Describe the bug
Based on this comment, if the request attribute is null, an error is thrown from the strategy:
java.lang.IllegalArgumentException: A Supplier<SecurityContext> returned null and is not allowed.
at org.springframework.util.Assert.notNull(Assert.java:201) ~[spring-core-6.0.0-M5.jar:6.0.0-M5]
at org.springframework.security.core.context.ThreadLocalSecurityContextHolderStrategy.lambda$setDeferredContext$2(ThreadLocalSecurityContextHolderStrategy.java:68) ~[spring-security-core-6.0.0-SNAPSHOT.jar:6.0.0-SNAPSHOT]
at org.springframework.security.core.context.ThreadLocalSecurityContextHolderStrategy.getContext(ThreadLocalSecurityContextHolderStrategy.java:43) ~[spring-security-core-6.0.0-SNAPSHOT.jar:6.0.0-SNAPSHOT]
Expected behavior
RequestAttributeSecurityContextRepository#loadContext(HttpServletRequest) should return an empty context if the request attribute is null.
Describe the bug
Based on this comment, if the request attribute is null, an error is thrown from the strategy:
Expected behavior
RequestAttributeSecurityContextRepository#loadContext(HttpServletRequest)should return an empty context if the request attribute is null.