Reducing use of global bean Ids as part of SEC-1186

config/src/main/java/org/springframework/security/config/BeanIds.java

@@ -22,13 +22,13 @@ public abstract class BeanIds {
 //    static final String FILTER_CHAIN_POST_PROCESSOR = "_filterChainProxyPostProcessor";
 //    static final String FILTER_LIST = "_filterChainList";
 
-    public static final String JDBC_USER_DETAILS_MANAGER = "_jdbcUserDetailsManager";
+//    public static final String JDBC_USER_DETAILS_MANAGER = "_jdbcUserDetailsManager";
     public static final String USER_DETAILS_SERVICE = "_userDetailsService";
 //    public static final String ANONYMOUS_PROCESSING_FILTER = "_anonymousProcessingFilter";
     public static final String ANONYMOUS_AUTHENTICATION_PROVIDER = "_anonymousAuthenticationProvider";
 //    public static final String BASIC_AUTHENTICATION_FILTER = "_basicAuthenticationFilter";
     public static final String BASIC_AUTHENTICATION_ENTRY_POINT = "_basicAuthenticationEntryPoint";
-    public static final String SESSION_REGISTRY = "_sessionRegistry";
+//    public static final String SESSION_REGISTRY = "_sessionRegistry";
 //    public static final String CONCURRENT_SESSION_FILTER = "_concurrentSessionFilter";
     public static final String CONCURRENT_SESSION_CONTROLLER = "_concurrentSessionController";
     public static final String METHOD_ACCESS_MANAGER = "_defaultMethodAccessManager";
@@ -50,13 +50,13 @@ public abstract class BeanIds {
 //    public static final String CHANNEL_PROCESSING_FILTER = "_channelProcessingFilter";
     public static final String CHANNEL_DECISION_MANAGER = "_channelDecisionManager";
 //    public static final String REMEMBER_ME_FILTER = "_rememberMeFilter";
-    public static final String REMEMBER_ME_SERVICES = "_rememberMeServices";
+//    public static final String REMEMBER_ME_SERVICES = "_rememberMeServices";
     public static final String REMEMBER_ME_AUTHENTICATION_PROVIDER = "_rememberMeAuthenticationProvider";
 //    public static final String DEFAULT_LOGIN_PAGE_GENERATING_FILTER = "_defaultLoginPageFilter";
 //    public static final String SECURITY_CONTEXT_HOLDER_AWARE_REQUEST_FILTER = "_securityContextHolderAwareRequestFilter";
     public static final String SESSION_FIXATION_PROTECTION_FILTER = "_sessionFixationProtectionFilter";
     public static final String METHOD_SECURITY_METADATA_SOURCE_ADVISOR = "_methodSecurityMetadataSourceAdvisor";
-    public static final String PROTECT_POINTCUT_POST_PROCESSOR = "_protectPointcutPostProcessor";
+//    public static final String PROTECT_POINTCUT_POST_PROCESSOR = "_protectPointcutPostProcessor";
 //    public static final String SECURED_METHOD_SECURITY_METADATA_SOURCE = "_securedSecurityMetadataSource";
 //    public static final String JSR_250_METHOD_SECURITY_METADATA_SOURCE = "_jsr250SecurityMetadataSource";
     public static final String EMBEDDED_APACHE_DS = "_apacheDirectoryServerContainer";

config/src/main/java/org/springframework/security/config/ConcurrentSessionsBeanDefinitionParser.java

@@ -1,7 +1,6 @@
 package org.springframework.security.config;
 
 import org.springframework.beans.factory.config.BeanDefinition;
-import org.springframework.beans.factory.config.RuntimeBeanReference;
 import org.springframework.beans.factory.parsing.BeanComponentDefinition;
 import org.springframework.beans.factory.parsing.CompositeComponentDefinition;
 import org.springframework.beans.factory.support.BeanDefinitionBuilder;
@@ -32,23 +31,20 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
     static final String ATT_SESSION_REGISTRY_ALIAS = "session-registry-alias";
     static final String ATT_SESSION_REGISTRY_REF = "session-registry-ref";
 
