diff --git a/java/org/owasp/webgoat/service/BaseService.java b/java/org/owasp/webgoat/service/BaseService.java index 0b3a13b1e..c1cbeaa64 100644 --- a/java/org/owasp/webgoat/service/BaseService.java +++ b/java/org/owasp/webgoat/service/BaseService.java @@ -3,10 +3,14 @@ * To change this template file, choose Tools | Templates * and open the template in the editor. */ - package org.owasp.webgoat.service; +import javax.servlet.http.HttpServletRequest; +import org.springframework.http.HttpStatus; +import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.ResponseBody; +import org.springframework.web.bind.annotation.ResponseStatus; /** * @@ -14,5 +18,17 @@ import org.springframework.web.bind.annotation.RequestMapping; */ @RequestMapping("/service") public abstract class BaseService { - + + @ExceptionHandler(Exception.class) + @ResponseStatus(value = HttpStatus.I_AM_A_TEAPOT) + public @ResponseBody + ExceptionInfo handleException(HttpServletRequest request, Exception ex) { + + ExceptionInfo response = new ExceptionInfo(); + response.setUrl(request.getRequestURL().toString()); + response.setMessage(ex.getMessage()); + + return response; + } + } diff --git a/java/org/owasp/webgoat/service/ExceptionInfo.java b/java/org/owasp/webgoat/service/ExceptionInfo.java new file mode 100644 index 000000000..33c9c849b --- /dev/null +++ b/java/org/owasp/webgoat/service/ExceptionInfo.java @@ -0,0 +1,32 @@ +/* + * To change this license header, choose License Headers in Project Properties. + * To change this template file, choose Tools | Templates + * and open the template in the editor. + */ +package org.owasp.webgoat.service; + +/** + * + * @author rlawson + */ +public class ExceptionInfo { + + private String url; + private String message; + + public String getUrl() { + return url; + } + + public void setUrl(String url) { + this.url = url; + } + + public String getMessage() { + return message; + } + + public void setMessage(String message) { + this.message = message; + } +} diff --git a/java/org/owasp/webgoat/service/HintService.java b/java/org/owasp/webgoat/service/HintService.java index c97ea8eb5..5b9052eaa 100644 --- a/java/org/owasp/webgoat/service/HintService.java +++ b/java/org/owasp/webgoat/service/HintService.java @@ -35,7 +35,7 @@ public class HintService extends BaseService { WebSession ws; Object o = session.getAttribute(WebSession.SESSION); if (o == null || !(o instanceof WebSession)) { - return null; + throw new IllegalArgumentException("No valid session object found, has session timed out?"); } ws = (WebSession) o; AbstractLesson l = ws.getCurrentLesson(); diff --git a/java/org/owasp/webgoat/service/LessonMenuService.java b/java/org/owasp/webgoat/service/LessonMenuService.java index e5e46a57d..2cfda9dfa 100644 --- a/java/org/owasp/webgoat/service/LessonMenuService.java +++ b/java/org/owasp/webgoat/service/LessonMenuService.java @@ -35,12 +35,12 @@ public class LessonMenuService extends BaseService { @RequestMapping(value = "/lessonmenu.mvc", produces = "application/json") public @ResponseBody List showLeftNav(HttpSession session) { - //TODO - need Links, rank, title + if(true) throw new IllegalArgumentException("No valid session object found, has session timed out?"); List menu = new ArrayList(); WebSession ws; Object o = session.getAttribute(WebSession.SESSION); if (o == null || !(o instanceof WebSession)) { - return null; + throw new IllegalArgumentException("No valid session object found, has session timed out?"); } ws = (WebSession) o; AbstractLesson l = ws.getCurrentLesson();