SEC-1217: AbstractRememberMeServices should set 'secure' attribute on remember-me cookie if in secure context. Added "useSecureCookie" configuration property and corresponding use-secure-cookie attribute in namespace.

config/src/main/java/org/springframework/security/config/http/RememberMeBeanDefinitionParser.java

@@ -32,6 +32,7 @@ class RememberMeBeanDefinitionParser implements BeanDefinitionParser {
     static final String ATT_TOKEN_REPOSITORY = "token-repository-ref";
     static final String ATT_USER_SERVICE_REF = "user-service-ref";
     static final String ATT_TOKEN_VALIDITY = "token-validity-seconds";
+    static final String ATT_SECURE_COOKIE = "use-secure-cookie";
 
     protected final Log logger = LogFactory.getLog(getClass());
     private String servicesName;
@@ -94,6 +95,10 @@ class RememberMeBeanDefinitionParser implements BeanDefinitionParser {
                 services.getPropertyValues().addPropertyValue("userDetailsService", new RuntimeBeanReference(userServiceRef));
             }
 
+            if ("true".equals(element.getAttribute(ATT_SECURE_COOKIE))) {
+                services.getPropertyValues().addPropertyValue("useSecureCookie", true);
+            }
+
             if (tokenValiditySet) {
                 Integer tokenValidity = new Integer(tokenValiditySeconds);
                 if (tokenValidity.intValue() < 0 && isPersistent) {

config/src/main/resources/org/springframework/security/config/spring-security-3.0.rnc

@@ -453,7 +453,11 @@ remember-me.attlist &=
 remember-me.attlist &=
     ## Exports the internally defined RememberMeServices as a bean alias, allowing it to be used by other beans in the application context.
     attribute services-alias {xsd:token}?    
-    
+
+remember-me.attlist &=
+    ## Determines whether the "secure" flag will be set on the remember-me cookie. If set to true, the cookie will only be submitted over HTTPS. Defaults to false.
+    attribute use-secure-cookie {boolean}?
+
 remember-me.attlist &=
     ## The period (in seconds) for which the remember-me cookie should be valid.
     attribute token-validity-seconds {xsd:integer}?

config/src/main/resources/org/springframework/security/config/spring-security-3.0.xsd

@@ -1,1711 +1,1737 @@
 <?xml version="1.0" encoding="utf-8"?>
 <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
-  xmlns:security="http://www.springframework.org/schema/security" elementFormDefault="qualified"
-  targetNamespace="http://www.springframework.org/schema/security">
-  <xs:attributeGroup name="hash">
-    <xs:attribute name="hash" use="required">
-      <xs:annotation>
-        <xs:documentation>Defines the hashing algorithm used on user passwords. We recommend
-          strongly against using MD4, as it is a very weak hashing algorithm.</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="plaintext"/>
-          <xs:enumeration value="sha"/>
-          <xs:enumeration value="sha-256"/>
-          <xs:enumeration value="md5"/>
-          <xs:enumeration value="md4"/>
-          <xs:enumeration value="{sha}"/>
-          <xs:enumeration value="{ssha}"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="base64">
-    <xs:attribute name="base64" use="required">
-      <xs:annotation>
-        <xs:documentation>Whether a string should be base64 encoded</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="true"/>
-          <xs:enumeration value="false"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="path-type">
-    <xs:attribute name="path-type" use="required">
-      <xs:annotation>
-        <xs:documentation>Defines the type of pattern used to specify URL paths (either JDK
-          1.4-compatible regular expressions, or Apache Ant expressions). Defaults to "ant" if
-          unspecified.</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="ant"/>
-          <xs:enumeration value="regex"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="port">
-    <xs:attribute name="port" use="required" type="xs:positiveInteger">
-      <xs:annotation>
-        <xs:documentation>Specifies an IP port number. Used to configure an embedded LDAP server,
-          for example.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="url">
-    <xs:attribute name="url" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Specifies a URL.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="id">
-    <xs:attribute name="id" use="required" type="xs:ID">
-      <xs:annotation>
-        <xs:documentation>A bean identifier, used for referring to the bean elsewhere in the
-          context.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="ref">
-    <xs:attribute name="ref" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Defines a reference to a Spring bean Id.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="cache-ref">
-    <xs:attribute name="cache-ref" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Defines a reference to a cache for use with a
-          UserDetailsService.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="user-service-ref">
-    <xs:attribute name="user-service-ref" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A reference to a user-service (or UserDetailsService bean)
-          Id</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="data-source-ref">
-    <xs:attribute name="data-source-ref" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A reference to a DataSource bean</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="password-encoder.attlist">
-    <xs:attribute name="ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Defines a reference to a Spring bean Id.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="hash">
-      <xs:annotation>
-        <xs:documentation>Defines the hashing algorithm used on user passwords. We recommend
-          strongly against using MD4, as it is a very weak hashing algorithm.</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="plaintext"/>
-          <xs:enumeration value="sha"/>
-          <xs:enumeration value="sha-256"/>
-          <xs:enumeration value="md5"/>
-          <xs:enumeration value="md4"/>
-          <xs:enumeration value="{sha}"/>
-          <xs:enumeration value="{ssha}"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-    <xs:attribute name="base64">
-      <xs:annotation>
-        <xs:documentation>Whether a string should be base64 encoded</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="true"/>
-          <xs:enumeration value="false"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="user-property">
-    <xs:attribute name="user-property" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A property of the UserDetails object which will be used as salt by a
-          password encoder. Typically something like "username" might be used. </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="system-wide">
-    <xs:attribute name="system-wide" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A single value that will be used as the salt for a password encoder.
-        </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:simpleType name="boolean">
-    <xs:restriction base="xs:token">
-      <xs:enumeration value="true"/>
-      <xs:enumeration value="false"/>
-    </xs:restriction>
-  </xs:simpleType>
-  <xs:attributeGroup name="role-prefix">
-    <xs:attribute name="role-prefix" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A non-empty string prefix that will be added to role strings loaded from
-          persistent storage (e.g. "ROLE_"). Use the value "none" for no prefix in cases where the
-          default is non-empty.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="use-expressions">
-    <xs:attribute name="use-expressions" use="required" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>Enables the use of expressions in the 'access' attributes in
-          &lt;intercept-url&gt; elements rather than the traditional list of configuration
-          attributes. Defaults to 'false'. If enabled, each attribute should contain a single
-          boolean expression. If the expression evaluates to 'true', access will be granted.
-        </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:element name="ldap-server">
-    <xs:annotation>
-      <xs:documentation>Defines an LDAP server location or starts an embedded server. The url
-        indicates the location of a remote server. If no url is given, an embedded server will be
-        started, listening on the supplied port number. The port is optional and defaults to 33389.
-        A Spring LDAP ContextSource bean will be registered for the server with the id supplied.
-      </xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:attributeGroup ref="security:ldap-server.attlist"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="ldap-server.attlist">
-    <xs:attribute name="id" type="xs:ID">
-      <xs:annotation>
-        <xs:documentation>A bean identifier, used for referring to the bean elsewhere in the
-          context.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="url" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Specifies a URL.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="port" type="xs:positiveInteger">
-      <xs:annotation>
-        <xs:documentation>Specifies an IP port number. Used to configure an embedded LDAP server,
-          for example.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="manager-dn" type="xs:string">
-      <xs:annotation>
-        <xs:documentation>Username (DN) of the "manager" user identity which will be used to
-          authenticate to a (non-embedded) LDAP server. If omitted, anonymous access will be used.
-        </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="manager-password" type="xs:string">
-      <xs:annotation>
-        <xs:documentation>The password for the manager DN.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="ldif" type="xs:string">
-      <xs:annotation>
-        <xs:documentation>Explicitly specifies an ldif file resource to load into an embedded LDAP
-          server</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="root" type="xs:string">
-      <xs:annotation>
-        <xs:documentation>Optional root suffix for the embedded LDAP server. Default is
-          "dc=springframework,dc=org"</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="ldap-server-ref-attribute">
-    <xs:attribute name="server-ref" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The optional server to use. If omitted, and a default LDAP server is
-          registered (using &lt;ldap-server&gt; with no Id), that server will be used.
-        </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="group-search-filter-attribute">
-    <xs:attribute name="group-search-filter" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Group search filter. Defaults to (uniqueMember={0}). The substituted
-          parameter is the DN of the user.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="group-search-base-attribute">
-    <xs:attribute name="group-search-base" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Search base for group membership searches. Defaults to "" (searching from
-          the root).</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="user-search-filter-attribute">
-    <xs:attribute name="user-search-filter" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The LDAP filter used to search for users (optional). For example
-          "(uid={0})". The substituted parameter is the user's login name.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="user-search-base-attribute">
-    <xs:attribute name="user-search-base" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Search base for user searches. Defaults to "". Only used with a
-          'user-search-filter'.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="group-role-attribute-attribute">
-    <xs:attribute name="group-role-attribute" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The LDAP attribute name which contains the role name which will be used
-          within Spring Security. Defaults to "cn".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="user-details-class-attribute">
-    <xs:attribute name="user-details-class" use="required">
-      <xs:annotation>
-        <xs:documentation>Allows the objectClass of the user entry to be specified. If set, the
-          framework will attempt to load standard attributes for the defined class into the returned
-          UserDetails object</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="person"/>
-          <xs:enumeration value="inetOrgPerson"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="user-context-mapper-attribute">
-    <xs:attribute name="user-context-mapper-ref" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Allows explicit customization of the loaded user object by specifying a
-          UserDetailsContextMapper bean which will be called with the context information from the
-          user's directory entry</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:element name="ldap-user-service" substitutionGroup="security:any-user-service">
-    <xs:complexType>
-      <xs:attributeGroup ref="security:ldap-us.attlist"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="ldap-us.attlist">
-    <xs:attribute name="id" type="xs:ID">
-      <xs:annotation>
-        <xs:documentation>A bean identifier, used for referring to the bean elsewhere in the
-          context.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="server-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The optional server to use. If omitted, and a default LDAP server is
-          registered (using &lt;ldap-server&gt; with no Id), that server will be used.
