Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 531937

Summary:	Error handling when xml==True is handled in two different ways
Product:	[Retired] Dogtag Certificate System	Reporter:	John Dennis <jdennis>
Component:	Certificate Manager	Assignee:	RHCS Maintainers <rhcs-maint>
Status:	CLOSED EOL	QA Contact:	Ben Levenson <benl>
Severity:	medium	Docs Contact:
Priority:	medium
Version:	1.2	CC:	dpal, rcritten
Target Milestone:	---
Target Release:	---
Hardware:	All
OS:	Linux
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2020-03-27 20:05:17 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:	688231

Description John Dennis 2009-10-29 22:03:54 UTC

Error handling when xml==True is handled in two different ways:

1) The scriptlet calls CMSServlet.outputError() (probably better named
outputErrorAsXML) which produces:

<XMLResponse>
	<Status>
	</Status>
	<Error/>
	</Error>
	<RequestId/>
	</RequestId>
</XMLResponse>


2) The scriptlet calls CMSRequest.setStatus() and CMSRequest.setError() and then
returns. After the scriplet returns the status in the request is then used to
lookup the template for the status and the template rendering code invokes
CMSServlet.outputXML() which produces a response similar to the javascript
response:

<xml>
	<header/>
	</header>
	<fixed>
		<errorDetails>
		</errorDetails>
		<authorityName>
		</authorityName>
		<requestStatus>
		</requestStatus>
	</fixed>
</xml>

It does not appear to me there is a reason for the different error handling and
it makes reading the responses more difficult because of the
inconsistencies. Below is a list of how each servlet handles it's xml error
result, they should be unified to use one methodology. Most the scriptlets use
method 2, so perhaps those using method 1 should be converted to use method 2.

These files use the CMSServlet.outputError() methodology:
---------------------------------------------------------
pki/base/common/src/com/netscape/cms/servlet/csadmin/CheckIdentity.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCertChain.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java

These files use the CMSServlet.setError() methodology:
------------------------------------------------------

pki/base/common/src/com/netscape/cms/servlet/base/GetStats.java
pki/base/common/src/com/netscape/cms/servlet/cert/ChallengeRevocationServlet1.java
pki/base/common/src/com/netscape/cms/servlet/cert/CloneRedirect.java
pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java
pki/base/common/src/com/netscape/cms/servlet/cert/DirAuthServlet.java
pki/base/common/src/com/netscape/cms/servlet/cert/DisableEnrollResult.java
pki/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java
pki/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java
pki/base/common/src/com/netscape/cms/servlet/cert/DisplayHashUserEnroll.java
pki/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java
pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java
pki/base/common/src/com/netscape/cms/servlet/cert/EnableEnrollResult.java
pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java
pki/base/common/src/com/netscape/cms/servlet/cert/GetBySerial.java
pki/base/common/src/com/netscape/cms/servlet/cert/GetCAChain.java
pki/base/common/src/com/netscape/cms/servlet/cert/GetCRL.java
pki/base/common/src/com/netscape/cms/servlet/cert/GetEnableStatus.java
pki/base/common/src/com/netscape/cms/servlet/cert/GetInfo.java
pki/base/common/src/com/netscape/cms/servlet/cert/HashEnrollServlet.java
pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java
pki/base/common/src/com/netscape/cms/servlet/cert/Monitor.java
pki/base/common/src/com/netscape/cms/servlet/cert/ReasonToRevoke.java
pki/base/common/src/com/netscape/cms/servlet/cert/RenewalServlet.java
pki/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java
pki/base/common/src/com/netscape/cms/servlet/cert/UpdateCRL.java
pki/base/common/src/com/netscape/cms/servlet/cert/UpdateDir.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java
pki/base/common/src/com/netscape/cms/servlet/csadmin/MainPageServlet.java
pki/base/common/src/com/netscape/cms/servlet/key/ExamineRecovery.java
pki/base/common/src/com/netscape/cms/servlet/key/SrchKeyForRecovery.java
pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java
pki/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java
pki/base/common/src/com/netscape/cms/servlet/ocsp/GetOCSPInfo.java
pki/base/common/src/com/netscape/cms/servlet/ocsp/ListCAServlet.java
pki/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java
pki/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java
pki/base/common/src/com/netscape/cms/servlet/request/ProcessReq.java
pki/base/common/src/com/netscape/cms/servlet/request/SearchReqs.java

Comment 1 John Dennis 2009-11-06 14:02:26 UTC

pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java

Should also be in the list of routines using the CMSServlet.outputError() methodology.

Comment 2 Dmitri Pal 2009-11-06 18:50:08 UTC

This issue is related to #533376 and should be fixed together with it. 
So please address it together.
I am re-assigning it back.