[prev in list] [next in list] [prev in thread] [next in thread]
List: wsas-java-dev
Subject: Re: [Carbon-dev] Ensure that we do not swallow exceptions
From: Senaka Fernando <senaka () wso2 ! com>
Date: 2012-01-29 10:12:13
Message-ID: CAPniqXKrhWw3C-S+c+uC87OaK5VY0sDqqFZ8ZpkwbT7=cXP2gg () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi Hasini,
On Saturday, January 28, 2012, Hasini Gunasinghe <hasini@wso2.com> wrote:
> Hi Senaka,
>
> On Sat, Jan 28, 2012 at 7:13 AM, Senaka Fernando <senaka@wso2.com> wrote:
>>
>> Hi Hasini,
>>
>> On Tuesday, January 24, 2012, Hasini Gunasinghe <hasini@wso2.com> wrote:
>> > Hi Senaka,
>> >
>> > On Mon, Jan 23, 2012 at 11:16 PM, Senaka Fernando <senaka@wso2.com>
wrote:
>> >>
>> >> Hi Hasini,
>> >>
>> >> On Mon, Jan 23, 2012 at 10:06 PM, Hasini Gunasinghe <hasini@wso2.com>
wrote:
>> >>>
>> >>> Hi Senaka,
>> >>>
>> >>> On Mon, Jan 23, 2012 at 8:41 PM, Senaka Fernando <senaka@wso2.com>
wrote:
>> >>>>
>> >>>> Hi Azeez,
>> >>>>
>> >>>> Sorry lost track of this.
>> >>>>
>> >>>> 1. The first one is the easiest. Insert malformed XML into
user-mgt.xml and start the server. Console is clean (no exceptions). Server
hangs and does not start-up. There is no clue to what went wrong. Just make
<Configuration> into <!--Configuration>.
>> >>>
>> >>> Error reporting needs to be fixed here. Thanks for reporting.
>
> This was fixed in trunk.
>>
>> >>>>
>> >>>> 2. Create any possible error that would result in the user profiles
section being corrupted. No exceptions on the BE. The front-end returns the
same error message for all types of errors making debugging a nightmare. We
reproduced this by a an accidentally corrupted database, but there could be
many other ways to get to this.
>> >>>
>> >>> I couldn't reproduce this with user profiles feature. Can you please
mention couple of examples out of the many ways you observed this?
>> >>
>> >> As I said I got it reproduced using an accidentally corrupted DB, but
there could be many other ways - by looking at the code.
>> >
>> > Since you have already identified the related code, can you please
point to it? So that it will be easy to rectify it if there are any issues.
>>
>> Great. I misunderstood you earlier. Find the exception in the index.jsp,
add.jsp and edit.jsp pages of the identity user profile UI. There you catch
the exception and send an error message to the UI. It is the same error
message in all 3 cases, so it should be easy to locate. Now, check the
corresponding code in BE. You'll see that all exceptions are simply
propagated to FE, and at times, the cause is not carried forward. You need
to dig deeper and deeper into the BE code until you get to the low-level
LDAP layer up until the admin service.
>
> Thanks for the information. It will help to identify where to fix.
> However, since I haven't written the code in this component, I am not
quite sure whether the error handling was done that way on any purpose.
Anyway, it's clearly not the model we follow. Please log and forward.
>>
>>
>> >
>> >>
>> >> But, I have not attempted to. What I'm trying to get to is that, any
error will produce no stack traces but a single error message in the UI.
>> >>
>> >>>>
>> >>>> Though not quite related, we noticed that usernames on Carbon 3.2.3
are case-sensitive,
>> >>>
>> >>> I guess you meant to say case insensitive - we have mentioned this
in sign-in help docs as follows:
>> >>> "Please note that due to the inherited behaviour of default user
store - which is embedded-ldap, user names are case insensitive in 3.2.0
based carbon products."
>> >>> Are you sure the login failure you encountered is due to a case
sensitive issue?
