SEC-884: As per discussion in this issue. Added Javadoc to specify that Authentication object passed to decide method must not be null.

core/src/main/java/org/springframework/security/access/AccessDecisionManager.java

@@ -32,7 +32,7 @@ public interface AccessDecisionManager {
     /**
      * Resolves an access control decision for the passed parameters.
      *
-     * @param authentication the caller invoking the method
+     * @param authentication the caller invoking the method (not null)
      * @param object the secured object being called
      * @param configAttributes the configuration attributes associated with the secured object being invoked
      *