在这个代码上，身份验证是UsernamePasswordAuthenticationToken，getPrincipal()的返回类型为String, 用户名.

On this code, actual type of Authentication is UsernamePasswordAuthenticationToken, and return type of getPrincipal() is String, username.

您可以将任何其他 Authentication 实现而不是 UsernamePasswordAuthenticationToken 设置为 Security>Context, 和也是免费的(因此您可以设置 MyUser).

You can set any other Authentication implementation instead of UsernamePasswordAuthenticationToken to SecurityContext, and principal type is free(so you can set MyUser), too.