Handle 500 error with PEP filter

Tagged: , ,

This topic has 3 replies, 3 voices, and was last updated 4 years, 6 months ago by handat.

  • Author
  • #21328

    I’ve configured the PEP filter and it works well when the SSO session is valid. However, if it is expired, then a 500 error is thrown and execution does not continue to the next filter in the chain so it cannot replace the error page with something custom. How can I handle this error condition so that I can display a custom error page? The failureHandler in the PEP filter is only used when access is denied, ie 403. How to overwrite the 500 error for the PEP filter?


    You can add a SingleSignOn filter (>= IG 5) or a scripted authentication/validation filter (< IG 5) to check if a session is present and valid. I haven’t used SingleSignOn yet but apparently it will redirect you to a login page and that’s all it can do. But with a scripted filter, you can do whatever you want.

     Joachim Andres

    Hi handat,

    You may use a SwitchFilter which preceeds the PolicyEnforcementFilter and which acts on the response.

    See https://backstage.forgerock.com/docs/ig/5.5/reference/index.html#SwitchFilter

    So, onResponse and if the error is a 500, divert to your very own failureHandler. It is important that the SwitchFilter preceeds the PEF as on the response filters are executed in the reverse order.



    Actually, I figured it out. I was mistakenly expecting the filter that follows the PEP filter to be able to handle the error, but it turns out the filter before the PEP filter actually does it. I had the PEP filter sandwiched between two custom scripted filters and debugging the wrong filter, ie the one after and not the one before.

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?