I changed the auth strategy to only use the Subject to check permissions - asking the SecurityManager itself is not necessary.
By using only the Subject testing is simplified, because only the subject needs to be mocked.
This is the fix for the 1.4 branch.
Don't need SecurityManager to check Permissions, Subject is enough. T…
…his simplifies testing.
There are a lot of formatting noise which makes the code review very hard.
Closing this PR as outdated.
Please open a new one against master branch if the improvement is still applicable.