diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java
index 3445e53..3fc9e06 100644
--- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java
+++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java
@@ -46,22 +46,34 @@ import java.io.Serializable;
public interface Authenticator extends Serializable {
/**
- * Executes the necessary steps to authenticate an user.
+ * Executes the necessary steps to authenticate an user. After this call, {@link #getUser()} must return
+ * the currently authenticated user and it will return null
if the authentication process fails.
*
- * @throws AuthenticationException
- * When the authentication process fails, this exception is thrown.
+ * @throws InvalidCredentialsException
+ * You should throw this exception when the informed credentials are invalid.
+ * @throws Exception
+ * If the underlying authentication mechanism throwns any other exception,
+ * just throw it and leave the security context implementation to handle it.
*/
- void authenticate();
+ void authenticate() throws Exception;
/**
- * Executes the necessary steps to unauthenticate an user.
+ * Executes the necessary steps to unauthenticate an user. After this call, {@link #getUser()} must return null
.
+ *
+ * @throws Exception
+ * If the underlying authentication mechanism throwns any other exception,
+ * just throw it and leave the security context implementation to handle it.
*/
- void unAuthenticate();
+ void unauthenticate() throws Exception;
/**
* Returns the currently authenticated user.
*
- * @return the user currently authenticated
+ * @return the user currently authenticated, or null
if there is no
+ * authenticated user.
+ *
+ * @see #authenticate()
+ * @see #unauthenticate()
*/
User getUser();
}
diff --git a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authorizer.java b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authorizer.java
index aab7712..f964797 100644
--- a/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authorizer.java
+++ b/impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authorizer.java
@@ -51,8 +51,11 @@ public interface Authorizer extends Serializable {
* @param role
* role to be checked
* @return {@code true} if the user has the role
+ * @throws Exception
+ * If the underlying permission checking mechanism throwns any other exception, just throw it and leave
+ * the security context implementation to handle it.
*/
- boolean hasRole(String role);
+ boolean hasRole(String role) throws Exception;
/**
* Checks if the logged user has permission to execute an specific operation on a specific resource.
@@ -62,7 +65,10 @@ public interface Authorizer extends Serializable {
* @param operation
* operation to be checked
* @return {@code true} if the user has the permission
+ * @throws Exception
+ * If the underlying permission checking mechanism throwns any other exception, just throw it and leave
+ * the security context implementation to handle it.
*/
- boolean hasPermission(String resource, String operation);
+ boolean hasPermission(String resource, String operation) throws Exception;
}
--
libgit2 0.21.2