1. Home
  2. Development
  3. RE: How to add custom error message in liferay 7 for ajax calls

RE: How to add custom error message in liferay 7 for ajax calls

kesu ks, modified 5 Years ago.
How to add custom error message in liferay 7 for ajax calls
Junior Member Posts: 27 Join Date: 8/31/14 Recent Posts
Hi I have scenario where we are submitting data using ajax calls in mvc portlet .Security testing team has added some junk values in the resourceURL and submitted the form response is coming as Bad request error(400).
Is there any way to handle this and redirect to custom error page or jsp?
Request is not reaching the portlet because of the invalid request below is error message in console
[SecurityPortletContainerWrapper:474] User 0 is not allowed to serve resource
Using Liferay 7.2Thanks in advance
thumbnail
Olaf Kock, modified 5 Years ago.
RE: How to add custom error message in liferay 7 for ajax calls
Liferay Legend Posts: 6441 Join Date: 9/23/08 Recent Posts
kesu ks:

Is there any way to handle this and redirect to custom error page or jsp?
The easiest is probably to handle this condition on your reverse proxy, and have it display a custom error page upon receiving such a response.
If you don't have one, I'd propose to add one. Otherwise, you could implement a ServletFilter for Liferay, where you might be a lot more flexible on the conditions you handle, but also you'll have to do a lot manually
thumbnail
Andrew Jardine, modified 5 Years ago.
RE: How to add custom error message in liferay 7 for ajax calls
Liferay Legend Posts: 2416 Join Date: 12/22/10 Recent Posts
Hi Kesu,Can you share your ajax code with us? Redirecting to a general error page is easy with the PortalUtil.sendError() call, BUT .. that won't help you because you are making a disconnected request. That solution really only works with an action request. Sadly, being an XHR call, the error handling I think has to be done in your client side code. 


I am guessing that you have wired in an success: definition, which I believe is invoked with an HttpStatus 200 scenario, but have you also tried the failure: definition? If that catches the bad request scenario, then you could either do a window.location or simply replace the body of the portlet with an error message (better option if you have multiple portlets on the same page).


Share some code if you can, and it'll help us advise.
kesu ks, modified 5 Years ago.
RE: How to add custom error message in liferay 7 for ajax calls
Junior Member Posts: 27 Join Date: 8/31/14 Recent Posts
Hi Andrew
Form we are submitting with the ajax request and any error in the serve resource is handled and appropriate error message is show to user.
Issue raised in the security audit they modified the resourceURL added some junk values like portletId itself replaced with the junk value.
So request is not reaching the portlet  400 Bad request error is shown in response , i want to add the custom error page to handle this in Liferay
As Olaf suggested trying to handle with Filter approach by extending BaseFilter but not able to generate/redirect to the custom error page     
thumbnail
Andrew Jardine, modified 5 Years ago.
RE: How to add custom error message in liferay 7 for ajax calls
Liferay Legend Posts: 2416 Join Date: 12/22/10 Recent Posts
Hi Kesu,I'll bet your filter is working. Set a breakpoint in it and I'm willing to bet it will hit. The reason it's "not working" in terms of a redirect is because the request is done "behind the scenes" in a manner of speaking -- so your user never knows that the error occurred. Personally, I don't actually see the value in making this change. If you set your ajax call to be performed synchronously (yes, I know, defeats the purpose of ajax) then I guess it's possible that the error might come back? or the connection would time out? and then you could handle it client side. With all this said, I would consider this a waste of time. The fact of the matter is that it's not reaching your portlet because there is no portlet with the garbage id on the layout you specified -- which means the request was never routed and therefore never processed. A user is unlikely to do this on your site, and if they did? what would happen? nothing. I would argue that the result you have? are not something for you application to handle. 

If you absolutely must deal with it? sounds like Olaf's suggestion of the reverse proxy makes the most sense. Again though, the fact that the request is being done "behind the scene" -- I'm still not sure you would be able to do what you are trying to do, not without getting a response to the caller and having an http header set with a redirect directive.
kesu ks, modified 5 Years ago.
RE: How to add custom error message in liferay 7 for ajax calls
Junior Member Posts: 27 Join Date: 8/31/14 Recent Posts
Hi Andrew,yes filter is getting called am not able to identify whether error  occurred or not ,i do not have the  option to go with proxy settings.
thumbnail
Andrew Jardine, modified 5 Years ago.
RE: How to add custom error message in liferay 7 for ajax calls
Liferay Legend Posts: 2416 Join Date: 12/22/10 Recent Posts
Are you checking the filter for error on the way in? or on the way out ... I think you would want to check on the way out. As I said before though, even if that were enough to detect the error, redirecting the user or even modifying the response headers to instruct the browser to do a redirect will unlikely show what you are after. The fact that you can't get the error response to get back to the browser in the first place tells me that you are stuck here. 

Have you tried making the request synchronous? Does that change anything in terms of the result making it's way back?
kesu ks, modified 5 Years ago.
RE: How to add custom error message in liferay 7 for ajax calls
Junior Member Posts: 27 Join Date: 8/31/14 Recent Posts
Hi Andrew
Thanks for your reply was not able to modify or redirect in filter getting response was already committed error. Have changed tomcat default error message by extending ErrorValve. Now we decided go with the proxy settings approach :-)
thumbnail
Andrew Jardine, modified 5 Years ago.
RE: How to add custom error message in liferay 7 for ajax calls
Liferay Legend Posts: 2416 Join Date: 12/22/10 Recent Posts
Hi Kesu, Ok, glad you found a solution. Personally I think you should give the security guys the evil eye every time you pass them though emoticon