-        </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="user-search-filter" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The LDAP filter used to search for users (optional). For example
-          "(uid={0})". The substituted parameter is the user's login name.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="user-search-base" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Search base for user searches. Defaults to "". Only used with a
-          'user-search-filter'.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="group-search-filter" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Group search filter. Defaults to (uniqueMember={0}). The substituted
-          parameter is the DN of the user.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="group-search-base" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Search base for group membership searches. Defaults to "" (searching from
-          the root).</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="group-role-attribute" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The LDAP attribute name which contains the role name which will be used
-          within Spring Security. Defaults to "cn".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="cache-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Defines a reference to a cache for use with a
-          UserDetailsService.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="role-prefix" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A non-empty string prefix that will be added to role strings loaded from
-          persistent storage (e.g. "ROLE_"). Use the value "none" for no prefix in cases where the
-          default is non-empty.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="user-details-class">
-      <xs:annotation>
-        <xs:documentation>Allows the objectClass of the user entry to be specified. If set, the
-          framework will attempt to load standard attributes for the defined class into the returned
-          UserDetails object</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="person"/>
-          <xs:enumeration value="inetOrgPerson"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-    <xs:attribute name="user-context-mapper-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Allows explicit customization of the loaded user object by specifying a
-          UserDetailsContextMapper bean which will be called with the context information from the
-          user's directory entry</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="ldap-ap.attlist">
-    <xs:attribute name="server-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The optional server to use. If omitted, and a default LDAP server is
-          registered (using &lt;ldap-server&gt; with no Id), that server will be used.
-        </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="user-search-base" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Search base for user searches. Defaults to "". Only used with a
-          'user-search-filter'.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="user-search-filter" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The LDAP filter used to search for users (optional). For example
-          "(uid={0})". The substituted parameter is the user's login name.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="group-search-base" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Search base for group membership searches. Defaults to "" (searching from
-          the root).</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="group-search-filter" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Group search filter. Defaults to (uniqueMember={0}). The substituted
-          parameter is the DN of the user.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="group-role-attribute" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The LDAP attribute name which contains the role name which will be used
-          within Spring Security. Defaults to "cn".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="user-dn-pattern" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A specific pattern used to build the user's DN, for example
-          "uid={0},ou=people". The key "{0}" must be present and will be substituted with the
-          username.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="role-prefix" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A non-empty string prefix that will be added to role strings loaded from
-          persistent storage (e.g. "ROLE_"). Use the value "none" for no prefix in cases where the
-          default is non-empty.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="user-details-class">
-      <xs:annotation>
-        <xs:documentation>Allows the objectClass of the user entry to be specified. If set, the
-          framework will attempt to load standard attributes for the defined class into the returned
-          UserDetails object</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="person"/>
-          <xs:enumeration value="inetOrgPerson"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-    <xs:attribute name="user-context-mapper-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Allows explicit customization of the loaded user object by specifying a
-          UserDetailsContextMapper bean which will be called with the context information from the
-          user's directory entry</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="password-compare.attlist">
-    <xs:attribute name="password-attribute" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The attribute in the directory which contains the user password. Defaults
-          to "userPassword".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="hash">
-      <xs:annotation>
-        <xs:documentation>Defines the hashing algorithm used on user passwords. We recommend
-          strongly against using MD4, as it is a very weak hashing algorithm.</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="plaintext"/>
-          <xs:enumeration value="sha"/>
-          <xs:enumeration value="sha-256"/>
-          <xs:enumeration value="md5"/>
-          <xs:enumeration value="md4"/>
-          <xs:enumeration value="{sha}"/>
-          <xs:enumeration value="{ssha}"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:element name="intercept-methods">
-    <xs:annotation>
-      <xs:documentation>Can be used inside a bean definition to add a security interceptor to the
-        bean and set up access configuration attributes for the bean's methods</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element maxOccurs="unbounded" name="protect">
-          <xs:annotation>
-            <xs:documentation>Defines a protected method and the access control configuration
-              attributes that apply to it. We strongly advise you NOT to mix "protect" declarations
-              with any services provided "global-method-security".</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:protect.attlist"/>
-          </xs:complexType>
-        </xs:element>
-      </xs:sequence>
-      <xs:attributeGroup ref="security:intercept-methods.attlist"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="intercept-methods.attlist">
-    <xs:attribute name="access-decision-manager-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Optional AccessDecisionManager bean ID to be used by the created method
-          security interceptor.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="protect.attlist">
-    <xs:attribute name="method" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A method name</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="access" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Access configuration attributes list that applies to the method, e.g.
-          "ROLE_A,ROLE_B".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:element name="global-method-security">
-    <xs:annotation>
-      <xs:documentation>Provides method security for all beans registered in the Spring application
-        context. Specifically, beans will be scanned for matches with the ordered list of
-        "protect-pointcut" sub-elements, Spring Security annotations and/or. Where there is a match,
-        the beans will automatically be proxied and security authorization applied to the methods
-        accordingly. If you use and enable all four sources of method security metadata (ie
-        "protect-pointcut" declarations, expression annotations, @Secured and also JSR250 security
-        annotations), the metadata sources will be queried in that order. In practical terms, this
-        enables you to use XML to override method security metadata expressed in annotations. If
-        using annotations, the order of precedence is EL-based (@PreAuthorize etc.), @Secured and
-        finally JSR-250.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:choice minOccurs="0">
-          <xs:element name="pre-post-annotation-handling">
-            <xs:annotation>
-              <xs:documentation>Allows the default expression-based mechanism for handling Spring
-                Security's pre and post invocation annotations (@PreFilter, @PreAuthorize,
-                @PostFilter, @PostAuthorize) to be replace entirely. Only applies if these
-                annotations are enabled. </xs:documentation>
-            </xs:annotation>
-            <xs:complexType>
-              <xs:sequence>
-                <xs:element name="invocation-attribute-factory">
+   xmlns:security="http://www.springframework.org/schema/security" elementFormDefault="qualified"
+   targetNamespace="http://www.springframework.org/schema/security">
+   <xs:attributeGroup name="hash">
+      <xs:attribute name="hash" use="required">
+         <xs:annotation>
+            <xs:documentation>Defines the hashing algorithm used on user passwords. We recommend
+               strongly against using MD4, as it is a very weak hashing
+               algorithm.</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="plaintext"/>
+               <xs:enumeration value="sha"/>
+               <xs:enumeration value="sha-256"/>
+               <xs:enumeration value="md5"/>
+               <xs:enumeration value="md4"/>
+               <xs:enumeration value="{sha}"/>
+               <xs:enumeration value="{ssha}"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="base64">
+      <xs:attribute name="base64" use="required">
+         <xs:annotation>
+            <xs:documentation>Whether a string should be base64 encoded</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="true"/>
+               <xs:enumeration value="false"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="path-type">
+      <xs:attribute name="path-type" use="required">
+         <xs:annotation>
+            <xs:documentation>Defines the type of pattern used to specify URL paths (either JDK
+               1.4-compatible regular expressions, or Apache Ant expressions). Defaults to "ant" if
+               unspecified.</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="ant"/>
+               <xs:enumeration value="regex"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="port">
+      <xs:attribute name="port" use="required" type="xs:positiveInteger">
+         <xs:annotation>
+            <xs:documentation>Specifies an IP port number. Used to configure an embedded LDAP
+               server, for example.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="url">
+      <xs:attribute name="url" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Specifies a URL.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="id">
+      <xs:attribute name="id" use="required" type="xs:ID">
+         <xs:annotation>
+            <xs:documentation>A bean identifier, used for referring to the bean elsewhere in the
+               context.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="ref">
+      <xs:attribute name="ref" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Defines a reference to a Spring bean Id.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="cache-ref">
+      <xs:attribute name="cache-ref" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Defines a reference to a cache for use with a
+               UserDetailsService.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="user-service-ref">
+      <xs:attribute name="user-service-ref" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A reference to a user-service (or UserDetailsService bean)
+               Id</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="data-source-ref">
+      <xs:attribute name="data-source-ref" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A reference to a DataSource bean</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="password-encoder.attlist">
+      <xs:attribute name="ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Defines a reference to a Spring bean Id.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="hash">
+         <xs:annotation>
+            <xs:documentation>Defines the hashing algorithm used on user passwords. We recommend
+               strongly against using MD4, as it is a very weak hashing
+               algorithm.</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="plaintext"/>
+               <xs:enumeration value="sha"/>
+               <xs:enumeration value="sha-256"/>
+               <xs:enumeration value="md5"/>
+               <xs:enumeration value="md4"/>
+               <xs:enumeration value="{sha}"/>
+               <xs:enumeration value="{ssha}"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+      <xs:attribute name="base64">
+         <xs:annotation>
+            <xs:documentation>Whether a string should be base64 encoded</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="true"/>
+               <xs:enumeration value="false"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="user-property">
+      <xs:attribute name="user-property" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A property of the UserDetails object which will be used as salt by a
+               password encoder. Typically something like "username" might be used.
+            </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="system-wide">
+      <xs:attribute name="system-wide" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A single value that will be used as the salt for a password encoder.
