@Override public void initAccessControlContext( HttpServletRequest request, HttpServletResponse response, Map<String, Object> settings) { AccessControlContext accessControlContext = AccessControlUtil.getAccessControlContext(); if (accessControlContext != null) { throw new IllegalStateException("Authentication context is already initialized"); } accessControlContext = new AccessControlContext(); accessControlContext.setRequest(request); accessControlContext.setResponse(response); Map<String, Object> accessControlContextSettings = accessControlContext.getSettings(); accessControlContextSettings.putAll(settings); AccessControlUtil.setAccessControlContext(accessControlContext); }