@Override
public void handleRequest(final HttpServerExchange exchange) throws Exception {
final ServletRequestContext servletRequestContext = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
List<SingleConstraintMatch> constraints = servletRequestContext.getRequiredConstrains();
SecurityContext sc = exchange.getAttachment(SecurityContext.ATTACHMENT_KEY);
ServletRequest request = servletRequestContext.getServletRequest();
if (request.getDispatcherType() != DispatcherType.REQUEST) {
next.handleRequest(exchange);
} else if (constraints == null || constraints.isEmpty()) {
next.handleRequest(exchange);
} else {
Account account = sc.getAuthenticatedAccount();
for (final SingleConstraintMatch constraint : constraints) {
boolean found = false;
Set<String> roleSet = constraint.getRequiredRoles();
if (roleSet.isEmpty() && constraint.getEmptyRoleSemantic() != SecurityInfo.EmptyRoleSemantic.DENY) {