This checks if there is a user in current security context. If not, an
UnauthorizedException is thrown which will result in HTTP - 401.