SEC-782: Incorrect UrlMatcher initialization in FilterChainProxy results in wrong lowercase/uppercase matching

http://jira.springframework.org/browse/SEC-782. I've updated FilterChainProxy to make sure the same UrlMatcher is used throughout when converting a legacy configuration.

core/src/main/java/org/springframework/security/util/FilterChainProxy.java

@@ -116,8 +116,8 @@ public class FilterChainProxy implements Filter, InitializingBean, ApplicationCo
         if (fids != null) {
             Assert.isNull(uncompiledFilterChainMap, "Set the filterChainMap or FilterInvocationDefinitionSource but not both");
             FIDSToFilterChainMapConverter converter = new FIDSToFilterChainMapConverter(fids, applicationContext);
-            setFilterChainMap(converter.getFilterChainMap());
             setMatcher(converter.getMatcher());            
+            setFilterChainMap(converter.getFilterChainMap());            
             fids = null;
         }
 

core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java

@@ -137,6 +137,12 @@ public class FilterChainProxyTests {
         doNormalOperation(filterChainProxy);
     }
 
+    @Test    
+    public void proxyPathWithoutLowerCaseConversionShouldntMatchDifferentCasePath() throws Exception {
+        FilterChainProxy filterChainProxy = (FilterChainProxy) appCtx.getBean("filterChainNonLowerCase", FilterChainProxy.class);
+        assertNull(filterChainProxy.getFilters("/some/other/path/blah"));
+    }
+    
     @Test
     public void normalOperationWithNewConfig() throws Exception {
         FilterChainProxy filterChainProxy = (FilterChainProxy) appCtx.getBean("newFilterChainProxy", FilterChainProxy.class);
@@ -163,7 +169,8 @@ public class FilterChainProxyTests {
         assertEquals(1, filters.size());
         assertTrue(filters.get(0) instanceof MockFilter);
 
-        filters = filterChainProxy.getFilters("/sOme/other/path/blah");
+        filters = filterChainProxy.getFilters("/some/other/path/blah");
+        assertNotNull(filters);
         assertEquals(3, filters.size());
         assertTrue(filters.get(0) instanceof HttpSessionContextIntegrationFilter);
         assertTrue(filters.get(1) instanceof MockFilter);

core/src/test/resources/org/springframework/security/util/filtertest-valid.xml

@@ -53,6 +53,17 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
       </property>
     </bean>
 
+	<bean id="filterChainNonLowerCase" class="org.springframework.security.util.FilterChainProxy">
+      <property name="filterInvocationDefinitionSource">
+         <value>
+		    PATTERN_TYPE_APACHE_ANT
+            /foo/**=mockFilter
+            /SOME/other/path/**=sif,mockFilter,mockFilter2
+            /do/not/filter=#NONE#
+         </value>
+      </property>
+    </bean>
+
     <bean id="newFilterChainProxy" class="org.springframework.security.util.FilterChainProxy">
         <sec:filter-chain-map path-type="ant">
             <sec:filter-chain pattern="/foo/**" filters="mockFilter"/>