* @param create create a new security context if one does not already exist in the exchange or if it is not still valid
* @return the security context, or null if create is false and one didn't already exist or was not valid
*/
public SecurityContext getContext(Exchange exchange, boolean create) {
SecurityContext securityContext = null;
Property property = exchange.getContext().getProperty(EXCHANGE_PROPERTY, Scope.EXCHANGE);
if (property != null) {
Object object = property.getValue();
if (object instanceof SecurityContext) {
securityContext = (SecurityContext)object;
} else if (object instanceof SealedObject) {
PrivateCrypto privateCrypto = _systemSecurity.getPrivateCrypto();
if (privateCrypto == null) {