SEC-1358: Support empty context path in DefaultWebInvocationPrivilegeEvaluator

This class was failing when an application was deployed at the root context because of an assertion which checked that the contexPath was not empty. An empty context path doesn't actually cause problems for the class so I've removed the assertion.

web/src/main/java/org/springframework/security/web/access/DefaultWebInvocationPrivilegeEvaluator.java

@@ -147,7 +147,6 @@ public class DefaultWebInvocationPrivilegeEvaluator implements WebInvocationPriv
     }
 
     private FilterInvocation createFilterInvocation(String contextPath, String uri, String method) {
-        Assert.hasText(contextPath, "contextPath required");
         Assert.hasText(uri, "URI required");
 
         DummyRequest req = new DummyRequest();