Spring Security一启动就会包含这样一批负责各种安全管理的过滤器

 FilterChainProxy: FilterChainProxy[
    UrlMatcher = org.springframework.security.util.AntUrlPathMatcher[requiresLowerCase='true'];
    Filter Chains: {
        /**=[
            org.springframework.security.context.HttpSessionContextIntegrationFilter[ order=200;],
            org.springframework.security.ui.logout.LogoutFilter[ order=300; ],
            org.springframework.security.ui.webapp.AuthenticationProcessingFilter[ order=700; ],
            org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter[ order=900; ],
            org.springframework.security.ui.basicauth.BasicProcessingFilter[ order=1000; ],
            org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter[ order=1100; ],
            org.springframework.security.ui.rememberme.RememberMeProcessingFilter[ order=1200; ],
            org.springframework.security.providers.anonymous.AnonymousProcessingFilter[ order=1300; ],
            org.springframework.security.ui.ExceptionTranslationFilter[ order=1400; ],
            org.springframework.security.ui.SessionFixationProtectionFilter[ order=1600; ],
            org.springframework.security.intercept.web.FilterSecurityInterceptor@e2fbeb
        ]
    }

]