if (authorize(principal, roles, message)) {
return;
}
} catch (Exception e) {
LOG.log(Level.FINE, "Unauthorized: " + e.getMessage(), e);
throw new AccessDeniedException("Unauthorized");
}
} else {
LOG.log(
Level.FINE,
"The SecurityContext was not an instance of LoginSecurityContext. No authorization "
+ "is possible as a result"
);
}
throw new AccessDeniedException("Unauthorized");
}