protected SkeletonKeyToken createAccessToken(User user, Realm realm)
{
List<Resource> resources = identityManager.getResources(realm);
SkeletonKeyToken token = new SkeletonKeyToken();
token.id(generateId());
token.principal(user.getUsername());
token.audience(realm.getName());
if (realm.getTokenLifespan() > 0)
{
token.expiration((System.currentTimeMillis() / 1000) + realm.getTokenLifespan());
}