@RestControllerAdvice is a new feature of Spring Framework 4.3 to handle Exception with RestfulApi by a cross-cutting concern solution:
package com.khan.vaquar.exception; import javax.servlet.http.HttpServletRequest; import org.owasp.esapi.errors.IntrusionException; import org.owasp.esapi.errors.ValidationException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.http.HttpStatus; import org.springframework.web.bind.MissingServletRequestParameterException; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.web.bind.annotation.RestControllerAdvice; import org.springframework.web.servlet.NoHandlerFoundException; import com.fasterxml.jackson.core.JsonProcessingException; import com.khan.vaquar.domain.ErrorResponse; /** * Handles exceptions raised through requests to spring controllers. **/ @RestControllerAdvice public class RestExceptionHandler { private static final String TOKEN_ID = "tokenId"; private static final Logger log = LoggerFactory.getLogger(RestExceptionHandler.class); /** * Handles InstructionExceptions from the rest controller. * * @param e IntrusionException * @return error response POJO */ @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(value = IntrusionException.class) public ErrorResponse handleIntrusionException(HttpServletRequest request, IntrusionException e) { log.warn(e.getLogMessage(), e); return this.handleValidationException(request, new ValidationException(e.getUserMessage(), e.getLogMessage())); } /** * Handles ValidationExceptions from the rest controller. * * @param e ValidationException * @return error response POJO */ @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(value = ValidationException.class) public ErrorResponse handleValidationException(HttpServletRequest request, ValidationException e) { String tokenId = request.getParameter(TOKEN_ID); log.info(e.getMessage(), e); if (e.getUserMessage().contains("Token ID")) { tokenId = "<OMITTED>"; } return new ErrorResponse( tokenId, HttpStatus.BAD_REQUEST.value(), e.getClass().getSimpleName(), e.getUserMessage()); } /** * Handles JsonProcessingExceptions from the rest controller. * * @param e JsonProcessingException * @return error response POJO */ @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(value = JsonProcessingException.class) public ErrorResponse handleJsonProcessingException(HttpServletRequest request, JsonProcessingException e) { String tokenId = request.getParameter(TOKEN_ID); log.info(e.getMessage(), e); return new ErrorResponse( tokenId, HttpStatus.BAD_REQUEST.value(), e.getClass().getSimpleName(), e.getOriginalMessage()); } /** * Handles IllegalArgumentExceptions from the rest controller. * * @param e IllegalArgumentException * @return error response POJO */ @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(value = IllegalArgumentException.class) public ErrorResponse handleIllegalArgumentException(HttpServletRequest request, IllegalArgumentException e) { String tokenId = request.getParameter(TOKEN_ID); log.info(e.getMessage(), e); return new ErrorResponse( tokenId, HttpStatus.BAD_REQUEST.value(), e.getClass().getSimpleName(), e.getMessage()); } @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(value = UnsupportedOperationException.class) public ErrorResponse handleUnsupportedOperationException(HttpServletRequest request, UnsupportedOperationException e) { String tokenId = request.getParameter(TOKEN_ID); log.info(e.getMessage(), e); return new ErrorResponse( tokenId, HttpStatus.BAD_REQUEST.value(), e.getClass().getSimpleName(), e.getMessage()); } /** * Handles MissingServletRequestParameterExceptions from the rest controller. * * @param e MissingServletRequestParameterException * @return error response POJO */ @ResponseStatus(HttpStatus.BAD_REQUEST) @ExceptionHandler(value = MissingServletRequestParameterException.class) public ErrorResponse handleMissingServletRequestParameterException( HttpServletRequest request, MissingServletRequestParameterException e) { String tokenId = request.getParameter(TOKEN_ID); log.info(e.getMessage(), e); return new ErrorResponse( tokenId, HttpStatus.BAD_REQUEST.value(), e.getClass().getSimpleName(), e.getMessage()); } /** * Handles NoHandlerFoundExceptions from the rest controller. * * @param e NoHandlerFoundException * @return error response POJO */ @ResponseStatus(HttpStatus.NOT_FOUND) @ExceptionHandler(value = NoHandlerFoundException.class) public ErrorResponse handleNoHandlerFoundException(HttpServletRequest request, NoHandlerFoundException e) { String tokenId = request.getParameter(TOKEN_ID); log.info(e.getMessage(), e); return new ErrorResponse( tokenId, HttpStatus.NOT_FOUND.value(), e.getClass().getSimpleName(), "The resource " + e.getRequestURL() + " is unavailable"); } /** * Handles all remaining exceptions from the rest controller. * * This acts as a catch-all for any exceptions not handled by previous exception handlers. * * @param e Exception * @return error response POJO */ @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR) @ExceptionHandler(value = Exception.class) public ErrorResponse handleException(HttpServletRequest request, Exception e) { String tokenId = request.getParameter(TOKEN_ID); log.error(e.getMessage(), e); return new ErrorResponse( tokenId, HttpStatus.INTERNAL_SERVER_ERROR.value(), e.getClass().getSimpleName(), "An internal error occurred"); } }