Is it advisable for my own DAO class to throw a SecurityException in its constructor if it fails to authenticate to the data store?
The Java documentation says that SecurityException is to be used by SecurityManager, which suggests to me that it's not appropriate for use by other classes.
If not SecurityException, is there a better Java exception class to use or should I just use an application exception?
Thanks!
You can always write a new Exception which makes sense in your domain. Say "AuthenticationFailedException". You can make it extend java.lang.Exception to make it checked or java.lang.RuntimeException.