>> >>> Because username is case insensitive as mentioned above - and allows
you to login even if you change the case of the username.
>> >>
>> >> Actually, if the username was 'U12345' you cannot login as 'u12345',
which is the concern.
>> >
>> > I tried this case with IS 3.2.3 and it is possible to login with both
the above usernames with default user store - which is embedded ldap.
>> > Did you encounter this with any other custom LDAP?
>> > In that case, it is not a regression issue, but it is due to a
behavior of that particular LDAP that you connected to.
>>
>> Not really. When connected to same custom LDAP, the sensitivity is not
effective in older releases (very clear in 3.1.0 and perhaps in 3.2.0). So,
this is clearly a regression.
>
> Can you please let me know what is the LDAP server you tried to connect
to - i.e: OpenLDAP, ApacheDS etc? (So that we can try to reproduce.)
> Because this could not be reproduced with embedded-apacheds and was able
to login with the same user name in both lower and upper case.
Will try to get this asap. But, can u first connect to LDAP and create a
user with mixed cases or all uppercase, then connect Carbon, and try to
login with all lowercase? That's what seemed to have happened.
Thanks,
Senaka.
> Thanks,
> Hasini.
>>
>> Thanks,
>> Senaka.
>>
>> > Thanks,
>> > Hasini.
>> >
>> > Thanks,
>> > Senaka.
>> >
>> > Thanks,
>> > Hasini.
>> >
>> >
>> > which is a L1 regression. Also, just as in 1 and 2 above, the error is
failed login attempt, and BE is dead silent to what went wrong. It took at
least a dozen retries to figure out and a fair amount on time wasted in
understanding what went wrong. Though the FE might give out a simple
authentication failure, I'd expect the BE to be more specific to what went
wrong.
>> >
>> > Thanks,
>> > Senaka.
>> >
>> > On Mon, Jan 23, 2012 at 8:19 PM, Afkham Azeez <azeez@wso2.com> wrote:
>> >
>> > Please post the relevant code segments. This is something we keep
repeating during code reviews.
>> >
>> > On Fri, Jan 20, 2012 at 11:16 PM, Senaka Fernando <senaka@wso2.com>
wrote:
>> >
>> > Hi all,
>> >
>> > Just like it can be ugly to see lengthy stacktraces at times, seeing
the UI not working and errors throwing and no stacktrace or clue of what
went wrong is extremely annoying. I was getting some errors from UM this
time, and multiple kinds of it; and, had to debug the code to learn what
was going wrong. The server is failing to work, but the console and the FE
has no clue to what went wrong. It's greatly appreciated if we could go
through some of these code and check that we properly throw exceptions. I
will follow up on the instances where exceptions were not thrown and how to
reproduce them.
>> >
>> > Thanks,
>> > Senaka.