-    public BeanDefinition parse(Element element, ParserContext parserContext) {
+    public BeanDefinition parse(Element element, ParserContext pc) {
         CompositeComponentDefinition compositeDef =
-            new CompositeComponentDefinition(element.getTagName(), parserContext.extractSource(element));
-        parserContext.pushContainingComponent(compositeDef);
+            new CompositeComponentDefinition(element.getTagName(), pc.extractSource(element));
+        pc.pushContainingComponent(compositeDef);
 
-        BeanDefinitionRegistry beanRegistry = parserContext.getRegistry();
+        BeanDefinitionRegistry beanRegistry = pc.getRegistry();
 
         String sessionRegistryId = element.getAttribute(ATT_SESSION_REGISTRY_REF);
 
         if (!StringUtils.hasText(sessionRegistryId)) {
+            // Register an internal SessionRegistryImpl if no external reference supplied.
             RootBeanDefinition sessionRegistry = new RootBeanDefinition(SessionRegistryImpl.class);
-            beanRegistry.registerBeanDefinition(BeanIds.SESSION_REGISTRY, sessionRegistry);
-            parserContext.registerComponent(new BeanComponentDefinition(sessionRegistry, BeanIds.SESSION_REGISTRY));
-            sessionRegistryId = BeanIds.SESSION_REGISTRY;
-        } else {
-            // Register the default ID as an alias so that things like session fixation filter can access it
-            beanRegistry.registerAlias(sessionRegistryId, BeanIds.SESSION_REGISTRY);
+            sessionRegistryId = pc.getReaderContext().registerWithGeneratedName(sessionRegistry);
+            pc.registerComponent(new BeanComponentDefinition(sessionRegistry, sessionRegistryId));
         }
 
         String registryAlias = element.getAttribute(ATT_SESSION_REGISTRY_ALIAS);
@@ -58,16 +54,16 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
 
         BeanDefinitionBuilder filterBuilder =
                 BeanDefinitionBuilder.rootBeanDefinition(ConcurrentSessionFilter.class);
-        filterBuilder.addPropertyValue("sessionRegistry", new RuntimeBeanReference(sessionRegistryId));
+        filterBuilder.addPropertyReference("sessionRegistry", sessionRegistryId);
 
-        Object source = parserContext.extractSource(element);
+        Object source = pc.extractSource(element);
         filterBuilder.getRawBeanDefinition().setSource(source);
         filterBuilder.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
 
         String expiryUrl = element.getAttribute(ATT_EXPIRY_URL);
 
         if (StringUtils.hasText(expiryUrl)) {
-            ConfigUtils.validateHttpRedirect(expiryUrl, parserContext, source);
+            ConfigUtils.validateHttpRedirect(expiryUrl, pc, source);
             filterBuilder.addPropertyValue("expiredUrl", expiryUrl);
         }
 
@@ -75,7 +71,7 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
             = BeanDefinitionBuilder.rootBeanDefinition(ConcurrentSessionControllerImpl.class);
         controllerBuilder.getRawBeanDefinition().setSource(source);
         controllerBuilder.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
-        controllerBuilder.addPropertyValue("sessionRegistry", new RuntimeBeanReference(sessionRegistryId));
+        controllerBuilder.addPropertyReference("sessionRegistry", sessionRegistryId);
 
         String maxSessions = element.getAttribute(ATT_MAX_SESSIONS);
 
@@ -92,10 +88,10 @@ public class ConcurrentSessionsBeanDefinitionParser implements BeanDefinitionPar
         BeanDefinition controller = controllerBuilder.getBeanDefinition();
 
         beanRegistry.registerBeanDefinition(BeanIds.CONCURRENT_SESSION_CONTROLLER, controller);
-        parserContext.registerComponent(new BeanComponentDefinition(controller, BeanIds.CONCURRENT_SESSION_CONTROLLER));
-        ConfigUtils.setSessionControllerOnAuthenticationManager(parserContext, BeanIds.CONCURRENT_SESSION_CONTROLLER, element);
+        pc.registerComponent(new BeanComponentDefinition(controller, BeanIds.CONCURRENT_SESSION_CONTROLLER));
+        ConfigUtils.setSessionControllerOnAuthenticationManager(pc, BeanIds.CONCURRENT_SESSION_CONTROLLER, element);
 
