Refactored internal context holder strategy implementations to be package private and final and refactored getContext() methods to use a single call to ThreadLocal.get().

core/src/main/java/org/springframework/security/core/context/GlobalSecurityContextHolderStrategy.java

@@ -27,7 +27,7 @@ import org.springframework.util.Assert;
  * @author Ben Alex
  * @version $Id$
  */
-public class GlobalSecurityContextHolderStrategy implements SecurityContextHolderStrategy {
+final class GlobalSecurityContextHolderStrategy implements SecurityContextHolderStrategy {
     //~ Static fields/initializers =====================================================================================
 
     private static SecurityContext contextHolder;

core/src/main/java/org/springframework/security/core/context/InheritableThreadLocalSecurityContextHolderStrategy.java

@@ -28,10 +28,10 @@ import org.springframework.util.Assert;
  * @see java.lang.ThreadLocal
  * @see org.springframework.security.core.context.web.SecurityContextPersistenceFilter
  */
-public class InheritableThreadLocalSecurityContextHolderStrategy implements SecurityContextHolderStrategy {
+final class InheritableThreadLocalSecurityContextHolderStrategy implements SecurityContextHolderStrategy {
     //~ Static fields/initializers =====================================================================================
 
-    private static ThreadLocal<SecurityContext> contextHolder = new InheritableThreadLocal<SecurityContext>();
+    private static final ThreadLocal<SecurityContext> contextHolder = new InheritableThreadLocal<SecurityContext>();
 
     //~ Methods ========================================================================================================
 
@@ -40,11 +40,14 @@ public class InheritableThreadLocalSecurityContextHolderStrategy implements Secu
     }
 
     public SecurityContext getContext() {
-        if (contextHolder.get() == null) {
-            contextHolder.set(new SecurityContextImpl());
+        SecurityContext ctx = contextHolder.get();
+
+        if (ctx == null) {
+            ctx = createEmptyContext();
+            contextHolder.set(ctx);
         }
 
-        return contextHolder.get();
+        return ctx;
     }
 
     public void setContext(SecurityContext context) {

core/src/main/java/org/springframework/security/core/context/ThreadLocalSecurityContextHolderStrategy.java

@@ -27,10 +27,10 @@ import org.springframework.util.Assert;
  * @see java.lang.ThreadLocal
  * @see org.springframework.security.core.context.web.SecurityContextPersistenceFilter
  */
-public class ThreadLocalSecurityContextHolderStrategy implements SecurityContextHolderStrategy {
+final class ThreadLocalSecurityContextHolderStrategy implements SecurityContextHolderStrategy {
     //~ Static fields/initializers =====================================================================================
 
-    private static ThreadLocal<SecurityContext> contextHolder = new ThreadLocal<SecurityContext>();
+    private static final ThreadLocal<SecurityContext> contextHolder = new ThreadLocal<SecurityContext>();
 
     //~ Methods ========================================================================================================
 
@@ -39,11 +39,14 @@ public class ThreadLocalSecurityContextHolderStrategy implements SecurityContext
     }
 
     public SecurityContext getContext() {
-        if (contextHolder.get() == null) {
-            contextHolder.set(new SecurityContextImpl());
+        SecurityContext ctx = contextHolder.get();
+
+        if (ctx == null) {
+            ctx = createEmptyContext();
+            contextHolder.set(ctx);
         }
 
-        return contextHolder.get();
+        return ctx;
     }
 
     public void setContext(SecurityContext context) {