public SecurityHandler buildSecurityHandler(String policyContextID, Subject defaultSubject, RunAsSource runAsSource, boolean checkRolePermissions) {
if (defaultSubject == null) {
defaultSubject = ContextManager.EMPTY;
}
AccessControlContext defaultAcc = ContextManager.registerSubjectShort(defaultSubject, null, null);
IdentityService identityService = new JettyIdentityService(defaultAcc, defaultSubject, runAsSource);
return new JaccSecurityHandler(policyContextID, authenticator, loginService, identityService, defaultAcc);
}