-        parserContext.popAndRegisterContainingComponent();
+        pc.popAndRegisterContainingComponent();
 
         return filterBuilder.getBeanDefinition();
     }

config/src/main/java/org/springframework/security/config/FormLoginBeanDefinitionParser.java

@@ -59,17 +59,6 @@ public class FormLoginBeanDefinitionParser {
 
         Object source = null;
 
-//        final Boolean sessionFixationProtectionEnabled =
-//            new Boolean(pc.getRegistry().containsBeanDefinition(BeanIds.SESSION_FIXATION_PROTECTION_FILTER));
-//        Boolean migrateSessionAttributes = Boolean.FALSE;
-//
-//        if (sessionFixationProtectionEnabled.booleanValue()) {
-//            PropertyValue pv =
-//                    pc.getRegistry().getBeanDefinition(BeanIds.SESSION_FIXATION_PROTECTION_FILTER)
-//                        .getPropertyValues().getPropertyValue("migrateSessionAttributes");
-//            migrateSessionAttributes = (Boolean)pv.getValue();
-//        }
-
         if (elt != null) {
             source = pc.extractSource(elt);
             loginUrl = elt.getAttribute(ATT_LOGIN_URL);
@@ -101,21 +90,6 @@ public class FormLoginBeanDefinitionParser {
             filterBean.getPropertyValues().addPropertyValue("invalidateSessionOnSuccessfulAuthentication", Boolean.TRUE);
         }
 
-//        filterBean.getPropertyValues().addPropertyValue("invalidateSessionOnSuccessfulAuthentication",
-//                sessionFixationProtectionEnabled);
-//        filterBean.getPropertyValues().addPropertyValue("migrateInvalidatedSessionAttributes",
-//                migrateSessionAttributes);
-
-        if (pc.getRegistry().containsBeanDefinition(BeanIds.REMEMBER_ME_SERVICES)) {
-            filterBean.getPropertyValues().addPropertyValue("rememberMeServices",
-                    new RuntimeBeanReference(BeanIds.REMEMBER_ME_SERVICES) );
-        }
-
-        if (pc.getRegistry().isBeanNameInUse(BeanIds.SESSION_REGISTRY)) {
-            filterBean.getPropertyValues().addPropertyValue("sessionRegistry",
-                    new RuntimeBeanReference(BeanIds.SESSION_REGISTRY));
-        }
-
         BeanDefinitionBuilder entryPointBuilder =
                 BeanDefinitionBuilder.rootBeanDefinition(LoginUrlAuthenticationEntryPoint.class);
         entryPointBuilder.getRawBeanDefinition().setSource(source);

config/src/main/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParser.java

@@ -229,7 +229,7 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser {
         ppbp.setSource(source);
         ppbp.getConstructorArgumentValues().addGenericArgumentValue(mapBasedMethodSecurityMetadataSource);
         ppbp.getPropertyValues().addPropertyValue("pointcutMap", pointcutMap);
-        parserContext.getRegistry().registerBeanDefinition(BeanIds.PROTECT_POINTCUT_POST_PROCESSOR, ppbp);
+        parserContext.getReaderContext().registerWithGeneratedName(ppbp);
     }
 
     private Map<String, List<ConfigAttribute>> parseProtectPointcuts(ParserContext parserContext, List<Element> protectPointcutElts) {

config/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java

@@ -16,6 +16,7 @@ import org.springframework.beans.BeanMetadataElement;
 import org.springframework.beans.PropertyValue;
 import org.springframework.beans.PropertyValues;
 import org.springframework.beans.factory.config.BeanDefinition;
+import org.springframework.beans.factory.config.BeanReference;
 import org.springframework.beans.factory.config.RuntimeBeanReference;
 import org.springframework.beans.factory.parsing.BeanComponentDefinition;
 import org.springframework.beans.factory.parsing.CompositeComponentDefinition;
@@ -168,15 +169,16 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
                 filterChainMap, channelRequestMap, convertPathsToLowerCase, pc);
 
         BeanDefinition cpf = null;
+        BeanReference sessionRegistryRef = null;
         BeanDefinition concurrentSessionFilter = createConcurrentSessionFilterAndRelatedBeansIfRequired(element, pc);
-        boolean sessionControlEnabled = concurrentSessionFilter != null;
 
