/** * Evaluate produced authentication context. * * @param builder the builder * @throws AuthenticationException the authentication exception */ private void evaluateProducedAuthenticationContext(final AuthenticationBuilder builder) throws AuthenticationException { // We apply an implicit security policy of at least one successful authentication if (builder.getSuccesses().isEmpty()) { throw new AuthenticationException(builder.getFailures(), builder.getSuccesses()); } // Apply the configured security policy if (!this.authenticationPolicy.isSatisfiedBy(builder.build())) { throw new AuthenticationException(builder.getFailures(), builder.getSuccesses()); } }