Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Wrong class registered in jaxrs feature #1383

Closed
zenios opened this issue Mar 23, 2024 · 2 comments · Fixed by #1384 or #1487
Closed

Wrong class registered in jaxrs feature #1383

zenios opened this issue Mar 23, 2024 · 2 comments · Fixed by #1384 or #1487
Assignees
Labels
jakartaee Jakarta EE java Pull requests that update Java code
Milestone

Comments

@zenios
Copy link

zenios commented Mar 23, 2024

context.register(UnauthenticatedException.class);

It should be UnauthenticatedExceptionExceptionMapper not UnauthenticatedException

@lprimak lprimak added this to the 2.0.1 milestone Mar 23, 2024
@lprimak lprimak added java Pull requests that update Java code jakartaee Jakarta EE labels Mar 23, 2024
@lprimak lprimak self-assigned this Mar 23, 2024
lprimak added a commit that referenced this issue Mar 25, 2024
…text

[#1383] bugfix: fix exception mapper type from registered features
@steinarb
Copy link
Contributor

steinarb commented May 20, 2024

There may still be something wrong with this...?

I tried the current main snapshot today and my unit tests were flipped: The test expecting status code 401 got 403 and the test expecting status code 403 got 401.

I tried the snapshot since I got failing unit tests when using shiro 2.0.0: https://lists.apache.org/thread/fwslydgdtnscv5tg6yqgnx88zdl50gco

With shiro 2.0.0 I got 401 Unauthorized responses where I was expecting 403 Forbidden (accessing rest endpoint with a logged in user without the required role) and I got UnauthenticatedException where I was expecting a 401 Unauthorized response.

But with a snapshot built from the current main I no longer got UnauthenticatedException, but the tests expected 401 and 403 status code got unexpected results (the actual values of the tests were flipped wrt the expected values).

Here is the shiro-jaxrs annotated jersey resource used by the tests: https://github.com/steinarb/servlet/blob/master/servlet/servlet.jersey/src/test/java/no/priv/bang/servlet/jersey/test/resources/ProtectedHelloResource.java#L13

Here is the shiro.ini file defining the users and role used by the tests: https://github.com/steinarb/servlet/blob/master/servlet/servlet.jersey/src/test/resources/test.shiro.ini

@steinarb
Copy link
Contributor

The mapper code in shiro-jaxrs looks OK. The exceptions both inherit from the same class but not from each other so there shouldn't be one mapper "eating" the exceptions of the other.

And my tests seem to do the right thing...? (though, I am open to the fact that I may be wrong...?).

But if the mappers are OK and my tests are OK: are the wrong exceptions thrown by something?

@lprimak lprimak reopened this May 20, 2024
lprimak added a commit that referenced this issue May 21, 2024
[#1383] bugfix(jax-rs): unauthenticated vs. authorized HTTP response codes we…
lprimak added a commit to lprimak/shiro that referenced this issue May 22, 2024
…er and UnauthorizedExceptionExceptionMapper to show correct return codes

relates to apache#1383
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
jakartaee Jakarta EE java Pull requests that update Java code
Projects
None yet
3 participants