         BeanDefinition scpf = createSecurityContextPersistenceFilter(element, pc);
 
-        if (sessionControlEnabled) {
+        if (concurrentSessionFilter != null) {
+            sessionRegistryRef = (BeanReference)
+                    concurrentSessionFilter.getPropertyValues().getPropertyValue("sessionRegistry").getValue();
             logger.info("Concurrent session filter in use, setting 'forceEagerSessionCreation' to true");
             scpf.getPropertyValues().addPropertyValue("forceEagerSessionCreation", Boolean.TRUE);
-
         }
 
         BeanDefinition servApiFilter = createServletApiFilter(element, pc);
@@ -188,7 +190,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
 
         BeanDefinition etf = createExceptionTranslationFilter(element, pc, allowSessionCreation);
         RootBeanDefinition sfpf = createSessionFixationProtectionFilter(pc, element.getAttribute(ATT_SESSION_FIXATION_PROTECTION),
-                sessionControlEnabled);
+                sessionRegistryRef);
         BeanDefinition fsi = createFilterSecurityInterceptor(element, pc, matcher, convertPathsToLowerCase);
 
         String portMapperName = pc.getReaderContext().registerWithGeneratedName(portMapper);
@@ -200,7 +202,6 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
         if (sfpf != null) {
             // Used by SessionRegistrynjectionPP
             pc.getRegistry().registerBeanDefinition(BeanIds.SESSION_FIXATION_PROTECTION_FILTER, sfpf);
-//        	ConfigUtils.addHttpFilter(pc, new RuntimeBeanReference(BeanIds.SESSION_FIXATION_PROTECTION_FILTER));
         }
 
         final FilterAndEntryPoint basic = createBasicFilter(element, pc, autoConfig);
@@ -209,14 +210,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
 
         String rememberMeServicesId = null;
         if (rememberMeFilter != null) {
-            //pc.getRegistry().registerBeanDefinition(BeanIds.REMEMBER_ME_FILTER, rememberMeFilter);
             rememberMeServicesId = ((RuntimeBeanReference) rememberMeFilter.getPropertyValues().getPropertyValue("rememberMeServices").getValue()).getBeanName();
-            //ConfigUtils.addHttpFilter(pc, new RuntimeBeanReference(BeanIds.REMEMBER_ME_FILTER));
-            // Post processor to inject RememberMeServices into filters which need it
-
-            RootBeanDefinition rememberMeInjectionPostProcessor = new RootBeanDefinition(RememberMeServicesInjectionBeanPostProcessor.class);
-            rememberMeInjectionPostProcessor.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
-            pc.getReaderContext().registerWithGeneratedName(rememberMeInjectionPostProcessor);
         }
 
         final BeanDefinition logoutFilter = createLogoutFilter(element, autoConfig, pc, rememberMeServicesId);
@@ -227,18 +221,16 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
             // Required by login page filter
             pc.getRegistry().registerBeanDefinition(BeanIds.FORM_LOGIN_FILTER, form.filter);
             pc.registerBeanComponent(new BeanComponentDefinition(form.filter, BeanIds.FORM_LOGIN_FILTER));
-            if (rememberMeServicesId != null) {
-                form.filter.getPropertyValues().addPropertyValue("rememberMeServices", new RuntimeBeanReference(rememberMeServicesId));
-            }
+            injectRememberMeServicesRef(form.filter, rememberMeServicesId);
+            injectSessionRegistryRef(form.filter, sessionRegistryRef);
         }
 
         if (openID.filter != null) {
             // Required by login page filter
             pc.getRegistry().registerBeanDefinition(BeanIds.OPEN_ID_FILTER, openID.filter);
             pc.registerBeanComponent(new BeanComponentDefinition(openID.filter, BeanIds.OPEN_ID_FILTER));
-            if (rememberMeServicesId != null) {
-                openID.filter.getPropertyValues().addPropertyValue("rememberMeServices", new RuntimeBeanReference(rememberMeServicesId));
-            }
+            injectRememberMeServicesRef(openID.filter, rememberMeServicesId);
+            injectSessionRegistryRef(openID.filter, sessionRegistryRef);
         }
 
         FilterAndEntryPoint x509 = createX509Filter(element, pc);
@@ -320,14 +312,29 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
 
         registerFilterChainProxy(pc, filterChainMap, matcher, source);
 
