In a word – “don’t”, that way lays madness.
What you really want is higher level tests that make use of your Spring configuration but are still focused on behaviour not implementation.
For example, looking at your security configuration – you don’t really care that the configure method is called, or what it does, what you want to test for is:
- Static pages don’t require authentication
- Other pages do require authentication
- Logging in works
- Logging out works
Using Spring for DI and security is merely how those things are implemented whereas your tests should be focused on the fact those things actually work.