+            </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:simpleType name="boolean">
+      <xs:restriction base="xs:token">
+         <xs:enumeration value="true"/>
+         <xs:enumeration value="false"/>
+      </xs:restriction>
+   </xs:simpleType>
+   <xs:attributeGroup name="role-prefix">
+      <xs:attribute name="role-prefix" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A non-empty string prefix that will be added to role strings loaded
+               from persistent storage (e.g. "ROLE_"). Use the value "none" for no prefix in cases
+               where the default is non-empty.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="use-expressions">
+      <xs:attribute name="use-expressions" use="required" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Enables the use of expressions in the 'access' attributes in
+               &lt;intercept-url&gt; elements rather than the traditional list of
+               configuration attributes. Defaults to 'false'. If enabled, each attribute should
+               contain a single boolean expression. If the expression evaluates to 'true', access
+               will be granted. </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:element name="ldap-server">
+      <xs:annotation>
+         <xs:documentation>Defines an LDAP server location or starts an embedded server. The url
+            indicates the location of a remote server. If no url is given, an embedded server will
+            be started, listening on the supplied port number. The port is optional and defaults to
+            33389. A Spring LDAP ContextSource bean will be registered for the server with the id
+            supplied. </xs:documentation>
+      </xs:annotation>
+      <xs:complexType>
+         <xs:attributeGroup ref="security:ldap-server.attlist"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="ldap-server.attlist">
+      <xs:attribute name="id" type="xs:ID">
+         <xs:annotation>
+            <xs:documentation>A bean identifier, used for referring to the bean elsewhere in the
+               context.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="url" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Specifies a URL.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="port" type="xs:positiveInteger">
+         <xs:annotation>
+            <xs:documentation>Specifies an IP port number. Used to configure an embedded LDAP
+               server, for example.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="manager-dn" type="xs:string">
+         <xs:annotation>
+            <xs:documentation>Username (DN) of the "manager" user identity which will be used to
+               authenticate to a (non-embedded) LDAP server. If omitted, anonymous access will be
+               used. </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="manager-password" type="xs:string">
+         <xs:annotation>
+            <xs:documentation>The password for the manager DN.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="ldif" type="xs:string">
+         <xs:annotation>
+            <xs:documentation>Explicitly specifies an ldif file resource to load into an embedded
+               LDAP server</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="root" type="xs:string">
+         <xs:annotation>
+            <xs:documentation>Optional root suffix for the embedded LDAP server. Default is
+               "dc=springframework,dc=org"</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="ldap-server-ref-attribute">
+      <xs:attribute name="server-ref" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The optional server to use. If omitted, and a default LDAP server is
+               registered (using &lt;ldap-server&gt; with no Id), that server will be used.
+            </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="group-search-filter-attribute">
+      <xs:attribute name="group-search-filter" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Group search filter. Defaults to (uniqueMember={0}). The substituted
+               parameter is the DN of the user.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="group-search-base-attribute">
+      <xs:attribute name="group-search-base" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Search base for group membership searches. Defaults to "" (searching
+               from the root).</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="user-search-filter-attribute">
+      <xs:attribute name="user-search-filter" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The LDAP filter used to search for users (optional). For example
+               "(uid={0})". The substituted parameter is the user's login name.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="user-search-base-attribute">
+      <xs:attribute name="user-search-base" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Search base for user searches. Defaults to "". Only used with a
+               'user-search-filter'.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="group-role-attribute-attribute">
+      <xs:attribute name="group-role-attribute" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The LDAP attribute name which contains the role name which will be
+               used within Spring Security. Defaults to "cn".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="user-details-class-attribute">
+      <xs:attribute name="user-details-class" use="required">
+         <xs:annotation>
+            <xs:documentation>Allows the objectClass of the user entry to be specified. If set, the
+               framework will attempt to load standard attributes for the defined class into the
+               returned UserDetails object</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="person"/>
+               <xs:enumeration value="inetOrgPerson"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="user-context-mapper-attribute">
+      <xs:attribute name="user-context-mapper-ref" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Allows explicit customization of the loaded user object by specifying
+               a UserDetailsContextMapper bean which will be called with the context information
+               from the user's directory entry</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:element name="ldap-user-service" substitutionGroup="security:any-user-service">
+      <xs:complexType>
+         <xs:attributeGroup ref="security:ldap-us.attlist"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="ldap-us.attlist">
+      <xs:attribute name="id" type="xs:ID">
+         <xs:annotation>
+            <xs:documentation>A bean identifier, used for referring to the bean elsewhere in the
+               context.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="server-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The optional server to use. If omitted, and a default LDAP server is
+               registered (using &lt;ldap-server&gt; with no Id), that server will be used.
+            </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="user-search-filter" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The LDAP filter used to search for users (optional). For example
+               "(uid={0})". The substituted parameter is the user's login name.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="user-search-base" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Search base for user searches. Defaults to "". Only used with a
+               'user-search-filter'.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="group-search-filter" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Group search filter. Defaults to (uniqueMember={0}). The substituted
+               parameter is the DN of the user.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="group-search-base" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Search base for group membership searches. Defaults to "" (searching
+               from the root).</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="group-role-attribute" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The LDAP attribute name which contains the role name which will be
+               used within Spring Security. Defaults to "cn".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="cache-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Defines a reference to a cache for use with a
+               UserDetailsService.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="role-prefix" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A non-empty string prefix that will be added to role strings loaded
+               from persistent storage (e.g. "ROLE_"). Use the value "none" for no prefix in cases
+               where the default is non-empty.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="user-details-class">
+         <xs:annotation>
+            <xs:documentation>Allows the objectClass of the user entry to be specified. If set, the
+               framework will attempt to load standard attributes for the defined class into the
+               returned UserDetails object</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="person"/>
+               <xs:enumeration value="inetOrgPerson"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+      <xs:attribute name="user-context-mapper-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Allows explicit customization of the loaded user object by specifying
+               a UserDetailsContextMapper bean which will be called with the context information
+               from the user's directory entry</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="ldap-ap.attlist">
+      <xs:attribute name="server-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The optional server to use. If omitted, and a default LDAP server is
+               registered (using &lt;ldap-server&gt; with no Id), that server will be used.
+            </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="user-search-base" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Search base for user searches. Defaults to "". Only used with a
+               'user-search-filter'.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="user-search-filter" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The LDAP filter used to search for users (optional). For example
+               "(uid={0})". The substituted parameter is the user's login name.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="group-search-base" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Search base for group membership searches. Defaults to "" (searching
+               from the root).</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="group-search-filter" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Group search filter. Defaults to (uniqueMember={0}). The substituted
+               parameter is the DN of the user.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="group-role-attribute" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The LDAP attribute name which contains the role name which will be
+               used within Spring Security. Defaults to "cn".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="user-dn-pattern" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A specific pattern used to build the user's DN, for example
+               "uid={0},ou=people". The key "{0}" must be present and will be substituted with the
+               username.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="role-prefix" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A non-empty string prefix that will be added to role strings loaded
+               from persistent storage (e.g. "ROLE_"). Use the value "none" for no prefix in cases
+               where the default is non-empty.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="user-details-class">
+         <xs:annotation>
+            <xs:documentation>Allows the objectClass of the user entry to be specified. If set, the
+               framework will attempt to load standard attributes for the defined class into the
+               returned UserDetails object</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="person"/>
+               <xs:enumeration value="inetOrgPerson"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+      <xs:attribute name="user-context-mapper-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Allows explicit customization of the loaded user object by specifying
+               a UserDetailsContextMapper bean which will be called with the context information
+               from the user's directory entry</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="password-compare.attlist">
+      <xs:attribute name="password-attribute" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The attribute in the directory which contains the user password.
+               Defaults to "userPassword".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="hash">
+         <xs:annotation>
+            <xs:documentation>Defines the hashing algorithm used on user passwords. We recommend
+               strongly against using MD4, as it is a very weak hashing
+               algorithm.</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="plaintext"/>
+               <xs:enumeration value="sha"/>
+               <xs:enumeration value="sha-256"/>
+               <xs:enumeration value="md5"/>
+               <xs:enumeration value="md4"/>
+               <xs:enumeration value="{sha}"/>
+               <xs:enumeration value="{ssha}"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:element name="intercept-methods">
+      <xs:annotation>
+         <xs:documentation>Can be used inside a bean definition to add a security interceptor to the
+            bean and set up access configuration attributes for the bean's
+            methods</xs:documentation>
+      </xs:annotation>
+      <xs:complexType>
+         <xs:sequence>
+            <xs:element maxOccurs="unbounded" name="protect">
+               <xs:annotation>
+                  <xs:documentation>Defines a protected method and the access control configuration
+                     attributes that apply to it. We strongly advise you NOT to mix "protect"
+                     declarations with any services provided
+                     "global-method-security".</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:protect.attlist"/>
+               </xs:complexType>
+            </xs:element>
+         </xs:sequence>
+         <xs:attributeGroup ref="security:intercept-methods.attlist"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="intercept-methods.attlist">
+      <xs:attribute name="access-decision-manager-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Optional AccessDecisionManager bean ID to be used by the created
+               method security interceptor.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="protect.attlist">
+      <xs:attribute name="method" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A method name</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="access" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Access configuration attributes list that applies to the method, e.g.
