protected ResponseMessage handleSecretRequest(
      WonderlandClientSender sender, WonderlandClientID clientID, SecretRequestMessage message) {
    // if we got here, the client has permission to send the secret.
    SessionMapManager smm = AppContext.getManager(SessionMapManager.class);
    WonderlandClientID checkID = smm.getClientID(message.getClientID());

    // send the secret to the client
    SecretKey secret = XrwSecretManager.getInstance().getSecret(checkID);
    return new SecretResponseMessage(message.getMessageID(), secret);
  }
  /**
   * Get the Wonderland identity based on the given client id. This requires mapping first to a
   * WonderlandClientID and then to a UserMO
   *
   * @param clientID the client ID as a BigInteger
   * @return the identity associated with that clientID, or null if the client can't be found
   */
  protected WonderlandIdentity getIdentity(BigInteger clientID) {
    // map the provided value to a client ID to check
    SessionMapManager smm = AppContext.getManager(SessionMapManager.class);
    WonderlandClientID checkID = smm.getClientID(clientID);
    if (checkID == null) {
      logger.warning("Unable to find client ID for " + clientID);
      return null;
    }

    // now get a user
    UserMO user = UserManager.getUserManager().getUser(checkID);
    if (user == null) {
      logger.warning("Unable to find user for " + checkID.getID());
      return null;
    }

    return user.getIdentity();
  }