带有entry-point-ref和authentication-manager-ref标签的多个<http>标签</http>

Question

我知道这个问题之前曾被问过几次，但我不知道怎么办不能破解它。真的很感激帮助，因为我坚持了一段时间。

我在下面附加的安全XML已经工作了一段时间了，但我需要添加另一个标签来包含WebService Security

现有安全XML

    <security:http pattern="/abc.html" security="none"/>
<security:http pattern="/dev.html" security="none"/>

<security:http entry-point-ref="authenticaionEntryPoint">
    <security:intercept-url pattern="/*.xyz" access="ROLE_USER"/>
    <security:logout logout-success-url="/login_failure.do" />
    <security:custom-filter position="FORM_LOGIN_FILTER" ref="customAuthenticationFilter"/>
    <security:anonymous username="guest" granted-authority="ROLE_ANONIM"/>
</security:http>

<bean id="authenticaionEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
    <property name="loginFormUrl" value="/login.jsp" />
</bean>

<bean id="customAuthenticationFilter" class="package.security.CustomAuthenticationProcessingFilter">
    <property name="authenticationManager" ref="authenticationManager" />
    <property name="authenticationSuccessHandler">
        <bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
            <property name="defaultTargetUrl" value="/login_success.jsp" />
            <property name="alwaysUseDefaultTargetUrl" value="false" />
        </bean>
    </property>
    <property name="authenticationFailureHandler">
        <bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
            <property name="defaultFailureUrl" value="/login_failure.do" />
        </bean>
    </property>
</bean>

<bean id="authenticationProvider" class="package.security.CustomAuthenticationProvider" />

<security:authentication-manager alias="authenticationManager">
    <security:authentication-provider ref="authenticationProvider"/>        
</security:authentication-manager>   

我需要添加

    <security:http pattern="/SetWebServices*" create-session="stateless" authentication-manager-ref="remotingAuthenticationManager" auto-config="true">
    <security:intercept-url pattern="/SetWebServices*" access="ROLE_USER"/>
    <security:http-basic/> 
</security:http>

<security:authentication-manager  alias="remotingAuthenticationManager">
    <security:authentication-provider>
        <security:user-service>
            <security:user name="adminuser" password="adminpass" authorities="ROLE_USER" />
        </security:user-service>
    </security:authentication-provider>
</security:authentication-manager>

它们都是分开工作但是将第二部分放在最上面会给/ AccessWebServices上的403 Access拒绝？WSDL。

任何帮助/方向/输入都会非常感激。