Reducing use of global bean Ids as part of SEC-1186

2009-07-08 23:54:26 +00:00 · 2009-07-08 23:54:26 +00:00 · d59bdc0cbc
parent 7622dfe092
commit d59bdc0cbc
9 changed files with 76 additions and 153 deletions
--- a/config/src/main/java/org/springframework/security/config/BeanIds.java
+++ b/config/src/main/java/org/springframework/security/config/BeanIds.java
@ -22,13 +22,13 @@ public abstract class BeanIds {
 //    static final String FILTER_CHAIN_POST_PROCESSOR = "_filterChainProxyPostProcessor";
 //    static final String FILTER_LIST = "_filterChainList";
-    public static final String JDBC_USER_DETAILS_MANAGER = "_jdbcUserDetailsManager";
+//    public static final String JDBC_USER_DETAILS_MANAGER = "_jdbcUserDetailsManager";
    public static final String USER_DETAILS_SERVICE = "_userDetailsService";
 //    public static final String ANONYMOUS_PROCESSING_FILTER = "_anonymousProcessingFilter";
    public static final String ANONYMOUS_AUTHENTICATION_PROVIDER = "_anonymousAuthenticationProvider";
 //    public static final String BASIC_AUTHENTICATION_FILTER = "_basicAuthenticationFilter";
    public static final String BASIC_AUTHENTICATION_ENTRY_POINT = "_basicAuthenticationEntryPoint";
-    public static final String SESSION_REGISTRY = "_sessionRegistry";
+//    public static final String SESSION_REGISTRY = "_sessionRegistry";
 //    public static final String CONCURRENT_SESSION_FILTER = "_concurrentSessionFilter";
    public static final String CONCURRENT_SESSION_CONTROLLER = "_concurrentSessionController";
    public static final String METHOD_ACCESS_MANAGER = "_defaultMethodAccessManager";
@ -50,13 +50,13 @@ public abstract class BeanIds {
 //    public static final String CHANNEL_PROCESSING_FILTER = "_channelProcessingFilter";
    public static final String CHANNEL_DECISION_MANAGER = "_channelDecisionManager";
 //    public static final String REMEMBER_ME_FILTER = "_rememberMeFilter";
-    public static final String REMEMBER_ME_SERVICES = "_rememberMeServices";
+//    public static final String REMEMBER_ME_SERVICES = "_rememberMeServices";
    public static final String REMEMBER_ME_AUTHENTICATION_PROVIDER = "_rememberMeAuthenticationProvider";
 //    public static final String DEFAULT_LOGIN_PAGE_GENERATING_FILTER = "_defaultLoginPageFilter";
 //    public static final String SECURITY_CONTEXT_HOLDER_AWARE_REQUEST_FILTER = "_securityContextHolderAwareRequestFilter";
    public static final String SESSION_FIXATION_PROTECTION_FILTER = "_sessionFixationProtectionFilter";
    public static final String METHOD_SECURITY_METADATA_SOURCE_ADVISOR = "_methodSecurityMetadataSourceAdvisor";
-    public static final String PROTECT_POINTCUT_POST_PROCESSOR = "_protectPointcutPostProcessor";
+//    public static final String PROTECT_POINTCUT_POST_PROCESSOR = "_protectPointcutPostProcessor";
 //    public static final String SECURED_METHOD_SECURITY_METADATA_SOURCE = "_securedSecurityMetadataSource";
 //    public static final String JSR_250_METHOD_SECURITY_METADATA_SOURCE = "_jsr250SecurityMetadataSource";
    public static final String EMBEDDED_APACHE_DS = "_apacheDirectoryServerContainer";
--- a/config/src/main/java/org/springframework/security/config/ConcurrentSessionsBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/ConcurrentSessionsBeanDefinitionParser.java
@ -1,7 +1,6 @@
 package org.springframework.security.config;
 import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.beans.factory.config.RuntimeBeanReference;
 import org.springframework.beans.factory.parsing.BeanComponentDefinition;
 import org.springframework.beans.factory.parsing.CompositeComponentDefinition;
 import org.springframework.beans.factory.support.BeanDefinitionBuilder;
@ -32,23 +31,20 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
    static final String ATT_SESSION_REGISTRY_ALIAS = "session-registry-alias";
    static final String ATT_SESSION_REGISTRY_REF = "session-registry-ref";
-    public BeanDefinition parse(Element element, ParserContext parserContext) {
+    public BeanDefinition parse(Element element, ParserContext pc) {
        CompositeComponentDefinition compositeDef =
-            new CompositeComponentDefinition(element.getTagName(), parserContext.extractSource(element));
+            new CompositeComponentDefinition(element.getTagName(), pc.extractSource(element));
-        parserContext.pushContainingComponent(compositeDef);
+        pc.pushContainingComponent(compositeDef);
-        BeanDefinitionRegistry beanRegistry = parserContext.getRegistry();
+        BeanDefinitionRegistry beanRegistry = pc.getRegistry();
        String sessionRegistryId = element.getAttribute(ATT_SESSION_REGISTRY_REF);
        if (!StringUtils.hasText(sessionRegistryId)) {
            // Register an internal SessionRegistryImpl if no external reference supplied.
