rwinch
commented
11 years ago @dsyer
The test I added in the first commit demonstrates that WebSecurityExpressionHandler is non-null without any changes to the code. Perhaps you were on an older version or have some difference in the configuration that is causing it? If so, can you provide your configuration?
I did notice that WebInvocationPrivilegeEvaluator was not getting properly initialized due to an ordering issue. This seems fairly related and may have been what you were meaning? I went ahead and fixed this and added a test in the second commit linked with this issue.
Can you please let me know if the second commit fixed your issue or clarify how to reproduce the issue? Thanks!
I don't know whether this should be fixed in Spring or Thymeleaf really, but we'll need a transition period where the existing Thymeleaf library works with the new Spring features. It's broken right now because there is no bean of type WebSecurityExpressionHandler (there was until about a week ago). See org.thymeleaf.extras.springsecurity3.auth.AuthUtils.getExpressionHandler(ServletContext).