Set secure flag & log exception

[portal.git] / ecomp-portal-BE-os / src / main / java / org / onap / portalapp / controller / LoginController.java

diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/LoginController.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/LoginController.java
index 0ee1171..3b0281f 100644 (file)
--- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/LoginController.java
+++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/LoginController.java
@@ -33,12 +33,13 @@
  *
  * ============LICENSE_END============================================
  *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * 
  */
 package org.onap.portalapp.controller;
 
 import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID;
 
+import java.io.IOException;
 import java.net.MalformedURLException;
 import java.net.URL;
 import java.net.URLDecoder;
@@ -55,7 +56,6 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.lang.StringUtils;
 import org.json.JSONObject;
 import org.onap.portalapp.command.EPLoginBean;
-import org.onap.portalapp.controller.EPUnRestrictedBaseController;
 import org.onap.portalapp.portal.domain.SharedContext;
 import org.onap.portalapp.portal.service.EPLoginService;
 import org.onap.portalapp.portal.service.EPRoleFunctionService;
@@ -66,12 +66,13 @@ import org.onap.portalapp.util.EPUserUtils;
 import org.onap.portalapp.util.SessionCookieUtil;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.portalsdk.core.menu.MenuProperties;
-import org.onap.portalsdk.core.onboarding.util.CipherUtil;
 import org.onap.portalsdk.core.util.SystemProperties;
 import org.slf4j.MDC;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Controller;
 import org.springframework.util.StopWatch;
+import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.ResponseBody;
@@ -148,8 +149,7 @@ public class LoginController extends EPUnRestrictedBaseController implements Log
                } else {
                        // store the currently logged in user's information in the session
                        EPUserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
-                                       commandBean.getBusinessDirectMenu(),
-                                       SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM), ePRoleFunctionService);
+                                       commandBean.getBusinessDirectMenu(), ePRoleFunctionService);
 
                        try {
                                logger.info(EELFLoggerDelegate.debugLogger, "loginValidate: store user info into share context begins");
@@ -264,8 +264,7 @@ public class LoginController extends EPUnRestrictedBaseController implements Log
                                                orgUserId);
 
                                EPUserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
-                                               commandBean.getBusinessDirectMenu(),
-                                               SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM), ePRoleFunctionService);
+                                               commandBean.getBusinessDirectMenu(), ePRoleFunctionService);
                                logger.info(EELFLoggerDelegate.debugLogger,
                                                "processSingleSignOn: now set up user session for {} finished", orgUserId);
 
@@ -411,4 +410,9 @@ public class LoginController extends EPUnRestrictedBaseController implements Log
                this.sharedContextService = sharedContextService;
        }
 
+       @ExceptionHandler(Exception.class)
+       protected void handleBadRequests(Exception e, HttpServletResponse response) throws IOException {
+               logger.warn(EELFLoggerDelegate.errorLogger, "Handling bad request", e);
+               response.sendError(HttpStatus.BAD_REQUEST.value());
+       }
 }