Ticket #978 (closed defect: fixed)

Opened 11 years ago

Last modified 11 years ago

[S][DS] AuthKit error with call to WCS with no query args

Reported by: pjkersha Owned by: pjkersha
Priority: required Milestone:
Component: security Version:
Keywords: AuthKit Cc:

Description (last modified by pjkersha) (diff)

A call to the WCS with no query args set should be handled gracefully with a html error page telling the user to supply a request param.

However the current AuthKit (r153) Pylons security middleware trips up with trace below.

URL is:  http://ndgbeta.badc.rl.ac.uk/wcs/badc.nerc.ac.uk__NDG-A0__AWQX8gTc

I've sent a ticket to AuthKit developer. - Ticket is pending support on this.

URL: http://glue.badc.rl.ac.uk:8081/wcs/badc.nerc.ac.uk__NDG-A0__AWQX8gTc
Module paste.exceptions.errormiddleware:144 in __call__
<<              __traceback_supplement__ = Supplement, self, environ
                sr_checker = ResponseStartChecker(start_response)
                app_iter = self.application(environ, sr_checker)
                return self.make_catching_iter(app_iter, environ, sr_checker)
            except:>>  app_iter = self.application(environ, sr_checker)
Module paste.httpexceptions:636 in __call__
<<                             []).append(HTTPException)
            try:
                return self.application(environ, start_response)
            except HTTPException, exc:
                return exc(environ, start_response)>>  return self.application(environ, start_response)
Module ows_server.config.ndgMiddleware:135 in __call__
<<  
            environ['ndgConfig']=self.config
            return self.app(environ,start_response)>>  return self.app(environ,start_response)
Module ndg.security.server.sso.sso.config.ssoServiceMiddleware:62 in __call__
<<  
        def __call__(self, environ, start_response):
            return self.app(environ, start_response)>>  return self.app(environ, start_response)
Module beaker.session:405 in __call__
<<              return start_response(status, headers, exc_info)
            try:
                response = self.wrap_app(environ, session_start_response)
            except:
                ty, val = sys.exc_info()[:2]>>  response = self.wrap_app(environ, session_start_response)
Module authkit.authenticate:324 in __call__
<<      def __call__(self, environ, start_response):
            environ.update(self.dct)
            return self.app(environ, start_response)
    
    class RequireEnvironKey(object):>>  return self.app(environ, start_response)
Module authkit.authenticate.cookie:395 in __call__
<<              headers.extend(set_cookies)
                return start_response(status, headers, exc_info)
            return self.app(environ, cookie_setting_start_response)
    
    #>>  return self.app(environ, cookie_setting_start_response)
Module authkit.authenticate.open_id:473 in __call__
<<  
        def __call__(self, environ, start_response):
            return self.app(environ, start_response)
    
    def load_openid_config(>>  return self.app(environ, start_response)
Module authkit.authenticate.open_id:232 in __call__
<<              return response
            else:
                return self.app(environ, start_response)
    
        def verify(self, environ, start_response):>>  return self.app(environ, start_response)
Module authkit.authenticate.multi:86 in __call__
<<  
            app_iter = app(environ, start_response)
            if result_[0] is None:
                # The check failed and the initial app should be used.
                return app_iter>>  if result_[0] is None:
IndexError: list index out of range

Change History

comment:1 Changed 11 years ago by pjkersha

  • Status changed from new to assigned
  • Type set to defect
  • Description modified (diff)

comment:2 Changed 11 years ago by pjkersha

  • Status changed from assigned to closed
  • Resolution set to fixed
  • Description modified (diff)

This is caused in AuthKit when start_response has not been called by any of the middleware further up the chain. James Gardner maintainer of AuthKit has added a fix so that an exception is raised.

ows_server.lib.base.OwsController?.call calls render() when an exception is raised without calling the parent controller's call method:

        # If the EXCEPTION_TYPE is 'pylons' let Pylons catch any exceptions.
        # Otherwise send an OGC exception report for any OWS_E.OwsError
        if 'pylons' in EXCEPTION_TYPE:
            self._fixOwsAction(environ)
            return super(OwsController, self).__call__(environ, start_response)
        else:
            try:
                self._fixOwsAction(environ)
                return super(OwsController, self).__call__(environ, start_response)
            except OWS_E.OwsError, e:
                logger.exception(e)
                response.headers['content-type'] = 'text/xml'
                return render('exception_report', report=e.report, format='xml')

This means WSGIController.call is never called. WSGIController.call handles the call to start_response(). Fixed by calling start_response() before render in ows_server.lib.base.OwsController?.call:

        # If the EXCEPTION_TYPE is 'pylons' let Pylons catch any exceptions.
        # Otherwise send an OGC exception report for any OWS_E.OwsError
        if 'pylons' in EXCEPTION_TYPE:
            self._fixOwsAction(environ)
            return super(OwsController, self).__call__(environ, start_response)
        else:
            try:
                self._fixOwsAction(environ)
                return super(OwsController, self).__call__(environ, start_response)
            except OWS_E.OwsError, e:
                logger.exception(e)
                start_response('200 OK', [('Content-type', 'text/xml')])
                return render('exception_report', report=e.report, format='xml')

 http://proj.badc.rl.ac.uk/ndg/changeset/4066

Note: See TracTickets for help on using tickets.