SlideShare a Scribd company logo

Exception handling and logging best practices

Angelin R
Angelin R
TechnologyBusiness
1 of 28
Download to read offline
EXCEPTION HANDLING & LOGGING BEST PRACTICES Angelin
AGENDA Logging using Log4j “Logging” Best Practices “Exception Handling” Best Practices CodePro Errors and Fixes
Logging using Log4j
Logging using Log4j Log4j - logging library for Java Logging Levels (in lowest to highest order) The standard levels of Log4j are ordered as ALL < TRACE < DEBUG < INFO < WARN < ERROR < FATAL < OFF
Logging using Log4j Level Description ALL The lowest possible rank and is intended to turn on all levels of logging including custom levels. TRACE Introduced in log4j version 1.2.12, this level gives more detailed information than the DEBUG level. DEBUG Designates fine-grained informational messages that are most useful to debug an application. INFO Designates informational messages that highlight the progress of the application at coarse-grained level. WARN Designates potentially harmful situations. This level can be used to warn usage of deprecated APIs, poor use of API, ‘almost’ errors and other runtime situations that are undesirable or unexpected, but not necessarily “wrong”.
Logging using Log4j Level Description ERROR Designates error events that might still allow the application to continue running. This level can be used to inform about a serious error which needs to be addressed and may result in unstable state. FATAL Designates very severe error events that will presumably lead the application to abort. OFF The highest possible rank and is intended to turn off logging.
How Logging Level works? A logging request of a particular level is said to be enabled if that level is higher than or equal to the level of its logger. Example import org.apache.log4j.*; public class LogClass { private static final org.apache.log4j.Logger LOGGER = Logger.getLogger(LogClass.class); public static void main(String[] args) { LOGGER.setLevel(Level.WARN); LOGGER.trace("Trace Message!"); LOGGER.debug("Debug Message!"); LOGGER.info("Info Message!"); LOGGER.warn("Warn Message!"); LOGGER.error("Error Message!"); LOGGER.fatal("Fatal Message!"); } } Output: Warn Message! Error Message! Fatal Message!
“Logging” BEST PRACTICES
Logging - Best Practices Declare the logger to be both static and final to ensure that every instance of a class shares the common logger object. Add code to check whether logging has been enabled at the right level. Use meaningful log messages that are relevant to the context.
Logging - Best Practices Better to use logging only to log the following, method entry (optionally with the method’s input parameter values) method exit root cause message of exceptions that are handled at the exception’s origin point.
Logging - Best Practices  Any other intermediate redundant logging statements, which are used just for the purpose of debugging can still be avoided. Example try { LOGGER.debug(“About to enter getSkuDescription method”); // The above logging statement is not required, // if getSkuDescription() method logs its method entry String skuDesc = getSkuDescription(skuNumber); LOGGER.debug(“Exited getSkuDescription method”); // The above logging statement is not required, // if getSkuDescription() method logs its method exit } catch (ServiceException se) { LOGGER.error(se.getErrorMessage()); throw se; }
Logging - Best Practices Avoid logging at ‘every’ place where a custom exception is thrown and instead log the custom exceptions’ message in its ‘catch’ handler. Example try { if (null == skuNumber || skuNumber.isEmpty()) { LOGGER.error(“Sku number is invalid”); // The above logging statement is not required, // since the catch handler logs the message throw new ServiceException(“Sku number is invalid”); }
Logging - Best Practices try { sku = Integer.parseInt(skuNumber); } catch (NumberFormatException nfe) { LOGGER.error(“Sku number is invalid and not a number”); // The above logging statement is not required, // since the catch handler logs the message throw new ServiceException(“Sku number is invalid and not a number”, nfe); } …… } catch (ServiceException se) { LOGGER.error(se.getErrorMessage()); throw se; }
Exception handling Best Practices
Exception Handling - Best Practice #1 Handle Exceptions close to its origin  Does NOT mean “catch and swallow” (i.e. suppress or ignore exceptions) try { // code that is capable of throwing a XyzException } catch ( XyzException e) { // do nothing or simply log and proceed }  It means, “log and throw an exception relevant to that source layer” – DAO layer - DataAccessException – Business layer - ApplicationException (example OUSException)
