Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Exception and error handling in java
- -unexpected or abnormal event
- -belongs to parent class called throwable
- -checked exception(must be caught,example File Classes)
- and unchecked exception(example 10/0, nothing to be caught)
- -try catch finally or try with resources
- -refer to slides for information leakage specific to errors
- errorneous exceptional behaviors
- -suppress or ignoring checked exception-
- dummy blocks that does nothing but to fullfill the criteria
- -disclose error information-printstacktrace
- -logging sensitive data
- -ensure that logging process should not be disrupted by throwing incorrect exceptions
- -use java.util.logging.logger instead of System.err
- -for System.exit(), use security manager to check if the caller is valid to invoke the method
- -nullpointerexception should not be caught but should be solved, do not solve problem by simply appying nullpointerexception in the catch clause
- -code inside finally block can also throw error, so, don't let them to escape but handle them as well
- dos and donts in error handling
- -avoid direct usage of Exception class in the catch block
- -avoid printstacktrace
- -use logger file to log the error
- -do not use same exceptions for different function throws, leads to difficulty in debugging
- -cleanup in the finally
- spring mvc error handling
- -controller level exception handler
- -add @exceptionhandler annotation
- -include the list of exceptions
- -implementing handlerexceptionresolver
- -override resolveexception method
- -global exception handler
- -use @controlleradvice annotation with @exceptionhandler for any class
- -custom errors mapping
- -use @enablewebsecurity annotation and websecurityadapter
- struts2 error
- -global exception handling
- -refer slides for configuration sample
- -action level exception handling
- -define the class name and action name in the struts.xml file
- -refer slides for configuration example
- -logging
- -for logging the exception, add an interceptor to struts.xml file
- -refer slides for configuration example
- best practices for error handling
- -throw relevant error to its interface
- -specify the reason for the exception
- -encapsulate the error received from another function
- -use getCause to find the root exception
- -catch errors specifically so that handling can be done separately and specifically
- -create custom error page for all exceptions-no information leakage from default page
- logging in java
- -provided by java.util.logging
- -LOGGER->FORMATTER-HANDLER(Apache Commons Logging,Log4J)
- logging with log4j
- -contains levels such as DEBUG,INFO,WARN,ERROR,FATAL,OFF
- secure coding in logging
- -don't log and then throw errors
- -do either one only
- -parameterized logging using SLF4J, don't use + for merging informations
- -log exceptions in proper order
- best practices in logging
- -logging can increase IO operations, so , log debug messages inside isdebugenabled() block
- -use log4j, logging levels can be changed without restarting the application
- -do not log sensitive data when logging in production enviroment
- -do appropriate level for every logging messages
- -specify the format for logger, which includes thread name and class name
- -specify the date with the messages
- -use code level prefix to indicate which part of the code is
- printing the message
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement