Configuração do application context para spring security com vraptor

applicationContext.xml

<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:sec="http://www.springframework.org/schema/security"

xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">

<context:component-scan base-package="br.com.xpto.service,br.com.xpto.controller,br.com.xpto.dao,br.com.xpto" />

<mvc:annotation-driven />

<tx:annotation-driven />

<sec:authentication-manager>
<sec:authentication-provider user-service-ref="permissaoDeAcessoHibernateDao" />
</sec:authentication-manager>

<bean id="messageSource" class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
<property name="basenames">
<value>/WEB-INF/i18n/enviromentDesenvolvimento</value>
</property>
</bean>

<bean id="themeSource" class="org.springframework.ui.context.support.ResourceBundleThemeSource">
<property name="basenamePrefix" value="styleClass-"/>
</bean>

<bean id="sessionFactory" class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean" destroy-method="destroy">
<property name="hibernateProperties">
<props>

<prop key="hibernate.connection.url">${url}</prop>
<prop key="hibernate.connection.driver_class">${driver}</prop>
<prop key="hibernate.connection.username">${user}</prop>
<prop key="hibernate.connection.password">${password}</prop>
<prop key="hibernate.c3p0.min_size">${min.pool}</prop>
<prop key="hibernate.c3p0.max_size">${max.pool}</prop>
<prop key="hibernate.c3p0.timeout">${timeout}</prop>
<prop key="hibernate.c3p0.max_statements">${max.statements}</prop>
<prop key="hibernate.dialect">${dialect}</prop>
<prop key="hibernate.show_sql">${show.sql}</prop>
<prop key="hibernate.format_sql">${format}</prop>
<prop key="hibernate.hbm2ddl.auto">${schema.generate}</prop>

<property name="annotatedClasses">
<list>
...
</list>
</property>
</bean>

<bean id="transactionManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager">
<property name="sessionFactory" ref="sessionFactory"/>
</bean>

<bean id="hibernateTemplate" class="org.springframework.orm.hibernate3.HibernateTemplate">
<constructor-arg ref="sessionFactory"/>
</bean>

<sec:http auto-config="false">

<sec:intercept-url pattern="/administrador**" access="ROLE_ADM"/>

<sec:intercept-url pattern="/administrador/login" filters="none"/>
<sec:intercept-url pattern="/administrador/logout" filters="none"/>
<sec:intercept-url pattern="/administrador/novoAcesso" filters="none"/>

<sec:form-login login-page="/administrador/login" always-use-default-target="true" default-target-url="/administrador" login-processing-url="/administrador" />

<sec:logout logout-url="/administrador/logout" logout-success-url="/administrador/login" />
</sec:http>

</beans>