServlet = new AdminUIServlet(securityHandler, getLogger());
160160
Map<String, String> initParams = new HashMap<String, String>();
161161
initParams.put(SERVLET_PARAM_UI_CLASS, AdminUI.class.getCanonicalName());
162162
initParams.put(SERVLET_PARAM_MODULE_ID, getLocalID());

sensorhub-webui-core/src/main/java/org/sensorhub/ui/AdminUIServlet.java

Lines changed: 24 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,17 +19,21 @@
1919
import javax.servlet.ServletException;
2020
import javax.servlet.http.HttpServletRequest;
2121
import javax.servlet.http.HttpServletResponse;
22+
import org.slf4j.Logger;
23+
import org.vast.ows.OWSUtils;
2224
import com.vaadin.server.VaadinServlet;
2325

2426

2527
@SuppressWarnings("serial")
2628
public class AdminUIServlet extends VaadinServlet
2729
{
30+
final transient Logger log;
2831
final transient AdminUISecurity securityHandler;
2932

3033

31-
AdminUIServlet(AdminUISecurity securityHandler)
34+
AdminUIServlet(AdminUISecurity securityHandler, Logger log)
3235
{
36+
this.log = log;
3337
this.securityHandler = securityHandler;
3438
}
3539

@@ -46,10 +50,29 @@ protected void service(HttpServletRequest request, HttpServletResponse response)
4650
securityHandler.checkPermission(securityHandler.admin_access);
4751
super.service(request, response);
4852
}
53+
catch (SecurityException e)
54+
{
55+
log.info("Access Forbidden: {}", e.getMessage());
56+
sendError(response, HttpServletResponse.SC_FORBIDDEN, e.getMessage());
57+
}
4958
finally
5059
{
5160
securityHandler.clearCurrentUser();
5261
}
5362
}
63+
64+
65+
protected void sendError(HttpServletResponse resp, int errorCode, String errorMsg)
66+
{
67+
try
68+
{
69+
resp.sendError(errorCode, errorMsg);
70+
}
71+
catch (IOException e)
72+
{
73+
if (!OWSUtils.isClientDisconnectError(e) && log.isDebugEnabled())
74+
log.error("Cannot send error", e);
75+
}
76+
}
5477

5578
}

0 commit comments

Comments
 (0)