May 24th, 2010, 03:36 PM
UserDetailsService - best practice question
The UserDetailsService's loadUserByUsername method defines 2 run-time Exceptions that it should throw, UsernameNotFoundException and DataAccessException.
I'm currently tidying up the code for an implementation of this interface where the previous developer ignored these Exceptions and instead chose to throw our own custom Exception.
I'm wondering though if either of these 2 defined Exceptions are being caught and handled further up the chain?
What is recommended practice in these scenarios?
From looking at the code I don't see explicit handling of this custom Exception so would have thought using the defined Exceptions would be best.
May 24th, 2010, 06:55 PM
I would probably follow the java doc on when to use them. Specifically if the repository is working ok...use the UsernameNotFoundException, if the repository isn't working throw the DataAccessException. In the end both of the Exceptions are handled by the ExceptionTranslationFilter (the DataAccessException is converted to an AuthenticationException).
May 24th, 2010, 07:34 PM
Thanks. As a matter of interest where did you find out that this conversion to an AuthenticationException occurs?
May 24th, 2010, 11:56 PM
I found the try/catch for the DataAccessException in the DaoAuthenticationProvider. However, remember these are implementations details that can change (in fact it looks like trunk is catching Exception and throwing an AuthenticationServiceException now...still of type AuthenticationException though), so you should just base it off what the interfaces define.