public boolean authenticate(final HttpServletResponse response) throws IOException, ServletException {
if (response.isCommitted()) {
throw UndertowServletMessages.MESSAGES.responseAlreadyCommited();
}
SecurityContext sc = exchange.getAttachment(SecurityContext.ATTACHMENT_KEY);
sc.setAuthenticationRequired();
// TODO: this will set the status code and headers without going through any potential
// wrappers, is this a problem?
if (sc.authenticate()) {
if (sc.isAuthenticated()) {
return true;
} else {
throw UndertowServletMessages.MESSAGES.authenticationFailed();
}
} else {