Exception Handling - Best Practice #1 Important Note In applications using Web Services, the Web Service (a.k.a Resource) layer,  should catch ALL exceptions and handle them by creating proper error response and send it back to client.  should NOT allow any exception (checked or unchecked) to be “thrown” to client.  should handle the Business layer exception and all other unchecked exceptions separately.
Exception Handling - Best Practice #1 Example try { // code that is capable of throwing an ApplicationException } catch (ApplicationException e) { // form error response using the exception’s // data – error code and/or error message } catch (Exception e) { // log the exception related message here, since this block is // expected to get only the unchecked exceptions // that had not been captured and logged elsewhere in the code. // form error response using the exception’s // data – error code and/or error message } The catch handler for ‘Exception’ in the Web Service layer is expected to handle all unchecked exceptions thrown from within ‘try’ block
Exception Handling - Best Practice #2 Log Exceptions just once and log it close to its origin Logging the same exception stack trace more than once can confuse the programmer examining the stack trace about the original source of exception. try { // code that is capable of throwing a XyzException } catch (XyzException e) { // log the exception specific information // throw exception relevant to that source layer }
Exception Handling - Best Practice #2 #1 - When catching an exception and throwing it through an exception relevant to that source layer, make sure to use the construct that passes the original exception’s cause. Otherwise, CodePro will report "No cause specified when creating exception“. try { // code that is capable of throwing a SQLException } catch (SQLException e) { // log technical SQL Error messages, but do not pass // it to the client. Use user-friendly message instead LOGGER.error(“An error occurred when searching for the SKU details” + e.getMessage()); throw new DataAccessException(“An error occurred when searching for the SKU details”, e); }
Exception Handling - Best Practice #2 #2 - There is an exception to this rule, in case of existing code that may not have logged the exception details at its origin. In such cases, it would be required to log the exception details in the first method up the call stack that handles that exception. But care should be taken not to COMPLETELY overwrite the original exception’s message with some other message when logging. Example DAO Layer: try { // code that is capable of throwing a SQLException } catch (SQLException e) { // LOGGING missed here throw new DataAccessException(“An error occurred when processing the query.”, e); }
Exception Handling - Best Practice #2 Processor Layer: try { // code that is capable of throwing a DataAccessException } catch (DataAccessException e) { // logging is mandated here as it was not logged // at its source (DAO layer method) LOGGER.error(e.getMessage()); throw new OUSException(e.getMessage(), e); }
Exception Handling - Best Practice #3 Do not catch “Exception” Accidentally swallowing RuntimeException try { doSomething(); } catch (Exception e) { LOGGER.error(e.getMessage()); } This code 1. also captures any RuntimeExceptions that might have been thrown by doSomething, 2. ignores unchecked exceptions and 3. prevents them from being propagated.
Exception Handling - Best Practice #3 Important Note (about some common RuntimeExceptions) NullPointerException – It is the developer’s responsibility to ensure that no code can throw it. Run CodePro and add null reference checks wherever it has been missed. NumberFormatException, ParseException – Catch these and create new exceptions specific to the layer from which it is thrown (usually from business layer) using user-friendly and non technical messages.
Exception Handling - Best Practice #3 Important Note (about some common RuntimeExceptions) Example try { int sku = Integer.parseInt(skuNumber); } catch (NumberFormatException nfe) { LOGGER.error("SKU number is invalid and not a number"); throw new OUSException("SKU number is invalid and not a number", nfe); } All other unchecked exceptions (RuntimeExceptions) will be caught and handled by the Web Service layer (as explained in Best Practice #1).
CODEPRO Errors & fixes
Fix to common CodePro errors "Invalid exception parameter name" Solution Rename the parameter to “e” Example try { // code that is capable of throwing a DataAccessException } catch (DataAccessException e) { throw new OUSException(e.getMessage(), e); }
Fix to common CodePro errors "No cause specified when creating exception" when wrapping an exception into another exception. Solution Use the construct that passes the original exception’s cause Example try { // code that is capable of throwing a SQLException } catch (SQLException e) { LOGGER.error(e.getMessage()); throw new DataAccessException(“An error occurred when searching for the SKU details”, e); }
THANK YOU