            RootBeanDefinition sessionRegistry = new RootBeanDefinition(SessionRegistryImpl.class);
-            beanRegistry.registerBeanDefinition(BeanIds.SESSION_REGISTRY, sessionRegistry);
+            sessionRegistryId = pc.getReaderContext().registerWithGeneratedName(sessionRegistry);
-            parserContext.registerComponent(new BeanComponentDefinition(sessionRegistry, BeanIds.SESSION_REGISTRY));
+            pc.registerComponent(new BeanComponentDefinition(sessionRegistry, sessionRegistryId));
            sessionRegistryId = BeanIds.SESSION_REGISTRY;
        } else {
            // Register the default ID as an alias so that things like session fixation filter can access it
            beanRegistry.registerAlias(sessionRegistryId, BeanIds.SESSION_REGISTRY);
        }
        String registryAlias = element.getAttribute(ATT_SESSION_REGISTRY_ALIAS);
@ -58,16 +54,16 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
        BeanDefinitionBuilder filterBuilder =
                BeanDefinitionBuilder.rootBeanDefinition(ConcurrentSessionFilter.class);
-        filterBuilder.addPropertyValue("sessionRegistry", new RuntimeBeanReference(sessionRegistryId));
+        filterBuilder.addPropertyReference("sessionRegistry", sessionRegistryId);
-        Object source = parserContext.extractSource(element);
+        Object source = pc.extractSource(element);
        filterBuilder.getRawBeanDefinition().setSource(source);
        filterBuilder.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
        String expiryUrl = element.getAttribute(ATT_EXPIRY_URL);
        if (StringUtils.hasText(expiryUrl)) {
-            ConfigUtils.validateHttpRedirect(expiryUrl, parserContext, source);
+            ConfigUtils.validateHttpRedirect(expiryUrl, pc, source);
            filterBuilder.addPropertyValue("expiredUrl", expiryUrl);
        }
@ -75,7 +71,7 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
            = BeanDefinitionBuilder.rootBeanDefinition(ConcurrentSessionControllerImpl.class);
        controllerBuilder.getRawBeanDefinition().setSource(source);
        controllerBuilder.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
-        controllerBuilder.addPropertyValue("sessionRegistry", new RuntimeBeanReference(sessionRegistryId));
+        controllerBuilder.addPropertyReference("sessionRegistry", sessionRegistryId);
        String maxSessions = element.getAttribute(ATT_MAX_SESSIONS);
@ -92,10 +88,10 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
        BeanDefinition controller = controllerBuilder.getBeanDefinition();
        beanRegistry.registerBeanDefinition(BeanIds.CONCURRENT_SESSION_CONTROLLER, controller);
-        parserContext.registerComponent(new BeanComponentDefinition(controller, BeanIds.CONCURRENT_SESSION_CONTROLLER));
+        pc.registerComponent(new BeanComponentDefinition(controller, BeanIds.CONCURRENT_SESSION_CONTROLLER));
-        ConfigUtils.setSessionControllerOnAuthenticationManager(parserContext, BeanIds.CONCURRENT_SESSION_CONTROLLER, element);
+        ConfigUtils.setSessionControllerOnAuthenticationManager(pc, BeanIds.CONCURRENT_SESSION_CONTROLLER, element);
-        parserContext.popAndRegisterContainingComponent();
+        pc.popAndRegisterContainingComponent();
        return filterBuilder.getBeanDefinition();
    }
--- a/config/src/main/java/org/springframework/security/config/FormLoginBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/FormLoginBeanDefinitionParser.java
@ -59,17 +59,6 @@ public class FormLoginBeanDefinitionParser {
        Object source = null;
 //        final Boolean sessionFixationProtectionEnabled =
 //            new Boolean(pc.getRegistry().containsBeanDefinition(BeanIds.SESSION_FIXATION_PROTECTION_FILTER));
 //        Boolean migrateSessionAttributes = Boolean.FALSE;
 //
 //        if (sessionFixationProtectionEnabled.booleanValue()) {
 //            PropertyValue pv =
 //                    pc.getRegistry().getBeanDefinition(BeanIds.SESSION_FIXATION_PROTECTION_FILTER)
 //                        .getPropertyValues().getPropertyValue("migrateSessionAttributes");
