Currently, in SecurityExpressionRoot we use AuthenticationSupplier as a cacheable Supplier that allows us to call the provided by the user Supplier only once, it seems that there is already a solution for this in Spring Core that we should use instead, SingletonSupplier does the same caching, so AuthenticationSupplier can safely be replaced.