You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: documentation/guide-exceptions.asciidoc
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -82,7 +82,7 @@ For catching and handling exceptions we follow these rules:
82
82
83
83
* We do not catch exceptions just to wrap or to re-throw them.
84
84
* If we catch an exception and throw a new one, we always *have* to provide the original exception as http://docs.oracle.com/javase/7/docs/api/java/lang/Throwable.html#getCause%28%29[cause] to the constructor of the new exception.
85
-
* At the entry points of the application (e.g. a service operation) we have to catch and handle all throwables. This is done via the _exception-facade-pattern_ via an explicit facade or aspect. The devon4jalready provides ready-to-use implementations for this such as https://github.com/devonfw/devon4j/blob/develop/modules/rest/src/main/java/com/devonfw/module/rest/service/impl/RestServiceExceptionFacade.java[RestServiceExceptionFacade]. The exception facade has to...
85
+
* At the entry points of the application (e.g. a service operation) we have to catch and handle all throwables. This is done via the _exception-facade-pattern_ via an explicit facade or aspect. The `devon4j-rest` module already provides ready-to-use implementations for this such as https://github.com/devonfw/devon4j/blob/develop/modules/rest/src/main/java/com/devonfw/module/rest/service/impl/RestServiceExceptionFacade.java[RestServiceExceptionFacade]. The exception facade has to...
86
86
** log all errors (user errors on info and technical errors on error level)
87
87
** ensure the entire exception is passed to the logger (not only the message) so that the logger can capture the entire stacktrace and the root cause is not lost.
88
88
** convert the error to a result appropriable for the client and secure for https://www.owasp.org/index.php/Top_10_2013-A6-Sensitive_Data_Exposure[Sensitive Data Exposure]. Especially for security exceptions only a generic security error code or message may be revealed but the details shall only be logged but *not* be exposed to the client. All _internal exceptions_ are converted to a generic error with a message like:
0 commit comments