diff --git a/cas/src/main/java/org/springframework/security/cas/authentication/CasAssertionAuthenticationToken.java b/cas/src/main/java/org/springframework/security/cas/authentication/CasAssertionAuthenticationToken.java
index 9d931520946..5ea6a195163 100644
--- a/cas/src/main/java/org/springframework/security/cas/authentication/CasAssertionAuthenticationToken.java
+++ b/cas/src/main/java/org/springframework/security/cas/authentication/CasAssertionAuthenticationToken.java
@@ -16,8 +16,6 @@
 
 package org.springframework.security.cas.authentication;
 
-import java.util.ArrayList;
-
 import org.apereo.cas.client.validation.Assertion;
 
 import org.springframework.security.authentication.AbstractAuthenticationToken;
@@ -38,7 +36,6 @@ public final class CasAssertionAuthenticationToken extends AbstractAuthenticatio
 	private final String ticket;
 
 	public CasAssertionAuthenticationToken(final Assertion assertion, final String ticket) {
-		super(new ArrayList<>());
 		this.assertion = assertion;
 		this.ticket = ticket;
 	}
diff --git a/cas/src/main/java/org/springframework/security/cas/authentication/CasServiceTicketAuthenticationToken.java b/cas/src/main/java/org/springframework/security/cas/authentication/CasServiceTicketAuthenticationToken.java
index d4471b6c57c..58ecc6e0707 100644
--- a/cas/src/main/java/org/springframework/security/cas/authentication/CasServiceTicketAuthenticationToken.java
+++ b/cas/src/main/java/org/springframework/security/cas/authentication/CasServiceTicketAuthenticationToken.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -51,7 +51,6 @@ public class CasServiceTicketAuthenticationToken extends AbstractAuthenticationT
 	 *
 	 */
 	public CasServiceTicketAuthenticationToken(String identifier, Object credentials) {
-		super(null);
 		this.identifier = identifier;
 		this.credentials = credentials;
 		setAuthenticated(false);
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcBackChannelLogoutAuthentication.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcBackChannelLogoutAuthentication.java
index 73f76bffd78..030c404c647 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcBackChannelLogoutAuthentication.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcBackChannelLogoutAuthentication.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,8 +16,6 @@
 
 package org.springframework.security.config.annotation.web.configurers.oauth2.client;
 
-import java.util.Collections;
-
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.oauth2.client.oidc.authentication.logout.OidcLogoutToken;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
@@ -45,7 +43,6 @@ class OidcBackChannelLogoutAuthentication extends AbstractAuthenticationToken {
 	 * @param logoutToken a deserialized, verified OIDC Logout Token
 	 */
 	OidcBackChannelLogoutAuthentication(OidcLogoutToken logoutToken, ClientRegistration clientRegistration) {
-		super(Collections.emptyList());
 		this.logoutToken = logoutToken;
 		this.clientRegistration = clientRegistration;
 		setAuthenticated(true);
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcLogoutAuthenticationToken.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcLogoutAuthenticationToken.java
index 4a227e3be8e..e617171a8e4 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcLogoutAuthenticationToken.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcLogoutAuthenticationToken.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,7 +17,6 @@
 package org.springframework.security.config.annotation.web.configurers.oauth2.client;
 
 import org.springframework.security.authentication.AbstractAuthenticationToken;
-import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
 /**
@@ -40,7 +39,6 @@ class OidcLogoutAuthenticationToken extends AbstractAuthenticationToken {
 	 * this token; this is usually derived from material in the logout HTTP request
 	 */
 	OidcLogoutAuthenticationToken(String logoutToken, ClientRegistration clientRegistration) {
-		super(AuthorityUtils.NO_AUTHORITIES);
 		this.logoutToken = logoutToken;
 		this.clientRegistration = clientRegistration;
 	}
diff --git a/config/src/main/java/org/springframework/security/config/web/server/OidcBackChannelLogoutAuthentication.java b/config/src/main/java/org/springframework/security/config/web/server/OidcBackChannelLogoutAuthentication.java
index f7dd4b2e098..6a62107f4ce 100644
--- a/config/src/main/java/org/springframework/security/config/web/server/OidcBackChannelLogoutAuthentication.java
+++ b/config/src/main/java/org/springframework/security/config/web/server/OidcBackChannelLogoutAuthentication.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,8 +16,6 @@
 
 package org.springframework.security.config.web.server;
 
