Sets a validation function that checks a given T session instance and returns principal Any, or null if the session does not correspond to an authenticated principal.