My rest service method demands an input parameter. I want to see data structure via postman. How can I add arguments in postman app? I get the error:
HTTP Status 500 - The bean encountered a non-application exception;
nested exception is: The server encountered an internal error that
prevented it from fulfilling this request.
Suppose that you are doing a POST, or a PUT, you want to add your data in XML or JSON or plaintext to the request.
You need to set the URL, and the right HTTP method. Once you choose, suppose POST, you can edit the data to be sent. I choose the raw input type and write inside it what I want to send to the server.
You may get 500 as server error due to error in the logic of the offered service, try to encapsulate your entity and send agin the request..
Related
I'm using an openapi specification, which configures AWS gateway. I'm also using request validation. It works fine with informative error messages if I print out $context.error.validationErrorString in case of 4xx error messages. (In case of missing request data, It will write out exactly which request data is missing)
In case of using multiple schemas for an endpoint in the openapi spec (with using oneOf), validation also works, but the error message does not contain specific message, just that schema matching was not succesfull [instance failed to match exactly one schema (matched 0 out of 1)
I think the problem is that schema validation happens first, so api gw throws this error first. Is there any possibility to find out what is the exact request validation error in this way, so maybe fore api gw to run also the request validation?
Confirmed with AWS support that this is not possible at the moment.
I have looked at many posts about how to accept an uploaded document in a WCF service REST endpoint. They say you should define the endpoint to have a single parameter with type Stream. Here is an example of one. I have implemented it as they suggest and it does work. Here it is in VB:
<OperationContract()>
<WebInvoke(Method:="POST", BodyStyle:=WebMessageBodyStyle.Bare)>
Function UploadDocument(data As Stream) As Stream
However, I am working with the additional constraint that this WCF service also uses SOAP endpoints. After adding this REST endpoint that accepts a Stream, the SOAP endpoints are breaking. The error in the SOAP response says
System.InvalidOperationException: For request in operation UploadDocument to be a stream the operation must have a single parameter whose type is Stream.
I am amazed that adding a REST endpoint would break these SOAP endpoints, but perhaps this would be more obvious for someone with experience in SOAP (I am new to it, as well as WCF Services). I looked that error up and found this post. This comment from Drew Marsh seems to be the fundamental problem here:
the WSDL generator implementation is made for the SOAP/RPC service contracts and on those you can't either have individual parameters of various intrinsic or data contract types, a Stream or a message contract. You can't mix the three together. So, when it tries to generate metadata for your REST service contract, where it's perfectly valid to throw a Stream parameter in the mix as the last parameter for the body, it bombs out with the error your seeing because it never expects to come across a signature like that.
I do not see any solution on that post or anywhere else I search. I tried making a <DataContract> class which has the document as a property with type Stream, along with the other form fields as properties, but when I try that I get the error
Unhandled InvalidOperationException in service: The incoming message has an unexpected message format 'Raw'. The expected message formats for the operation are 'Xml', 'Json'. This can be because a WebContentTypeMapper has not been configured on the binding. See the documentation of WebContentTypeMapper for more details.
Am I simply SOL if I want this REST endpoint to accept a multipart/form-data body? Or is there some way to make this work with all the constraints I'm working with? In case it makes a difference, yet another constraint is that this service is stuck in .NET 4.0, so that rules out some potential libraries that need .NET 4.5.
What's the best HTTP status code to use in response to an HTTP GET for a resource that's corrupt or semantically invalid?
E.g., consider a request to GET /person/1234 where data for person ID 1234 exists on the server but violates some business rule, so the server refuses to use it.
404 doesn't apply (because the data actually exists).
4xx in general seems not ideal (because the problem is on the server end, not under the client's control).
503 seems to apply to the service as a whole, not a particular resource.
500 certainly fits, but it's very vague in actually telling the client what might be wrong.
Any suggestions?
