diff --git a/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java b/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java
index 518b16a9b4..b032de68c1 100644
--- a/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java
+++ b/config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java
@@ -600,6 +600,7 @@ class HttpConfigurationBuilder {
 			this.servApiFilter = GrantedAuthorityDefaultsParserUtils.registerWithDefaultRolePrefix(this.pc,
 					SecurityContextHolderAwareRequestFilterBeanFactory.class);
 			this.servApiFilter.getPropertyValues().add("authenticationManager", authenticationManager);
+			this.servApiFilter.getPropertyValues().add("securityContextHolderStrategy", this.holderStrategyRef);
 		}
 	}
 
@@ -902,12 +903,20 @@ class HttpConfigurationBuilder {
 
 		private SecurityContextHolderAwareRequestFilter filter = new SecurityContextHolderAwareRequestFilter();
 
+		private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder
+				.getContextHolderStrategy();
+
 		@Override
 		public SecurityContextHolderAwareRequestFilter getBean() {
+			this.filter.setSecurityContextHolderStrategy(this.securityContextHolderStrategy);
 			this.filter.setRolePrefix(this.rolePrefix);
 			return this.filter;
 		}
 
+		void setSecurityContextHolderStrategy(SecurityContextHolderStrategy securityContextHolderStrategy) {
+			this.securityContextHolderStrategy = securityContextHolderStrategy;
+		}
+
 	}
 
 	static class SecurityContextHolderStrategyFactory implements FactoryBean<SecurityContextHolderStrategy> {