-        RootBeanDefinition postProcessor2 = new RootBeanDefinition(UserDetailsServiceInjectionBeanPostProcessor.class);
-        postProcessor2.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
-        pc.getReaderContext().registerWithGeneratedName(postProcessor2);
+        BeanDefinitionBuilder userServiceInjector = BeanDefinitionBuilder.rootBeanDefinition(UserDetailsServiceInjectionBeanPostProcessor.class);
+        userServiceInjector.addConstructorArgValue(BeanIds.X509_AUTH_PROVIDER);
+        userServiceInjector.addConstructorArgValue(rememberMeServicesId);
+        userServiceInjector.addConstructorArgValue(rememberMeServicesId);
+        userServiceInjector.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
+        pc.getReaderContext().registerWithGeneratedName(userServiceInjector.getBeanDefinition());
 
         pc.popAndRegisterContainingComponent();
         return null;
     }
 
+    private void injectRememberMeServicesRef(RootBeanDefinition bean, String rememberMeServicesId) {
+        if (rememberMeServicesId != null) {
+            bean.getPropertyValues().addPropertyValue("rememberMeServices", new RuntimeBeanReference(rememberMeServicesId));
+        }
+    }
+
+    private void injectSessionRegistryRef(RootBeanDefinition bean, BeanReference sessionRegistryRef){
+        if (sessionRegistryRef != null) {
+            bean.getPropertyValues().addPropertyValue("sessionRegistry", sessionRegistryRef);
+        }
+    }
+
     private void checkFilterChainOrder(List<OrderDecorator> filters, ParserContext pc, Object source) {
         logger.info("Checking sorted filter chain: " + filters);
 
@@ -371,7 +378,6 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
         final String ATT_POSITION = "position";
         final String REF = "ref";
 
-
         for (Element elt: customFilterElts) {
             String after = elt.getAttribute(ATT_AFTER);
             String before = elt.getAttribute(ATT_BEFORE);
@@ -732,7 +738,8 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
         return channelFilter;
     }
 
-    private RootBeanDefinition createSessionFixationProtectionFilter(ParserContext pc, String sessionFixationAttribute, boolean sessionControlEnabled) {
+    private RootBeanDefinition createSessionFixationProtectionFilter(ParserContext pc, String sessionFixationAttribute,
+            BeanReference sessionRegistryRef) {
         if(!StringUtils.hasText(sessionFixationAttribute)) {
             sessionFixationAttribute = OPT_SESSION_FIXATION_MIGRATE_SESSION;
         }
@@ -742,8 +749,8 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
                 BeanDefinitionBuilder.rootBeanDefinition(SessionFixationProtectionFilter.class);
             sessionFixationFilter.addPropertyValue("migrateSessionAttributes",
                     Boolean.valueOf(sessionFixationAttribute.equals(OPT_SESSION_FIXATION_MIGRATE_SESSION)));
-            if (sessionControlEnabled) {
-                sessionFixationFilter.addPropertyReference("sessionRegistry", BeanIds.SESSION_REGISTRY);
+            if (sessionRegistryRef != null) {
+                sessionFixationFilter.addPropertyValue("sessionRegistry", sessionRegistryRef);
             }
             return (RootBeanDefinition) sessionFixationFilter.getBeanDefinition();
         }

config/src/main/java/org/springframework/security/config/RememberMeServicesInjectionBeanPostProcessor.java

