I am trying to set security context from a servlet using code below. The purpose of this override it to execute number of calls in some other users context (without specifying password). We use a custom JAAS auth module for authentication purpose. THough below code works, I need to confirm if its correct way for overriding logged in context.
SecurityContext oldContext = SecurityContextAssociation.getSecurityContext();
// Prepare security context with some new user.
SecurityContext tmpContext = SecurityContextFactory.createSecurityContext(somePrincipal,null,someSubject,someDomain);
// Revert the context to original