Fix Type Check

Issue gh-16536

config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java

@@ -229,7 +229,7 @@ public class WebSecurityConfiguration implements ImportAware {
 				BeanDefinition filterChainProxy = registry
 					.getBeanDefinition(AbstractSecurityWebApplicationInitializer.DEFAULT_FILTER_NAME);
 
-				if (filterChainProxy.getResolvableType().isAssignableFrom(CompositeFilterChainProxy.class)) {
+				if (filterChainProxy.getResolvableType().isInstance(CompositeFilterChainProxy.class)) {
 					return;
 				}
 
@@ -244,11 +244,6 @@ public class WebSecurityConfiguration implements ImportAware {
 					.rootBeanDefinition(CompositeFilterChainProxy.class)
 					.addConstructorArgValue(filters);
 
-				if (filterChainProxy.getResolvableType().isInstance(DebugFilter.class)) {
-					compositeSpringSecurityFilterChainBldr = BeanDefinitionBuilder.rootBeanDefinition(DebugFilter.class)
-						.addConstructorArgValue(compositeSpringSecurityFilterChainBldr.getBeanDefinition());
-				}
-
 				registry.removeBeanDefinition(AbstractSecurityWebApplicationInitializer.DEFAULT_FILTER_NAME);
 				registry.registerBeanDefinition(AbstractSecurityWebApplicationInitializer.DEFAULT_FILTER_NAME,
 						compositeSpringSecurityFilterChainBldr.getBeanDefinition());
@@ -308,6 +303,7 @@ public class WebSecurityConfiguration implements ImportAware {
 		 * @param filters the Filters to delegate to. One of which must be
 		 * FilterChainProxy.
 		 */
+		@Autowired
 		CompositeFilterChainProxy(List<? extends Filter> filters) {
 			this.doFilterDelegate = createDoFilterDelegate(filters);
 			this.springSecurityFilterChain = findFilterChainProxy(filters);
@@ -403,7 +399,7 @@ public class WebSecurityConfiguration implements ImportAware {
 					return fcp;
 				}
 				if (filter instanceof DebugFilter debugFilter) {
-					return new CompositeFilterChainProxy(debugFilter, debugFilter.getFilterChainProxy());
+					return debugFilter.getFilterChainProxy();
 				}
 			}
 			throw new IllegalStateException("Couldn't find FilterChainProxy in " + filters);

config/src/test/java/org/springframework/security/config/annotation/web/configuration/EnableWebSecurityTests.java

@@ -16,8 +16,13 @@
 
 package org.springframework.security.config.annotation.web.configuration;
 
+import ch.qos.logback.classic.Level;
+import ch.qos.logback.classic.Logger;
+import ch.qos.logback.classic.spi.ILoggingEvent;
+import ch.qos.logback.core.Appender;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
+import org.slf4j.LoggerFactory;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
@@ -28,7 +33,6 @@ import org.springframework.security.config.test.SpringTestContext;
 import org.springframework.security.config.test.SpringTestContextExtension;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.security.web.SecurityFilterChain;
-import org.springframework.security.web.debug.DebugFilter;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -36,6 +40,10 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatNoException;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.atLeastOnce;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
 import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
@@ -52,9 +60,19 @@ public class EnableWebSecurityTests {
 	private MockMvc mockMvc;
 
 	@Test
-	public void loadConfigWhenChildConfigExtendsSecurityConfigThenSecurityConfigInherited() {
+	public void loadConfigWhenChildConfigExtendsSecurityConfigThenSecurityConfigInherited() throws Exception {
+		Appender<ILoggingEvent> appender = mockAppenderFor("Spring Security Debugger");
 		this.spring.register(ChildSecurityConfig.class).autowire();
-		this.spring.getContext().getBean("springSecurityFilterChain", DebugFilter.class);
+		this.mockMvc.perform(get("/"));
+		verify(appender, atLeastOnce()).doAppend(any(ILoggingEvent.class));
+	}
+
+	private Appender<ILoggingEvent> mockAppenderFor(String name) {
+		Appender<ILoggingEvent> appender = mock(Appender.class);
+		Logger logger = (Logger) LoggerFactory.getLogger(name);
+		logger.setLevel(Level.DEBUG);
+		logger.addAppender(appender);
+		return appender;
 	}
 
 	// gh-14370

config/src/test/java/org/springframework/security/config/annotation/web/configurers/NamespaceDebugTests.java

@@ -59,7 +59,6 @@ public class NamespaceDebugTests {
 		Appender<ILoggingEvent> appender = mockAppenderFor("Spring Security Debugger");
 		this.spring.register(DebugWebSecurity.class).autowire();
 		this.mvc.perform(get("/"));
-		assertThat(filterChainClass()).isEqualTo(DebugFilter.class);
 		verify(appender, atLeastOnce()).doAppend(any(ILoggingEvent.class));
 	}