>> >
>> > --
>> > Senaka Fernando
>> > Product Manager - WSO2 Governance Registry;
>> > Associate Technical Lead; WSO2 Inc.; http://wso2.com
>> > Member; Apache Software Foundation; http://apache.org
>> >
>> > E-mail: senaka AT wso2.com
>> > P: +1 408 754 7388; ext: 51736; M: +94 77 322 1818
>> > Linked-In: http://linkedin.com/in/senakafernando
>> >
>> > Lean . Enterprise . Middleware
>> >
>> >
>> > _______________________________________________
>> >
>> >
>>
>> --
>> Senaka Fernando
>> Product Manager - WSO2 Governance Registry;
>> Associate Technical Lead; WSO2 Inc.; http://wso2.com
>> Member; Apache Software Foundation; http://apache.org
>>
>> E-mail: senaka AT wso2.com
>> P: +1 408 754 7388; ext: 51736; M: +94 77 322 1818
>> Linked-In: http://linkedin.com/in/senakafernando
>>
>> Lean . Enterprise . Middleware
>>
>>
>> _______________________________________________
>> Carbon-dev mailing list
>> Carbon-dev@wso2.org
>> http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
>>
>
>
--
*Senaka Fernando*
Product Manager - WSO2 Governance Registry;
Associate Technical Lead; WSO2 Inc.; http://wso2.com*
Member; Apache Software Foundation; http://apache.org
E-mail: senaka AT wso2.com
**P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818
Linked-In: http://linkedin.com/in/senakafernando
*Lean . Enterprise . Middleware
[Attachment #5 (text/html)]
Hi Hasini,<br><br>On Saturday, January 28, 2012, Hasini Gunasinghe <<a \
href="mailto:hasini@wso2.com">hasini@wso2.com</a>> wrote:<br>> Hi \
Senaka,<br>><br>> On Sat, Jan 28, 2012 at 7:13 AM, Senaka Fernando <<a \
href="mailto:senaka@wso2.com">senaka@wso2.com</a>> wrote:<br> >><br>>> \
Hi Hasini,<br>>><br>>> On Tuesday, January 24, 2012, Hasini Gunasinghe \
<<a href="mailto:hasini@wso2.com">hasini@wso2.com</a>> wrote:<br>>> > \
Hi Senaka,<br>>> ><br>>> > On Mon, Jan 23, 2012 at 11:16 PM, Senaka \
Fernando <<a href="mailto:senaka@wso2.com">senaka@wso2.com</a>> wrote:<br> \
>> >><br>>> >> Hi Hasini,<br>>> >><br>>> \
>> On Mon, Jan 23, 2012 at 10:06 PM, Hasini Gunasinghe <<a \
href="mailto:hasini@wso2.com">hasini@wso2.com</a>> wrote:<br>>> \
>>><br> >> >>> Hi Senaka,<br>>> \
>>><br>>> >>> On Mon, Jan 23, 2012 at 8:41 PM, Senaka \
Fernando <<a href="mailto:senaka@wso2.com">senaka@wso2.com</a>> \
wrote:<br>>> >>>><br> >> >>>> Hi \
Azeez,<br>>> >>>><br>>> >>>> Sorry lost track of \
this.<br>>> >>>><br>>> >>>> 1. The first one is \
the easiest. Insert malformed XML into user-mgt.xml and start the server. Console is \
clean (no exceptions). Server hangs and does not start-up. There is no clue to what \
went wrong. Just make <Configuration> into <!--Configuration>.<br> \
>> >>><br>>> >>> Error reporting needs to be fixed \
here. Thanks for reporting.<br>><br>> This was fixed in trunk. \
<br>>><br>>> >>>><br>>> >>>> 2. Create any \
possible error that would result in the user profiles section being corrupted. No \
exceptions on the BE. The front-end returns the same error message for all types of \
errors making debugging a nightmare. We reproduced this by a an accidentally \
corrupted database, but there could be many other ways to get to this.<br> >> \
>>><br>>> >>> I couldn't reproduce this with user \
profiles feature. Can you please mention couple of examples out of the many ways you \
observed this? <br>>> >><br>>> >> As I said I got it \
reproduced using an accidentally corrupted DB, but there could be many other ways - \
by looking at the code.<br> >> ><br>>> > Since you have already \
identified the related code, can you please point to it? So that it will be easy to \
rectify it if there are any issues. <br>>><br>>> Great. I misunderstood \
you earlier. Find the exception in the index.jsp, add.jsp and edit.jsp pages of the \
identity user profile UI. There you catch the exception and send an error message to \
