@Override public void check(Credentials credentials, AuthenticationDetails authenticationDetails) throws LoginException { if (credentials instanceof AbstractClientCredentials) { AbstractClientCredentials clientCredentials = (AbstractClientCredentials) credentials; if (clientCredentials.isCheckClientPermissions() && clientCredentials.getClientType() == ClientType.REST_API && !authenticationDetails.getSession().isSpecificPermitted("cuba.restApi.enabled")) { throw new RestApiAccessDeniedException(messages.getMessage(MSG_PACK, "LoginException.restApiAccessDenied")); } } }