diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.groovy
index e0d0d8742e..796912e536 100644
--- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.groovy
@@ -33,6 +33,7 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity
 import org.springframework.security.web.FilterChainProxy
 import org.springframework.security.web.SecurityFilterChain
 import org.springframework.security.web.access.WebInvocationPrivilegeEvaluator;
+import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
 import org.springframework.security.web.access.expression.WebSecurityExpressionHandler;
 import org.springframework.security.web.util.AnyRequestMatcher
 
@@ -214,4 +215,24 @@ class WebSecurityConfigurationTests extends BaseSpringSpec {
                 .expressionHandler(EH)
         }
     }
+
+    def "#138 webSecurityExpressionHandler defaults"() {
+        when:
+            loadConfig(WebSecurityExpressionHandlerDefaultsConfig)
+        then:
+            WebSecurityExpressionHandler wseh = context.getBean(WebSecurityExpressionHandler)
+            wseh instanceof DefaultWebSecurityExpressionHandler
+    }
+
+    @EnableWebSecurity
+    @Configuration
+    static class WebSecurityExpressionHandlerDefaultsConfig extends WebSecurityConfigurerAdapter {
+
+        @Override
+        protected void configure(HttpSecurity http) throws Exception {
+            http
+                .authorizeUrls()
+                    .anyRequest().authenticated()
+        }
+    }
 }