diff --git a/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy
index b8c99416b7..a7d6590182 100644
--- a/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/AbstractXmlConfigTests.groovy
@@ -6,6 +6,12 @@ import org.springframework.security.config.util.InMemoryXmlApplicationContext
 import org.springframework.security.core.context.SecurityContextHolder
 import spock.lang.Specification
 import static org.springframework.security.config.ConfigTestUtils.AUTH_PROVIDER_XML
+import org.springframework.context.ApplicationListener
+import org.springframework.context.ApplicationEvent
+import org.springframework.security.authentication.event.AbstractAuthenticationEvent
+import org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent
+import org.springframework.security.access.event.AbstractAuthorizationEvent
+import org.springframework.security.CollectingAppListener
 
 /**
  *
@@ -15,10 +21,12 @@ abstract class AbstractXmlConfigTests extends Specification {
     AbstractXmlApplicationContext appContext;
     Writer writer;
     MarkupBuilder xml;
+    ApplicationListener appListener;
 
     def setup() {
         writer = new StringWriter()
         xml = new MarkupBuilder(writer)
+        appListener = new CollectingAppListener()
     }
 
     def cleanup() {
@@ -62,5 +70,6 @@ abstract class AbstractXmlConfigTests extends Specification {
 
     def createAppContext(String extraXml) {
         appContext = new InMemoryXmlApplicationContext(writer.toString() + extraXml);
+        appContext.addApplicationListener(appListener);
     }
 }
diff --git a/config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy
index 6d19fcce45..c21e56c1df 100644
--- a/config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy
+++ b/config/src/test/groovy/org/springframework/security/config/http/MiscHttpConfigTests.groovy
@@ -498,10 +498,12 @@ class MiscHttpConfigTests extends AbstractHttpConfigTests {
         MockHttpServletRequest request = new MockHttpServletRequest("POST", "/j_spring_security_check");
         request.setServletPath("/j_spring_security_check");
         request.addParameter("j_username", "bob");
-        request.addParameter("j_password", "bob");
+        request.addParameter("j_password", "bobspassword");
         then: "App context creation and login request succeed"
         Filter debugFilter = appContext.getBean(BeanIds.SPRING_SECURITY_FILTER_CHAIN);
         debugFilter.doFilter(request, new MockHttpServletResponse(), new MockFilterChain());
+        appListener.events.size() == 2
+        appListener.authenticationEvents.size() == 2
     }
 
     def eraseCredentialsDefaultsToTrue() {
diff --git a/config/src/test/java/org/springframework/security/CollectingAppListener.java b/config/src/test/java/org/springframework/security/CollectingAppListener.java
new file mode 100644
index 0000000000..f70d3252ea
--- /dev/null
+++ b/config/src/test/java/org/springframework/security/CollectingAppListener.java
@@ -0,0 +1,53 @@
+package org.springframework.security;
+
+import java.util.*;
+
+import org.springframework.context.ApplicationEvent;
+import org.springframework.context.ApplicationListener;
+import org.springframework.security.access.event.AbstractAuthorizationEvent;
+import org.springframework.security.authentication.event.AbstractAuthenticationEvent;
+import org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent;
+
+/**
+ * ApplicationListener which collects events for use in test assertions
+ *
+ * @author Luke Taylor
+ * @since 3.1
+ */
+public class CollectingAppListener implements ApplicationListener {
+    Set<ApplicationEvent> events = new HashSet<ApplicationEvent>();
+    Set<AbstractAuthenticationEvent> authenticationEvents = new HashSet<AbstractAuthenticationEvent>();
+    Set<AbstractAuthenticationFailureEvent> authenticationFailureEvents = new HashSet<AbstractAuthenticationFailureEvent>();
+    Set<AbstractAuthorizationEvent> authorizationEvents = new HashSet<AbstractAuthorizationEvent>();
+
+    public void onApplicationEvent(ApplicationEvent event) {
+        if (event instanceof AbstractAuthenticationEvent) {
+            events.add(event);
+            authenticationEvents.add((AbstractAuthenticationEvent) event);
+        }
+        if (event instanceof AbstractAuthenticationFailureEvent) {
+            events.add(event);
+            authenticationFailureEvents.add((AbstractAuthenticationFailureEvent) event);
+        }
+        if (event instanceof AbstractAuthorizationEvent) {
+            events.add(event);
+            authorizationEvents.add((AbstractAuthorizationEvent) event);
+        }
+    }
+
+    public Set<ApplicationEvent> getEvents() {
+        return events;
+    }
+
+    public Set<AbstractAuthenticationEvent> getAuthenticationEvents() {
+        return authenticationEvents;
+    }
+
+    public Set<AbstractAuthenticationFailureEvent> getAuthenticationFailureEvents() {
+        return authenticationFailureEvents;
+    }
+
+    public Set<AbstractAuthorizationEvent> getAuthorizationEvents() {
+        return authorizationEvents;
+    }
+}