Spring Security Spring Security protect-pointcut error when using with Spring Boot

Describe the bug I have a Spring boot application that want to secure with Spring Security. I want to use protect-pointcut feature to provide method level security across all my services, but getting following error Caused by: org.aspectj.weaver.reflect.ReflectionWorld$ReflectionWorldException: warning can't determine superclass of missing type org.springframework.boot.validation.beanvalidation.MethodValidationExcludeFilter$$Lambda$645.0x0000000800f5e910 [Xlint:cantFindType]

This is a sample project showing the code https://github.com/petert06/SpringSecurityDemo

I tried adding aop.xml to disable scanning of Spring packages but don't believe aspectj is reading this file the way it is loaded by Spring Security. the only solution is to exclude many beans from being auto configured. Is protect-pointcut not supported with Spring Boot or am I misconfiguring something. I am using security.xml to define my protect-pointcut following spring reference

https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#ns-protect-pointcut

To Reproduce Start application

Expected behavior for Spring boot app to start withouth errors

Sample

A link to a GitHub repository with a [minimal, reproducible sample](https://stackoverflow.com/help/minimal-reproducible-example).

Reports that include a sample will take priority over reports that do not. At times, we may require a sample, so it is good to try and include a sample up front.

Comment From: jzheaux

Hi, @kshatalov. Thanks for the report and for the sample project.

Other than formatting changes two years ago, the related Spring Security classes have remained unchanged for about seven years, so I don't feel like this is where we should look first to address the issue. Given that the error message relates to a Spring Boot class that appears to be missing, will you please log this ticket in Spring Boot?

In the meantime, I replaced your sample's XML configuration with the following Java configuration to get the same behavior:

@EnableMethodSecurity
public class SecurityConfig {
    @Bean
    @Role(BeanDefinition.ROLE_INFRASTRUCTURE)
    Advisor methodSecurityAdvisor() {
        AspectJExpressionPointcut expression = new AspectJExpressionPointcut();
        expression.setExpression("execution(* com.example.demo.services.*ServiceImpl.*(..))");
        return new AuthorizationManagerBeforeMethodInterceptor(expression, 
                AuthenticatedAuthorizationManager.authenticated());
    }
}

Also, you can find more detaIl about Java-based method security support in the reference.