 //            migrateSessionAttributes = (Boolean)pv.getValue();
 //        }
        if (elt != null) {
            source = pc.extractSource(elt);
            loginUrl = elt.getAttribute(ATT_LOGIN_URL);
@ -101,21 +90,6 @@ public class FormLoginBeanDefinitionParser {
            filterBean.getPropertyValues().addPropertyValue("invalidateSessionOnSuccessfulAuthentication", Boolean.TRUE);
        }
 //        filterBean.getPropertyValues().addPropertyValue("invalidateSessionOnSuccessfulAuthentication",
 //                sessionFixationProtectionEnabled);
 //        filterBean.getPropertyValues().addPropertyValue("migrateInvalidatedSessionAttributes",
 //                migrateSessionAttributes);
        if (pc.getRegistry().containsBeanDefinition(BeanIds.REMEMBER_ME_SERVICES)) {
            filterBean.getPropertyValues().addPropertyValue("rememberMeServices",
                    new RuntimeBeanReference(BeanIds.REMEMBER_ME_SERVICES) );
        }
        if (pc.getRegistry().isBeanNameInUse(BeanIds.SESSION_REGISTRY)) {
            filterBean.getPropertyValues().addPropertyValue("sessionRegistry",
                    new RuntimeBeanReference(BeanIds.SESSION_REGISTRY));
        }
        BeanDefinitionBuilder entryPointBuilder =
                BeanDefinitionBuilder.rootBeanDefinition(LoginUrlAuthenticationEntryPoint.class);
        entryPointBuilder.getRawBeanDefinition().setSource(source);
--- a/config/src/main/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParser.java
@ -229,7 +229,7 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser {
        ppbp.setSource(source);
        ppbp.getConstructorArgumentValues().addGenericArgumentValue(mapBasedMethodSecurityMetadataSource);
        ppbp.getPropertyValues().addPropertyValue("pointcutMap", pointcutMap);
-        parserContext.getRegistry().registerBeanDefinition(BeanIds.PROTECT_POINTCUT_POST_PROCESSOR, ppbp);
+        parserContext.getReaderContext().registerWithGeneratedName(ppbp);
    }
    private Map<String, List<ConfigAttribute>> parseProtectPointcuts(ParserContext parserContext, List<Element> protectPointcutElts) {
--- a/config/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java
@ -16,6 +16,7 @@ import org.springframework.beans.BeanMetadataElement;
 import org.springframework.beans.PropertyValue;
 import org.springframework.beans.PropertyValues;
 import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.beans.factory.config.BeanReference;
 import org.springframework.beans.factory.config.RuntimeBeanReference;
 import org.springframework.beans.factory.parsing.BeanComponentDefinition;
 import org.springframework.beans.factory.parsing.CompositeComponentDefinition;
@ -168,15 +169,16 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
                filterChainMap, channelRequestMap, convertPathsToLowerCase, pc);
        BeanDefinition cpf = null;
        BeanReference sessionRegistryRef = null;
        BeanDefinition concurrentSessionFilter = createConcurrentSessionFilterAndRelatedBeansIfRequired(element, pc);
        boolean sessionControlEnabled = concurrentSessionFilter != null;
        BeanDefinition scpf = createSecurityContextPersistenceFilter(element, pc);
-        if (sessionControlEnabled) {
+        if (concurrentSessionFilter != null) {
            sessionRegistryRef = (BeanReference)
                    concurrentSessionFilter.getPropertyValues().getPropertyValue("sessionRegistry").getValue();
            logger.info("Concurrent session filter in use, setting 'forceEagerSessionCreation' to true");
            scpf.getPropertyValues().addPropertyValue("forceEagerSessionCreation", Boolean.TRUE);
        }
        BeanDefinition servApiFilter = createServletApiFilter(element, pc);
@ -188,7 +190,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
        BeanDefinition etf = createExceptionTranslationFilter(element, pc, allowSessionCreation);
        RootBeanDefinition sfpf = createSessionFixationProtectionFilter(pc, element.getAttribute(ATT_SESSION_FIXATION_PROTECTION),
-                sessionControlEnabled);
+                sessionRegistryRef);
