private boolean authorized(AdPrincipal principal) {
   boolean authorized = true;
   for (String requiredGroup : configuration.getRequiredGroups()) {
     authorized = authorized && principal.getGroupNames().contains(requiredGroup);
   }
   return authorized;
 }
  private Optional<T> doAuthenticate(AdCredentials credentials) throws AuthenticationException {

    DirContext boundContext = bindUser(credentials);
    if (boundContext != null) {
      AdPrincipal principal = getAdPrincipal(boundContext, credentials);
      if (authorized(principal)) {
        return Optional.fromNullable(mapper.map(principal));
      } else {
        Set<String> missingGroups = configuration.getRequiredGroups();
        missingGroups.removeAll(principal.getGroupNames());
        LOG.warn(
            String.format(
                "%s authenticated successfully but did not have authority. Missing Groups: %s",
                credentials.getUsername(), missingGroups.toString()));
      }
    }
    return Optional.absent();
  }