Spring Security FilterChainProxy issue with Spring Boot 3.2.2

Describe the bug

We are updating our Spring Boot 3.1.5 project to 3.2.2 And we are getting this issue with FilterChainProxy:

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'springSecurityFilterChain': Failed to instantiate [org.springframework.security.config.annotation.web.configuration.WebMvcSecurityConfiguration$CompositeFilterChainProxy]: Constructor threw exception
    at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:318)
...
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.config.annotation.web.configuration.WebMvcSecurityConfiguration$CompositeFilterChainProxy]: Constructor threw exception
    at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:223)
    at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:111)
    at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:315)
    ... 21 common frames omitted
Caused by: java.lang.IllegalStateException: Couldn't find FilterChainProxy in [org.springframework.web.servlet.handler.HandlerMappingIntrospector$$Lambda$1883/0x00000008011fe5d0@27eda07, org.springframework.security.web.debug.DebugFilter@69eb668b]
    at org.springframework.security.config.annotation.web.configuration.WebMvcSecurityConfiguration$CompositeFilterChainProxy.findFilterChainProxy(WebMvcSecurityConfiguration.java:302)
    at org.springframework.security.config.annotation.web.configuration.WebMvcSecurityConfiguration$CompositeFilterChainProxy.<init>(WebMvcSecurityConfiguration.java:214)
    at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77)
    at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
    at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:499)
    at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:480)
    at org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:210)
    ... 23 common frames omitted

Our project doesn't use FilterChainProxy directly. But we are using the saml-provider library, that might use this class (got the idea from: https://github.com/spring-projects/spring-security/issues/14514 issue's desctiption: samlFilter). But that's a hunch. I cannot see from the logs what is trying to make this FilterChainProxy.

To Reproduce Hard to tell. Upgrade from 3.1.x to 3.2.2 and use saml-provider.

Expected behavior Application and filters run without an issue.

Comment From: adnsimona

Already fixed in 6.2.2 (Upgrade needed as SB 3.2.2 uses 6.2.1)