I am coding some kind of a WCF service. most exceptions are caught in the BL implementation and handled there. Each of my API's return type is a class (named - "result") containing error code, error message and success boolean.
When exceptions are handled, this class is updated accordingly and in the end is sent back to the client.
Some of the exceptions are off-course, unhandled. Currently, I am wrapping each of my BL calls from the service layer with a generic try-catch so I can catch every unhandled exception and create a generic "result" class with a generic failure message, error code and success=false.
Is it a good way to handle exceptions or should I let unhandled exception to be thrown by the service to the client?
You can assume that the client can't use the data from the exception so it won't benefit from the extra information contained in the exception.
Check out Exception Shielding.
This is a process where exceptions raised by the service, are mapped to fault contracts according to rules you specify in a configuration file. This saves a lot of donkey work with try/catch blocks.
Here is one post to help you out:
In general though - faults will fall into 3 categories:
1) Client error - the client has tried to do something not permissable, so it needs to know about it. E.g. Failed to set a mandatory field. - Return specific message explaining fault.
2) Business error that doesn't affect the client. An error that is considered normal operation, e.g. Payment Authorization check failure. Either hide from client completely, or return some message: "Error performing request: Please try again later..."
3) System error - Unexpected - not normal operation: Replace with generic message: "System Error: Call Support"
In all cases though, the key thing is you remove the stack trace, especially if it's a public facing service.
With shielding you would have 3 Fault Contracts covering the above scenarios, and set the text appropriately in the Shielding configuration.
Be advised, you generally want shielding turned off during development as it makes it a right pain to debug the system!
I differ with the others. I think that in the same way HTTP methods GET, POST, PUT, DELETE thereby support CRUD operations, HTTP response codes 200, 500, etc., support success/fail and this is, in my opinion, appropriate to make use of. A 500 result still has an HTTP response body, and such a body is fully readable (so long as IIS isn't spitting out HTML; you have control over this). Meanwhile, the XML protocol implementations as with Microsoft SOAP from WCF already wrap exceptions with a faulting protocol.
If you're going to throw exceptions, throw them. Just document them while doing so, so that the consumers can plan accordingly.
I think both approaches are viable.
I personally prefer not throwing exceptions over WCF, so that the client can easily distinguish between error in server-side processing and connectivity/protocol issue: in the first case the response will indicate the failure, and in the second case exception will be thrown.
Personally I wouldn't expose the unhandled exceptions and propagate them to the client. I would define those exceptions the client might be interested in and only propagate those. Exceptions not directly related to what the clients want to do (ArgumentException could set reason to "CustomerId cannot be more than 20 chars" etc.) I'd deal with in the service and only indicate that some sort of internal server error has occurred on the service side which broke the execution and meant that the operation the client tried to run failed to complete. This I would do because the client can't really take any action based on internal server errors. They can fix their inparams in the case of an ArgumentException being thrown by validating the parameters again and retry the operation.
Not sure if this is really what you're asking, but hope it gives you some ideas at least.
If you let unhandled exceptions out of your WCF service, this may have undesirable effects such as communication channel being in faulted state where in a sessionful scenario, client can no longer use the same client proxy instance but is forced to create a new one and start a new session. In general, I think it is good to have control over the errors that surface out of your WCF service and provide clients helpful information. Take a look at IErrorHandler.This interface gives you control over the SOAP fault generated, unhandled exceptions, and allows you to do extra tasks like logging, and lets you decide whether you want to keep the session or not in case of a sessionful binding. You add your custom error handler via WCF extensibility such as service, endpoint, contract, operation behaviors.
Note that IErrorHandler is called before sending a response message. So there is still a chance of an unhandled exception occurring down in the channel stack during serialization, encoding, etc.
Related
I 'm looking for a similar library or class like httpwebrequest which does not throw exceptions on http codes. (c# language)
Problem with httpwebrequest is that it behaves the http error codes (like 401,403 and ...) as exceptions and throws an exception in case of these. You may know that exception throwing and handling is expensive. for example a successful request takes about 30 ms on my system,but another request which causes exception takes about 250!
I 'm making lots of request that causes this http error codes and it affects my code performance alot.
I have tried webclient,webrequest,httpclient and all are the same in this.
Any opinion on a alternative library or how to avoid these exceptions ?
HttpClient.GetAsync() won't throw an exception on a 400-level error. Though it will throw an exception for "an underlying issue such as network connectivity, DNS failure, server certificate validation or timeout."
Also, the HttpReponseMessage it produces has a handy IsSuccessStatusCode property.
Check out RestSharp. It's a great tool for creating web requests
This is a general question that I'm confused about. I thought once a REST request was made, an error would come back via a WebException. In one case I have I'm getting a HttpRequestException, which doesn't allow me to get the HTTP status code.
I'm new to this stuff, but what is the difference between these? Why are there two types? When does one get used as opposed to another?
WebException seems to work well. HttpRequestException seems like a very weak version of it, where it knows the status code (in it's message) but it won't tell me explicitly what it was.
EDIT:
I'm using a HttpClient. Specifically calling client.GetStreamAsync().
There are three distinct failure scenarios:
a) You could not connect to the server or proxy, in which case a HttpRequestException is thrown. Be aware if your server is down and you are running fiddler, you will never see this exception, you will get a 5XX status code.
b) When reading/writing a network stream, there is some kind of interruption you will get an IOException.
c) You will get back a response with a HttpStatusCode with a 4XX/5XX status code. If your client application chooses to call response.EnsureSuccessStatusCode() then a HttpRequestException will be thrown.