@@ -1,67 +0,0 @@
-package org.springframework.security.config;
-
-import java.util.Map;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.BeansException;
-import org.springframework.beans.factory.BeanFactory;
-import org.springframework.beans.factory.BeanFactoryAware;
-import org.springframework.beans.factory.ListableBeanFactory;
-import org.springframework.beans.factory.config.BeanPostProcessor;
-import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
-import org.springframework.security.web.authentication.RememberMeServices;
-import org.springframework.security.web.authentication.www.BasicProcessingFilter;
-import org.springframework.util.Assert;
-
-/**
- *
- * @author Luke Taylor
- * @version $Id$
- * @since 2.0
- */
-public class RememberMeServicesInjectionBeanPostProcessor implements BeanPostProcessor, BeanFactoryAware {
-    private Log logger = LogFactory.getLog(getClass());
-
-    private ListableBeanFactory beanFactory;
-
-    public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
-//        if (bean instanceof AbstractAuthenticationProcessingFilter) {
-//            AbstractAuthenticationProcessingFilter pf = (AbstractAuthenticationProcessingFilter) bean;
-//
-//            if (pf.getRememberMeServices() == null) {
-//                logger.info("Setting RememberMeServices on bean " + beanName);
-//                pf.setRememberMeServices(getRememberMeServices());
-//            }
-//        } else if (BeanIds.BASIC_AUTHENTICATION_FILTER.equals(beanName)) {
-//            // NB: For remember-me to be sent back, a user must submit a "_spring_security_remember_me" with their login request.
-//            // Most of the time a user won't present such a parameter with their BASIC authentication request.
-//            // In the future we might support setting the AbstractRememberMeServices.alwaysRemember = true, but I am reluctant to
-//            // do so because it seems likely to lead to lower security for 99.99% of users if they set the property to true.
-//
-//            BasicProcessingFilter bf = (BasicProcessingFilter) bean;
-//            logger.info("Setting RememberMeServices on bean " + beanName);
-//            bf.setRememberMeServices(getRememberMeServices());
-//        }
-
-        return bean;
-    }
-
-    private RememberMeServices getRememberMeServices() {
-        Map<?,?> beans = beanFactory.getBeansOfType(RememberMeServices.class);
-
-        Assert.isTrue(beans.size() > 0, "No RememberMeServices configured");
-        Assert.isTrue(beans.size() == 1, "Use of '<remember-me />' requires a single instance of RememberMeServices " +
-                "in the application context, but more than one was found.");
-
-        return (RememberMeServices) beans.values().toArray()[0];
-    }
-
-    public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
-        return bean;
-    }
-
-    public void setBeanFactory(BeanFactory beanFactory) throws BeansException {
-        this.beanFactory = (ListableBeanFactory) beanFactory;
-    }
-}

config/src/main/java/org/springframework/security/config/UserDetailsServiceInjectionBeanPostProcessor.java

@@ -28,13 +28,26 @@ import org.springframework.util.Assert;
  */
 public class UserDetailsServiceInjectionBeanPostProcessor implements BeanPostProcessor, BeanFactoryAware {
     private ConfigurableListableBeanFactory beanFactory;
+    private final String x509ProviderId;
+    private final String rememberMeServicesId;
+    private final String openIDProviderId;
+
+    public UserDetailsServiceInjectionBeanPostProcessor(String x509ProviderId, String rememberMeServicesId,
+            String openIDProviderId) {
+        this.x509ProviderId = x509ProviderId;
+        this.rememberMeServicesId = rememberMeServicesId;
+        this.openIDProviderId = openIDProviderId;
+    }
 
     public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
-        if (BeanIds.X509_AUTH_PROVIDER.equals(beanName)) {
+        if(beanName == null) {
+            return bean;
+        }
+        if (beanName.equals(x509ProviderId)) {
             injectUserDetailsServiceIntoX509Provider((PreAuthenticatedAuthenticationProvider) bean);
-        } else if (BeanIds.REMEMBER_ME_SERVICES.equals(beanName)) {
+        } else if (beanName.equals(rememberMeServicesId)) {
             injectUserDetailsServiceIntoRememberMeServices((AbstractRememberMeServices)bean);
-        } else if (BeanIds.OPEN_ID_PROVIDER.equals(beanName)) {
+        } else if (beanName.equals(openIDProviderId)) {
             injectUserDetailsServiceIntoOpenIDProvider(bean);
         }
 
