Hi all,

 I noticed that createSecurityContext on OAuthFilter isn't really doing anything when it should be wrapping HttpServletRequest in order to be able to provide a Principal upon a SecurityContext injected thru @Context annotation...
 I have did an slight change and it is already working for me:

   protected HttpServletRequest createSecurityContext(
                        HttpServletRequest request,
                        org.jboss.resteasy.auth.oauth.OAuthConsumer consumer,
                        OAuthToken accessToken) {
                return new UserRoleRequestWrapper(request, consumer);


class UserRoleRequestWrapper extends HttpServletRequestWrapper {

        private OAuthConsumer consumer;

        public UserRoleRequestWrapper(HttpServletRequest delegate,
                        OAuthConsumer consumer) {
                this.consumer = consumer;

        public Principal getUserPrincipal() {
                if (this.consumer == null) {
                        return ((HttpServletRequest) getRequest()).getUserPrincipal();

                // make an anonymous implementation to just return our user
                return new Principal() {
                        public String getName() {
                                return consumer.getDisplayName();