-import java.util.Collections;
-
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.oauth2.client.oidc.authentication.logout.OidcLogoutToken;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
@@ -45,7 +43,6 @@ class OidcBackChannelLogoutAuthentication extends AbstractAuthenticationToken {
 	 * @param logoutToken a deserialized, verified OIDC Logout Token
 	 */
 	OidcBackChannelLogoutAuthentication(OidcLogoutToken logoutToken, ClientRegistration clientRegistration) {
-		super(Collections.emptyList());
 		this.logoutToken = logoutToken;
 		this.clientRegistration = clientRegistration;
 		setAuthenticated(true);
diff --git a/config/src/main/java/org/springframework/security/config/web/server/OidcLogoutAuthenticationToken.java b/config/src/main/java/org/springframework/security/config/web/server/OidcLogoutAuthenticationToken.java
index 8d5ab818a5f..25483fcbdbd 100644
--- a/config/src/main/java/org/springframework/security/config/web/server/OidcLogoutAuthenticationToken.java
+++ b/config/src/main/java/org/springframework/security/config/web/server/OidcLogoutAuthenticationToken.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,7 +17,6 @@
 package org.springframework.security.config.web.server;
 
 import org.springframework.security.authentication.AbstractAuthenticationToken;
-import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
 /**
@@ -40,7 +39,6 @@ class OidcLogoutAuthenticationToken extends AbstractAuthenticationToken {
 	 * this token; this is usually derived from material in the logout HTTP request
 	 */
 	OidcLogoutAuthenticationToken(String logoutToken, ClientRegistration clientRegistration) {
-		super(AuthorityUtils.NO_AUTHORITIES);
 		this.logoutToken = logoutToken;
 		this.clientRegistration = clientRegistration;
 	}
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java
index bef78628206..d9f7922b166 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurerTransientAuthenticationTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -112,10 +112,6 @@ public boolean supports(Class<?> authentication) {
 	@Transient
 	static class SomeTransientAuthentication extends AbstractAuthenticationToken {
 
-		SomeTransientAuthentication() {
-			super(null);
-		}
-
 		@Override
 		public Object getCredentials() {
 			return null;
diff --git a/config/src/test/java/org/springframework/security/config/http/SessionManagementConfigTransientAuthenticationTests.java b/config/src/test/java/org/springframework/security/config/http/SessionManagementConfigTransientAuthenticationTests.java
index f1ae37e3baf..e55886df428 100644
--- a/config/src/test/java/org/springframework/security/config/http/SessionManagementConfigTransientAuthenticationTests.java
+++ b/config/src/test/java/org/springframework/security/config/http/SessionManagementConfigTransientAuthenticationTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -81,10 +81,6 @@ public boolean supports(Class<?> authentication) {
 	@Transient
 	static class SomeTransientAuthentication extends AbstractAuthenticationToken {
 
-		SomeTransientAuthentication() {
-			super(null);
-		}
-
 		@Override
 		public Object getCredentials() {
 			return null;
diff --git a/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java
index d69483354f4..43240977423 100644
--- a/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/authentication/AbstractAuthenticationToken.java
@@ -45,6 +45,10 @@ public abstract class AbstractAuthenticationToken implements Authentication, Cre
 
 	private boolean authenticated = false;
 
+	public AbstractAuthenticationToken() {
+		this(null);
+	}
+
 	/**
 	 * Creates a token with the supplied array of authorities.
 	 * @param authorities the collection of <tt>GrantedAuthority</tt>s for the principal
diff --git a/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java
index abfc6560f45..ab0ad58141f 100644
--- a/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/authentication/TestingAuthenticationToken.java
@@ -39,7 +39,6 @@ public class TestingAuthenticationToken extends AbstractAuthenticationToken {
 	private final Object principal;
 
 	public TestingAuthenticationToken(Object principal, Object credentials) {
-		super(null);
 		this.principal = principal;
 		this.credentials = credentials;
 	}
diff --git a/core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java
index be796d04a4c..499b79375e1 100644
--- a/core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/authentication/UsernamePasswordAuthenticationToken.java
@@ -49,7 +49,6 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
 	 *
 	 */
 	public UsernamePasswordAuthenticationToken(Object principal, Object credentials) {
-		super(null);
 		this.principal = principal;
 		this.credentials = credentials;
 		setAuthenticated(false);
diff --git a/core/src/main/java/org/springframework/security/authentication/ott/OneTimeTokenAuthenticationToken.java b/core/src/main/java/org/springframework/security/authentication/ott/OneTimeTokenAuthenticationToken.java
index eda644dca3c..136289275c9 100644
--- a/core/src/main/java/org/springframework/security/authentication/ott/OneTimeTokenAuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/authentication/ott/OneTimeTokenAuthenticationToken.java
@@ -17,7 +17,6 @@
 package org.springframework.security.authentication.ott;
 
 import java.util.Collection;
-import java.util.Collections;
 
