@Override
  @SuppressWarnings({"rawtypes", "unchecked"})
  public void afterPropertiesSet() {
    // code borrowed from AbstractAuthorizeTag
    ApplicationContext appContext =
        WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext());
    Map<String, SecurityExpressionHandler> handlers =
        appContext.getBeansOfType(SecurityExpressionHandler.class);

    for (SecurityExpressionHandler h : handlers.values()) {
      if (FilterInvocation.class.equals(
          GenericTypeResolver.resolveTypeArgument(h.getClass(), SecurityExpressionHandler.class))) {
        handler = h;
        break;
      }
    }

    if (handler == null) {
      throw new IllegalStateException(
          "No visible WebSecurityExpressionHandler instance "
              + "could be found in the application context");
    }
    super.afterPropertiesSet();
  }
 @Override
 public EvaluationContext createEvaluationContext(
     Authentication authentication, FilterInvocation invocation) {
   EvaluationContext context = delegate.createEvaluationContext(authentication, invocation);
   return new PathVariableLookupEvaluationContext(conditionId, invocation.getRequest(), context);
 }
 @Override
 public ExpressionParser getExpressionParser() {
   return delegate.getExpressionParser();
 }