@Override
 public Action inspect(AtmosphereResource r) {
   final SecurityContextRepository securityContextRepository =
       getSecurityContextRepository(r.getAtmosphereConfig().getServletContext());
   if (securityContextRepository.containsContext(r.getRequest())) {
     LOGGER.trace("Loading the security context from the session");
     final HttpRequestResponseHolder requestResponse =
         new HttpRequestResponseHolder(r.getRequest(), r.getResponse());
     final SecurityContext securityContext =
         securityContextRepository.loadContext(requestResponse);
     SecurityContextHolder.setContext(securityContext);
   }
   return Action.CONTINUE;
 }
  private boolean initSession(
      UserProfile user,
      String password,
      boolean requirePassword,
      HttpServletRequest request,
      HttpServletResponse response) {

    Authentication auth;

    try {
      if (requirePassword) {
        UsernamePasswordAuthenticationToken token =
            new UsernamePasswordAuthenticationToken(user.getUsername(), password);
        auth = authenticationManager.authenticate(token);
      } else {
        auth = new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
      }

      context.getLogManager().loggedIn(user);
      SecurityContextHolder.getContext().setAuthentication(auth);
      securityContextRepository.saveContext(SecurityContextHolder.getContext(), request, response);
      rememberMeServices.loginSuccess(request, response, auth);
      request
          .getSession()
          .setAttribute("nquire-it-token", new BigInteger(260, random).toString(32));
    } catch (Exception ex) {
      auth = null;
    }

    return auth != null
        && auth.getPrincipal() != null
        && auth.getPrincipal() instanceof UserProfile;
  }
 @Override
 public SecurityContext loadContext(HttpRequestResponseHolder requestResponseHolder) {
   SecurityContext result = getContext(requestResponseHolder.getRequest());
   // always load from the delegate to ensure the request/response in the holder are updated
   // remember the SecurityContextRepository is used in many different locations
   SecurityContext delegateResult = delegate.loadContext(requestResponseHolder);
   return result == null ? delegateResult : result;
 }
    /**
     * Saves the {@link SecurityContext} using the {@link SecurityContextRepository}
     *
     * @param securityContext the {@link SecurityContext} to save
     * @param request the {@link HttpServletRequest} to use
     */
    final void save(SecurityContext securityContext, HttpServletRequest request) {
      SecurityContextRepository securityContextRepository =
          WebTestUtils.getSecurityContextRepository(request);
      boolean isTestRepository = securityContextRepository instanceof TestSecurityContextRepository;
      if (!isTestRepository) {
        securityContextRepository = new TestSecurityContextRepository(securityContextRepository);
        WebTestUtils.setSecurityContextRepository(request, securityContextRepository);
      }

      HttpServletResponse response = new MockHttpServletResponse();

      HttpRequestResponseHolder requestResponseHolder =
          new HttpRequestResponseHolder(request, response);
      securityContextRepository.loadContext(requestResponseHolder);

      request = requestResponseHolder.getRequest();
      response = requestResponseHolder.getResponse();

      securityContextRepository.saveContext(securityContext, request, response);
    }
 @Override
 public boolean containsContext(HttpServletRequest request) {
   return getContext(request) != null || delegate.containsContext(request);
 }
 @Override
 public void saveContext(
     SecurityContext context, HttpServletRequest request, HttpServletResponse response) {
   request.setAttribute(ATTR_NAME, context);
   delegate.saveContext(context, request, response);
 }