线程间共享的java主体

我正在使用Spring OAuth2。我已经如下配置了ResourceServer。对服务进行并发调用时，多个线程错误地共享同一主体。配置是否导致主体共享？如果没有，有没有关于原因的想法

EnableWebSecurity
@EnableResourceServer
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true)
@Configuration
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

  @Override
  public void configure(HttpSecurity http) throws Exception {
    http.sessionManagement()
        .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
        .and()
        .headers()
        .contentSecurityPolicy("script-src 'self'")
        .and()
        .frameOptions()
        .deny()
        .and()
        .requestMatchers()
        .and()
        .authorizeRequests()
        .antMatchers(HttpMethod.GET, PERMISSIBLE_PATHS).permitAll()
        .anyRequest().authenticated();
  }

  @Bean
  public PrincipalExtractor principalExtractor() {
    return map -> map.get(USER_CLAIM);
  }

  @Bean
  public AuthoritiesExtractor authoritiesExtractor() {
    return map -> AuthorityUtils.commaSeparatedStringToAuthorityList(
        ((List<String>) map.get(GROUP_CLAIMS)).stream()
            .map(group -> String.format("ROLE_%s", group.toUpperCase()))
            .collect(Collectors.joining(",")));

  }
}