Skip to content

Issue #12720 - fix servlet error dispatch for errors generated by SecurityHandler #13693

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: jetty-12.1.x
Choose a base branch
from
Open

Issue #12720 - fix servlet error dispatch for errors generated by SecurityHandler #13693

wants to merge 5 commits into from
+185 −64

Conversation

@lachlan-roberts
Copy link
Contributor

Closes #12720

Currently SecurityHandler does only Response.writeError when a 403 response needs to be sent. However this will not dispatch to a servlet error page, for this we need to do AuthenticationState.writeError and handle the case if it returns AuthenticationState.ServeAs.

@lachlan-roberts lachlan-roberts self-assigned this Oct 10, 2025
@gregw
Copy link
Contributor

gregw commented Oct 13, 2025

@lachlan-roberts the CI failures look to be more than flakes.

gregw
gregw requested changes Oct 13, 2025
View reviewed changes
Copy link
Contributor

@gregw gregw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

more than flakes

@lachlan-roberts
Copy link
Contributor Author

@gregw the tests are failing because the AuthenticationState.writeError and ErrorHandler.writeError do not support taking a message string.

So do you think i should adjust both the AuthenticationState.writeError and ErrorHandler.writeError API to take a String message, or should I adjust the tests to not check for the !authroized string?

@joakime joakime moved this to 👀 In review in Jetty 12.1.4 Oct 16, 2025
@lachlan-roberts lachlan-roberts requested a review from gregw October 20, 2025 23:33
@lachlan-roberts
PR #13693 - changes from review
c0f394f 
Signed-off-by: Lachlan Roberts <[email protected]>
@lachlan-roberts lachlan-roberts requested a review from gregw October 21, 2025 00:19
gregw
gregw requested changes Oct 21, 2025
View reviewed changes
@lachlan-roberts
PR #13693 - changes from review
acb911a 
Signed-off-by: Lachlan Roberts <[email protected]>
@lachlan-roberts lachlan-roberts requested a review from gregw October 29, 2025 01:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@janbartel janbartel Awaiting requested review from janbartel

@gregw gregw Awaiting requested review from gregw

Requested changes must be addressed to merge this pull request.

Assignees

@lachlan-roberts lachlan-roberts

Labels

None yet

Projects

Jetty 12.1.4
Status: 👀 In review

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Error attributes not set on request in Jetty 12

3 participants

@lachlan-roberts @gregw