Base-class for a context that authenticates users and manages security.
The currently authenticated user, if one exists.
Authenticate the given user and persist the authentication.
Authenticate the given user, without persisting the authentication. That is, when the lifecycle ends, the user will be unauthenticated implicitly.
Unauthenticate the current user, if one exists, and persist the change.
Unauthenticate the current user, if one exists, but do not persist the change.
Returns true if there is a currently authenticated user.
Called when the context is created. Can be used by child-classes to do setup work.
Write the current state of the security context to whatever storage medium the context's host provides.
Assuming a user is still authenticated in the context, try to look up and fill in the user.
Get the current user or throw an authorization error.