Server Responses and Exception Handling - RESTful Java with JAX-RS 2.0

Java Reference

In-Depth Information

that the MessageBodyReader fails to parse. JAX-RS will also throw this exception if it fails

to convert a header or cookie value to the desired type. For example:

@HeaderParam ( "Custom-Header" ) int

int header ;

@CookieParam ( "myCookie" ) int

int cookie ;

If the HTTP request's Custom-Header value or the myCookie value cannot be parsed into an

integer, BadRequestException is thrown.

NotAuthorizedException is used when you want to write your own authentication proto-

cols. The 401 HTTP response code this exception represents requires you to send back a

challenge header called WWW-Authenticate . This header is used to tell the client how it

should authenticate with the server. NotAuthorizedException has a few convenience con-

structors that make it easier to build this header automatically:

public

public NotAuthorizedException ( Object challenge , Object ... moreChallenges ) {}

For example, if I wanted to tell the client that OAuth Bearer tokens are required for authen-

tication, I would throw this exception:

throw

throw new

new NotAuthorizedException ( "Bearer" );

The client would receive this HTTP response:

HTTP / 1.1 401 Not Authorized

WWW - Authenticate: Bearer

ForbiddenException is generally used when the client making the invocation does not have

permission to access the resource it is invoking on. In Java EE land, this is usually because

the authenticated client does not have the specific role mapping required.

NotFoundException is used when you want to tell the client that the resource it is requesting

does not exist. There are also some error conditions where the JAX-RS runtime will throw

this exception automatically. If the JAX-RS runtime fails to inject into an @PathParam ,

@QueryParam , or @MatrixParam , it will throw this exception. Like in the conditions dis-

cussed for BadRequestException , this can happen if you are trying to convert to a type the

parameter value isn't meant for.

NotAllowedException is used when the HTTP method the client is trying to invoke isn't

supported by the resource the client is accessing. The JAX-RS runtime will automatically

throw this exception if there isn't a JAX-RS method that matches the invoked HTTP method.

NotAcceptableException is used when the client is requesting a specific format through

the Accept header. The JAX-RS runtime will automatically throw this exception if there is

Search WWH ::

Custom Search

Home