Hi Mingfai, They are only used in logic flow if something goes wrong. That is, they are truly 'exceptions' - they shouldn't happen in most cases. If they do happen, the exception hierarchy is rich enough for you to write code that adapts to the specific case of why the login failed.
The only other way to achieve this logic flow without exceptions is to return a 'status code' of what went wrong, and then you use a switch statement on it. This is horrible non-OO practice that is much uglier than catching exceptions and reacting the them accordingly. With exceptions, your code will be more readable for the truly 'exceptional and aren't supposed to happen regularly' cases. Cheers, Les On Tue, Oct 7, 2008 at 11:24 AM, Mingfai <[EMAIL PROTECTED]> wrote: > hi, > > I'm a newbie learning JSecurity. Your mission to be easy to understand and > simple to use are promising! > > After reading the QuickStart guide, I have an immediate question. Why it use > exception to control the login flow? To my understanding, it's a > conventional practice in Java not to use exception to control logic flow. > reasons are, e.g. performance, distinguish between 'real' exception like the > backend db is failed. Any comment? > > Regards, > mingfai >