+               "ROLE_A,ROLE_B".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:element name="global-method-security">
+      <xs:annotation>
+         <xs:documentation>Provides method security for all beans registered in the Spring
+            application context. Specifically, beans will be scanned for matches with the ordered
+            list of "protect-pointcut" sub-elements, Spring Security annotations and/or. Where there
+            is a match, the beans will automatically be proxied and security authorization applied
+            to the methods accordingly. If you use and enable all four sources of method security
+            metadata (ie "protect-pointcut" declarations, expression annotations, @Secured and also
+            JSR250 security annotations), the metadata sources will be queried in that order. In
+            practical terms, this enables you to use XML to override method security metadata
+            expressed in annotations. If using annotations, the order of precedence is EL-based
+            (@PreAuthorize etc.), @Secured and finally JSR-250.</xs:documentation>
+      </xs:annotation>
+      <xs:complexType>
+         <xs:sequence>
+            <xs:choice minOccurs="0">
+               <xs:element name="pre-post-annotation-handling">
                   <xs:annotation>
-                    <xs:documentation>Defines the PrePostInvocationAttributeFactory instance which
-                      is used to generate pre and post invocation metadata from the annotated
-                      methods. </xs:documentation>
+                     <xs:documentation>Allows the default expression-based mechanism for handling
+                        Spring Security's pre and post invocation annotations (@PreFilter,
+                        @PreAuthorize, @PostFilter, @PostAuthorize) to be replace entirely. Only
+                        applies if these annotations are enabled. </xs:documentation>
                   </xs:annotation>
                   <xs:complexType>
-                    <xs:attributeGroup ref="security:ref"/>
-                  </xs:complexType>
-                </xs:element>
-                <xs:element name="pre-invocation-advice">
-                  <xs:complexType>
-                    <xs:attributeGroup ref="security:ref"/>
+                     <xs:sequence>
+                        <xs:element name="invocation-attribute-factory">
+                           <xs:annotation>
+                              <xs:documentation>Defines the PrePostInvocationAttributeFactory
+                                 instance which is used to generate pre and post invocation metadata
+                                 from the annotated methods. </xs:documentation>
+                           </xs:annotation>
+                           <xs:complexType>
+                              <xs:attributeGroup ref="security:ref"/>
+                           </xs:complexType>
+                        </xs:element>
+                        <xs:element name="pre-invocation-advice">
+                           <xs:complexType>
+                              <xs:attributeGroup ref="security:ref"/>
+                           </xs:complexType>
+                        </xs:element>
+                        <xs:element name="post-invocation-advice">
+                           <xs:complexType>
+                              <xs:attributeGroup ref="security:ref"/>
+                           </xs:complexType>
+                        </xs:element>
+                     </xs:sequence>
                   </xs:complexType>
-                </xs:element>
-                <xs:element name="post-invocation-advice">
+               </xs:element>
+               <xs:element name="expression-handler">
+                  <xs:annotation>
+                     <xs:documentation>Defines the SecurityExpressionHandler instance which will be
+                        used if expression-based access-control is enabled. A default implementation
+                        (with no ACL support) will be used if not supplied.</xs:documentation>
+                  </xs:annotation>
                   <xs:complexType>
-                    <xs:attributeGroup ref="security:ref"/>
+                     <xs:attributeGroup ref="security:ref"/>
                   </xs:complexType>
-                </xs:element>
-              </xs:sequence>
-            </xs:complexType>
-          </xs:element>
-          <xs:element name="expression-handler">
-            <xs:annotation>
-              <xs:documentation>Defines the SecurityExpressionHandler instance which will be used if
-                expression-based access-control is enabled. A default implementation (with no ACL
-                support) will be used if not supplied.</xs:documentation>
-            </xs:annotation>
-            <xs:complexType>
-              <xs:attributeGroup ref="security:ref"/>
-            </xs:complexType>
-          </xs:element>
-        </xs:choice>
-        <xs:element minOccurs="0" maxOccurs="unbounded" name="protect-pointcut">
-          <xs:annotation>
-            <xs:documentation>Defines a protected pointcut and the access control configuration
-              attributes that apply to it. Every bean registered in the Spring application context
-              that provides a method that matches the pointcut will receive security
-              authorization.</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:protect-pointcut.attlist"/>
-          </xs:complexType>
-        </xs:element>
-        <xs:element minOccurs="0" maxOccurs="unbounded" name="after-invocation-provider">
-          <xs:annotation>
-            <xs:documentation>Allows addition of extra AfterInvocationProvider beans which should be
-              called by the MethodSecurityInterceptor created by
-              global-method-security.</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:ref"/>
-          </xs:complexType>
-        </xs:element>
-      </xs:sequence>
-      <xs:attributeGroup ref="security:global-method-security.attlist"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="global-method-security.attlist">
-    <xs:attribute name="pre-post-annotations">
-      <xs:annotation>
-        <xs:documentation>Specifies whether the use of Spring Security's pre and post invocation
-          annotations (@PreFilter, @PreAuthorize, @PostFilter, @PostAuthorize) should be enabled for
-          this application context. Defaults to "disabled".</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="disabled"/>
-          <xs:enumeration value="enabled"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-    <xs:attribute name="secured-annotations">
-      <xs:annotation>
-        <xs:documentation>Specifies whether the use of Spring Security's @Secured annotations should
-          be enabled for this application context. Defaults to "disabled".</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="disabled"/>
-          <xs:enumeration value="enabled"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-    <xs:attribute name="jsr250-annotations">
-      <xs:annotation>
-        <xs:documentation>Specifies whether JSR-250 style attributes are to be used (for example
-          "RolesAllowed"). This will require the javax.annotation.security classes on the classpath.
-          Defaults to "disabled".</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="disabled"/>
-          <xs:enumeration value="enabled"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-    <xs:attribute name="access-decision-manager-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Optional AccessDecisionManager bean ID to override the default used for
-          method security.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="run-as-manager-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Optional RunAsmanager implementation which will be used by the configured
-          MethodSecurityInterceptor</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:element name="custom-after-invocation-provider">
-    <xs:annotation>
-      <xs:documentation>No longer supported. Use after-invocation-provider
-        instead.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType/>
-  </xs:element>
-  <xs:attributeGroup name="protect-pointcut.attlist">
-    <xs:attribute name="expression" use="required" type="xs:string">
-      <xs:annotation>
-        <xs:documentation>An AspectJ expression, including the 'execution' keyword. For example,
-          'execution(int com.foo.TargetObject.countLength(String))' (without the
-          quotes).</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="access" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Access configuration attributes list that applies to all methods matching
-          the pointcut, e.g. "ROLE_A,ROLE_B"</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:element name="http">
-    <xs:annotation>
-      <xs:documentation>Container element for HTTP security configuration</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:choice minOccurs="0" maxOccurs="unbounded">
-        <xs:element name="intercept-url">
-          <xs:annotation>
-            <xs:documentation>Specifies the access attributes and/or filter list for a particular
-              set of URLs.</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:intercept-url.attlist"/>
-          </xs:complexType>
-        </xs:element>
-        <xs:element name="access-denied-handler">
-          <xs:annotation>
-            <xs:documentation>Defines the access-denied strategy that should be used. An access
-              denied page can be defined or a reference to an AccessDeniedHandler instance.
-            </xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:access-denied-handler.attlist"/>
-          </xs:complexType>
-        </xs:element>
-        <xs:element name="form-login">
-          <xs:annotation>
-            <xs:documentation>Sets up a form login configuration for authentication with a username
-              and password</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:form-login.attlist"/>
-          </xs:complexType>
-        </xs:element>
-        <xs:element name="openid-login">
-          <xs:annotation>
-            <xs:documentation>Sets up form login for authentication with an Open ID
-              identity</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:sequence>
-              <xs:element minOccurs="0" ref="security:attribute-exchange"/>
-            </xs:sequence>
-            <xs:attributeGroup ref="security:form-login.attlist"/>
-            <xs:attribute name="user-service-ref" type="xs:token">
-              <xs:annotation>
-                <xs:documentation>A reference to a user-service (or UserDetailsService bean)
-                  Id</xs:documentation>
-              </xs:annotation>
-            </xs:attribute>
-          </xs:complexType>
-        </xs:element>
-        <xs:element name="x509">
-          <xs:annotation>
-            <xs:documentation>Adds support for X.509 client authentication.</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:x509.attlist"/>
-          </xs:complexType>
-        </xs:element>
-        <xs:element name="http-basic">
-          <xs:annotation>
-            <xs:documentation>Adds support for basic authentication (this is an element to permit
-              future expansion, such as supporting an "ignoreFailure" attribute)</xs:documentation>
-          </xs:annotation>
-          <xs:complexType/>
-        </xs:element>
-        <xs:element name="logout">
-          <xs:annotation>
-            <xs:documentation>Incorporates a logout processing filter. Most web applications require
-              a logout filter, although you may not require one if you write a controller to
-              provider similar logic.</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:logout.attlist"/>
-          </xs:complexType>
-        </xs:element>
-        <xs:element name="concurrent-session-control">
-          <xs:annotation>
-            <xs:documentation>Adds support for concurrent session control, allowing limits to be
-              placed on the number of sessions a user can have.</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:concurrent-sessions.attlist"/>
-          </xs:complexType>
-        </xs:element>
-        <xs:element name="remember-me">
-          <xs:annotation>
-            <xs:documentation>Sets up remember-me authentication. If used with the "key" attribute
-              (or no attributes) the cookie-only implementation will be used. Specifying
-              "token-repository-ref" or "remember-me-data-source-ref" will use the more secure,
-              persisten token approach. </xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:remember-me.attlist"/>
-          </xs:complexType>
-        </xs:element>
-        <xs:element name="anonymous">
-          <xs:annotation>
-            <xs:documentation>Adds support for automatically granting all anonymous web requests a
-              particular principal identity and a corresponding granted
-              authority.</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:anonymous.attlist"/>
-          </xs:complexType>
-        </xs:element>
-        <xs:element name="port-mappings">
-          <xs:annotation>
-            <xs:documentation>Defines the list of mappings between http and https ports for use in
-              redirects</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:sequence>
-              <xs:element maxOccurs="unbounded" name="port-mapping">
-                <xs:complexType>
-                  <xs:attributeGroup ref="security:http-port"/>
-                  <xs:attributeGroup ref="security:https-port"/>
-                </xs:complexType>
-              </xs:element>
-            </xs:sequence>
-          </xs:complexType>
-        </xs:element>
-        <xs:element ref="security:custom-filter"/>
-      </xs:choice>
-      <xs:attributeGroup ref="security:http.attlist"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="http.attlist">
-    <xs:attribute name="auto-config" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>Automatically registers a login form, BASIC authentication, anonymous
-          authentication, logout services, remember-me and servlet-api-integration. If set to
-          "true", all of these capabilities are added (although you can still customize the
-          configuration of each by providing the respective element). If unspecified, defaults to
-          "false".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="use-expressions" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>Enables the use of expressions in the 'access' attributes in
-          &lt;intercept-url&gt; elements rather than the traditional list of configuration
-          attributes. Defaults to 'false'. If enabled, each attribute should contain a single
-          boolean expression. If the expression evaluates to 'true', access will be granted.
