On Thu, Jan 14, 2010 at 8:51 AM, Brian Demers <[email protected]> wrote: > I wouldn't go the road of a RuntimeException, If you have more then one > Realm configured in a ModularRealmAuthenticator you would need to make sure > it was catching throwable, as to not effect any other configured realms.
The ModularRealmAuthenticator already does this. It allows the AuthenticationStrategy.afterAttempt method implementation to decide what ultimately happens if a Realm throws anything. > I would stick with the realm only throwing a AthenticationException for now, > at least if/unless the method signature changes. I agree until the community decides otherwise (i.e. if people decide that we should provide a rich exception hierarchy). We should definitely not be swallowing an exception to a log. > Just a few thoughts, > -Brian Your feedback is much appreciated! Thanks, Les