If you decide to call EnsureSuccessStatusCode you are making an explicit decision that you don't care about status codes other than the fact that it was success/fail.
If you really need to bubble up an exception and then later handle the status code then I suggest you create your own extension method to replace EnsureSuccessStatusCode and create your own exception that can store the status code. Or preferably, translate the status code into one of a few different exceptions based on the corrective action you wish to take.
WebException Class: The exception that is thrown when an error occurs while accessing the network through a pluggable protocol.
HttpRequestException Class: A base class for exceptions thrown by the HttpClient and HttpMessageHandler classes.
I think the inner exception of a HttpRequestException could be a WebException however I'm not sure it ever is.
Note, a 404, 302 or whatever response other than a 200 (OK) is not an exception. Those responses are perfectly valid HTTP responses.
https://github.com/dotnet/runtime/pull/32455 adds StatusCode to HttpRequestException in .NET 5.
If an exception is thrown in my web service and I wanted to give the user a more meaningful error message rather than a generic 'an error has occurred when processing your request', what are some possible techniques that can be used to pass the exception message back to the client?
is this something that is acceptably practiced?
If the error is from your inner code .NET will wrap your inner exception in a SoapException and return it to the user. The JavaScript can look for the soapexception xml element and do something with it. The SoapExceptions message will be the same as the actual exception so you might want to catch it up top and throw something nicer, and without the stack trace.
You can then give the clients a list of possible SoapExceptions.
I've written web services where the response always includes a numeric status code (0 indicates success, non-zero indicates a problem of some type) as well as a text status message. If an error occurred (non-zero status code) then the status message includes a description of the problem, otherwise it is blank. The service also returns a bunch of data depending on what method the user is calling. It seems to work well for our clients. The important thing is to document the behavior so that clients know what to expect and the interface is consistent.
this is probably the most helpful answer to this question
What should a JSON service return on failure / error
so, thanks to Crescent Fresh
I am writing a Java based service with WSDL for a .Net client to consume, and I thought that when I receive an invalid value from the client that I would throw an exception that my client could then catch and display in a message box or something to the user (the client is a desktop app).
I was wondering if it would be ok to use this approach or if there's a better way of doing it.
I would say "no". Error messages, etc., but I wouldn't serialize an exception. You have no idea who the client is or what language they're written in.
The service should handle the exception: catch it, log it, and create a sensible error message(s) and status codes. This is not the place for exceptions, in my opinion.
And when I say "sensible error messages", I don't mean anything resembling a stack trace. These are likely to be business clients, who should not be reading such things. A business-meaningful message is the ticket here, not a stack trace.
.NET in general deals in FaultExceptions (wrapped SOAP faults) in WCF. I would assume that if you throw a proper SOAP Fault, that WCF would wrap this up into a FaultException by the time the client consumes the response, so they can have a try catch FaultException statement. This would still allow other non .NET clients to consume the service without breaking standards..
Just an idea anyway...
What you should probably do is use SOAP Faults, since these should be supported for any clients. Be sure to set the extra descriptive fields too.
Conceptually this is fine, but I don't think you can literally throw a Java Exception over HTTP back to a .NET client.
You can use HTTP 500 to signal a server error; you should also be able to attach a meaningful message to the response that will help the .NET developers figure out how to use your service better. This may or may not include a serialized Java stack trace.
The first thing to tackle is preventing against exceptions being thrown by doing validation on data before it gets manipulated. IE
string func(string cat)
if(cat == null || cat.length == 0){
//set errorLabelText to "bad data"
return;
}
//else code
That being said only throw Exceptions in Exceptional cases.
Do CommunicationExceptions and/or TimeoutExceptions need to be handled in the Service Implementation? (in addition to the client?). What happens when a client times out ? Does the service continue processing the message, or does an exception get thrown?
Thanks
-Vic
For example do, I need to do the following ??
public MyServiceImpl:IMyService
{
void DoSomething()
{
try{
//Do something
}
catch (Communication exception){}
catch (Timeout exception){}
}
}
}
Since you're not in a callback scenario, your service method won't even be called if there's a timeout (since it will be catched by the various dispatchers that get the message before your method does). So no need to catch these exceptions here.
If you're using a Stream as one of the parameters of your operation, things are a little different though, since you're likely to run into an exception while reading the stream if your client throws a hissy fit. But in that case you'd have to guard for exceptions anyway.
As per usual: it depends :-)
If you have per-call instancing, or one-way messages, then even if a bad thing (an exception) happens on the server, they'll be propagated to the client (or in one-way scenarios: just dropped), and you don't have to worry about them all that much.
HOWEVER: if you have a session scenario, where either your transport protocol (TCP/IP in the case of netTtcp binding) uses a transport session, or where your e.g. wsHttpBinding establishes an application session with the server, then you need to make absolutely sure on the server to catch all exceptions and handle them and return them only as SOAP faults.
If you don't, then the channel (the communication pipe between your client's proxy instance and the server instance) will be "faulted", e.g. unusable and the client proxy instance will need to be recreated.
Also, keep in mind that .NET exceptions are just that - a .NET specific thing. If your service will need to be interoperable and be called from e.g. Java, Ruby, PHP or other clients, you absolutely MUST catch all .NET exceptions on the server side and turn them into SOAP faults (which are the interoperable equivalent). You can do this by implementing the IErrorHandler interface on your server side.
Marc