diff --git a/sandbox/itest/context/src/test/java/org/springframework/security/integration/SEC936ApplicationContextTests.java b/sandbox/itest/context/src/test/java/org/springframework/security/integration/SEC936ApplicationContextTests.java
new file mode 100644
index 0000000000..c2b470ff7f
--- /dev/null
+++ b/sandbox/itest/context/src/test/java/org/springframework/security/integration/SEC936ApplicationContextTests.java
@@ -0,0 +1,26 @@
+package org.springframework.security.integration;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.AccessDeniedException;
+import org.springframework.security.concurrent.SessionRegistry;
+import org.springframework.security.context.SecurityContextHolder;
+import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+@ContextConfiguration(locations={"/sec-936-app-context.xml"})
+@RunWith(SpringJUnit4ClassRunner.class)
+public class SEC936ApplicationContextTests {
+    @Autowired
+    /** SessionRegistry is used as the test service interface (nothing to do with the test) */
+    private SessionRegistry sessionRegistry;
+
+    @Test(expected=AccessDeniedException.class)
+    public void securityInterceptorHandlesCallWithNoTargetObject() {
+        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("bob","bobspassword"));
+        sessionRegistry.getAllPrincipals();
+    }
+
+}
diff --git a/sandbox/itest/context/src/test/resources/sec-936-app-context.xml b/sandbox/itest/context/src/test/resources/sec-936-app-context.xml
new file mode 100755
index 0000000000..1f84f2904f
--- /dev/null
+++ b/sandbox/itest/context/src/test/resources/sec-936-app-context.xml
@@ -0,0 +1,52 @@
+<beans xmlns="http://www.springframework.org/schema/beans"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xmlns:util="http://www.springframework.org/schema/util"
+    xmlns:security="http://www.springframework.org/schema/security"
+    xsi:schemaLocation="
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
+    http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.5.xsd
+    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
+
+    <security:authentication-provider>
+        <security:user-service>
+            <security:user name="bob" password="bobspassword" authorities="ROLE_A,ROLE_B"/>
+        </security:user-service>
+    </security:authentication-provider>
+
+    <security:authentication-manager alias="authenticationManager"/>
+
+    <bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
+        <property name="allowIfAllAbstainDecisions" value="false"/>
+        <property name="decisionVoters">
+            <util:list>
+                <bean class="org.springframework.security.vote.RoleVoter" />
+                <bean class="org.springframework.security.vote.AuthenticatedVoter" />
+            </util:list>
+        </property>
+    </bean>
+
+    <bean id="securityInterceptor" class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
+        <property name="validateConfigAttributes" value="true"/>
+        <property name="rejectPublicInvocations" value="true"/>
+        <property name="authenticationManager" ref="authenticationManager"/>
+        <property name="accessDecisionManager" ref="accessDecisionManager"/>
+        <property name="objectDefinitionSource"><value>
+            org.springframework.security.concurrent.SessionRegistry.get*=ROLE_C
+        </value></property>
+    </bean>
+
+    <bean id="httpRemoteService" class="org.springframework.aop.framework.ProxyFactoryBean">
+        <property name="proxyInterfaces" value="org.springframework.security.concurrent.SessionRegistry"/>
+        <property name="interceptorNames">
+            <list>
+                <value>securityInterceptor</value>
+                <value>httpInvokerClientInterceptor</value>
+            </list>
+        </property>
+    </bean>
+
+    <bean id="httpInvokerClientInterceptor" class="org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor">
+        <property name="serviceUrl" value="http://somehost/someUrl"/>
+    </bean>
+
+</beans>