-        </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="create-session">
-      <xs:annotation>
-        <xs:documentation>Controls the eagerness with which an HTTP session is created. If not set,
-          defaults to "ifRequired". Note that if a custom SecurityContextRepository is set using
-          security-context-repository-ref, then the only value which can be set is "always".
-          Otherwise the session creation behaviour will be determined by the repository bean
-          implementation.</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="ifRequired"/>
-          <xs:enumeration value="always"/>
-          <xs:enumeration value="never"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-    <xs:attribute name="security-context-repository-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A reference to a SecurityContextRepository bean. This can be used to
-          customize how the SecurityContext is stored between requests.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="path-type">
-      <xs:annotation>
-        <xs:documentation>Defines the type of pattern used to specify URL paths (either JDK
-          1.4-compatible regular expressions, or Apache Ant expressions). Defaults to "ant" if
-          unspecified.</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="ant"/>
-          <xs:enumeration value="regex"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-    <xs:attribute name="lowercase-comparisons" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>Whether test URLs should be converted to lower case prior to comparing
-          with defined path patterns. If unspecified, defaults to "true".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="servlet-api-provision" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>Provides versions of HttpServletRequest security methods such as
-          isUserInRole() and getPrincipal() which are implemented by accessing the Spring
-          SecurityContext. Defaults to "true".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="access-decision-manager-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Optional attribute specifying the ID of the AccessDecisionManager
-          implementation which should be used for authorizing HTTP requests.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="realm" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Optional attribute specifying the realm name that will be used for all
-          authentication features that require a realm name (eg BASIC and Digest authentication). If
-          unspecified, defaults to "Spring Security Application".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="session-fixation-protection">
-      <xs:annotation>
-        <xs:documentation>Indicates whether an existing session should be invalidated when a user
-          authenticates and a new session started. If set to "none" no change will be made.
-          "newSession" will create a new empty session. "migrateSession" will create a new session
-          and copy the session attributes to the new session. Defaults to
-          "migrateSession".</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="none"/>
-          <xs:enumeration value="newSession"/>
-          <xs:enumeration value="migrateSession"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-    <xs:attribute name="entry-point-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Allows a customized AuthenticationEntryPoint to be
-          used.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="once-per-request" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>Corresponds to the observeOncePerRequest property of
-          FilterSecurityInterceptor. Defaults to "true"</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="access-denied-page" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Deprecated in favour of the access-denied-handler
-          element.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="disable-url-rewriting" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation> </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="invalid-session-url" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The URL to which a user will be redirected if they submit an invalid
-          session indentifier. Typically used to detect session timeouts.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="access-denied-handler.attlist">
-    <xs:attribute name="ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Defines a reference to a Spring bean Id.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="error-page" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The access denied page that an authenticated user will be redirected to if
-          they request a page which they don't have the authority to access. </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="access-denied-handler-page">
-    <xs:attribute name="error-page" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The access denied page that an authenticated user will be redirected to if
-          they request a page which they don't have the authority to access. </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="intercept-url.attlist">
-    <xs:attribute name="pattern" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The pattern which defines the URL path. The content will depend on the
-          type set in the containing http element, so will default to ant path
-          syntax.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="access" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The access configuration attributes that apply for the configured
-          path.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="method">
-      <xs:annotation>
-        <xs:documentation>The HTTP Method for which the access configuration attributes should
-          apply. If not specified, the attributes will apply to any method.</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="GET"/>
-          <xs:enumeration value="DELETE"/>
-          <xs:enumeration value="HEAD"/>
-          <xs:enumeration value="OPTIONS"/>
-          <xs:enumeration value="POST"/>
-          <xs:enumeration value="PUT"/>
-          <xs:enumeration value="TRACE"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-    <xs:attribute name="filters">
-      <xs:annotation>
-        <xs:documentation>The filter list for the path. Currently can be set to "none" to remove a
-          path from having any filters applied. The full filter stack (consisting of all filters
-          created by the namespace configuration, and any added using 'custom-filter'), will be
-          applied to any other paths.</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="none"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-    <xs:attribute name="requires-channel" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Used to specify that a URL must be accessed over http or https, or that
-          there is no preference. The value should be "http", "https" or "any",
-          respectively.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="logout.attlist">
-    <xs:attribute name="logout-url" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Specifies the URL that will cause a logout. Spring Security will
-          initialize a filter that responds to this particular URL. Defaults to
-          /j_spring_security_logout if unspecified.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="logout-success-url" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Specifies the URL to display once the user has logged out. If not
-          specified, defaults to /.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="invalidate-session" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>Specifies whether a logout also causes HttpSession invalidation, which is
-          generally desirable. If unspecified, defaults to true.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="form-login.attlist">
-    <xs:attribute name="login-processing-url" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The URL that the login form is posted to. If unspecified, it defaults to
-          /j_spring_security_check.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="default-target-url" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The URL that will be redirected to after successful authentication, if the
-          user's previous action could not be resumed. This generally happens if the user visits a
-          login page without having first requested a secured operation that triggers
-          authentication. If unspecified, defaults to the root of the
-          application.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="always-use-default-target" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>Whether the user should always be redirected to the default-target-url
-          after login. </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="login-page" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The URL for the login page. If no login URL is specified, Spring Security
-          will automatically create a login URL at /spring_security_login and a corresponding filter
-          to render that login URL when requested.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="authentication-failure-url" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The URL for the login failure page. If no login failure URL is specified,
-          Spring Security will automatically create a failure login URL at
-          /spring_security_login?login_error and a corresponding filter to render that login failure
-          URL when requested.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="authentication-success-handler-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Reference to an AuthenticationSuccessHandler bean which should be used to
-          handle a successful authentication request. Should not be used in combination with
-          default-target-url (or always-use-default-target-url) as the implementation should always
-          deal with navigation to the subsequent destination</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="authentication-failure-handler-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Reference to an AuthenticationFailureHandler bean which should be used to
-          handle a failed authentication request. Should not be used in combination with
-          authentication-failure-url as the implementation should always deal with navigation to the
-          subsequent destination</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:element name="attribute-exchange">
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element maxOccurs="unbounded" ref="security:openid-attribute"/>
-      </xs:sequence>
-    </xs:complexType>
-  </xs:element>
-  <xs:element name="openid-attribute">
-    <xs:complexType>
-      <xs:attributeGroup ref="security:openid-attribute.attlist"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="openid-attribute.attlist">
-    <xs:attribute name="name" use="required" type="xs:token"/>
-    <xs:attribute name="type" use="required" type="xs:token"/>
-    <xs:attribute name="required" type="security:boolean"/>
-    <xs:attribute name="count" type="xs:int"/>
-  </xs:attributeGroup>
-  <xs:element name="filter-chain-map">
-    <xs:annotation>
-      <xs:documentation>Used to explicitly configure a FilterChainProxy instance with a
-        FilterChainMap</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element maxOccurs="unbounded" name="filter-chain">
-          <xs:annotation>
-            <xs:documentation>Used within filter-chain-map to define a specific URL pattern and the
-              list of filters which apply to the URLs matching that pattern. When multiple
-              filter-chain elements are used within a filter-chain-map element, the most specific
-              patterns must be placed at the top of the list, with most general ones at the
-              bottom.</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:filter-chain.attlist"/>
-          </xs:complexType>
-        </xs:element>
-      </xs:sequence>
-      <xs:attributeGroup ref="security:filter-chain-map.attlist"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="filter-chain-map.attlist">
-    <xs:attributeGroup ref="security:path-type"/>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="filter-chain.attlist">
-    <xs:attribute name="pattern" use="required" type="xs:token"/>
-    <xs:attribute name="filters" use="required" type="xs:token"/>
-  </xs:attributeGroup>
-  <xs:element name="filter-security-metadata-source">
-    <xs:annotation>
-      <xs:documentation>Used to explicitly configure a FilterSecurityMetadataSource bean for use
-        with a FilterSecurityInterceptor. Usually only needed if you are configuring a
-        FilterChainProxy explicitly, rather than using the &lt;http&gt; element. The
-        intercept-url elements used should only contain pattern, method and access attributes. Any
-        others will result in a configuration error. </xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element maxOccurs="unbounded" name="intercept-url">
-          <xs:annotation>
-            <xs:documentation>Specifies the access attributes and/or filter list for a particular
-              set of URLs.</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:intercept-url.attlist"/>
-          </xs:complexType>
-        </xs:element>
-      </xs:sequence>
-      <xs:attributeGroup ref="security:fsmds.attlist"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="fsmds.attlist">
-    <xs:attribute name="use-expressions" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>Enables the use of expressions in the 'access' attributes in
-          &lt;intercept-url&gt; elements rather than the traditional list of configuration
-          attributes. Defaults to 'false'. If enabled, each attribute should contain a single
-          boolean expression. If the expression evaluates to 'true', access will be granted.
