Hauke Rabe (Migrated from SEC-1278) said:
The configuration of is commented in the spring security documentation and is always placed in a security-context configuration.
But in a enviroment with different contextes which can be dynamically like a rest-context which is defined over a servlet-mapping the location must be in the rest-context instead of security-context.
Document where to place the in dynamically enviroments or support the config in the security-context.
Hauke Rabe said:
Luke Taylor said:
There's nothing special about where you place . The normal rules for Spring application (parent and child) contexts apply, and there is no such thing as a "security-context" configuration. You can define your Spring Security beans in any part of the main application context - there is nothing special about them.
I'm assuming this is basically the same issue as this FAQ:
i.e. the web context is normally a child context and hence not visible to the main application context.