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
@@ -35,7 +34,6 @@ public class OneTimeTokenAuthenticationToken extends AbstractAuthenticationToken
 	private String tokenValue;
 
 	public OneTimeTokenAuthenticationToken(Object principal, String tokenValue) {
-		super(Collections.emptyList());
 		this.tokenValue = tokenValue;
 		this.principal = principal;
 	}
diff --git a/core/src/test/java/org/springframework/security/authentication/ProviderManagerTests.java b/core/src/test/java/org/springframework/security/authentication/ProviderManagerTests.java
index 9b98bd522a9..62a97818b23 100644
--- a/core/src/test/java/org/springframework/security/authentication/ProviderManagerTests.java
+++ b/core/src/test/java/org/springframework/security/authentication/ProviderManagerTests.java
@@ -48,7 +48,7 @@ public class ProviderManagerTests {
 
 	@Test
 	public void authenticationFailsWithUnsupportedToken() {
-		Authentication token = new AbstractAuthenticationToken(null) {
+		Authentication token = new AbstractAuthenticationToken() {
 			@Override
 			public Object getCredentials() {
 				return "";
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizeRequest.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizeRequest.java
index e53af19c383..9625ca054aa 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizeRequest.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizeRequest.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -157,7 +157,7 @@ public Builder principal(String principalName) {
 
 		private static Authentication createAuthentication(final String principalName) {
 			Assert.hasText(principalName, "principalName cannot be empty");
-			return new AbstractAuthenticationToken(null) {
+			return new AbstractAuthenticationToken() {
 
 				@Override
 				public Object getCredentials() {
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2AuthorizationCodeAuthenticationToken.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2AuthorizationCodeAuthenticationToken.java
index 9d5fe681b62..23471706234 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2AuthorizationCodeAuthenticationToken.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2AuthorizationCodeAuthenticationToken.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -63,7 +63,6 @@ public class OAuth2AuthorizationCodeAuthenticationToken extends AbstractAuthenti
 	 */
 	public OAuth2AuthorizationCodeAuthenticationToken(ClientRegistration clientRegistration,
 			OAuth2AuthorizationExchange authorizationExchange) {
-		super(Collections.emptyList());
 		Assert.notNull(clientRegistration, "clientRegistration cannot be null");
 		Assert.notNull(authorizationExchange, "authorizationExchange cannot be null");
 		this.clientRegistration = clientRegistration;
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationToken.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationToken.java
index afbe15784ff..1f56ca8ed12 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationToken.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationToken.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,7 +17,6 @@
 package org.springframework.security.oauth2.client.authentication;
 
 import java.util.Collection;
-import java.util.Collections;
 
 import org.springframework.lang.Nullable;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
@@ -66,7 +65,6 @@ public class OAuth2LoginAuthenticationToken extends AbstractAuthenticationToken
 	 */
 	public OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration,
 			OAuth2AuthorizationExchange authorizationExchange) {
-		super(Collections.emptyList());
 		Assert.notNull(clientRegistration, "clientRegistration cannot be null");
 		Assert.notNull(authorizationExchange, "authorizationExchange cannot be null");
 		this.clientRegistration = clientRegistration;
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/client/RequestAttributePrincipalResolver.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/client/RequestAttributePrincipalResolver.java
index bbae6e86c0a..056b0420e76 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/client/RequestAttributePrincipalResolver.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/client/RequestAttributePrincipalResolver.java
@@ -16,7 +16,6 @@
 
 package org.springframework.security.oauth2.client.web.client;
 
-import java.util.Collections;
 import java.util.Map;
 import java.util.function.Consumer;
 
@@ -72,7 +71,7 @@ public static Consumer<Map<String, Object>> principal(String principalName) {
 	}
 
 	private static Authentication createAuthentication(String principalName) {
-		return new AbstractAuthenticationToken(Collections.emptySet()) {
+		return new AbstractAuthenticationToken() {
 			@Override
 			public Object getPrincipal() {
 				return principalName;
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
index d03f648d04d..12bc8db568f 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -551,7 +551,7 @@ static HttpServletResponse getResponse(Map<String, Object> attrs) {
 
 	private static Authentication createAuthentication(final String principalName) {
 		Assert.hasText(principalName, "principalName cannot be empty");
-		return new AbstractAuthenticationToken(null) {
+		return new AbstractAuthenticationToken() {
 