Recommended

Exception handling & logging in Java - Best Practices (Updated)
Exception handling & logging in Java - Best Practices (Updated)Exception handling & logging in Java - Best Practices (Updated)
Exception handling & logging in Java - Best Practices (Updated)Angelin R
 
Spring security oauth2
Spring security oauth2Spring security oauth2
Spring security oauth2axykim00
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Commix Detecting And Exploiting.pdf
Commix Detecting And Exploiting.pdfCommix Detecting And Exploiting.pdf
Commix Detecting And Exploiting.pdfssuser387cf0
 
Php Error Handling
Php Error HandlingPhp Error Handling
Php Error Handlingmussawir20
 
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization BlueHat Security Conference
 
Introduction to SAML 2.0
Introduction to SAML 2.0Introduction to SAML 2.0
Introduction to SAML 2.0Mika Koivisto
 
SQL injection
SQL injectionSQL injection
SQL injectionRaj Parmar
 

Recommended

Exception handling & logging in Java - Best Practices (Updated)
Exception handling & logging in Java - Best Practices (Updated)Exception handling & logging in Java - Best Practices (Updated)
Exception handling & logging in Java - Best Practices (Updated)Angelin R
 
Spring security oauth2
Spring security oauth2Spring security oauth2
Spring security oauth2axykim00
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Commix Detecting And Exploiting.pdf
Commix Detecting And Exploiting.pdfCommix Detecting And Exploiting.pdf
Commix Detecting And Exploiting.pdfssuser387cf0
 
Php Error Handling
Php Error HandlingPhp Error Handling
Php Error Handlingmussawir20
 
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization BlueHat Security Conference
 
Introduction to SAML 2.0
Introduction to SAML 2.0Introduction to SAML 2.0
Introduction to SAML 2.0Mika Koivisto
 
SQL injection
SQL injectionSQL injection
SQL injectionRaj Parmar
 
Spring Security 3
Spring Security 3Spring Security 3
Spring Security 3Jason Ferguson
 
JavaScript - Chapter 8 - Objects
JavaScript - Chapter 8 - Objects JavaScript - Chapter 8 - Objects
JavaScript - Chapter 8 - ObjectsWebStackAcademy
 
Html5-Web-Storage
Html5-Web-StorageHtml5-Web-Storage
Html5-Web-StorageMindfire Solutions
 
Spring Security
Spring SecuritySpring Security
Spring SecurityBoy Tech
 
Java logging
Java loggingJava logging
Java loggingJumping Bean
 
Secure Coding - Web Application Security Vulnerabilities and Best Practices
Secure Coding - Web Application Security Vulnerabilities and Best PracticesSecure Coding - Web Application Security Vulnerabilities and Best Practices
Secure Coding - Web Application Security Vulnerabilities and Best PracticesWebsecurify
 
Grails and Ajax
Grails and AjaxGrails and Ajax
Grails and AjaxTO THE NEW | Technology
 
Metaploit
MetaploitMetaploit
MetaploitAjinkya Pathak
 
Spring camp 발표자료
Spring camp 발표자료Spring camp 발표자료
Spring camp 발표자료수홍 이
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacksKapil Nagrale
 
Lombok
LombokLombok
LombokAmit Aggarwal
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONMentorcs
 
Spring Framework - Spring Security
Spring Framework - Spring SecuritySpring Framework - Spring Security
Spring Framework - Spring SecurityDzmitry Naskou
 
SSL intro
SSL introSSL intro
SSL introThree Lee
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101Jannis Kirschner
 
Sessions and cookies
Sessions and cookiesSessions and cookies
Sessions and cookieswww.netgains.org
 
OWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersOWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersJavan Rasokat
 
Time-Based Blind SQL Injection using Heavy Queries
Time-Based Blind SQL Injection using Heavy QueriesTime-Based Blind SQL Injection using Heavy Queries
Time-Based Blind SQL Injection using Heavy QueriesChema Alonso
 
Understanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryUnderstanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryDaniel Miessler
 
Types of sql injection attacks
Types of sql injection attacksTypes of sql injection attacks
Types of sql injection attacksRespa Peter
 
ASP.NET 05 - Exception Handling And Validation Controls
ASP.NET 05 - Exception Handling And Validation ControlsASP.NET 05 - Exception Handling And Validation Controls
ASP.NET 05 - Exception Handling And Validation ControlsRandy Connolly
 
