net.sf.mmm.util.exception.base

Class ExceptionUtilImpl

java.lang.Object

net.sf.mmm.util.component.base.AbstractComponent

net.sf.mmm.util.component.base.AbstractLoggableComponent

net.sf.mmm.util.exception.base.ExceptionUtilLimitedImpl

net.sf.mmm.util.exception.base.ExceptionUtilImpl

All Implemented Interfaces:

ExceptionUtil, ExceptionUtilLimited, Security

public class ExceptionUtilImpl
extends ExceptionUtilLimitedImpl
implements ExceptionUtil

This is the default implementation of ExceptionUtil.

Since:

1.0.0

Author:

Joerg Hohwiller (hohwille at users.sourceforge.net)

Field Summary

Fields

Modifier and Type	Field and Description
private boolean	enforceSerializableForClient
private EnvironmentDetector	environmentDetector
private static ExceptionUtil	instance

Fields inherited from interface net.sf.mmm.util.exception.api.ExceptionUtil

NO_STACKTRACE

Constructor Summary

Constructors

Constructor and Description
ExceptionUtilImpl() The constructor.

Method Summary

Modifier and Type	Method and Description
Throwable	convertForClient(Throwable exception) Converts the given exception for the client.
Throwable	convertForSerialization(Throwable exception, ExceptionTruncation truncation) Converts the given exception so it is ensured to be serializable.
Throwable	convertForUser(Throwable exception, ExceptionTruncation truncation) Converts the given exception for end-users with potential truncation.
EnvironmentDetector	getEnvironmentDetector()
static ExceptionUtil	getInstance() This method gets the singleton instance of this ExceptionUtil.
protected ExceptionTruncation	getTruncationForClient()
boolean	isEnforceSerializableForClient()
protected boolean	isRemoveStacktrace()
protected Throwable	obfuscateException(Throwable exception)
void	setEnforceSerializableForClient(boolean enforceSerializableForClient)
void	setEnvironmentDetector(EnvironmentDetector environmentDetector)

Methods inherited from class net.sf.mmm.util.exception.base.ExceptionUtilLimitedImpl

convertForUser, getStacktrace

Methods inherited from class net.sf.mmm.util.component.base.AbstractLoggableComponent

createLogger, doInitialize, getLogger

Methods inherited from class net.sf.mmm.util.component.base.AbstractComponent

doInitialized, getInitializationState, initialize

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.sf.mmm.util.exception.api.ExceptionUtilLimited

convertForUser, getStacktrace

Field Detail

instance

private static ExceptionUtil instance

environmentDetector

private EnvironmentDetector environmentDetector

enforceSerializableForClient

private boolean enforceSerializableForClient

Constructor Detail

ExceptionUtilImpl

public ExceptionUtilImpl()

The constructor.

Method Detail

getInstance

public static ExceptionUtil getInstance()

This method gets the singleton instance of this ExceptionUtil.
ATTENTION:
Please read Cdi.GET_INSTANCE before using.

Returns:

the singleton instance.

isEnforceSerializableForClient

public boolean isEnforceSerializableForClient()

Returns:

true if convertForClient(Throwable) shall enforce serializable exceptions, false otherwise.

setEnforceSerializableForClient

public void setEnforceSerializableForClient(boolean enforceSerializableForClient)

Parameters:

enforceSerializableForClient - is the new value of isEnforceSerializableForClient().

convertForSerialization

public Throwable convertForSerialization(Throwable exception,
                                         ExceptionTruncation truncation)

Description copied from interface: ExceptionUtil

Converts the given exception so it is ensured to be serializable.

Specified by:

convertForSerialization in interface ExceptionUtil

Parameters:

exception - is the Throwable to convert.

truncation - the ExceptionTruncation to configure if details shall be removed. E.g. ExceptionTruncation.REMOVE_ALL.

Returns:

a serializable variant of the given exception. Guaranteed to implement NlsThrowable. By default an instance of GenericSerializableException.

See Also:

GenericSerializableException, NlsThrowable.createCopy(ExceptionTruncation)

convertForUser

public Throwable convertForUser(Throwable exception,
                                ExceptionTruncation truncation)

Description copied from interface: ExceptionUtil

Converts the given exception for end-users with potential truncation.

Specified by:

convertForUser in interface ExceptionUtil

Parameters:

exception - is the exception to wrap.

truncation - the ExceptionTruncation to configure if details shall be removed. E.g. ExceptionTruncation.REMOVE_ALL.

Returns:

the converted exception. Will be an instance of NlsThrowable.

See Also:

ExceptionUtilLimited.convertForUser(Throwable)

convertForClient

public Throwable convertForClient(Throwable exception)

Description copied from interface: ExceptionUtil

Converts the given exception for the client. With client we mean any kind of system that calls the current application via a remote interface. This can be a user-interface client, a different server application, or the like. If the exception would be send to the client as is, then all exception classes have to be available on the client side for de-serialization and all error details are exposed to the client violating the OWASP principle sensitive data exposure.
The suggested implementation should behave as following:

• Details are removed according to the current environment. In development environment and test environment the details should be retained to support debugging. However, in environments close to production, the details shall be removed.
• Exceptions are converted for the end-user so that confusion with technical details and exposure of internals in messages is avoided.
• Potentially exceptions are converted for serialization.

ATTENTION:
It is not the task of this utility to log exceptions. Instead this shall be done before this method is invoked. To make use of the features of NlsThrowable such as the UUID that is logged and transferred to the client, you should call ExceptionUtilLimited.convertForUser(Throwable) in advance.

Specified by:

convertForClient in interface ExceptionUtil

Parameters:

exception - is the Throwable that has been catched at an application boundary.

Returns:

the converted Throwable.

obfuscateException

protected Throwable obfuscateException(Throwable exception)

Parameters:

exception - is the Throwable to obfuscate.

Returns:

the obfuscated exception.

See Also:

getTruncationForClient()

isRemoveStacktrace

protected boolean isRemoveStacktrace()

Returns:

true if obfuscateException(Throwable) shall remove the stacktrace of the resulting exception.

getTruncationForClient

protected ExceptionTruncation getTruncationForClient()

Returns:

true if exceptions shall be obfuscated, false otherwise.

getEnvironmentDetector

public EnvironmentDetector getEnvironmentDetector()

Returns:

the EnvironmentDetector instance.

setEnvironmentDetector

@Inject
public void setEnvironmentDetector(EnvironmentDetector environmentDetector)

Parameters:

environmentDetector - is the EnvironmentDetector to Inject.