[jax-rs-spec users] [jsr339-experts] Re: Exceptions for representing HTTP errors

From: Marek Potociar <>
Date: Tue, 15 May 2012 19:43:27 +0200

On May 15, 2012, at 12:38 PM, Sergey Beryozkin wrote:

> I prototyped few exceptions for representing the most important HTTP errors, with the most exceptions from the original Bill's list added.
> I've attached a git patch to [1] - I'd prefer to contributing this way if possible. The patch, if approved, can be easily recreated, I used 'git diff master'.

Thanks, that is a reasonable first start. See few comment bellow.

> I chose to add a new package to minimize the 'noise' in other packages.

Unless we want to use the exceptions on the server side only, I think the exceptions should go into the root package where the WebApplicationException is placed already.

> I was not sure about NotAuthorizedException. Many users find the difference between 401 and 403 confusing. I guess having NotAuthorizedException won't help in this regard. Perhaps it's better to leave the security-related exceptions...

Perhaps we should explicitly support 401, but ignore 403? I can see that 401 will be useful for checking for "authorization required" issues. I don't have a good use case for a special 403 exception. Typically 403 scenarios are masked as 404 IRL anyway.

Also, I think we should be able to set a custom status code on InternalServerErrorException exception (and rename it to ServerErrorException) to capture all 5xx as a group. Perhaps we also need a ClientErrorException as a root for all 4xx errors? And RedirectionExcetion for 3xx?

Also, provided we want to use these on client side too, I think we need to provide exception constructors that take Response object as an argument, so that the original message from the server is not lost when converting the response into an exception and re-throwing it on the client side.


> After [1] is resolved I can prototype some code to do with the finer-grained client-only exceptions
> Sergey
> [1]