After reading the comments and the linked resources, it looks like #RemyLebeau's approach is best:
I think 500 is the only official response code that fits this situation. And there is nothing stopping you from including a response body that describes the reason for the failure.
according to iana.org:
4xx: Client Error - The request contains bad syntax or cannot be fulfilled
5xx: Server Error - The server failed to fulfill an apparently valid request
I think none of the 4xx status code should be valid as a response to an internal server error or migration or ... where client has no responsibilities or where user's inputs are expected to be rechecked. unless user's pre-filled data are involved like maybe user's package is not allowing him to access that data after a pre-determinate and known date, in such specific case It may be valid a 403 Forbidden as #Bari did suggest.
I'm not an expert but I think when the rejection or the decision of considering endpoint data as corrupt or invalid is made by server, then it will depends on what should be done next. I see 3 possible cases:
1. It is expected that somehow this is going to be fixed and client
should be invited to request it back but at some future moment ==> 503 (Service Unavailable):
503 (Service Unavailable)
status code indicates that the server
is currently unable to handle the request due to a temporary overload
or scheduled maintenance, which will likely be alleviated after some
delay. The server MAY send a Retry-After header field
(Section 7.1.3) to suggest an appropriate amount of time for the
client to wait before retrying the request.
2. Something is wrong, it is not client responsibility but there is an alternative way to access data, maybe following a specific process or sending further details ==> 510 Not Extended
2. Server cannot fulfill the request but there is an alternative way that requires it to include further details. Example: when requested data is corrupt, server error response may include a list of older (or unsaved, unversioned) versions of it and expect client to be more specific about which version to select so it could be fetched instead of the corrupted one ==> 510 Not Extended
510 Not Extended
The policy for accessing the resource has not been met in the
request. The server should send back all the information necessary
for the client to issue an extended request. It is outside the scope
of this specification to specify how the extensions inform the
client.
If the 510 response contains information about extensions that were
not present in the initial request then the client MAY repeat the
request if it has reason to believe it can fulfill the extension
policy by modifying the request according to the information provided
in the 510 response. Otherwise the client MAY present any entity
included in the 510 response to the user, since that entity may
include relevant diagnostic information.
case 2 was updated to include an example as IMHO it may fit in such case. but again I'm not any expert and I may be
wrong about it
3. No alternative ways, nothing to be expected or none of the other cases ==> 500 should be good
500 (Internal Server Error)
status code indicates that the server
encountered an unexpected condition that prevented it from fulfilling
the request.
I have a REST Service and depending on the type of Resource that is being viewed I have certain Operations avialable
So Resource1 supports Operation1 and Operation2
eg:
Resource1/Operation1
Resource1/Operation2
And Resource2 only supports Operation1
eg:
Resource2/Operation1
So if I receive a call for Operation2 on Resource2 (eg: Resource2/Operation2) the server will not raise an error as Operation2 is valid, but internally I don't support it, so should I return a 404 - Not Found or would a 501 - Not Implemented be more accurate or another error code?
You have to think in terms of Resources (that exist and you operate on them) and not Services as in WebServices (which you call to do something).
So every Operation of your REST API is a resource by itself (i.e. to model long running operations or some sort of more complex transaction that are triggered by sending a POST request to the operation resource) - and the URI to that resource is any opaque string, which can be 'Resource1/Operation1' or "/someOther/arbitrary/path",
A 501 means the HTTP server itself has a particular feature not implemented that is require to fulfill the request - i.e. it lacks some technical features - but the resource itself is valid.
But as you've written, your Rest API is not designed to support Operation2 for Resource2 at all, which means that there is no such thing as a "Resource2/Operation2" service resource. Therefore 404 response is the only reasonable choice.
In terms of "how client will interact...", ask yourself: given you are the consumer of a resource (i.e. some arbitrary web site), will you revisit the same URL when receiving a 404? (probably not) will you do when receiving a 501? (probably yes, as you assume the problem has been resolved in the meantime)
TL;DR
return 404
Never return any HTTP 5XX status from you code. It's used by the server to report server internal problem. If you are using that it would be confusing for the application user. So just use 404 for your purpose.
