// We know our super-class makes UsernamePasswordTokens, ask super to pull out the relevant details
UsernamePasswordToken basis = (UsernamePasswordToken) super.createToken(request, response);
// And include more information than is normally provided to a token (ie. the request)
return new ContentRestrictedToken(basis, request);
}
else {
return super.createToken(request, response);
}
}