        BeanDefinition fsi = createFilterSecurityInterceptor(element, pc, matcher, convertPathsToLowerCase);
        String portMapperName = pc.getReaderContext().registerWithGeneratedName(portMapper);
@ -200,7 +202,6 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
        if (sfpf != null) {
            // Used by SessionRegistrynjectionPP
            pc.getRegistry().registerBeanDefinition(BeanIds.SESSION_FIXATION_PROTECTION_FILTER, sfpf);
 //        	ConfigUtils.addHttpFilter(pc, new RuntimeBeanReference(BeanIds.SESSION_FIXATION_PROTECTION_FILTER));
        }
        final FilterAndEntryPoint basic = createBasicFilter(element, pc, autoConfig);
@ -209,14 +210,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
        String rememberMeServicesId = null;
        if (rememberMeFilter != null) {
            //pc.getRegistry().registerBeanDefinition(BeanIds.REMEMBER_ME_FILTER, rememberMeFilter);
            rememberMeServicesId = ((RuntimeBeanReference) rememberMeFilter.getPropertyValues().getPropertyValue("rememberMeServices").getValue()).getBeanName();
            //ConfigUtils.addHttpFilter(pc, new RuntimeBeanReference(BeanIds.REMEMBER_ME_FILTER));
            // Post processor to inject RememberMeServices into filters which need it
            RootBeanDefinition rememberMeInjectionPostProcessor = new RootBeanDefinition(RememberMeServicesInjectionBeanPostProcessor.class);
            rememberMeInjectionPostProcessor.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
            pc.getReaderContext().registerWithGeneratedName(rememberMeInjectionPostProcessor);
        }
        final BeanDefinition logoutFilter = createLogoutFilter(element, autoConfig, pc, rememberMeServicesId);
@ -227,18 +221,16 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
            // Required by login page filter
            pc.getRegistry().registerBeanDefinition(BeanIds.FORM_LOGIN_FILTER, form.filter);
            pc.registerBeanComponent(new BeanComponentDefinition(form.filter, BeanIds.FORM_LOGIN_FILTER));
-            if (rememberMeServicesId != null) {
+            injectRememberMeServicesRef(form.filter, rememberMeServicesId);
-                form.filter.getPropertyValues().addPropertyValue("rememberMeServices", new RuntimeBeanReference(rememberMeServicesId));
+            injectSessionRegistryRef(form.filter, sessionRegistryRef);
            }
        }
        if (openID.filter != null) {
            // Required by login page filter
            pc.getRegistry().registerBeanDefinition(BeanIds.OPEN_ID_FILTER, openID.filter);
            pc.registerBeanComponent(new BeanComponentDefinition(openID.filter, BeanIds.OPEN_ID_FILTER));
-            if (rememberMeServicesId != null) {
+            injectRememberMeServicesRef(openID.filter, rememberMeServicesId);
-                openID.filter.getPropertyValues().addPropertyValue("rememberMeServices", new RuntimeBeanReference(rememberMeServicesId));
+            injectSessionRegistryRef(openID.filter, sessionRegistryRef);
            }
        }
        FilterAndEntryPoint x509 = createX509Filter(element, pc);
@ -320,14 +312,29 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
        registerFilterChainProxy(pc, filterChainMap, matcher, source);
-        RootBeanDefinition postProcessor2 = new RootBeanDefinition(UserDetailsServiceInjectionBeanPostProcessor.class);
+        BeanDefinitionBuilder userServiceInjector = BeanDefinitionBuilder.rootBeanDefinition(UserDetailsServiceInjectionBeanPostProcessor.class);
-        postProcessor2.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
+        userServiceInjector.addConstructorArgValue(BeanIds.X509_AUTH_PROVIDER);
-        pc.getReaderContext().registerWithGeneratedName(postProcessor2);
+        userServiceInjector.addConstructorArgValue(rememberMeServicesId);
        userServiceInjector.addConstructorArgValue(rememberMeServicesId);
        userServiceInjector.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
        pc.getReaderContext().registerWithGeneratedName(userServiceInjector.getBeanDefinition());
        pc.popAndRegisterContainingComponent();
