Closed
Description
Describe the bug
As a Serializable class, DefaultSaml2AuthenticatedPrincipal should define serialVersionUID to avoid unnecessarily breaking compatibility across versions.
To Reproduce
Serialise a DefaultSaml2AuthenticatedPrincipal using Spring Security 6.3.5 and then deserialzie using 6.4.1.
Expected behavior
The field layout of the classes has not changed so they should be compatible, but the methods have (equalsand hashCode were added), which changes the auto-generated serialVersionUID.