Improve CMS security layer documentation.

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / auth / HttpSessionLoginModule.java

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java
index acc0ba4e8ff58ee0a4fc437e24065bc5ab5873fc..8cb524fbe344bd6b864a40b5bfd0f89555ba7a3a 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/HttpSessionLoginModule.java
@@ -19,7 +19,6 @@ import javax.servlet.http.HttpSession;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.argeo.cms.CmsException;
 import org.argeo.cms.internal.kernel.Activator;
 import org.osgi.framework.BundleContext;
 import org.osgi.framework.FrameworkUtil;
@@ -182,10 +181,10 @@ public class HttpSessionLoginModule implements LoginModule {
                                                        sharedState.put(CmsAuthUtils.SHARED_STATE_NAME, login);
                                                        sharedState.put(CmsAuthUtils.SHARED_STATE_PWD, password);
                                                } else {
-                                                       throw new CmsException("Invalid authentication token");
+                                                       throw new IllegalStateException("Invalid authentication token");
                                                }
                                        } catch (Exception e) {
-                                               throw new CmsException("Couldn't retrieve authentication", e);
+                                               throw new IllegalStateException("Couldn't retrieve authentication", e);
                                        }
                                } else if (basic.equalsIgnoreCase("Negotiate")) {
                                        String spnegoToken = st.nextToken();