the UI. It is the same error message in all 3 cases, so it should be easy to locate. \
Now, check the corresponding code in BE. You'll see that all exceptions are \
simply propagated to FE, and at times, the cause is not carried forward. You need to \
dig deeper and deeper into the BE code until you get to the low-level LDAP layer up \
until the admin service.<br> ><br>> Thanks for the information. It will help to \
identify where to fix.<br>> However, since I haven't written the code in this \
component, I am not quite sure whether the error handling was done that way on any \
purpose.<br> <br>Anyway, it's clearly not the model we follow. Please log and \
forward.<br><br>>><br>>><br>>> > <br>>> \
>><br>>> >> But, I have not attempted to. What I'm trying to \
get to is that, any error will produce no stack traces but a single error message in \
the UI.<br> >> >> <br>>> >>>><br>>> \
>>>> Though not quite related, we noticed that usernames on Carbon 3.2.3 \
are case-sensitive,<br>>> >>><br>>> >>> I guess you \
meant to say case insensitive - we have mentioned this in sign-in help docs as \
follows:<br> >> >>> "Please note that due to the inherited \
behaviour of default user store - which is embedded-ldap, user names are case \
insensitive in 3.2.0 based carbon products."<br>>> >>> Are you \
sure the login failure you encountered is due to a case sensitive issue? <br> \
>> >>> Because username is case insensitive as mentioned above - and \
allows you to login even if you change the case of the username.<br>>> \
>><br>>> >> Actually, if the username was 'U12345' you \
cannot login as 'u12345', which is the concern.<br> >> ><br>>> \
> I tried this case with IS 3.2.3 and it is possible to login with both the above \
usernames with default user store - which is embedded ldap. <br>>> > Did you \
encounter this with any other custom LDAP?<br> >> > In that case, it is not \
a regression issue, but it is due to a behavior of that particular LDAP that you \
connected to.<br>>><br>>> Not really. When connected to same custom LDAP, \
the sensitivity is not effective in older releases (very clear in 3.1.0 and perhaps \
in 3.2.0). So, this is clearly a regression.<br> ><br>> Can you please let me \
know what is the LDAP server you tried to connect to - i.e: OpenLDAP, ApacheDS etc? \
(So that we can try to reproduce.)<br>> Because this could not be reproduced with \
embedded-apacheds and was able to login with the same user name in both lower and \
upper case.<br> <br>Will try to get this asap. But, can u first connect to LDAP and \
create a user with mixed cases or all uppercase, then connect Carbon, and try to \
login with all lowercase? That's what seemed to have happened.<br><br> \
Thanks,<br>Senaka.<br><br>> Thanks,<br>> Hasini.<br>>><br>>> \
Thanks,<br>>> Senaka.<br>>><br>>> > Thanks,<br>>> > \
Hasini.<br>>> ><br>>> > Thanks,<br>>> > Senaka.<br> \
>> ><br>>> > Thanks,<br>>> > Hasini.<br>>> > \
<br>>> ><br>>> > which is a L1 regression. Also, just as in 1 and 2 \
above, the error is failed login attempt, and BE is dead silent to what went wrong. \
It took at least a dozen retries to figure out and a fair amount on time wasted in \
understanding what went wrong. Though the FE might give out a simple authentication \
failure, I'd expect the BE to be more specific to what went wrong.<br> >> \
><br>>> > Thanks,<br>>> > Senaka.<br>>> ><br>>> \
> On Mon, Jan 23, 2012 at 8:19 PM, Afkham Azeez <<a \
href="mailto:azeez@wso2.com">azeez@wso2.com</a>> wrote:<br>>> ><br> \
>> > Please post the relevant code segments. This is something we keep \
repeating during code reviews.<br>>> ><br>>> > On Fri, Jan 20, 2012 \
at 11:16 PM, Senaka Fernando <<a \
href="mailto:senaka@wso2.com">senaka@wso2.com</a>> wrote:<br> >> \
><br>>> > Hi all,<br>>> ><br>>> > Just like it can be \
