diff --git a/spi/src/main/java/org/apache/celeborn/spi/authentication/PasswdAuthenticationProvider.java b/spi/src/main/java/org/apache/celeborn/spi/authentication/PasswdAuthenticationProvider.java
index 9911d339f..7ace6d547 100644
--- a/spi/src/main/java/org/apache/celeborn/spi/authentication/PasswdAuthenticationProvider.java
+++ b/spi/src/main/java/org/apache/celeborn/spi/authentication/PasswdAuthenticationProvider.java
@@ -19,6 +19,8 @@ package org.apache.celeborn.spi.authentication;
 
 import java.security.Principal;
 
+import javax.security.sasl.AuthenticationException;
+
 public interface PasswdAuthenticationProvider {
   /**
    * The authenticate method is called by the celeborn authentication layer to authenticate password
@@ -27,7 +29,7 @@ public interface PasswdAuthenticationProvider {
    *
    * @param credential The credential received over the connection request
    * @return The identifier associated with the credential
-   * @throws SecurityException When a user is found to be invalid by the implementation
+   * @throws AuthenticationException When a user is found to be invalid by the implementation
    */
-  Principal authenticate(PasswordCredential credential);
+  Principal authenticate(PasswordCredential credential) throws AuthenticationException;
 }
diff --git a/spi/src/main/java/org/apache/celeborn/spi/authentication/TokenAuthenticationProvider.java b/spi/src/main/java/org/apache/celeborn/spi/authentication/TokenAuthenticationProvider.java
index 7daadd227..10427b798 100644
--- a/spi/src/main/java/org/apache/celeborn/spi/authentication/TokenAuthenticationProvider.java
+++ b/spi/src/main/java/org/apache/celeborn/spi/authentication/TokenAuthenticationProvider.java
@@ -19,6 +19,8 @@ package org.apache.celeborn.spi.authentication;
 
 import java.security.Principal;
 
+import javax.security.sasl.AuthenticationException;
+
 public interface TokenAuthenticationProvider {
   /**
    * The authenticate method is called by the celeborn authentication layer to authenticate
@@ -27,7 +29,8 @@ public interface TokenAuthenticationProvider {
    *
    * @param credential The credential received over the connection request
    * @return The identifier associated with the token
-   * @throws SecurityException When the credential is found to be invalid by the implementation
+   * @throws AuthenticationException When the credential is found to be invalid by the
+   *     implementation
    */
-  Principal authenticate(TokenCredential credential);
+  Principal authenticate(TokenCredential credential) throws AuthenticationException;
 }