Hi all.  I am near the end of a JBoss 4 to 5 upgrade.  Our log has a high number of the following messages:

WARN  [SecurityAssociation] You are using deprecated api to getSubject. Use security context based approach

The code we use to retrieve the subject is below.

     public static Subject getSubject() {
        try {
            if (Config.getServerMode() == Config.WEBLOGIC_RMI_MODE) {
                return getSubject("weblogic.security.Security",
                                  "getCurrentSubject");
            } else if (Config.getServerMode() == Config.SUN_RMI_MODE
                    && Client.isConnectedInternal()) {
                return getSubject("org.jboss.security.SecurityAssociation",
                                  "getSubject");
            } else {
                return null;
            }
        } catch (Exception e) {
            Log.error(e);
        }
        return null;
    }

     private static Subject getSubject(String securityClassName,
                                      String methodName) {
        try {
            Class<?> clazz = Class.forName(securityClassName);
            Method getSubject = clazz.getMethod(methodName, new Class[] {});
            Subject subject =
                (Subject) getSubject.invoke(clazz, new Object[] {});

            return subject;
        } catch (Exception e) {
        }
        return null;
    }

SecurityAssociation.getSubject() is deprecated....I get the joke.  So my question is this......what is the 'security context based approach'?  I've been googling and looking in the forums all day...but all I've found are unanswered questions.  Thanks!