Java Exception Handling, Assertions and Logging
Java Exception Handling, Assertions and LoggingJava Exception Handling, Assertions and Logging
Java Exception Handling, Assertions and LoggingRiccardo Cardin
 

More Related Content

What's hot

JavaScript - Chapter 8 - Objects
JavaScript - Chapter 8 - Objects JavaScript - Chapter 8 - Objects
JavaScript - Chapter 8 - ObjectsWebStackAcademy
 
Spring Security
Spring SecuritySpring Security
Spring SecurityBoy Tech
 
Secure Coding - Web Application Security Vulnerabilities and Best Practices
Secure Coding - Web Application Security Vulnerabilities and Best PracticesSecure Coding - Web Application Security Vulnerabilities and Best Practices
Secure Coding - Web Application Security Vulnerabilities and Best PracticesWebsecurify
 
Spring camp 발표자료
Spring camp 발표자료Spring camp 발표자료
Spring camp 발표자료수홍 이
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacksKapil Nagrale
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONMentorcs
 
Spring Framework - Spring Security
Spring Framework - Spring SecuritySpring Framework - Spring Security
Spring Framework - Spring SecurityDzmitry Naskou
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101Jannis Kirschner
 
OWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersOWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersJavan Rasokat
 
Time-Based Blind SQL Injection using Heavy Queries
Time-Based Blind SQL Injection using Heavy QueriesTime-Based Blind SQL Injection using Heavy Queries
Time-Based Blind SQL Injection using Heavy QueriesChema Alonso
 
Understanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryUnderstanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryDaniel Miessler
 
Types of sql injection attacks
Types of sql injection attacksTypes of sql injection attacks
Types of sql injection attacksRespa Peter
 

What's hot (20)

Spring Security 3
Spring Security 3Spring Security 3
Spring Security 3
 
JavaScript - Chapter 8 - Objects
JavaScript - Chapter 8 - Objects JavaScript - Chapter 8 - Objects
JavaScript - Chapter 8 - Objects
 
Html5-Web-Storage
Html5-Web-StorageHtml5-Web-Storage
Html5-Web-Storage
 
Spring Security
Spring SecuritySpring Security
Spring Security
 
Java logging
Java loggingJava logging
Java logging
 
Secure Coding - Web Application Security Vulnerabilities and Best Practices
Secure Coding - Web Application Security Vulnerabilities and Best PracticesSecure Coding - Web Application Security Vulnerabilities and Best Practices
Secure Coding - Web Application Security Vulnerabilities and Best Practices
 
Grails and Ajax
Grails and AjaxGrails and Ajax
Grails and Ajax
 
Metaploit
MetaploitMetaploit
Metaploit
 
Spring camp 발표자료
Spring camp 발표자료Spring camp 발표자료
Spring camp 발표자료
 
Buffer overflow attacks
Buffer overflow attacksBuffer overflow attacks
Buffer overflow attacks
 
Lombok
LombokLombok
Lombok
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTION
 
Spring Framework - Spring Security
Spring Framework - Spring SecuritySpring Framework - Spring Security
Spring Framework - Spring Security
 
SSL intro
SSL introSSL intro
SSL intro
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101
 
Sessions and cookies
Sessions and cookiesSessions and cookies
Sessions and cookies
 
OWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA TestersOWASP ZAP Workshop for QA Testers
OWASP ZAP Workshop for QA Testers
 
Time-Based Blind SQL Injection using Heavy Queries
Time-Based Blind SQL Injection using Heavy QueriesTime-Based Blind SQL Injection using Heavy Queries
Time-Based Blind SQL Injection using Heavy Queries
 
Understanding Cross-site Request Forgery
Understanding Cross-site Request ForgeryUnderstanding Cross-site Request Forgery
Understanding Cross-site Request Forgery
 
Types of sql injection attacks
Types of sql injection attacksTypes of sql injection attacks
Types of sql injection attacks
 

Similar to Exception handling and logging best practices

ASP.NET 05 - Exception Handling And Validation Controls
ASP.NET 05 - Exception Handling And Validation ControlsASP.NET 05 - Exception Handling And Validation Controls
ASP.NET 05 - Exception Handling And Validation ControlsRandy Connolly
 
