When using the intercept-methods tag on a bean, the dao's used by the userSecurityService and the protected bean are not processed by the
PersistenceAnnotationBeanPostProcessor. This seems to be because the dao gets created before the PostProcessor and so in never seen by it. This like SEC-750 causes a null pointer when an attempt is made to authenticate the user.
I have modified the test case form SEC-750 to demonstrate the problem. The unmodified test case runs fine on my system.
My real world case is a little more complex in that I have a userSecurityService that uses one of my service components, that in turn uses a DAO that is used by another protected service.