You can use either of them,
its your webapis , depend upon how the client will interact with it.
4xx is for client error and 5xx is for server error
you may use
501 Not Implemented instead of 404 not found
because the resource in url is not there .
OR you can also use
your own custom error code and error message.
or
422 Unprocessable Entity
The request was well-formed but was unable to be followed due to semantic errors.
If the client request by definition is illegal, I would return HTTP 400 Bad Request.
Sending HTTP 400 also implies that the request should not merely be retried, as it is permanently illegal and is not understood by he server.
Only reservation I would have with using HTTP 400 is that it usually seems to be used for malformed requests; i.e. typos and the like. Whether your request is illegal or malformed, is a question of semantics.
REST API: how to notify a client that the request has failed when the service already returned 200 and some data?
What I am doing?
I am developing a REST Web service that returns data from two sources:
An CSV file from an HTTP server which changes often and sometimes is huge.
A local file.
When a client invokes the service, it does this:
It sends a request to the HTTP server to obtain the CSV file.
After obtaining the CSV file, it combines the data from both sources.
Sends the result to the client. The result is an XML document.
Problem
Sometimes, after I have already returned some data to the client, the HTTP server fails so I cannot continue sending data to the client.
When this happens, I would like to notify the client that there was an error. How should I do this? The service already returned the HTTP code 200 and some data. So I cannot send the client an error 500.
Should I simply write to the output an error message? The client will fail because it the XML-document will not be valid.
The service cannot wait to send the response until the entire file from the HTTP server is read. The reasons is that sometimes the file obtained from the HTTP is very big and does not fit in memory.
Environment: although I do not think this is important, this service is developed in Jersey 1.x.
As you say, there are a couple options:
Start sending the response 200 OK before your upload request is complete, but rely on the client to detect an invalid ontent response; or
Wait until your request file upload is complete before sending the HTTP response. Then you can send the correct status code (2xx or 500).
I would recommend waiting until the upload is complete.
If the file cannot fit in server-side memory, then find a technique to write the stream to persistence not in memory, such as a cache, nosql db, or the filesystem. This will allow for faster processing of the file upload.
If you require additional time to process the file on the server side after upload, you can return a 202 Accepted status, with the Location: header having the resource to the long-running job. The client can keep checking if the job is complete. This will avoid having to process the whole thing in one HTTP round-trip.
some good examples of using RESTful long-operations:
Best practice for implementing long-running searches with REST
http://billhiggins.us/blog/2011/04/27/resty-long-ops/
REST with JAX-RS - Handling long running operations
Replying to myself. This may be useful for someone else.
Initially, I developed this option: if there was an error generating the output of the service when the HTTP code 200 was already sent, the service would write the error message to the output and close the connection. In these cases, the XML of the response was invalid.
Later, I had to change this behavior because users complained that in this scenario, the response was an invalid XML. As a consequence, all they were seeing was the error returned by the XML parser of their applications saying that the XML was invalid, not the actual error message.
To avoid this issue, I changed the behavior of the service:
When there are no errors, the response looks like this:
<view name="demo_stats">
<demo_stats>
<int_type>1</int_type>
<numeric_type>1.1</numeric_type>
</demo_stats>
<demo_stats>
<int_type>2</int_type>
<numeric_type>2.2</numeric_type>
</demo_stats>
</view>
If there is an error generating the output of the service and the service already sent the HTTP code 200, the response looks like this:
<view name="demo_stats">
<demo_stats>
<int_type>1</int_type>
<numeric_type>1.1</numeric_type>
</demo_stats>
<demo_stats>
<int_type>2</int_type>
<numeric_type>2.2</numeric_type>
</demo_stats>
<errors>
<error>There was an error transforming the value of row #3</error>
</errors>
</view>
The element errors is optional and only appears when there is an error during the generation of the output. This is a valid XML document and it allows client application to control better for this situation.