Java Exception Handling, Assertions and Logging
Java Exception Handling, Assertions and LoggingJava Exception Handling, Assertions and Logging
Java Exception Handling, Assertions and LoggingRiccardo Cardin
 
Best Practices in Exception Handling
Best Practices in Exception HandlingBest Practices in Exception Handling
Best Practices in Exception HandlingLemi Orhan Ergin
 
Exception handling in java
Exception handling in javaException handling in java
Exception handling in javaPratik Soares
 
Exceptions overview
Exceptions overviewExceptions overview
Exceptions overviewBharath K
 
Java -Exception handlingunit-iv
Java -Exception handlingunit-ivJava -Exception handlingunit-iv
Java -Exception handlingunit-ivRubaNagarajan
 
Class notes(week 8) on exception handling
Class notes(week 8) on exception handlingClass notes(week 8) on exception handling
Class notes(week 8) on exception handlingKuntal Bhowmick
 
JP ASSIGNMENT SERIES PPT.ppt
JP ASSIGNMENT SERIES PPT.pptJP ASSIGNMENT SERIES PPT.ppt
JP ASSIGNMENT SERIES PPT.pptJAYAPRIYAR7
 
Exception handling
Exception handlingException handling
Exception handlingRaja Sekhar
 
Training material exceptions v1
Training material exceptions v1Training material exceptions v1
Training material exceptions v1Shinu Suresh
 
Interface andexceptions
Interface andexceptionsInterface andexceptions
Interface andexceptionssaman Iftikhar
 
Best Coding Practices For Android Application Development
Best Coding Practices For Android Application DevelopmentBest Coding Practices For Android Application Development
Best Coding Practices For Android Application DevelopmentKetan Raval
 
10 Typical Enterprise Java Problems
10 Typical Enterprise Java Problems10 Typical Enterprise Java Problems
10 Typical Enterprise Java ProblemsEberhard Wolff
 
Exception handling
Exception handlingException handling
Exception handlingzindadili
 
Md07 exceptions&assertion
Md07 exceptions&assertionMd07 exceptions&assertion
Md07 exceptions&assertionRakesh Madugula
 
Error management
Error managementError management
Error managementdaniil3
 

Similar to Exception handling and logging best practices (20)

ASP.NET 05 - Exception Handling And Validation Controls
ASP.NET 05 - Exception Handling And Validation ControlsASP.NET 05 - Exception Handling And Validation Controls
ASP.NET 05 - Exception Handling And Validation Controls
 
Java Exception Handling, Assertions and Logging
Java Exception Handling, Assertions and LoggingJava Exception Handling, Assertions and Logging
Java Exception Handling, Assertions and Logging
 
Best Practices in Exception Handling
Best Practices in Exception HandlingBest Practices in Exception Handling
Best Practices in Exception Handling
 
Exception handling in java
Exception handling in javaException handling in java
Exception handling in java
 
Exceptions overview
Exceptions overviewExceptions overview
Exceptions overview
 
Z blue exception
Z blue exceptionZ blue exception
Z blue exception
 
Java -Exception handlingunit-iv
Java -Exception handlingunit-ivJava -Exception handlingunit-iv
Java -Exception handlingunit-iv
 
Class notes(week 8) on exception handling
Class notes(week 8) on exception handlingClass notes(week 8) on exception handling
Class notes(week 8) on exception handling
 
JP ASSIGNMENT SERIES PPT.ppt
JP ASSIGNMENT SERIES PPT.pptJP ASSIGNMENT SERIES PPT.ppt
JP ASSIGNMENT SERIES PPT.ppt
 
Exception handling
Exception handlingException handling
Exception handling
 
Training material exceptions v1
Training material exceptions v1Training material exceptions v1
Training material exceptions v1
 
Interface andexceptions
Interface andexceptionsInterface andexceptions
Interface andexceptions
 
Best Coding Practices For Android Application Development
Best Coding Practices For Android Application DevelopmentBest Coding Practices For Android Application Development
Best Coding Practices For Android Application Development
 
10 Typical Enterprise Java Problems
10 Typical Enterprise Java Problems10 Typical Enterprise Java Problems
10 Typical Enterprise Java Problems
 
