Exception Handling in JavaEE RESTful API

Challenges of Exception Handling

Let’s consider a JavaEE web application with an API exposed via RESTful endpoints. Exceptions… They are just everywhere and of course they will be raised in our API as well. As such during development of API following challenges will emerge:

  1. security risks – sensitive data from exceptions could leak from server to the client’s side;
  2. complicated API adoption – indistinguishably or hardly identifiable exceptions makes it hard to handle them on a client’s side and as consequence renders bad user experience (some user scenarios behave unpredictably or simply dumb);
  3. complicated troubleshooting in production – support dude must have an ability to localize in a moment any failure point happened in the past in logs / system journals.


Requirements to an Exception Handling Technology

To address these challenges need to establish an exception handling technology which is aimed to solve following tasks:

Challenge Need to solve (requirements)
1. security risks
  • each exception must have an indicator if it can or cannot be propagated to the client
2. complicated API adoption
  • full RESTful conformance – use of well-known HTTP statuses, use of unified representation of exceptions for client
  • each exception must have an unique error code which could be used by client to distinguish them;
  • each exception may expose some parameters which must be conveyed to the client;
  • easy adoption of technology within web application for each exposed API method / request – don’t make each developer to think how to report an exception to the client
3. complicated troubleshooting in production
  • each exception must be uniquely identified over whole system lifetime





Leave a Reply

Your email address will not be published.