At least one portion of my application requires access to an AuthenticationTrustResolver instance. For now, I can simply inject my class with an instance of AuthenticationTrustResolverImpl created manually in my bean context. Since I am not customizing or extending the default implementation, this is fine for now.
However, the instance I create in my bean context is not shared with the ExceptionTranslationFilter, and as far as I can tell, there is no way to configure the ExceptionTranslationFilter to use the manually created instance. (Unless I want to configure the entire filter stack myself, in which case it would be possible, but that seems a bit unreasonable to me).
Also, it would be helpful if the default AuthenticationTrustResolver created for/by the ExceptionTranslationFilter could be exposed via an alias for other parts of the application to reuse.
Might I suggest one of the following attribute additions to the <http> namespace?
<http trust-resolver-ref="myTrustResolver" />
<http trust-resolver-alias="exportedTrustResolverName" />
<!-- either 'ref' or 'alias', but not both? -->
<trust-resolver ref="myTrustResolver" alias="exportedTrustResolverName" />