diff --git a/core/src/main/java/org/acegisecurity/intercept/AbstractSecurityInterceptor.java b/core/src/main/java/org/acegisecurity/intercept/AbstractSecurityInterceptor.java
index 073ddeed67..717625e5a6 100644
--- a/core/src/main/java/org/acegisecurity/intercept/AbstractSecurityInterceptor.java
+++ b/core/src/main/java/org/acegisecurity/intercept/AbstractSecurityInterceptor.java
@@ -320,21 +320,24 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean {
                     logger.debug("Switching to RunAs Authentication: "
                         + runAs.toString());
                 }
+                
+                SecureContext origSecureContext = null;
+                try {
+                    origSecureContext = (SecureContext) ContextHolder.getContext();
+                    context.setAuthentication(runAs);
+                    ContextHolder.setContext((Context) context);
 
-                context.setAuthentication(runAs);
-                ContextHolder.setContext((Context) context);
-
-                Object ret = callback.proceedWithObject(object);
-
-                if (logger.isDebugEnabled()) {
-                    logger.debug("Reverting to original Authentication: "
-                        + authenticated.toString());
+                    return callback.proceedWithObject(object);
+                }
+                finally {
+                    if (logger.isDebugEnabled()) {
+                        logger.debug("Reverting to original Authentication: "
+                            + authenticated.toString());
+                    }
+                    
+                    origSecureContext.setAuthentication(authenticated);
+                    ContextHolder.setContext(origSecureContext);
                 }
-
-                context.setAuthentication(authenticated);
-                ContextHolder.setContext((Context) context);
-
-                return ret;
             }
         } else {
             if (logger.isDebugEnabled()) {