Skip to content

Service responds HTTP status 504 in case of LDAP timeout #289

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Apr 11, 2024
Merged

Service responds HTTP status 504 in case of LDAP timeout #289

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ad00113
Service responds HTTP status 506 in case of LDAP timeout
z-sztrom Mar 27, 2024
44c50c6
Small code optimization
z-sztrom Mar 28, 2024
0baa7d3
Code cleanup
z-sztrom Mar 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions ...c/main/java/com/ericsson/eiffel/remrem/publish/config/CustomAuthenticationEntryPoint.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;
Expand All @@ -27,5 +28,17 @@ public void commence(HttpServletRequest request, HttpServletResponse response,
LOGGER.warn("Bad Credentials {}", HttpStatus.UNAUTHORIZED);
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Invalid credentials");
}
else if (authException instanceof InternalAuthenticationServiceException) {
Throwable cause = authException.getCause();
if (cause instanceof org.springframework.ldap.CommunicationException communicationException) {
cause = communicationException.getCause();
if (cause instanceof javax.naming.CommunicationException namingCommunicationException) {
String message = namingCommunicationException.toString();
LOGGER.warn("Communication problem: {}; {}", HttpStatus.GATEWAY_TIMEOUT, message);
Copy link
Contributor

@piyush-sadangi piyush-sadangi Apr 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is GATEWAY_TIMEOUT the most appropriate HTTP status code for all possible CommunicationException scenarios?

Copy link
Contributor

@piyush-sadangi piyush-sadangi Apr 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am a bit confused. I did bit of googling and 504 status code is for gate-way timeout. But, the ticket says 506 status code. I assume we are trying to create a custom HTTP status code like 506 for LDAP timeout. If that is the case, why yse 504?

Correct me if i have not understood it right.

Copy link
Contributor Author

@z-sztrom z-sztrom Apr 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is GATEWAY_TIMEOUT the most appropriate HTTP status code for all possible CommunicationException scenarios?

You're right, strictly speaking LDAP isn't "a content delivery service" publisher depends on. But it cannot deliver response if LDAP is unavailable. That's why I used this status code.

Do you have a suggestion?

Copy link
Contributor Author

@z-sztrom z-sztrom Apr 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am a bit confused. I did bit of googling and 504 status code is for gate-way timeout. But, the ticket says 506 status code. I assume we are trying to create a custom HTTP status code like 506 for LDAP timeout. If that is the case, why yse 504?

Correct me if i have not understood it right.

Yes, should be 504. Fixed.

Copy link
Contributor

@piyush-sadangi piyush-sadangi Apr 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is GATEWAY_TIMEOUT the most appropriate HTTP status code for all possible CommunicationException scenarios?

You're right, strictly speaking LDAP isn't "a content delivery service" publisher depends on. But it cannot deliver response if LDAP is unavailable. That's why I used this status code.

Do you have a suggestion?

No, it makes sense. I am okay with the existing HTTP status code. Thank you for the response.

response.sendError(HttpServletResponse.SC_GATEWAY_TIMEOUT, message);
response.flushBuffer();
}
}
}
}
}