 			@Override
 			public Object getCredentials() {
diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/BearerTokenAuthenticationToken.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/BearerTokenAuthenticationToken.java
index 9ba55a25554..d1949885855 100644
--- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/BearerTokenAuthenticationToken.java
+++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/BearerTokenAuthenticationToken.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,8 +16,6 @@
 
 package org.springframework.security.oauth2.server.resource.authentication;
 
-import java.util.Collections;
-
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.SpringSecurityCoreVersion;
@@ -46,7 +44,6 @@ public class BearerTokenAuthenticationToken extends AbstractAuthenticationToken
 	 * @param token - the bearer token
 	 */
 	public BearerTokenAuthenticationToken(String token) {
-		super(Collections.emptyList());
 		Assert.hasText(token, "token cannot be empty");
 		this.token = token;
 	}
diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java
index 5f3ca730969..d428e6588ce 100644
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationToken.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,8 +16,6 @@
 
 package org.springframework.security.saml2.provider.service.authentication;
 
-import java.util.Collections;
-
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
 import org.springframework.security.saml2.provider.service.web.authentication.Saml2WebSsoAuthenticationFilter;
@@ -54,7 +52,6 @@ public class Saml2AuthenticationToken extends AbstractAuthenticationToken {
 	 */
 	public Saml2AuthenticationToken(RelyingPartyRegistration relyingPartyRegistration, String saml2Response,
 			AbstractSaml2AuthenticationRequest authenticationRequest) {
-		super(Collections.emptyList());
 		Assert.notNull(relyingPartyRegistration, "relyingPartyRegistration cannot be null");
 		Assert.notNull(saml2Response, "saml2Response cannot be null");
 		this.relyingPartyRegistration = relyingPartyRegistration;
diff --git a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java
index 08f269a5862..a6d6f75fead 100755
--- a/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedAuthenticationToken.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2016 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -45,7 +45,6 @@ public class PreAuthenticatedAuthenticationToken extends AbstractAuthenticationT
 	 * @param aCredentials The pre-authenticated credentials
 	 */
 	public PreAuthenticatedAuthenticationToken(Object aPrincipal, Object aCredentials) {
-		super(null);
 		this.principal = aPrincipal;
 		this.credentials = aCredentials;
 	}
diff --git a/web/src/test/java/org/springframework/security/web/context/HttpSessionSecurityContextRepositoryTests.java b/web/src/test/java/org/springframework/security/web/context/HttpSessionSecurityContextRepositoryTests.java
index 0e23a27fb6b..ab003dd3aea 100644
--- a/web/src/test/java/org/springframework/security/web/context/HttpSessionSecurityContextRepositoryTests.java
+++ b/web/src/test/java/org/springframework/security/web/context/HttpSessionSecurityContextRepositoryTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -809,10 +809,6 @@ private SecurityContext createSecurityContext(UserDetails userDetails) {
 	@Transient
 	private static class SomeTransientAuthentication extends AbstractAuthenticationToken {
 
-		SomeTransientAuthentication() {
-			super(null);
-		}
-
 		@Override
 		public Object getCredentials() {
 			return null;
@@ -839,10 +835,6 @@ private static class SomeTransientAuthenticationSubclass extends SomeTransientAu
 	@TestTransientAuthentication
 	private static class SomeOtherTransientAuthentication extends AbstractAuthenticationToken {
 
-		SomeOtherTransientAuthentication() {
-			super(null);
-		}
-
 		@Override
 		public Object getCredentials() {
 			return null;
diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/DelegatingServerAuthenticationConverterTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/DelegatingServerAuthenticationConverterTests.java
index 6840106870c..05fdb576c3b 100644
--- a/web/src/test/java/org/springframework/security/web/server/authentication/DelegatingServerAuthenticationConverterTests.java
+++ b/web/src/test/java/org/springframework/security/web/server/authentication/DelegatingServerAuthenticationConverterTests.java
@@ -29,7 +29,6 @@
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.web.server.ServerWebExchange;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -106,7 +105,6 @@ public static class ApkTokenAuthenticationToken extends AbstractAuthenticationTo
 		private final String apk;
 
 		public ApkTokenAuthenticationToken(String apk) {
-			super(AuthorityUtils.NO_AUTHORITIES);
 			this.apk = apk;
 		}