Add missing nullability annotation

Author: larsgrefer

web/src/main/java/org/springframework/security/web/authentication/UsernamePasswordAuthenticationFilter.java

@@ -16,6 +16,7 @@
 
 package org.springframework.security.web.authentication;
 
+import org.springframework.lang.Nullable;
 import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
@@ -109,6 +110,7 @@ public Authentication attemptAuthentication(HttpServletRequest request,
 	 * @return the password that will be presented in the <code>Authentication</code>
 	 * request token to the <code>AuthenticationManager</code>
 	 */
+	@Nullable
 	protected String obtainPassword(HttpServletRequest request) {
 		return request.getParameter(passwordParameter);
 	}
@@ -122,6 +124,7 @@ protected String obtainPassword(HttpServletRequest request) {
 	 * @return the username that will be presented in the <code>Authentication</code>
 	 * request token to the <code>AuthenticationManager</code>
 	 */
+	@Nullable
 	protected String obtainUsername(HttpServletRequest request) {
 		return request.getParameter(usernameParameter);
 	}