@Override
public AuthResult validateRequest(Request request, HttpServletResponse response, boolean isAuthMandatory,
UserIdentity cachedIdentity) throws ServerAuthException {
try {
HttpServletRequest httpRequest = request.getRequest();
UserIdentity userIdentity = loginService.login(new RequestCallbackHandler(httpRequest));
if (userIdentity != null) {
return new AuthResult(TomcatAuthStatus.SUCCESS, userIdentity, false);
} else {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return new AuthResult(TomcatAuthStatus.FAILURE, unauthenticatedIdentity, false);