-        </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="id" type="xs:ID">
-      <xs:annotation>
-        <xs:documentation>A bean identifier, used for referring to the bean elsewhere in the
-          context.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="lowercase-comparisons" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>as for http element</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="path-type">
-      <xs:annotation>
-        <xs:documentation>Defines the type of pattern used to specify URL paths (either JDK
-          1.4-compatible regular expressions, or Apache Ant expressions). Defaults to "ant" if
-          unspecified.</xs:documentation>
-      </xs:annotation>
-      <xs:simpleType>
-        <xs:restriction base="xs:token">
-          <xs:enumeration value="ant"/>
-          <xs:enumeration value="regex"/>
-        </xs:restriction>
-      </xs:simpleType>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:element name="filter-invocation-definition-source">
-    <xs:annotation>
-      <xs:documentation>Deprecated synonym for filter-security-metadata-source</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element maxOccurs="unbounded" name="intercept-url">
-          <xs:annotation>
-            <xs:documentation>Specifies the access attributes and/or filter list for a particular
-              set of URLs.</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:intercept-url.attlist"/>
-          </xs:complexType>
-        </xs:element>
-      </xs:sequence>
-      <xs:attributeGroup ref="security:fsmds.attlist"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="concurrent-sessions.attlist">
-    <xs:attribute name="max-sessions" type="xs:positiveInteger">
-      <xs:annotation>
-        <xs:documentation>The maximum number of sessions a single user can have open at the same
-          time. Defaults to "1".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="expired-url" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The URL a user will be redirected to if they attempt to use a session
-          which has been "expired" by the concurrent session controller because they have logged in
-          again.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="exception-if-maximum-exceeded" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>Specifies that an exception should be raised when a user attempts to login
-          when they already have the maximum configured sessions open. The default behaviour is to
-          expire the original session.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="session-registry-alias" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Allows you to define an alias for the SessionRegistry bean in order to
-          access it in your own configuration</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="session-registry-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A reference to an external SessionRegistry implementation which will be
-          used in place of the standard one. </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="session-controller-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Allows a custom session controller to be set on the internal http
-          AuthenticationManager. If used, the session-registry-ref attribute must also be
-          set.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="remember-me.attlist">
-    <xs:attribute name="key" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The "key" used to identify cookies from a specific token-based remember-me
-          application. You should set this to a unique value for your
-          application.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="token-repository-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Reference to a PersistentTokenRepository bean for use with the persistent
-          token remember-me implementation. </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="data-source-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A reference to a DataSource bean</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attributeGroup ref="security:remember-me-services-ref"/>
-    <xs:attribute name="user-service-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A reference to a user-service (or UserDetailsService bean)
-          Id</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="services-alias" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Exports the internally defined RememberMeServices as a bean alias,
-          allowing it to be used by other beans in the application context.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="token-validity-seconds" type="xs:integer">
-      <xs:annotation>
-        <xs:documentation>The period (in seconds) for which the remember-me cookie should be
-          valid.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="token-repository-ref">
-    <xs:attribute name="token-repository-ref" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Reference to a PersistentTokenRepository bean for use with the persistent
-          token remember-me implementation. </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="remember-me-services-ref">
-    <xs:attribute name="services-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Allows a custom implementation of RememberMeServices to be used. Note that
-          this implementation should return RememberMeAuthenticationToken instances with the same
-          "key" value as specified in the remember-me element. Alternatively it should register its
-          own AuthenticationProvider. </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="remember-me-data-source-ref">
-    <xs:attributeGroup ref="security:data-source-ref"/>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="anonymous.attlist">
-    <xs:attribute name="key" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The key shared between the provider and filter. This generally does not
-          need to be set. If unset, it will default to "doesNotMatter".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="username" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The username that should be assigned to the anonymous request. This allows
-          the principal to be identified, which may be important for logging and auditing. if unset,
-          defaults to "anonymousUser".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="granted-authority" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The granted authority that should be assigned to the anonymous request.
-          Commonly this is used to assign the anonymous request particular roles, which can
-          subsequently be used in authorization decisions. If unset, defaults to
-          "ROLE_ANONYMOUS".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="enabled" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>With the default namespace setup, the anonymous "authentication" facility
-          is automatically enabled. You can disable it using this property. </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="http-port">
-    <xs:attribute name="http" use="required" type="xs:token"/>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="https-port">
-    <xs:attribute name="https" use="required" type="xs:token"/>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="x509.attlist">
-    <xs:attribute name="subject-principal-regex" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The regular expression used to obtain the username from the certificate's
-          subject. Defaults to matching on the common name using the pattern
-          "CN=(.*?),".</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="user-service-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A reference to a user-service (or UserDetailsService bean)
-          Id</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:element name="authentication-manager">
-    <xs:annotation>
-      <xs:documentation>Registers the AuthenticationManager instance and allows its list of
-        AuthenticationProviders to be defined. should use. Also allows you to define an alias to
-        allow you to reference the AuthenticationManager in your own beans. </xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element minOccurs="0" maxOccurs="unbounded" name="authentication-provider">
-          <xs:annotation>
-            <xs:documentation>Indicates that the contained user-service should be used as an
-              authentication source. </xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:choice minOccurs="0" maxOccurs="unbounded">
-              <xs:element ref="security:any-user-service"/>
-              <xs:element name="password-encoder">
-                <xs:annotation>
-                  <xs:documentation>element which defines a password encoding strategy. Used by an
-                    authentication provider to convert submitted passwords to hashed versions, for
-                    example.</xs:documentation>
-                </xs:annotation>
-                <xs:complexType>
+               </xs:element>
+            </xs:choice>
+            <xs:element minOccurs="0" maxOccurs="unbounded" name="protect-pointcut">
+               <xs:annotation>
+                  <xs:documentation>Defines a protected pointcut and the access control
+                     configuration attributes that apply to it. Every bean registered in the Spring
+                     application context that provides a method that matches the pointcut will
+                     receive security authorization.</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:protect-pointcut.attlist"/>
+               </xs:complexType>
+            </xs:element>
+            <xs:element minOccurs="0" maxOccurs="unbounded" name="after-invocation-provider">
+               <xs:annotation>
+                  <xs:documentation>Allows addition of extra AfterInvocationProvider beans which
+                     should be called by the MethodSecurityInterceptor created by
+                     global-method-security.</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:ref"/>
+               </xs:complexType>
+            </xs:element>
+         </xs:sequence>
+         <xs:attributeGroup ref="security:global-method-security.attlist"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="global-method-security.attlist">
+      <xs:attribute name="pre-post-annotations">
+         <xs:annotation>
+            <xs:documentation>Specifies whether the use of Spring Security's pre and post invocation
+               annotations (@PreFilter, @PreAuthorize, @PostFilter, @PostAuthorize) should be
+               enabled for this application context. Defaults to "disabled".</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="disabled"/>
+               <xs:enumeration value="enabled"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+      <xs:attribute name="secured-annotations">
+         <xs:annotation>
+            <xs:documentation>Specifies whether the use of Spring Security's @Secured annotations
+               should be enabled for this application context. Defaults to
+               "disabled".</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="disabled"/>
+               <xs:enumeration value="enabled"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+      <xs:attribute name="jsr250-annotations">
+         <xs:annotation>
+            <xs:documentation>Specifies whether JSR-250 style attributes are to be used (for example
+               "RolesAllowed"). This will require the javax.annotation.security classes on the
+               classpath. Defaults to "disabled".</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="disabled"/>
+               <xs:enumeration value="enabled"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+      <xs:attribute name="access-decision-manager-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Optional AccessDecisionManager bean ID to override the default used
+               for method security.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="run-as-manager-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Optional RunAsmanager implementation which will be used by the
+               configured MethodSecurityInterceptor</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:element name="custom-after-invocation-provider">
+      <xs:annotation>
+         <xs:documentation>No longer supported. Use after-invocation-provider
+            instead.</xs:documentation>
+      </xs:annotation>
+      <xs:complexType/>
+   </xs:element>
+   <xs:attributeGroup name="protect-pointcut.attlist">
+      <xs:attribute name="expression" use="required" type="xs:string">
+         <xs:annotation>
+            <xs:documentation>An AspectJ expression, including the 'execution' keyword. For example,
+               'execution(int com.foo.TargetObject.countLength(String))' (without the
+               quotes).</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="access" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Access configuration attributes list that applies to all methods
+               matching the pointcut, e.g. "ROLE_A,ROLE_B"</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:element name="http">
+      <xs:annotation>
+         <xs:documentation>Container element for HTTP security configuration</xs:documentation>
+      </xs:annotation>
+      <xs:complexType>
+         <xs:choice minOccurs="0" maxOccurs="unbounded">
+            <xs:element name="intercept-url">
+               <xs:annotation>
+                  <xs:documentation>Specifies the access attributes and/or filter list for a
+                     particular set of URLs.</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:intercept-url.attlist"/>
+               </xs:complexType>
+            </xs:element>
+            <xs:element name="access-denied-handler">
+               <xs:annotation>
+                  <xs:documentation>Defines the access-denied strategy that should be used. An
+                     access denied page can be defined or a reference to an AccessDeniedHandler
+                     instance. </xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:access-denied-handler.attlist"/>
+               </xs:complexType>
+            </xs:element>
+            <xs:element name="form-login">
+               <xs:annotation>
+                  <xs:documentation>Sets up a form login configuration for authentication with a
+                     username and password</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:form-login.attlist"/>
+               </xs:complexType>
+            </xs:element>
+            <xs:element name="openid-login">
+               <xs:annotation>
+                  <xs:documentation>Sets up form login for authentication with an Open ID
+                     identity</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
                   <xs:sequence>
-                    <xs:element minOccurs="0" name="salt-source">
-                      <xs:annotation>
-                        <xs:documentation>Password salting strategy. A system-wide constant or a
-                          property from the UserDetails object can be used.</xs:documentation>
-                      </xs:annotation>
-                      <xs:complexType>
-                        <xs:attribute name="user-property" type="xs:token">
-                          <xs:annotation>
-                            <xs:documentation>A property of the UserDetails object which will be
-                              used as salt by a password encoder. Typically something like
-                              "username" might be used. </xs:documentation>
-                          </xs:annotation>
-                        </xs:attribute>
-                        <xs:attribute name="system-wide" type="xs:token">
-                          <xs:annotation>
-                            <xs:documentation>A single value that will be used as the salt for a
-                              password encoder. </xs:documentation>
-                          </xs:annotation>
-                        </xs:attribute>
-                        <xs:attribute name="ref" type="xs:token">
-                          <xs:annotation>
-                            <xs:documentation>Defines a reference to a Spring bean
-                              Id.</xs:documentation>
-                          </xs:annotation>
-                        </xs:attribute>
-                      </xs:complexType>
-                    </xs:element>
+                     <xs:element minOccurs="0" ref="security:attribute-exchange"/>
                   </xs:sequence>
-                  <xs:attributeGroup ref="security:password-encoder.attlist"/>
-                </xs:complexType>
-              </xs:element>
