public String getAdminToken() {

    String adminToken =
        curAdminToken != null && curAdminToken.isValid() ? curAdminToken.getToken() : null;

    if (adminToken == null) {
      final ServiceClientResponse<AuthenticateResponse> serviceResponse =
          client.post(authUrl + "/tokens", requestBody, MediaType.APPLICATION_XML_TYPE);

      switch (HttpStatusCode.fromInt(serviceResponse.getStatusCode())) {
        case OK:
          final AuthenticateResponse authenticateResponse =
              marshaller.unmarshall(serviceResponse.getData(), AuthenticateResponse.class);

          Token token = authenticateResponse.getToken();
          curAdminToken = new AdminToken(token.getId(), token.getExpires().toGregorianCalendar());
          adminToken = curAdminToken.getToken();
          break;

        default:
          LOG.error(
              "Unable to get admin token.  Verify admin credentials. "
                  + serviceResponse.getStatusCode());
          curAdminToken = null;
          break;
      }
    }

    return adminToken;
  }
  @Override
  public FilterDirector handleResponse(
      HttpServletRequest request, ReadableHttpServletResponse response) {
    FilterDirector myDirector = new FilterDirectorImpl();

    /// The WWW Authenticate header can be used to communicate to the client
    // (since we are a proxy) how to correctly authenticate itself
    final String wwwAuthenticateHeader =
        response.getHeader(CommonHttpHeader.WWW_AUTHENTICATE.toString());

    switch (HttpStatusCode.fromInt(response.getStatus())) {
        // NOTE: We should only mutate the WWW-Authenticate header on a
        // 401 (unauthorized) or 403 (forbidden) response from the origin service
      case UNAUTHORIZED:
      case FORBIDDEN:
        myDirector = updateHttpResponse(myDirector, wwwAuthenticateHeader);
        break;
      case NOT_IMPLEMENTED:
        if ((!StringUtilities.isBlank(wwwAuthenticateHeader)
            && wwwAuthenticateHeader.contains("Delegated"))) {
          myDirector.setResponseStatus(HttpStatusCode.INTERNAL_SERVER_ERROR);
          LOG.error(
              "Repose authentication component is configured as delegetable but origin service does not support delegated mode.");
        } else {
          myDirector.setResponseStatus(HttpStatusCode.NOT_IMPLEMENTED);
        }
        break;
    }

    return myDirector;
  }