After user logs in (gets 'principal', 'credentials', and 'autnorities') in the Authentication object, and if I am using the HttpSessionContextIntegrationFilter, how does this information persist? I assume that this filter is setting setAttribute in the session? Correct? If this is the case, what is the name for the key? Or is it a dynamic key?