diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
index a67cdd53d4..35678c6060 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/builders/WebSecurityTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/builders/WebSecurityTests.java
index 4f680b6118..9eb0abc7a6 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/builders/WebSecurityTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/builders/WebSecurityTests.java
@@ -16,8 +16,10 @@
 
 package org.springframework.security.config.annotation.web.builders;
 
-import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
 import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletResponse;
 
 import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.BeforeEach;
@@ -42,8 +44,6 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 import org.springframework.web.servlet.config.annotation.PathMatchConfigurer;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
-import java.io.IOException;
-
 import static org.assertj.core.api.Assertions.assertThat;
 
 /**
diff --git a/web/src/main/java/org/springframework/security/web/firewall/CompositeRequestRejectedHandler.java b/web/src/main/java/org/springframework/security/web/firewall/CompositeRequestRejectedHandler.java
index ea258b38ae..81013b6bcd 100644
--- a/web/src/main/java/org/springframework/security/web/firewall/CompositeRequestRejectedHandler.java
+++ b/web/src/main/java/org/springframework/security/web/firewall/CompositeRequestRejectedHandler.java
@@ -16,15 +16,16 @@
 
 package org.springframework.security.web.firewall;
 
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import org.springframework.util.Assert;
-
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.List;
 
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.util.Assert;
+
 /**
  * A {@link RequestRejectedHandler} that delegates to several other
  * {@link RequestRejectedHandler}s.
@@ -49,7 +50,7 @@ public final class CompositeRequestRejectedHandler implements RequestRejectedHan
 	@Override
 	public void handle(HttpServletRequest request, HttpServletResponse response,
 			RequestRejectedException requestRejectedException) throws IOException, ServletException {
-		for (RequestRejectedHandler requestRejectedhandler : requestRejectedhandlers) {
+		for (RequestRejectedHandler requestRejectedhandler : this.requestRejectedhandlers) {
 			requestRejectedhandler.handle(request, response, requestRejectedException);
 		}
 	}
diff --git a/web/src/test/java/org/springframework/security/web/firewall/CompositeRequestRejectedHandlerTests.java b/web/src/test/java/org/springframework/security/web/firewall/CompositeRequestRejectedHandlerTests.java
index 9838c136c3..ba98649c43 100644
--- a/web/src/test/java/org/springframework/security/web/firewall/CompositeRequestRejectedHandlerTests.java
+++ b/web/src/test/java/org/springframework/security/web/firewall/CompositeRequestRejectedHandlerTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2021 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,6 +18,7 @@ package org.springframework.security.web.firewall;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+
 import org.junit.jupiter.api.Test;
 
 import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
@@ -28,9 +29,9 @@ public class CompositeRequestRejectedHandlerTests {
 	@Test
 	void compositeRequestRejectedHandlerRethrowsTheException() {
 		RequestRejectedException requestRejectedException = new RequestRejectedException("rejected");
-		DefaultRequestRejectedHandler sut = new DefaultRequestRejectedHandler();
-		CompositeRequestRejectedHandler crrh = new CompositeRequestRejectedHandler(sut);
-		assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> crrh
+		CompositeRequestRejectedHandler handler = new CompositeRequestRejectedHandler(
+				new DefaultRequestRejectedHandler());
+		assertThatExceptionOfType(RequestRejectedException.class).isThrownBy(() -> handler
 				.handle(mock(HttpServletRequest.class), mock(HttpServletResponse.class), requestRejectedException))
 				.withMessage("rejected");
 	}