opensensorhub · kalynstricklin · Jul 31, 2025
diff --git a/sensorhub-core/src/main/java/org/sensorhub/impl/service/HttpServer.java b/sensorhub-core/src/main/java/org/sensorhub/impl/service/HttpServer.java
@@ -534,4 +534,8 @@ public boolean isAuthEnabled()
     {
         return config.authMethod != AuthMethod.NONE;
     }
+
+    public ServletContextHandler getServletHandler() {
+        return servletHandler;
+    }
 }
diff --git a/sensorhub-webui-core/src/main/java/org/sensorhub/ui/AdminUIModule.java b/sensorhub-webui-core/src/main/java/org/sensorhub/ui/AdminUIModule.java
@@ -21,6 +21,7 @@
 import java.util.logging.LogManager;
 
 import com.vaadin.server.VaadinServlet;
+import org.eclipse.jetty.servlet.ErrorPageErrorHandler;
 import org.sensorhub.api.comm.CommProviderConfig;
 import org.sensorhub.api.comm.NetworkConfig;
 import org.sensorhub.api.common.SensorHubException;
@@ -41,6 +42,7 @@
 import org.sensorhub.impl.datastore.view.ObsSystemDatabaseViewConfig;
 import org.sensorhub.impl.security.BasicSecurityRealmConfig;
 import org.sensorhub.impl.service.AbstractHttpServiceModule;
+import org.sensorhub.impl.service.HttpServer;
 import org.sensorhub.impl.service.HttpServerConfig;
 import org.sensorhub.impl.service.sos.SOSServiceConfig;
 import org.sensorhub.impl.service.sps.SPSServiceConfig;
@@ -164,12 +166,13 @@ protected void doStart() throws SensorHubException
 
         Map<String, String> initLandingParams = new HashMap<>();
         initLandingParams.put(SERVLET_PARAM_UI_CLASS, LandingUI.class.getCanonicalName());
+        if (config.widgetSet != null) initLandingParams.put(WIDGETSET, config.widgetSet);
         initLandingParams.put("productionMode", "true");  // set to false to compile theme on-the-fly
         initLandingParams.put("heartbeatInterval", Integer.toString(HEARTBEAT_INTERVAL));
 
         // deploy servlet
         // HACK: we have to disable std err to hide message due to Vaadin duplicate implementation of SL4J
-        // Note that this may hide error messages in other modules now that startup sequence is multithreaded
+        // Note that this may hide error messages in oth er modules now that startup sequence is multithreaded
         PrintStream oldStdErr = System.err;
         System.setErr(new PrintStream(new OutputStream() {
             @Override
@@ -184,6 +187,15 @@ public void write(int b) { }
             adminUIServlet.getServletContext().setAttribute(SERVLET_PARAM_MODULE, this);
             landingServlet.getServletContext().setAttribute(SERVLET_PARAM_MODULE, this);
             httpServer.addServletSecurity("/*", true);
+
+            var server = getParentHub().getModuleRegistry().getModuleByType(HttpServer.class);
+
+            ErrorPageErrorHandler errorHandler = new ErrorPageErrorHandler();
+            errorHandler.addErrorPage(400, "/error/invalid");
+            errorHandler.addErrorPage(403, "/error/forbidden");
+            errorHandler.addErrorPage(404, "/error/notfound");
+
+            server.getServletHandler().setErrorHandler(errorHandler);
         }
         else {
             httpServer.deployServlet(adminUIServlet, initParams, "/admin/*", "/VAADIN/*");

diff --git a/sensorhub-webui-core/src/main/java/org/sensorhub/ui/LandingServlet.java b/sensorhub-webui-core/src/main/java/org/sensorhub/ui/LandingServlet.java
@@ -58,7 +58,7 @@ protected void service(HttpServletRequest request, HttpServletResponse response)
             }
 
             if (!isIgnored(uri) && !hasAccess(request)) {
-                log.debug("Access Denied: Redirecting to " + redirectURL);
+                log.warn("Access Denied: Redirecting to " + redirectURL);
                 response.sendRedirect(redirectURL);
                 return;
             }
@@ -68,7 +68,7 @@ protected void service(HttpServletRequest request, HttpServletResponse response)
 
 
         } catch (SecurityException e) {
-            log.debug("Access Forbidden: " + e.getMessage());
+            log.warn("Access Forbidden: " + e.getMessage());
             response.sendRedirect(redirectURL);
         } finally {
             securityHandler.clearCurrentUser();
@@ -103,7 +103,7 @@ private boolean hasAccess(HttpServletRequest request) {
         log.debug("Verifying permissions for "+ path);
 
         if (path.equals("/sensorhub/sos") && request.getQueryString() == null) {
-            log.debug("Blocked direct access to /sensorhub/sos with no query parameters.");
+            log.warn("Blocked direct access to /sensorhub/sos with no query parameters.");
             return false;
         }