Spring Security Revisit AuthorizationManager generics and nullability

Why can't SessionConcurrencyDslTests have a null value below?

val isAdmin: AuthorizationManager<Any> = AuthorityAuthorizationManager.hasRole("ADMIN")
            http {
                sessionManagement {
                    sessionConcurrency {
                        maximumSessions {
                            authentication -> if (isAdmin.authorize({ authentication }, "")!!.isGranted) -1 else 1 // why can't "" be changed to null here?
                        }
                        maxSessionsPreventsLogin = true
                    }
                }
                formLogin { }
            }
            return http.build()