@Override public void onAuthenticationFailure( HttpServerExchange exchange, Session session, AuthenticationMechanism currentAuthMechanism ) { if ( currentAuthMechanism != null && !currentAuthMechanism.sendAuthenticationChallenge( exchange, session ) ) throw new IllegalStateException( "Cannot send authentication challenge" ); } }