The test retrieveFluxWhenDataFluxAndSecureThenDenied throws a MessageDeliveryException because it makes a request to a route that does not exist ("secure.secure.retrieve-flux").
It should instead throw an AccessDeniedException when calling a route that exists, but does not have adequate permissions to access.