I am getting the same error in Tomcat 6 with spring-security 2 RC1. The spring-security-samples-contacts-2.0.0-RC1 war works. I am not sure what I am missing in my configuration to stop this from working. My web.xml is as follows
The following is my spring-security config.
The following appears in my log but does not for the spring-security-samples-contacts-2.0.0-RC1 app.
<!-- restrict URLs based on role -->
<security:intercept-url pattern="/login*" access="ROLE_ANONYMOUS" />
<security:intercept-url pattern="/logoutSuccess*" access="ROLE_ANONYMOUS" />
<security:intercept-url pattern="/logout*" access="ROLE_USER" />
<!-- override default login and logout pages -->
<security:form-login login-page="/login" authentication-failure-url="/login?login_error=1" />
<security:logout logout-url="/logout" logout-success-url="/logoutSuccess" />
The only real difference that I can see from the sample app is the authentication-provider. Any ideas what could be causing this? Any help would be appreciated.
2008-04-09 12:51:55,760 DEBUG [org.springframework.web.filter.DelegatingFilterProxy] - Initializing filter 'springSecurityFilterChain'