Currently, the XWiki Trusted Authenticator is part of the public API of Trusted Headers, however it contains private fields, which makes it hard to subclass. The goal of this improvement is simply to make these fields protected.