I've extended WebApplicationException with an UnauthorizedException:
public class UnauthorizedException extends WebApplicationException {
My REST classes extend a base class that implements the authCheck, a
subclass method:
try{
authCheck();
RecordingList recordings = CODIRecording.getRecordings(type, timeframe);
return Response.ok().entity(recordings).build();
}catch(WebApplicationException e){
throw e; // Results in 500
throw new UnauthorizedException(); // Results in 401
}
When the authCheck fails it throws UnauthorizedException. If the subclass
method doesn't have the catch/try (the exception just propagates out from
authCheck) or if it re-throws the exception the client receives a 500.
If the method's catch throws a NEW UnauthorizedException the client receives
a 401 as expected.
Is this "normal" behavior? It seems odd.