maybe I'm just really dense, but I'm have trouble getting method level security to work in my project.

I think i've narrowed the problem down to my service level beans not being loaded in the correct context (application vs dispatcher-servlet).

My question is how do I accomplish this?

Here's my set up:

package.web.controller : all my controllers, most controllers autowire to a service object

package.service : my server classes all annotated with @Service

package.data.dao: Dao's used in the service classes.

in my dispatcher-servlet.xml i've done this:
Code:
<context:annotation-config />
	<context:component-scan base-package="package" >
	<context:exclude-filter type="annotation" expression="org.springframework.stereotype.Repository"/>
	<context:exclude-filter type="annotation" expression="org.springframework.stereotype.Service"/>
	</context:component-scan>
in my applicationContext.xml i've done this:
Code:
<context:annotation-config />
	<context:component-scan base-package="package" >
		<!-- <context:exclude-filter type="annotation" expression="org.springframework.stereotype.Controller"/>-->
	</context:component-scan>
using this setup I'm getting an IllegalStateException, which makes sense (i think). I'm just not sure how to resolve this.

Any guidance would be much appreciated.