Select a Pattern Agnostic Capability Agnostic Context Agnostic Sub-Controller Asynchronous Queuing Atomic Service Transaction Brokered Authentication Canonical Expression Canonical Protocol Canonical Resources Canonical Schema Canonical Schema Bus Canonical Versioning Capability Composition Capability Recomposition Compatible Change Compensating Service Transaction Composition Autonomy Concurrent Contracts Contract Centralization Contract Denormalization Cross-Domain Utility Layer Data Confidentiality Data Format Transformation Data Model Transformation Data Origin Authentication Decomposed Capability Decoupled Contract Direct Authentication Distributed Capability Domain Inventory Dual Protocols Enterprise Inventory Enterprise Service Bus Entity Abstraction Event-Driven Messaging Exception Shielding Federated Endpoint Layer File Gateway Functional Decomposition Intermediate Routing Inventory Endpoint Legacy Wrapper Logic Centralization Message Screening Messaging Metadata Metadata Centralization Multi-Channel Endpoint Non-Agnostic Context Official Endpoint Orchestration Partial State Deferral Partial Validation Policy Centralization Process Abstraction Process Centralization Protocol Bridging Proxy Capability Redundant Implementation Reliable Messaging Rules Centralization Schema Centralization Service Agent Service Broker Service Callback Service Data Replication Service Decomposition Service Encapsulation Service Facade Service Grid Service Instance Routing Service Layers Service Messaging Service Normalization Service Perimeter Guard Service Refactoring State Messaging State Repository Stateful Services Termination Notification Three-Layer Inventory Trusted Subsystem UI Mediator Utility Abstraction Validation Abstraction Version Identification Overview     History     Acknowledgements     Podcasts     Notification Form     Feedback Form     Press Release #1     Press Release #2     Press Release #3 Master SOA Design Pattern Catalog     Master Pattern List (alphabetical)     Master Pattern List (by category)     Master Pattern List with Page Numbers (PDF)     Master Pattern List (Text)     Pattern Notation     Pattern Profiles     Symbol Legend     Pattern Contribution Form SOA Candidate Patterns     SOA Patterns Review Committee     Candidate Patterns Overview     Candidate Patterns List     Candidate Pattern Contribution Form     Candidate Pattern Feedback Form     SOA Pattern Template Design Pattern Basics     What's a Design Pattern?     What's a Design Pattern Language?     What's a Compound Pattern? Supplemental     SOA Patterns and Application Technologies     SOA Design Patterns Historical Influences     SOA Design Patterns and Design Principles     SOA Design Patterns and Design Granularity     Legal Resources     Design Patterns Publications     Reference Posters     SOAPrinciples.com     WhatIsSOA.com     SOA Visio Stencil Exception Shielding (Hogg, Smith, Chong, Hollander, Kozaczynski, Brader, Delgado, Taylor, Wall, Slater, Imran, Cibraro, Cunningham) Home > Service Security Patterns > Exception Shielding How can a service prevent the disclosure of information about its internal implementation when an exception occurs?   Problem Unfiltered exception data output by a service may contain internal implementation details that can compromise the security of the service and its surrounding environment. Solution Potentially unsafe exception data is "sanitized" by replacing it with exception data that is safe by design before it is made available to consumers. Application This pattern can be applied at design time by reviewing and altering source code or at runtime by adding dynamic sanitization routines. Impacts Sanitized exception information can make the tracking of errors more difficult due to the lack of detail provided to consumers. Principles Service Abstraction Architecture Service Potentially unsafe information is sanitized by routines added to the service logic, thereby releasing only safe exception information to service consumers. Related Patterns in This Catalog Service Agent (Erl), Service Perimeter Guard (Hogg, Smith, Chong, Hollander, Kozaczynski, Brader, Delgado, Taylor, Wall, Slater, Imran, Cibraro, Cunningham), Utility Abstraction (Erl) Related Service-Oriented Computing Goals Increased Organizational Agility, Reduced IT Burden This page contains excerpts from: SOA Design Patterns by Thomas Erl Foreword by Grady Booch With contributions from David Chappell, Jason Hogg, Anish Karmarkar, Mark Little, David Orchard, Satadru Roy, Thomas Rischbeck, Arnaud Simon, Clemens Utschig, Dennis Wisnosky, and others. (ISBN: 0136135161, Hardcover, Full-Color, 400+ Illustrations, 865 pages) For more information about this book, visit www.soabooks.com.

Home    SOA Books    SOA Magazine    What is SOA?    SOA Principles    SOASchool.com    SOA Glossary	Copyright © 2007-2009 SOA Systems Inc.