* samples/contacts/src/sample/contact/SecureIndexController.java:

Prevent a NullPointerException when no SecureContext can be found.
  Instead, throw a real exception, explaining what's wrong.

samples/contacts/src/main/java/sample/contact/SecureIndexController.java

@@ -17,6 +17,7 @@ package sample.contact;
 
 import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.GrantedAuthority;
+import net.sf.acegisecurity.AuthenticationCredentialsNotFoundException;
 import net.sf.acegisecurity.context.ContextHolder;
 import net.sf.acegisecurity.context.SecureContext;
 
@@ -65,8 +66,14 @@ public class SecureIndexController implements Controller, InitializingBean {
 
     public ModelAndView handleRequest(HttpServletRequest request,
         HttpServletResponse response) throws ServletException, IOException {
-        Authentication currentUser = ((SecureContext) ContextHolder.getContext())
+        SecureContext secureContext = ((SecureContext) ContextHolder.getContext());
-            .getAuthentication();
+        if (null == secureContext) {
+            throw new AuthenticationCredentialsNotFoundException(
+                    "Authentication credentials were not found in the " +
+                    "SecureContext");
+        }
+
+        final Authentication currentUser = secureContext.getAuthentication();
 
         boolean supervisor = false;
         GrantedAuthority[] granted = currentUser.getAuthorities();