public Credential validate(Credential credential, RequestData data) throws WSSecurityException {
Credential cred = super.validate(credential, data);
UsernameToken ut = credential.getUsernametoken();
WSUsernameTokenPrincipalImpl principal =
new WSUsernameTokenPrincipalImpl(ut.getName(), ut.isHashed());
principal.setCreatedTime(ut.getCreated());
principal.setNonce(principal.getNonce());
principal.setPassword(ut.getPassword());
principal.setPasswordType(ut.getPasswordType());
Subject subject = new Subject();
subject.getPrincipals().add(principal);
if ("Alice".equals(ut.getName())) {
subject.getPrincipals().add(new SimpleGroup("manager", ut.getName()));