if (client.isAuthorized())
return;
AuthorizeMessage msg = (AuthorizeMessage) m;
UserAuthorizedToken token = securityManager.authorize(msg.getUsername(), msg.getPassword());
if (token == null) {
clientMap.remove(client.conn.getId());
client.conn.close("Username/password not known or incorrect!");
} else {
client.setAuthenticationToken(token);