- log the error and the calling parameters - use system console if log fails
- close/clean-up any resources - don't forget to handle the case if they fail
- notify the caller about the error
- handle errors and not swallow them
- think for the edge cases - e.g do you handle 404/301/xxx for a POST ws-call that creates a new entity?
- check for errors in system test - what happens:
- if resource (dbase, network, file system, etc.) is not accessible
- if resource times-out
- if resource fails
- if resource is saturated (e.g disk full, JMS queue full, etc.)
- if a failed resource comes back online - is your system still consistent?
- if rollback or any recovery mechanism fails
- try to be robust - restart the failing module or stop using it
- think about the whole system and not the components for error testing
- think about the impossible - you might find some cases which are plausible