-            </xs:choice>
-            <xs:attributeGroup ref="security:ap.attlist"/>
-          </xs:complexType>
-        </xs:element>
-        <xs:element minOccurs="0" maxOccurs="unbounded" name="ldap-authentication-provider">
-          <xs:annotation>
-            <xs:documentation>Sets up an ldap authentication provider</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:sequence>
-              <xs:element minOccurs="0" name="password-compare">
-                <xs:annotation>
-                  <xs:documentation>Specifies that an LDAP provider should use an LDAP compare
-                    operation of the user's password to authenticate the user</xs:documentation>
-                </xs:annotation>
-                <xs:complexType>
+                  <xs:attributeGroup ref="security:form-login.attlist"/>
+                  <xs:attribute name="user-service-ref" type="xs:token">
+                     <xs:annotation>
+                        <xs:documentation>A reference to a user-service (or UserDetailsService bean)
+                           Id</xs:documentation>
+                     </xs:annotation>
+                  </xs:attribute>
+               </xs:complexType>
+            </xs:element>
+            <xs:element name="x509">
+               <xs:annotation>
+                  <xs:documentation>Adds support for X.509 client authentication.</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:x509.attlist"/>
+               </xs:complexType>
+            </xs:element>
+            <xs:element name="http-basic">
+               <xs:annotation>
+                  <xs:documentation>Adds support for basic authentication (this is an element to
+                     permit future expansion, such as supporting an "ignoreFailure"
+                     attribute)</xs:documentation>
+               </xs:annotation>
+               <xs:complexType/>
+            </xs:element>
+            <xs:element name="logout">
+               <xs:annotation>
+                  <xs:documentation>Incorporates a logout processing filter. Most web applications
+                     require a logout filter, although you may not require one if you write a
+                     controller to provider similar logic.</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:logout.attlist"/>
+               </xs:complexType>
+            </xs:element>
+            <xs:element name="concurrent-session-control">
+               <xs:annotation>
+                  <xs:documentation>Adds support for concurrent session control, allowing limits to
+                     be placed on the number of sessions a user can have.</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:concurrent-sessions.attlist"/>
+               </xs:complexType>
+            </xs:element>
+            <xs:element name="remember-me">
+               <xs:annotation>
+                  <xs:documentation>Sets up remember-me authentication. If used with the "key"
+                     attribute (or no attributes) the cookie-only implementation will be used.
+                     Specifying "token-repository-ref" or "remember-me-data-source-ref" will use the
+                     more secure, persisten token approach. </xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:remember-me.attlist"/>
+               </xs:complexType>
+            </xs:element>
+            <xs:element name="anonymous">
+               <xs:annotation>
+                  <xs:documentation>Adds support for automatically granting all anonymous web
+                     requests a particular principal identity and a corresponding granted
+                     authority.</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:anonymous.attlist"/>
+               </xs:complexType>
+            </xs:element>
+            <xs:element name="port-mappings">
+               <xs:annotation>
+                  <xs:documentation>Defines the list of mappings between http and https ports for
+                     use in redirects</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
                   <xs:sequence>
-                    <xs:element minOccurs="0" name="password-encoder">
-                      <xs:annotation>
-                        <xs:documentation>element which defines a password encoding strategy. Used
-                          by an authentication provider to convert submitted passwords to hashed
-                          versions, for example.</xs:documentation>
-                      </xs:annotation>
-                      <xs:complexType>
-                        <xs:sequence>
-                          <xs:element minOccurs="0" name="salt-source">
-                            <xs:annotation>
-                              <xs:documentation>Password salting strategy. A system-wide constant or
-                                a property from the UserDetails object can be
-                                used.</xs:documentation>
-                            </xs:annotation>
-                            <xs:complexType>
-                              <xs:attribute name="user-property" type="xs:token">
-                                <xs:annotation>
-                                  <xs:documentation>A property of the UserDetails object which will
-                                    be used as salt by a password encoder. Typically something like
-                                    "username" might be used. </xs:documentation>
-                                </xs:annotation>
-                              </xs:attribute>
-                              <xs:attribute name="system-wide" type="xs:token">
-                                <xs:annotation>
-                                  <xs:documentation>A single value that will be used as the salt for
-                                    a password encoder. </xs:documentation>
-                                </xs:annotation>
-                              </xs:attribute>
-                              <xs:attribute name="ref" type="xs:token">
-                                <xs:annotation>
-                                  <xs:documentation>Defines a reference to a Spring bean
-                                    Id.</xs:documentation>
-                                </xs:annotation>
-                              </xs:attribute>
-                            </xs:complexType>
-                          </xs:element>
-                        </xs:sequence>
-                        <xs:attributeGroup ref="security:password-encoder.attlist"/>
-                      </xs:complexType>
-                    </xs:element>
+                     <xs:element maxOccurs="unbounded" name="port-mapping">
+                        <xs:complexType>
+                           <xs:attributeGroup ref="security:http-port"/>
+                           <xs:attributeGroup ref="security:https-port"/>
+                        </xs:complexType>
+                     </xs:element>
                   </xs:sequence>
-                  <xs:attributeGroup ref="security:password-compare.attlist"/>
-                </xs:complexType>
-              </xs:element>
-            </xs:sequence>
-            <xs:attributeGroup ref="security:ldap-ap.attlist"/>
-          </xs:complexType>
-        </xs:element>
-      </xs:sequence>
-      <xs:attributeGroup ref="security:authman.attlist"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="authman.attlist">
-    <xs:attribute name="alias" type="xs:ID">
-      <xs:annotation>
-        <xs:documentation>The alias you wish to use for the AuthenticationManager
-          bean</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="ap.attlist">
-    <xs:attribute name="ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Defines a reference to a Spring bean Id.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="user-service-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A reference to a user-service (or UserDetailsService bean)
-          Id</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:element name="user-service" substitutionGroup="security:any-user-service">
-    <xs:annotation>
-      <xs:documentation>Creates an in-memory UserDetailsService from a properties file or a list of
-        "user" child elements.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:sequence>
-        <xs:element minOccurs="0" maxOccurs="unbounded" name="user">
-          <xs:annotation>
-            <xs:documentation>Represents a user in the application.</xs:documentation>
-          </xs:annotation>
-          <xs:complexType>
-            <xs:attributeGroup ref="security:user.attlist"/>
-          </xs:complexType>
-        </xs:element>
-      </xs:sequence>
-      <xs:attribute name="id" type="xs:ID">
-        <xs:annotation>
-          <xs:documentation>A bean identifier, used for referring to the bean elsewhere in the
-            context.</xs:documentation>
-        </xs:annotation>
-      </xs:attribute>
-      <xs:attributeGroup ref="security:properties-file"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="properties-file">
-    <xs:attribute name="properties" type="xs:token"/>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="user.attlist">
-    <xs:attribute name="name" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The username assigned to the user.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="password" use="required" type="xs:string">
-      <xs:annotation>
-        <xs:documentation>The password assigned to the user. This may be hashed if the corresponding
-          authentication provider supports hashing (remember to set the "hash" attribute of the
-          "user-service" element).</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="authorities" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>One of more authorities granted to the user. Separate authorities with a
-          comma (but no space). For example, "ROLE_USER,ROLE_ADMINISTRATOR"</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="locked" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>Can be set to "true" to mark an account as locked and
-          unusable.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="disabled" type="security:boolean">
-      <xs:annotation>
-        <xs:documentation>Can be set to "true" to mark an account as disabled and
-          unusable.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:element name="jdbc-user-service" substitutionGroup="security:any-user-service">
-    <xs:annotation>
-      <xs:documentation>Causes creation of a JDBC-based UserDetailsService.</xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
+               </xs:complexType>
+            </xs:element>
+            <xs:element ref="security:custom-filter"/>
+         </xs:choice>
+         <xs:attributeGroup ref="security:http.attlist"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="http.attlist">
+      <xs:attribute name="auto-config" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Automatically registers a login form, BASIC authentication, anonymous
+               authentication, logout services, remember-me and servlet-api-integration. If set to
+               "true", all of these capabilities are added (although you can still customize the
+               configuration of each by providing the respective element). If unspecified, defaults
+               to "false".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="use-expressions" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Enables the use of expressions in the 'access' attributes in
+               &lt;intercept-url&gt; elements rather than the traditional list of
+               configuration attributes. Defaults to 'false'. If enabled, each attribute should
+               contain a single boolean expression. If the expression evaluates to 'true', access
+               will be granted. </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="create-session">
+         <xs:annotation>
+            <xs:documentation>Controls the eagerness with which an HTTP session is created. If not
+               set, defaults to "ifRequired". Note that if a custom SecurityContextRepository is set
+               using security-context-repository-ref, then the only value which can be set is
+               "always". Otherwise the session creation behaviour will be determined by the
+               repository bean implementation.</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="ifRequired"/>
+               <xs:enumeration value="always"/>
+               <xs:enumeration value="never"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+      <xs:attribute name="security-context-repository-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A reference to a SecurityContextRepository bean. This can be used to
+               customize how the SecurityContext is stored between requests.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="path-type">
+         <xs:annotation>
+            <xs:documentation>Defines the type of pattern used to specify URL paths (either JDK
+               1.4-compatible regular expressions, or Apache Ant expressions). Defaults to "ant" if
+               unspecified.</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="ant"/>
+               <xs:enumeration value="regex"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+      <xs:attribute name="lowercase-comparisons" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Whether test URLs should be converted to lower case prior to comparing
+               with defined path patterns. If unspecified, defaults to "true".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="servlet-api-provision" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Provides versions of HttpServletRequest security methods such as
+               isUserInRole() and getPrincipal() which are implemented by accessing the Spring
+               SecurityContext. Defaults to "true".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="access-decision-manager-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Optional attribute specifying the ID of the AccessDecisionManager
+               implementation which should be used for authorizing HTTP requests.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="realm" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Optional attribute specifying the realm name that will be used for all
+               authentication features that require a realm name (eg BASIC and Digest
+               authentication). If unspecified, defaults to "Spring Security
+               Application".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="session-fixation-protection">
+         <xs:annotation>
+            <xs:documentation>Indicates whether an existing session should be invalidated when a
+               user authenticates and a new session started. If set to "none" no change will be
+               made. "newSession" will create a new empty session. "migrateSession" will create a
+               new session and copy the session attributes to the new session. Defaults to
+               "migrateSession".</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="none"/>
+               <xs:enumeration value="newSession"/>
+               <xs:enumeration value="migrateSession"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+      <xs:attribute name="entry-point-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Allows a customized AuthenticationEntryPoint to be
+               used.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="once-per-request" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Corresponds to the observeOncePerRequest property of
+               FilterSecurityInterceptor. Defaults to "true"</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="access-denied-page" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Deprecated in favour of the access-denied-handler
+               element.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="disable-url-rewriting" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation> </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="invalid-session-url" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The URL to which a user will be redirected if they submit an invalid
+               session indentifier. Typically used to detect session timeouts.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="access-denied-handler.attlist">
+      <xs:attribute name="ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Defines a reference to a Spring bean Id.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="error-page" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The access denied page that an authenticated user will be redirected
+               to if they request a page which they don't have the authority to access.