        return null;
    }
    private void injectRememberMeServicesRef(RootBeanDefinition bean, String rememberMeServicesId) {
        if (rememberMeServicesId != null) {
            bean.getPropertyValues().addPropertyValue("rememberMeServices", new RuntimeBeanReference(rememberMeServicesId));
        }
    }
    private void injectSessionRegistryRef(RootBeanDefinition bean, BeanReference sessionRegistryRef){
        if (sessionRegistryRef != null) {
            bean.getPropertyValues().addPropertyValue("sessionRegistry", sessionRegistryRef);
        }
    }
    private void checkFilterChainOrder(List<OrderDecorator> filters, ParserContext pc, Object source) {
        logger.info("Checking sorted filter chain: " + filters);
@ -371,7 +378,6 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
        final String ATT_POSITION = "position";
        final String REF = "ref";
        for (Element elt: customFilterElts) {
            String after = elt.getAttribute(ATT_AFTER);
            String before = elt.getAttribute(ATT_BEFORE);
@ -732,7 +738,8 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
        return channelFilter;
    }
-    private RootBeanDefinition createSessionFixationProtectionFilter(ParserContext pc, String sessionFixationAttribute, boolean sessionControlEnabled) {
+    private RootBeanDefinition createSessionFixationProtectionFilter(ParserContext pc, String sessionFixationAttribute,
            BeanReference sessionRegistryRef) {
        if(!StringUtils.hasText(sessionFixationAttribute)) {
            sessionFixationAttribute = OPT_SESSION_FIXATION_MIGRATE_SESSION;
        }
@ -742,8 +749,8 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
                BeanDefinitionBuilder.rootBeanDefinition(SessionFixationProtectionFilter.class);
            sessionFixationFilter.addPropertyValue("migrateSessionAttributes",
                    Boolean.valueOf(sessionFixationAttribute.equals(OPT_SESSION_FIXATION_MIGRATE_SESSION)));
-            if (sessionControlEnabled) {
+            if (sessionRegistryRef != null) {
-                sessionFixationFilter.addPropertyReference("sessionRegistry", BeanIds.SESSION_REGISTRY);
+                sessionFixationFilter.addPropertyValue("sessionRegistry", sessionRegistryRef);
            }
            return (RootBeanDefinition) sessionFixationFilter.getBeanDefinition();
        }
--- a/config/src/main/java/org/springframework/security/config/RememberMeServicesInjectionBeanPostProcessor.java
+++ b/config/src/main/java/org/springframework/security/config/RememberMeServicesInjectionBeanPostProcessor.java
@ -1,67 +0,0 @@
 package org.springframework.security.config;
 import java.util.Map;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.BeanFactory;
 import org.springframework.beans.factory.BeanFactoryAware;
 import org.springframework.beans.factory.ListableBeanFactory;
 import org.springframework.beans.factory.config.BeanPostProcessor;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.authentication.RememberMeServices;
 import org.springframework.security.web.authentication.www.BasicProcessingFilter;
 import org.springframework.util.Assert;
 /**
 *
 * @author Luke Taylor
 * @version $Id$
 * @since 2.0
 */
 public class RememberMeServicesInjectionBeanPostProcessor implements BeanPostProcessor, BeanFactoryAware {
    private Log logger = LogFactory.getLog(getClass());
    private ListableBeanFactory beanFactory;
    public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
 //        if (bean instanceof AbstractAuthenticationProcessingFilter) {
 //            AbstractAuthenticationProcessingFilter pf = (AbstractAuthenticationProcessingFilter) bean;
 //
 //            if (pf.getRememberMeServices() == null) {
 //                logger.info("Setting RememberMeServices on bean " + beanName);
 //                pf.setRememberMeServices(getRememberMeServices());
 //            }
 //        } else if (BeanIds.BASIC_AUTHENTICATION_FILTER.equals(beanName)) {
 //            // NB: For remember-me to be sent back, a user must submit a "_spring_security_remember_me" with their login request.
