It is required now, to validate any security constraints at forehand, so it is correct. Note that if you use proxy objects, you can provide the context while initializing, for which reason you do not need to pass the context in further calls along.
In java actions you should always have a
getContext()
method available, which returns the current context in which the action is being executed.