@@ -46,7 +59,7 @@ public class UserDetailsServiceInjectionBeanPostProcessor implements BeanPostPro
     }
 
     private void injectUserDetailsServiceIntoRememberMeServices(AbstractRememberMeServices services) {
-        BeanDefinition beanDefinition = beanFactory.getBeanDefinition(BeanIds.REMEMBER_ME_SERVICES);
+        BeanDefinition beanDefinition = beanFactory.getBeanDefinition(rememberMeServicesId);
         PropertyValue pv = beanDefinition.getPropertyValues().getPropertyValue("userDetailsService");
 
         if (pv == null) {
@@ -61,7 +74,7 @@ public class UserDetailsServiceInjectionBeanPostProcessor implements BeanPostPro
     }
 
     private void injectUserDetailsServiceIntoX509Provider(PreAuthenticatedAuthenticationProvider provider) {
-        BeanDefinition beanDefinition = beanFactory.getBeanDefinition(BeanIds.X509_AUTH_PROVIDER);
+        BeanDefinition beanDefinition = beanFactory.getBeanDefinition(x509ProviderId);
         PropertyValue pv = beanDefinition.getPropertyValues().getPropertyValue("preAuthenticatedUserDetailsService");
         UserDetailsByNameServiceWrapper wrapper = new UserDetailsByNameServiceWrapper();
 
@@ -83,7 +96,7 @@ public class UserDetailsServiceInjectionBeanPostProcessor implements BeanPostPro
     }
 
     private void injectUserDetailsServiceIntoOpenIDProvider(Object bean) {
-        BeanDefinition beanDefinition = beanFactory.getBeanDefinition(BeanIds.OPEN_ID_PROVIDER);
+        BeanDefinition beanDefinition = beanFactory.getBeanDefinition(openIDProviderId);
         PropertyValue pv = beanDefinition.getPropertyValues().getPropertyValue("userDetailsService");
 
         if (pv == null) {

config/src/main/java/org/springframework/security/config/X509BeanDefinitionParser.java

@@ -54,7 +54,7 @@ public class X509BeanDefinitionParser implements BeanDefinitionParser {
             provider.getPropertyValues().addPropertyValue("preAuthenticatedUserDetailsService", preAuthUserService);
         }
 
-        filterBuilder.addPropertyValue("authenticationManager", new RuntimeBeanReference(BeanIds.AUTHENTICATION_MANAGER));
+        filterBuilder.addPropertyReference("authenticationManager", BeanIds.AUTHENTICATION_MANAGER);
 
         return (RootBeanDefinition) filterBuilder.getBeanDefinition();
     }

config/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java

@@ -363,7 +363,7 @@ public class HttpSecurityBeanDefinitionParserTests {
     }
 
     private PortMapperImpl getPortMapper() {
-	    Map<String,PortMapperImpl> beans = appContext.getBeansOfType(PortMapperImpl.class);
+        Map<String,PortMapperImpl> beans = appContext.getBeansOfType(PortMapperImpl.class);
         return new ArrayList<PortMapperImpl>(beans.values()).get(0);
     }
 
@@ -456,20 +456,20 @@ public class HttpSecurityBeanDefinitionParserTests {
     }
 
     @Test
-    public void rememberMeServiceWorksWithTokenRepoRef() {
+    public void rememberMeServiceWorksWithTokenRepoRef() throws Exception {
         setContext(
             "<http auto-config='true'>" +
             "    <remember-me token-repository-ref='tokenRepo'/>" +
             "</http>" +
             "<b:bean id='tokenRepo' " +
                     "class='" + InMemoryTokenRepositoryImpl.class.getName() + "'/> " + AUTH_PROVIDER_XML);
-        Object rememberMeServices = appContext.getBean(BeanIds.REMEMBER_ME_SERVICES);
+        RememberMeServices rememberMeServices = getRememberMeServices();
 
         assertTrue(rememberMeServices instanceof PersistentTokenBasedRememberMeServices);
     }
 
     @Test
-    public void rememberMeServiceWorksWithDataSourceRef() {
+    public void rememberMeServiceWorksWithDataSourceRef() throws Exception {
         setContext(
                 "<http auto-config='true'>" +
                 "    <remember-me data-source-ref='ds'/>" +
@@ -477,7 +477,7 @@ public class HttpSecurityBeanDefinitionParserTests {
                 "<b:bean id='ds' class='org.springframework.security.TestDataSource'> " +
                 "    <b:constructor-arg value='tokendb'/>" +
                 "</b:bean>" + AUTH_PROVIDER_XML);
-        Object rememberMeServices = appContext.getBean(BeanIds.REMEMBER_ME_SERVICES);
+        RememberMeServices rememberMeServices = getRememberMeServices();
 
         assertTrue(rememberMeServices instanceof PersistentTokenBasedRememberMeServices);
     }