private AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();
public EvaluationContext createEvaluationContext(
Authentication authentication, FilterInvocation fi) {
StandardEvaluationContext ctx = (StandardEvaluationContext) super
.createEvaluationContext(authentication, fi);
SecurityExpressionRoot root = new CustomWebSecurityExpressionRoot(
authentication, fi.getHttpRequest());
root.setTrustResolver(trustResolver);
// AuthenticationTrustResolver atr;
ctx.setRootObject(root);
return ctx;
}