Now the PrivilegeContext object is central and once the user logged in,
this object is bound to a ThreadLocal. From then there is no further
need to interact with the PrivilegeHandler - this allows for
authenticated users to get a remote copy of the PrivilegeContext so that
on a remote client, the user can check for permissions, without having
to do the round trip to the server.
A code review of this change would be good, but preliminary tests show
that it works. A test should now be implemented to check if getting a
remote copy also allows for authorization.