Exception handling
Exception handlingException handling
Exception handling
 
Exception handling
Exception handlingException handling
Exception handling
 
Md07 exceptions&assertion
Md07 exceptions&assertionMd07 exceptions&assertion
Md07 exceptions&assertion
 
java exception.pptx
java exception.pptxjava exception.pptx
java exception.pptx
 
Exceptions
ExceptionsExceptions
Exceptions
 
Error management
Error managementError management
Error management
 

More from Angelin R

Comparison of Java Web Application Frameworks
Comparison of Java Web Application FrameworksComparison of Java Web Application Frameworks
Comparison of Java Web Application FrameworksAngelin R
 
[DOC] Java - Code Analysis using SonarQube
[DOC] Java - Code Analysis using SonarQube[DOC] Java - Code Analysis using SonarQube
[DOC] Java - Code Analysis using SonarQubeAngelin R
 
Java Source Code Analysis using SonarQube
Java Source Code Analysis using SonarQubeJava Source Code Analysis using SonarQube
Java Source Code Analysis using SonarQubeAngelin R
 
The principles of good programming
The principles of good programmingThe principles of good programming
The principles of good programmingAngelin R
 
A Slice of Me
A Slice of MeA Slice of Me
A Slice of MeAngelin R
 
Team Leader - 30 Essential Traits
Team Leader - 30 Essential TraitsTeam Leader - 30 Essential Traits
Team Leader - 30 Essential TraitsAngelin R
 
Action Script
Action ScriptAction Script
Action ScriptAngelin R
 
Agile SCRUM Methodology
Agile SCRUM MethodologyAgile SCRUM Methodology
Agile SCRUM MethodologyAngelin R
 
Tamil Christian Worship Songs
Tamil Christian Worship SongsTamil Christian Worship Songs
Tamil Christian Worship SongsAngelin R
 
Flex MXML Programming
Flex MXML ProgrammingFlex MXML Programming
Flex MXML ProgrammingAngelin R
 
Introduction to Adobe Flex
Introduction to Adobe FlexIntroduction to Adobe Flex
Introduction to Adobe FlexAngelin R
 
Software Development Life Cycle (SDLC)
Software Development Life Cycle (SDLC)Software Development Life Cycle (SDLC)
Software Development Life Cycle (SDLC)Angelin R
 
Restful Web Services
Restful Web ServicesRestful Web Services
Restful Web ServicesAngelin R
 
Effective Team Work Model
Effective Team Work ModelEffective Team Work Model
Effective Team Work ModelAngelin R
 
Team Building Activities
Team Building ActivitiesTeam Building Activities
Team Building ActivitiesAngelin R
 

More from Angelin R (16)

Comparison of Java Web Application Frameworks
Comparison of Java Web Application FrameworksComparison of Java Web Application Frameworks
Comparison of Java Web Application Frameworks
 
[DOC] Java - Code Analysis using SonarQube
[DOC] Java - Code Analysis using SonarQube[DOC] Java - Code Analysis using SonarQube
[DOC] Java - Code Analysis using SonarQube
 
Java Source Code Analysis using SonarQube
Java Source Code Analysis using SonarQubeJava Source Code Analysis using SonarQube
Java Source Code Analysis using SonarQube
 
The principles of good programming
The principles of good programmingThe principles of good programming
The principles of good programming
 
A Slice of Me
A Slice of MeA Slice of Me
A Slice of Me
 
Team Leader - 30 Essential Traits
Team Leader - 30 Essential TraitsTeam Leader - 30 Essential Traits
Team Leader - 30 Essential Traits
 
Action Script
Action ScriptAction Script
Action Script
 
Agile SCRUM Methodology
Agile SCRUM MethodologyAgile SCRUM Methodology
Agile SCRUM Methodology
 
Tamil Christian Worship Songs
Tamil Christian Worship SongsTamil Christian Worship Songs
Tamil Christian Worship Songs
 
Flex MXML Programming
Flex MXML ProgrammingFlex MXML Programming
Flex MXML Programming
 
Introduction to Adobe Flex
Introduction to Adobe FlexIntroduction to Adobe Flex
Introduction to Adobe Flex
 
Software Development Life Cycle (SDLC)
Software Development Life Cycle (SDLC)Software Development Life Cycle (SDLC)
Software Development Life Cycle (SDLC)
 
Restful Web Services
Restful Web ServicesRestful Web Services
Restful Web Services
 
Effective Team Work Model
Effective Team Work ModelEffective Team Work Model
Effective Team Work Model
 