 //            // Most of the time a user won't present such a parameter with their BASIC authentication request.
 //            // In the future we might support setting the AbstractRememberMeServices.alwaysRemember = true, but I am reluctant to
 //            // do so because it seems likely to lead to lower security for 99.99% of users if they set the property to true.
 //
 //            BasicProcessingFilter bf = (BasicProcessingFilter) bean;
 //            logger.info("Setting RememberMeServices on bean " + beanName);
 //            bf.setRememberMeServices(getRememberMeServices());
 //        }
        return bean;
    }
    private RememberMeServices getRememberMeServices() {
        Map<?,?> beans = beanFactory.getBeansOfType(RememberMeServices.class);
        Assert.isTrue(beans.size() > 0, "No RememberMeServices configured");
        Assert.isTrue(beans.size() == 1, "Use of '<remember-me />' requires a single instance of RememberMeServices " +
                "in the application context, but more than one was found.");
        return (RememberMeServices) beans.values().toArray()[0];
    }
    public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
        return bean;
    }
    public void setBeanFactory(BeanFactory beanFactory) throws BeansException {
        this.beanFactory = (ListableBeanFactory) beanFactory;
    }
 }
--- a/config/src/main/java/org/springframework/security/config/UserDetailsServiceInjectionBeanPostProcessor.java
+++ b/config/src/main/java/org/springframework/security/config/UserDetailsServiceInjectionBeanPostProcessor.java
@ -28,13 +28,26 @@ import org.springframework.util.Assert;
 */
 public class UserDetailsServiceInjectionBeanPostProcessor implements BeanPostProcessor, BeanFactoryAware {
    private ConfigurableListableBeanFactory beanFactory;
    private final String x509ProviderId;
    private final String rememberMeServicesId;
    private final String openIDProviderId;
    public UserDetailsServiceInjectionBeanPostProcessor(String x509ProviderId, String rememberMeServicesId,
            String openIDProviderId) {
        this.x509ProviderId = x509ProviderId;
        this.rememberMeServicesId = rememberMeServicesId;
        this.openIDProviderId = openIDProviderId;
    }
    public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
-        if (BeanIds.X509_AUTH_PROVIDER.equals(beanName)) {
+        if(beanName == null) {
            return bean;
        }
        if (beanName.equals(x509ProviderId)) {
            injectUserDetailsServiceIntoX509Provider((PreAuthenticatedAuthenticationProvider) bean);
-        } else if (BeanIds.REMEMBER_ME_SERVICES.equals(beanName)) {
+        } else if (beanName.equals(rememberMeServicesId)) {
            injectUserDetailsServiceIntoRememberMeServices((AbstractRememberMeServices)bean);
-        } else if (BeanIds.OPEN_ID_PROVIDER.equals(beanName)) {
+        } else if (beanName.equals(openIDProviderId)) {
            injectUserDetailsServiceIntoOpenIDProvider(bean);
        }
@ -46,7 +59,7 @@ public class UserDetailsServiceInjectionBeanPostProcessor implements BeanPostPro
    }
    private void injectUserDetailsServiceIntoRememberMeServices(AbstractRememberMeServices services) {
-        BeanDefinition beanDefinition = beanFactory.getBeanDefinition(BeanIds.REMEMBER_ME_SERVICES);
+        BeanDefinition beanDefinition = beanFactory.getBeanDefinition(rememberMeServicesId);
        PropertyValue pv = beanDefinition.getPropertyValues().getPropertyValue("userDetailsService");
        if (pv == null) {
@ -61,7 +74,7 @@ public class UserDetailsServiceInjectionBeanPostProcessor implements BeanPostPro
    }
    private void injectUserDetailsServiceIntoX509Provider(PreAuthenticatedAuthenticationProvider provider) {
