public Subject authenticate( final SecurityContext context ) throws AuthenticationException {
final UserPassSecurityContext userPassContext = checkInstanceOf( "context", context, UserPassSecurityContext.class );
final Principal principal;
final Credential credential = scheme.buildCredential( userPassContext );
if ( credential == null ) {
throw new AuthenticationException( "Invalid credentials." );
}