Team Building Activities
Team Building ActivitiesTeam Building Activities
Team Building Activities
 
XStream
XStreamXStream
XStream
 

Recently uploaded

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 

Recently uploaded (20)

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 

Exception handling and logging best practices

  • 2. AGENDA Logging using Log4j “Logging” Best Practices “Exception Handling” Best Practices CodePro Errors and Fixes
  • 4. Logging using Log4j Log4j - logging library for Java Logging Levels (in lowest to highest order) The standard levels of Log4j are ordered as ALL < TRACE < DEBUG < INFO < WARN < ERROR < FATAL < OFF
  • 5. Logging using Log4j Level Description ALL The lowest possible rank and is intended to turn on all levels of logging including custom levels. TRACE Introduced in log4j version 1.2.12, this level gives more detailed information than the DEBUG level. DEBUG Designates fine-grained informational messages that are most useful to debug an application. INFO Designates informational messages that highlight the progress of the application at coarse-grained level. WARN Designates potentially harmful situations. This level can be used to warn usage of deprecated APIs, poor use of API, ‘almost’ errors and other runtime situations that are undesirable or unexpected, but not necessarily “wrong”.
  • 6. Logging using Log4j Level Description ERROR Designates error events that might still allow the application to continue running. This level can be used to inform about a serious error which needs to be addressed and may result in unstable state. FATAL Designates very severe error events that will presumably lead the application to abort. OFF The highest possible rank and is intended to turn off logging.
  • 7. How Logging Level works? A logging request of a particular level is said to be enabled if that level is higher than or equal to the level of its logger. Example import org.apache.log4j.*; public class LogClass { private static final org.apache.log4j.Logger LOGGER = Logger.getLogger(LogClass.class); public static void main(String[] args) { LOGGER.setLevel(Level.WARN); LOGGER.trace("Trace Message!"); LOGGER.debug("Debug Message!"); LOGGER.info("Info Message!"); LOGGER.warn("Warn Message!"); LOGGER.error("Error Message!"); LOGGER.fatal("Fatal Message!"); } } Output: Warn Message! Error Message! Fatal Message!
  • 9. Logging - Best Practices Declare the logger to be both static and final to ensure that every instance of a class shares the common logger object. Add code to check whether logging has been enabled at the right level. Use meaningful log messages that are relevant to the context.
  • 10. Logging - Best Practices Better to use logging only to log the following, method entry (optionally with the method’s input parameter values) method exit root cause message of exceptions that are handled at the exception’s origin point.
  • 11. Logging - Best Practices  Any other intermediate redundant logging statements, which are used just for the purpose of debugging can still be avoided. Example try { LOGGER.debug(“About to enter getSkuDescription method”); // The above logging statement is not required, // if getSkuDescription() method logs its method entry String skuDesc = getSkuDescription(skuNumber); LOGGER.debug(“Exited getSkuDescription method”); // The above logging statement is not required, // if getSkuDescription() method logs its method exit } catch (ServiceException se) { LOGGER.error(se.getErrorMessage()); throw se; }
  • 12. Logging - Best Practices Avoid logging at ‘every’ place where a custom exception is thrown and instead log the custom exceptions’ message in its ‘catch’ handler. Example try { if (null == skuNumber || skuNumber.isEmpty()) { LOGGER.error(“Sku number is invalid”); // The above logging statement is not required, // since the catch handler logs the message throw new ServiceException(“Sku number is invalid”); }
  • 13. Logging - Best Practices try { sku = Integer.parseInt(skuNumber); } catch (NumberFormatException nfe) { LOGGER.error(“Sku number is invalid and not a number”); // The above logging statement is not required, // since the catch handler logs the message throw new ServiceException(“Sku number is invalid and not a number”, nfe); } …… } catch (ServiceException se) { LOGGER.error(se.getErrorMessage()); throw se; }
  • 15. Exception Handling - Best Practice #1 Handle Exceptions close to its origin  Does NOT mean “catch and swallow” (i.e. suppress or ignore exceptions) try { // code that is capable of throwing a XyzException } catch ( XyzException e) { // do nothing or simply log and proceed }  It means, “log and throw an exception relevant to that source layer” – DAO layer - DataAccessException – Business layer - ApplicationException (example OUSException)
