[metrics] switching SecurityValidator?

[Mark Struberg]

hi folks!

Right now the SecurityValidator in metrics cannot be switched easily, right?
Wouldn't it be better to simply inject it? Or at least have a protected method 
getSecurityValidator() ?

LieGrue,
strub