-        BeanDefinition beanDefinition = beanFactory.getBeanDefinition(BeanIds.X509_AUTH_PROVIDER);
+        BeanDefinition beanDefinition = beanFactory.getBeanDefinition(x509ProviderId);
        PropertyValue pv = beanDefinition.getPropertyValues().getPropertyValue("preAuthenticatedUserDetailsService");
        UserDetailsByNameServiceWrapper wrapper = new UserDetailsByNameServiceWrapper();
@ -83,7 +96,7 @@ public class UserDetailsServiceInjectionBeanPostProcessor implements BeanPostPro
    }
    private void injectUserDetailsServiceIntoOpenIDProvider(Object bean) {
-        BeanDefinition beanDefinition = beanFactory.getBeanDefinition(BeanIds.OPEN_ID_PROVIDER);
+        BeanDefinition beanDefinition = beanFactory.getBeanDefinition(openIDProviderId);
        PropertyValue pv = beanDefinition.getPropertyValues().getPropertyValue("userDetailsService");
        if (pv == null) {
--- a/config/src/main/java/org/springframework/security/config/X509BeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/X509BeanDefinitionParser.java
@ -54,7 +54,7 @@ public class X509BeanDefinitionParser implements BeanDefinitionParser {
            provider.getPropertyValues().addPropertyValue("preAuthenticatedUserDetailsService", preAuthUserService);
        }
-        filterBuilder.addPropertyValue("authenticationManager", new RuntimeBeanReference(BeanIds.AUTHENTICATION_MANAGER));
+        filterBuilder.addPropertyReference("authenticationManager", BeanIds.AUTHENTICATION_MANAGER);
        return (RootBeanDefinition) filterBuilder.getBeanDefinition();
    }
--- a/config/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java
+++ b/config/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java
@ -363,7 +363,7 @@ public class HttpSecurityBeanDefinitionParserTests {
    }
    private PortMapperImpl getPortMapper() {
-	    Map<String,PortMapperImpl> beans = appContext.getBeansOfType(PortMapperImpl.class);
+        Map<String,PortMapperImpl> beans = appContext.getBeansOfType(PortMapperImpl.class);
        return new ArrayList<PortMapperImpl>(beans.values()).get(0);
    }
@ -456,20 +456,20 @@ public class HttpSecurityBeanDefinitionParserTests {
    }
    @Test
-    public void rememberMeServiceWorksWithTokenRepoRef() {
+    public void rememberMeServiceWorksWithTokenRepoRef() throws Exception {
        setContext(
            "<http auto-config='true'>" +
            "    <remember-me token-repository-ref='tokenRepo'/>" +
            "</http>" +
            "<b:bean id='tokenRepo' " +
                    "class='" + InMemoryTokenRepositoryImpl.class.getName() + "'/> " + AUTH_PROVIDER_XML);
-        Object rememberMeServices = appContext.getBean(BeanIds.REMEMBER_ME_SERVICES);
+        RememberMeServices rememberMeServices = getRememberMeServices();
        assertTrue(rememberMeServices instanceof PersistentTokenBasedRememberMeServices);
    }
    @Test
-    public void rememberMeServiceWorksWithDataSourceRef() {
+    public void rememberMeServiceWorksWithDataSourceRef() throws Exception {
        setContext(
                "<http auto-config='true'>" +
                "    <remember-me data-source-ref='ds'/>" +
@ -477,7 +477,7 @@ public class HttpSecurityBeanDefinitionParserTests {
                "<b:bean id='ds' class='org.springframework.security.TestDataSource'> " +
                "    <b:constructor-arg value='tokendb'/>" +
                "</b:bean>" + AUTH_PROVIDER_XML);
-        Object rememberMeServices = appContext.getBean(BeanIds.REMEMBER_ME_SERVICES);
+        RememberMeServices rememberMeServices = getRememberMeServices();
        assertTrue(rememberMeServices instanceof PersistentTokenBasedRememberMeServices);
    }