ugly to see lengthy stacktraces at times, seeing the UI not working and errors \
throwing and no stacktrace or clue of what went wrong is extremely annoying. I was \
getting some errors from UM this time, and multiple kinds of it; and, had to debug \
the code to learn what was going wrong. The server is failing to work, but the \
console and the FE has no clue to what went wrong. It's greatly appreciated if we \
could go through some of these code and check that we properly throw exceptions. I \
will follow up on the instances where exceptions were not thrown and how to reproduce \
them.<br> >> ><br>>> > Thanks,<br>>> > Senaka.<br>>> \
><br>>> > --<br>>> > Senaka Fernando<br>>> > Product \
Manager - WSO2 Governance Registry;<br>>> > Associate Technical Lead; WSO2 \
Inc.; <a href="http://wso2.com">http://wso2.com</a><br> >> > Member; Apache \
Software Foundation; <a href="http://apache.org">http://apache.org</a><br>>> \
><br>>> > E-mail: senaka AT <a \
href="http://wso2.com">wso2.com</a><br>>> > P: +1 408 754 7388; ext: 51736; \
M: +94 77 322 1818<br> >> > Linked-In: <a \
href="http://linkedin.com/in/senakafernando">http://linkedin.com/in/senakafernando</a><br>>> \
><br>>> > Lean . Enterprise . Middleware<br>>> ><br>>> \
><br>>> > _______________________________________________<br> >> \
><br>>> ><br>>><br>>> --<br>>> Senaka \
Fernando<br>>> Product Manager - WSO2 Governance Registry;<br>>> \
Associate Technical Lead; WSO2 Inc.; <a \
href="http://wso2.com">http://wso2.com</a><br> >> Member; Apache Software \
Foundation; <a href="http://apache.org">http://apache.org</a><br>>><br>>> \
E-mail: senaka AT <a href="http://wso2.com">wso2.com</a><br>>> P: +1 408 754 \
7388; ext: 51736; M: +94 77 322 1818<br> >> Linked-In: <a \
href="http://linkedin.com/in/senakafernando">http://linkedin.com/in/senakafernando</a><br>>><br>>> \
Lean . Enterprise . Middleware<br>>><br>>><br>>> \
_______________________________________________<br> >> Carbon-dev mailing \
list<br>>> <a href="mailto:Carbon-dev@wso2.org">Carbon-dev@wso2.org</a><br>>> \
<a href="http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev">http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev</a><br>
>><br>><br>><br><br>-- <br><font \
style="font-family:garamond,serif;color:rgb(0,0,0)" size="2"><b>Senaka \
Fernando</b></font><br \
style="font-family:garamond,serif;color:rgb(102,102,102)"><span \
style="font-family:garamond,serif;color:rgb(51,51,51)"><font size="1">Product Manager \
- WSO2 Governance Registry; <br> </font></span><span \
style="font-family:garamond,serif;color:rgb(51,51,51)"><font size="1">Associate \
Technical Lead; </font></span><span \
style="font-family:garamond,serif;color:rgb(51,51,51)"><font size="1">WSO2 Inc.; <a \
href="http://wso2.com" target="_blank">http://wso2.com</a></font></span><i \
style="font-family:garamond,serif;color:rgb(51,51,51)"><font size="1"><br> Member; \
Apache Software Foundation; <a href="http://apache.org" \
target="_blank">http://apache.org</a><br><br>E-mail: senaka AT <a \
href="http://wso2.com" target="_blank">wso2.com</a><br></font></i><i \
style="font-family:garamond,serif;color:rgb(51,51,51)"><font size="1">P: +1 408 754 \
7388; ext: 51736</font></i>; <i \
style="font-family:garamond,serif;color:rgb(51,51,51)"><font size="1">M: +94 77 322 \
1818<br>
Linked-In: <a href="http://linkedin.com/in/senakafernando" \
target="_blank">http://linkedin.com/in/senakafernando</a><br><br></font></i><span \
style="font-family:garamond,serif;color:rgb(51,51,51)"><font size="1">Lean . \
Enterprise . Middleware</font></span><br> <br>
_______________________________________________
Carbon-dev mailing list
Carbon-dev@wso2.org
http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
[prev in list] [next in list] [prev in thread] [next in thread]