In a JSF environment, RequestDispatcher is used to forward request to /j_spring_security_check to do user login. In Spring Security 3.1.0, doing so results in 404 error. The same code works fine with 3.0.7.
Currently I use a custom filter to invoke UsernamePasswordAuthenticationFilter directly to work around the problem. As such, I suspect FilterChainProxy is not run when the request is forwarded.