diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java index 3445e53..3fc9e06 100644 --- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java +++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java @@ -46,22 +46,34 @@ import java.io.Serializable; public interface Authenticator extends Serializable { /** - * Executes the necessary steps to authenticate an user. + * Executes the necessary steps to authenticate an user. After this call, {@link #getUser()} must return + * the currently authenticated user and it will return null if the authentication process fails. * - * @throws AuthenticationException - * When the authentication process fails, this exception is thrown. + * @throws InvalidCredentialsException + * You should throw this exception when the informed credentials are invalid. + * @throws Exception + * If the underlying authentication mechanism throwns any other exception, + * just throw it and leave the security context implementation to handle it. */ - void authenticate(); + void authenticate() throws Exception; /** - * Executes the necessary steps to unauthenticate an user. + * Executes the necessary steps to unauthenticate an user. After this call, {@link #getUser()} must return null. + * + * @throws Exception + * If the underlying authentication mechanism throwns any other exception, + * just throw it and leave the security context implementation to handle it. */ - void unAuthenticate(); + void unauthenticate() throws Exception; /** * Returns the currently authenticated user. * - * @return the user currently authenticated + * @return the user currently authenticated, or null if there is no + * authenticated user. + * + * @see #authenticate() + * @see #unauthenticate() */ User getUser(); } diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authorizer.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authorizer.java index aab7712..f964797 100644 --- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authorizer.java +++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authorizer.java @@ -51,8 +51,11 @@ public interface Authorizer extends Serializable { * @param role * role to be checked * @return {@code true} if the user has the role + * @throws Exception + * If the underlying permission checking mechanism throwns any other exception, just throw it and leave + * the security context implementation to handle it. */ - boolean hasRole(String role); + boolean hasRole(String role) throws Exception; /** * Checks if the logged user has permission to execute an specific operation on a specific resource. @@ -62,7 +65,10 @@ public interface Authorizer extends Serializable { * @param operation * operation to be checked * @return {@code true} if the user has the permission + * @throws Exception + * If the underlying permission checking mechanism throwns any other exception, just throw it and leave + * the security context implementation to handle it. */ - boolean hasPermission(String resource, String operation); + boolean hasPermission(String resource, String operation) throws Exception; } -- libgit2 0.21.2