Added pass-through logging option to AA.

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@491 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

diff --git a/src/edu/internet2/middleware/shibboleth/aa/AAServlet.java b/src/edu/internet2/middleware/shibboleth/aa/AAServlet.java
index 707ed70..ef110ae 100755 (executable)
--- a/src/edu/internet2/middleware/shibboleth/aa/AAServlet.java
+++ b/src/edu/internet2/middleware/shibboleth/aa/AAServlet.java
@@ -165,9 +165,8 @@ public class AAServlet extends HttpServlet {
                defaultProps.setProperty(
                        "edu.internet2.middleware.shibboleth.hs.provider.CryptoHandleRepository.keyStorePath",
                        "/conf/handle.jks");
-               defaultProps.setProperty(
-                       "edu.internet2.middleware.shibboleth.audiences",
-                       "urn:mace:InCommon:pilot:2003");
+               defaultProps.setProperty("edu.internet2.middleware.shibboleth.audiences", "urn:mace:InCommon:pilot:2003");
+               defaultProps.setProperty("edu.internet2.middleware.shibboleth.aa.AAServlet.passThruErrors", "false");
 
                //Load from file
                Properties properties = new Properties(defaultProps);
@@ -212,9 +211,7 @@ public class AAServlet extends HttpServlet {
                        PrintStream debugPrinter = new PrintStream(debugStream);
                        properties.list(debugPrinter);
                        log.debug(
-                               "Runtime configuration parameters: "
-                                       + System.getProperty("line.separator")
-                                       + debugStream.toString());
+                               "Runtime configuration parameters: " + System.getProperty("line.separator") + debugStream.toString());
                        try {
                                debugStream.close();
                        } catch (IOException e) {
@@ -286,31 +283,33 @@ public class AAServlet extends HttpServlet {
                                        {
                                                SAMLException.REQUESTER,
                                                new QName(edu.internet2.middleware.shibboleth.common.XML.SHIB_NS, "InvalidHandle")};
-                               saml.fail(
-                                       resp,
-                                       new SAMLException(
-                                               Arrays.asList(codes),
-                                               "The supplied Attribute Query Handle was unrecognized or expired."));
-                               return;
-                       } catch (Exception ee) {
-                               log.fatal("Could not construct a SAML error response: " + ee);
-                               throw new ServletException("Attribute Authority response failure.");
-                       }
-                       
-               } catch (SAMLException se) {
-                       log.error("Error while prcessing request: " + se);
-                       try {
-                               saml.fail(resp, new SAMLException(SAMLException.RESPONDER, "General error processing request."));
+                               if (configuration
+                                       .getProperty("edu.internet2.middleware.shibboleth.aa.AAServlet.passThruErrors", "false")
+                                       .equals("true")) {
+                                       saml.fail(
+                                               resp,
+                                               new SAMLException(
+                                                       Arrays.asList(codes),
+                                                       "The supplied Attribute Query Handle was unrecognized or expired."));
+                               } else {
+                                       saml.fail(resp, new SAMLException(Arrays.asList(codes), e));
+                               }
                                return;
                        } catch (Exception ee) {
                                log.fatal("Could not construct a SAML error response: " + ee);
                                throw new ServletException("Attribute Authority response failure.");
                        }
-                       
+
                } catch (Exception e) {
                        log.error("Error while processing request: " + e);
                        try {
-                               saml.fail(resp, new SAMLException(SAMLException.RESPONDER, "General error processing request."));
+                               if (configuration
+                                       .getProperty("edu.internet2.middleware.shibboleth.aa.AAServlet.passThruErrors", "false")
+                                       .equals("true")) {
+                                       saml.fail(resp, new SAMLException(SAMLException.RESPONDER, e));
+                               } else {
+                                       saml.fail(resp, new SAMLException(SAMLException.RESPONDER, "General error processing request."));
+                               }
                                return;
                        } catch (Exception ee) {
                                log.fatal("Could not construct a SAML error response: " + ee);

diff --git a/webApplication/WEB-INF/classes/conf/origin.properties b/webApplication/WEB-INF/classes/conf/origin.properties
index 4bb59bd..b32bb83 100755 (executable)
--- a/webApplication/WEB-INF/classes/conf/origin.properties
+++ b/webApplication/WEB-INF/classes/conf/origin.properties
@@ -46,6 +46,11 @@
 
  # [Required] Name of this Attribute Authority (usually a dns name)
  #edu.internet2.middleware.shibboleth.aa.AAServlet.authorityName = shib2.internet2.edu
+ 
+ # [Optional] Set to true if the Attribute Authority should pass internal error messages to 
+ # the SHAR (for debugging purposes) (defaults to false)
+ #edu.internet2.middleware.shibboleth.aa.AAServlet.passThruErrors = false
+ 
 
 
 ##### Data Source #####