  • 16. Exception Handling - Best Practice #1 Important Note In applications using Web Services, the Web Service (a.k.a Resource) layer,  should catch ALL exceptions and handle them by creating proper error response and send it back to client.  should NOT allow any exception (checked or unchecked) to be “thrown” to client.  should handle the Business layer exception and all other unchecked exceptions separately.
  • 17. Exception Handling - Best Practice #1 Example try { // code that is capable of throwing an ApplicationException } catch (ApplicationException e) { // form error response using the exception’s // data – error code and/or error message } catch (Exception e) { // log the exception related message here, since this block is // expected to get only the unchecked exceptions // that had not been captured and logged elsewhere in the code. // form error response using the exception’s // data – error code and/or error message } The catch handler for ‘Exception’ in the Web Service layer is expected to handle all unchecked exceptions thrown from within ‘try’ block
  • 18. Exception Handling - Best Practice #2 Log Exceptions just once and log it close to its origin Logging the same exception stack trace more than once can confuse the programmer examining the stack trace about the original source of exception. try { // code that is capable of throwing a XyzException } catch (XyzException e) { // log the exception specific information // throw exception relevant to that source layer }
  • 19. Exception Handling - Best Practice #2 #1 - When catching an exception and throwing it through an exception relevant to that source layer, make sure to use the construct that passes the original exception’s cause. Otherwise, CodePro will report "No cause specified when creating exception“. try { // code that is capable of throwing a SQLException } catch (SQLException e) { // log technical SQL Error messages, but do not pass // it to the client. Use user-friendly message instead LOGGER.error(“An error occurred when searching for the SKU details” + e.getMessage()); throw new DataAccessException(“An error occurred when searching for the SKU details”, e); }
  • 20. Exception Handling - Best Practice #2 #2 - There is an exception to this rule, in case of existing code that may not have logged the exception details at its origin. In such cases, it would be required to log the exception details in the first method up the call stack that handles that exception. But care should be taken not to COMPLETELY overwrite the original exception’s message with some other message when logging. Example DAO Layer: try { // code that is capable of throwing a SQLException } catch (SQLException e) { // LOGGING missed here throw new DataAccessException(“An error occurred when processing the query.”, e); }
  • 21. Exception Handling - Best Practice #2 Processor Layer: try { // code that is capable of throwing a DataAccessException } catch (DataAccessException e) { // logging is mandated here as it was not logged // at its source (DAO layer method) LOGGER.error(e.getMessage()); throw new OUSException(e.getMessage(), e); }
  • 22. Exception Handling - Best Practice #3 Do not catch “Exception” Accidentally swallowing RuntimeException try { doSomething(); } catch (Exception e) { LOGGER.error(e.getMessage()); } This code 1. also captures any RuntimeExceptions that might have been thrown by doSomething, 2. ignores unchecked exceptions and 3. prevents them from being propagated.
  • 23. Exception Handling - Best Practice #3 Important Note (about some common RuntimeExceptions) NullPointerException – It is the developer’s responsibility to ensure that no code can throw it. Run CodePro and add null reference checks wherever it has been missed. NumberFormatException, ParseException – Catch these and create new exceptions specific to the layer from which it is thrown (usually from business layer) using user-friendly and non technical messages.
  • 24. Exception Handling - Best Practice #3 Important Note (about some common RuntimeExceptions) Example try { int sku = Integer.parseInt(skuNumber); } catch (NumberFormatException nfe) { LOGGER.error("SKU number is invalid and not a number"); throw new OUSException("SKU number is invalid and not a number", nfe); } All other unchecked exceptions (RuntimeExceptions) will be caught and handled by the Web Service layer (as explained in Best Practice #1).
  • 26. Fix to common CodePro errors "Invalid exception parameter name" Solution Rename the parameter to “e” Example try { // code that is capable of throwing a DataAccessException } catch (DataAccessException e) { throw new OUSException(e.getMessage(), e); }
  • 27. Fix to common CodePro errors "No cause specified when creating exception" when wrapping an exception into another exception. Solution Use the construct that passes the original exception’s cause Example try { // code that is capable of throwing a SQLException } catch (SQLException e) { LOGGER.error(e.getMessage()); throw new DataAccessException(“An error occurred when searching for the SKU details”, e); }