Commit 7681fc4afca518de1317fac7cd792ebe94b570c0
1 parent
c981a030
Exists in
master
Finalização da definição das interfaces de segurança
Showing
2 changed files
with
27 additions
and
9 deletions
Show diff stats
impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java
| ... | ... | @@ -46,22 +46,34 @@ import java.io.Serializable; |
| 46 | 46 | public interface Authenticator extends Serializable { |
| 47 | 47 | |
| 48 | 48 | /** |
| 49 | - * Executes the necessary steps to authenticate an user. | |
| 49 | + * Executes the necessary steps to authenticate an user. After this call, {@link #getUser()} must return | |
| 50 | + * the currently authenticated user and it will return <code>null</code> if the authentication process fails. | |
| 50 | 51 | * |
| 51 | - * @throws AuthenticationException | |
| 52 | - * When the authentication process fails, this exception is thrown. | |
| 52 | + * @throws InvalidCredentialsException | |
| 53 | + * You should throw this exception when the informed credentials are invalid. | |
| 54 | + * @throws Exception | |
| 55 | + * If the underlying authentication mechanism throwns any other exception, | |
| 56 | + * just throw it and leave the security context implementation to handle it. | |
| 53 | 57 | */ |
| 54 | - void authenticate(); | |
| 58 | + void authenticate() throws Exception; | |
| 55 | 59 | |
| 56 | 60 | /** |
| 57 | - * Executes the necessary steps to unauthenticate an user. | |
| 61 | + * Executes the necessary steps to unauthenticate an user. After this call, {@link #getUser()} must return <code>null</code>. | |
| 62 | + * | |
| 63 | + * @throws Exception | |
| 64 | + * If the underlying authentication mechanism throwns any other exception, | |
| 65 | + * just throw it and leave the security context implementation to handle it. | |
| 58 | 66 | */ |
| 59 | - void unAuthenticate(); | |
| 67 | + void unauthenticate() throws Exception; | |
| 60 | 68 | |
| 61 | 69 | /** |
| 62 | 70 | * Returns the currently authenticated user. |
| 63 | 71 | * |
| 64 | - * @return the user currently authenticated | |
| 72 | + * @return the user currently authenticated, or <code>null</code> if there is no | |
| 73 | + * authenticated user. | |
| 74 | + * | |
| 75 | + * @see #authenticate() | |
| 76 | + * @see #unauthenticate() | |
| 65 | 77 | */ |
| 66 | 78 | User getUser(); |
| 67 | 79 | } | ... | ... |
impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authorizer.java
| ... | ... | @@ -51,8 +51,11 @@ public interface Authorizer extends Serializable { |
| 51 | 51 | * @param role |
| 52 | 52 | * role to be checked |
| 53 | 53 | * @return {@code true} if the user has the role |
| 54 | + * @throws Exception | |
| 55 | + * If the underlying permission checking mechanism throwns any other exception, just throw it and leave | |
| 56 | + * the security context implementation to handle it. | |
| 54 | 57 | */ |
| 55 | - boolean hasRole(String role); | |
| 58 | + boolean hasRole(String role) throws Exception; | |
| 56 | 59 | |
| 57 | 60 | /** |
| 58 | 61 | * Checks if the logged user has permission to execute an specific operation on a specific resource. |
| ... | ... | @@ -62,7 +65,10 @@ public interface Authorizer extends Serializable { |
| 62 | 65 | * @param operation |
| 63 | 66 | * operation to be checked |
| 64 | 67 | * @return {@code true} if the user has the permission |
| 68 | + * @throws Exception | |
| 69 | + * If the underlying permission checking mechanism throwns any other exception, just throw it and leave | |
| 70 | + * the security context implementation to handle it. | |
| 65 | 71 | */ |
| 66 | - boolean hasPermission(String resource, String operation); | |
| 72 | + boolean hasPermission(String resource, String operation) throws Exception; | |
| 67 | 73 | |
| 68 | 74 | } | ... | ... |