c34783
@@ -130,8 +130,8 @@
public class HttpSecurityConfigPostProcessor implements BeanFactoryPostProcessor
     }
 
     /**
-     * Sets the authentication manager, (and remember-me services, if required) on any instances of
-     * AbstractProcessingFilter
+     * Sets the remember-me services, if required, on any instances of AbstractProcessingFilter and 
+     * BasicProcessingFilter.
      */
     private void injectRememberMeServicesIntoFiltersRequiringIt(ConfigurableListableBeanFactory beanFactory) {
         Map beans = beanFactory.getBeansOfType(RememberMeServices.class);
@@ -148,6 +148,10 @@
public class HttpSecurityConfigPostProcessor implements BeanFactoryPostProcessor
         } else {
             throw new SecurityConfigurationException("More than one RememberMeServices bean found.");
         }
+        
+        if (rememberMeServices == null) {
+            return;
+        }
 
         // Address AbstractProcessingFilter instances
         Iterator filters = beanFactory.getBeansOfType(AbstractProcessingFilter.class).values().iterator();
@@ -155,10 +159,8 @@
public class HttpSecurityConfigPostProcessor implements BeanFactoryPostProcessor
         while (filters.hasNext()) {
             AbstractProcessingFilter filter = (AbstractProcessingFilter) filters.next();
 
-            if (rememberMeServices != null) {
-                logger.info("Using RememberMeServices " + rememberMeServices + " with filter " + filter);
-                filter.setRememberMeServices(rememberMeServices);
-            }
+            logger.info("Using RememberMeServices " + rememberMeServices + " with filter " + filter);
+            filter.setRememberMeServices(rememberMeServices);
         }
 
         // Address BasicProcessingFilter instance, if it exists
@@ -166,13 +168,12 @@
public class HttpSecurityConfigPostProcessor implements BeanFactoryPostProcessor
         // Most of the time a user won't present such a parameter with their BASIC authentication request.
         // In the future we might support setting the AbstractRememberMeServices.alwaysRemember = true, but I am reluctant to
         // do so because it seems likely to lead to lower security for 99.99% of users if they set the property to true.
-       	BasicProcessingFilter filter = (BasicProcessingFilter) getBeanOfType(BasicProcessingFilter.class, beanFactory);
+        if (beanFactory.containsBean(BeanIds.BASIC_AUTHENTICATION_FILTER)) {
+            BasicProcessingFilter filter = (BasicProcessingFilter) beanFactory.getBean(BeanIds.BASIC_AUTHENTICATION_FILTER);
 
-        if (filter != null && rememberMeServices != null) {
             logger.info("Using RememberMeServices " + rememberMeServices + " with filter " + filter);
             filter.setRememberMeServices(rememberMeServices);
         }
-
     }
 
     /**
@@ -281,14 +282,6 @@
public class HttpSecurityConfigPostProcessor implements BeanFactoryPostProcessor
         return orderedFilters;
     }
 
-    private Object getBeanOfType(Class clazz, ConfigurableListableBeanFactory beanFactory) {
-        Map beans = beanFactory.getBeansOfType(clazz);
-
-        Assert.isTrue(beans.size() == 1, "Required a single bean of type " + clazz + " but found " + beans.size());
-
-        return beans.values().toArray()[0];
-    }
-
     public int getOrder() {
         return HIGHEST_PRECEDENCE + 1;
     }
