From 26957cd5f7ad0d48d1dc2c8c3af88a621d65e613 Mon Sep 17 00:00:00 2001
From: Cristian Turlica <cristian.turlica@ness.com>
Date: Tue, 2 Jun 2020 09:35:52 +0300
Subject: [PATCH] ACS-284: AuthenticationUtil.runAs method should leave the
 security context as it found it

---
 .../repo/security/authentication/AuthenticationUtil.java  | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/main/java/org/alfresco/repo/security/authentication/AuthenticationUtil.java b/src/main/java/org/alfresco/repo/security/authentication/AuthenticationUtil.java
index 93972805b9..c740b687b9 100644
--- a/src/main/java/org/alfresco/repo/security/authentication/AuthenticationUtil.java
+++ b/src/main/java/org/alfresco/repo/security/authentication/AuthenticationUtil.java
@@ -618,7 +618,13 @@ public class AuthenticationUtil implements InitializingBean
         {
             if (originalFullAuthentication == null)
             {
-                AuthenticationUtil.clearCurrentSecurityContext();
+                if (logger.isTraceEnabled())
+                {
+                    logger.trace("Removing the current security information for thread: " + Thread.currentThread().getName());
+                }
+                ContextHolder.setContext(null);
+                TenantContextHolder.clearTenantDomain();
+
                 logNDC(null);
             }
             else