Security context implementation that uses the session as storage.
Attempt to authenticate a user based on their credentials. If the credentials are valid, the user will be authenticated, but the authentication will not be persisted. That is, when the lifecycle ends, the user will be unauthenticated implicitly.
Authenticate the given user and persist the authentication.
Authenticate the given user, without persisting the authentication. That is, when the lifecycle ends, the user will be unauthenticated implicitly.
Unauthenticate the current user, if one exists, and persist the change.
Unauthenticate the current user, if one exists, but do not persist the change.
Returns true if there is a currently authenticated user.
Called when the context is created. Can be used by child-classes to do setup work.
Assuming a user is still authenticated in the context, try to look up and fill in the user.