+            </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="access-denied-handler-page">
+      <xs:attribute name="error-page" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The access denied page that an authenticated user will be redirected
+               to if they request a page which they don't have the authority to access.
+            </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="intercept-url.attlist">
+      <xs:attribute name="pattern" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The pattern which defines the URL path. The content will depend on the
+               type set in the containing http element, so will default to ant path
+               syntax.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="access" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The access configuration attributes that apply for the configured
+               path.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="method">
+         <xs:annotation>
+            <xs:documentation>The HTTP Method for which the access configuration attributes should
+               apply. If not specified, the attributes will apply to any method.</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="GET"/>
+               <xs:enumeration value="DELETE"/>
+               <xs:enumeration value="HEAD"/>
+               <xs:enumeration value="OPTIONS"/>
+               <xs:enumeration value="POST"/>
+               <xs:enumeration value="PUT"/>
+               <xs:enumeration value="TRACE"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+      <xs:attribute name="filters">
+         <xs:annotation>
+            <xs:documentation>The filter list for the path. Currently can be set to "none" to remove
+               a path from having any filters applied. The full filter stack (consisting of all
+               filters created by the namespace configuration, and any added using 'custom-filter'),
+               will be applied to any other paths.</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="none"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+      <xs:attribute name="requires-channel" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Used to specify that a URL must be accessed over http or https, or
+               that there is no preference. The value should be "http", "https" or "any",
+               respectively.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="logout.attlist">
+      <xs:attribute name="logout-url" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Specifies the URL that will cause a logout. Spring Security will
+               initialize a filter that responds to this particular URL. Defaults to
+               /j_spring_security_logout if unspecified.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="logout-success-url" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Specifies the URL to display once the user has logged out. If not
+               specified, defaults to /.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="invalidate-session" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Specifies whether a logout also causes HttpSession invalidation, which
+               is generally desirable. If unspecified, defaults to true.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="form-login.attlist">
+      <xs:attribute name="login-processing-url" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The URL that the login form is posted to. If unspecified, it defaults
+               to /j_spring_security_check.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="default-target-url" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The URL that will be redirected to after successful authentication, if
+               the user's previous action could not be resumed. This generally happens if the user
+               visits a login page without having first requested a secured operation that triggers
+               authentication. If unspecified, defaults to the root of the
+               application.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="always-use-default-target" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Whether the user should always be redirected to the default-target-url
+               after login. </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="login-page" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The URL for the login page. If no login URL is specified, Spring
+               Security will automatically create a login URL at /spring_security_login and a
+               corresponding filter to render that login URL when requested.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="authentication-failure-url" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The URL for the login failure page. If no login failure URL is
+               specified, Spring Security will automatically create a failure login URL at
+               /spring_security_login?login_error and a corresponding filter to render that login
+               failure URL when requested.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="authentication-success-handler-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Reference to an AuthenticationSuccessHandler bean which should be used
+               to handle a successful authentication request. Should not be used in combination with
+               default-target-url (or always-use-default-target-url) as the implementation should
+               always deal with navigation to the subsequent destination</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="authentication-failure-handler-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Reference to an AuthenticationFailureHandler bean which should be used
+               to handle a failed authentication request. Should not be used in combination with
+               authentication-failure-url as the implementation should always deal with navigation
+               to the subsequent destination</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:element name="attribute-exchange">
+      <xs:complexType>
+         <xs:sequence>
+            <xs:element maxOccurs="unbounded" ref="security:openid-attribute"/>
+         </xs:sequence>
+      </xs:complexType>
+   </xs:element>
+   <xs:element name="openid-attribute">
+      <xs:complexType>
+         <xs:attributeGroup ref="security:openid-attribute.attlist"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="openid-attribute.attlist">
+      <xs:attribute name="name" use="required" type="xs:token"/>
+      <xs:attribute name="type" use="required" type="xs:token"/>
+      <xs:attribute name="required" type="security:boolean"/>
+      <xs:attribute name="count" type="xs:int"/>
+   </xs:attributeGroup>
+   <xs:element name="filter-chain-map">
+      <xs:annotation>
+         <xs:documentation>Used to explicitly configure a FilterChainProxy instance with a
+            FilterChainMap</xs:documentation>
+      </xs:annotation>
+      <xs:complexType>
+         <xs:sequence>
+            <xs:element maxOccurs="unbounded" name="filter-chain">
+               <xs:annotation>
+                  <xs:documentation>Used within filter-chain-map to define a specific URL pattern
+                     and the list of filters which apply to the URLs matching that pattern. When
+                     multiple filter-chain elements are used within a filter-chain-map element, the
+                     most specific patterns must be placed at the top of the list, with most general
+                     ones at the bottom.</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:filter-chain.attlist"/>
+               </xs:complexType>
+            </xs:element>
+         </xs:sequence>
+         <xs:attributeGroup ref="security:filter-chain-map.attlist"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="filter-chain-map.attlist">
+      <xs:attributeGroup ref="security:path-type"/>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="filter-chain.attlist">
+      <xs:attribute name="pattern" use="required" type="xs:token"/>
+      <xs:attribute name="filters" use="required" type="xs:token"/>
+   </xs:attributeGroup>
+   <xs:element name="filter-security-metadata-source">
+      <xs:annotation>
+         <xs:documentation>Used to explicitly configure a FilterSecurityMetadataSource bean for use
+            with a FilterSecurityInterceptor. Usually only needed if you are configuring a
+            FilterChainProxy explicitly, rather than using the &lt;http&gt; element. The
+            intercept-url elements used should only contain pattern, method and access attributes.
+            Any others will result in a configuration error. </xs:documentation>
+      </xs:annotation>
+      <xs:complexType>
+         <xs:sequence>
+            <xs:element maxOccurs="unbounded" name="intercept-url">
+               <xs:annotation>
+                  <xs:documentation>Specifies the access attributes and/or filter list for a
+                     particular set of URLs.</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:intercept-url.attlist"/>
+               </xs:complexType>
+            </xs:element>
+         </xs:sequence>
+         <xs:attributeGroup ref="security:fsmds.attlist"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="fsmds.attlist">
+      <xs:attribute name="use-expressions" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Enables the use of expressions in the 'access' attributes in
+               &lt;intercept-url&gt; elements rather than the traditional list of
+               configuration attributes. Defaults to 'false'. If enabled, each attribute should
+               contain a single boolean expression. If the expression evaluates to 'true', access
+               will be granted. </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
       <xs:attribute name="id" type="xs:ID">
-        <xs:annotation>
-          <xs:documentation>A bean identifier, used for referring to the bean elsewhere in the
-            context.</xs:documentation>
-        </xs:annotation>
-      </xs:attribute>
-      <xs:attributeGroup ref="security:jdbc-user-service.attlist"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="jdbc-user-service.attlist">
-    <xs:attribute name="data-source-ref" use="required" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>The bean ID of the DataSource which provides the required
-          tables.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="cache-ref" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>Defines a reference to a cache for use with a
-          UserDetailsService.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="users-by-username-query" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>An SQL statement to query a username, password, and enabled status given a
-          username</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="authorities-by-username-query" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>An SQL statement to query for a user's granted authorities given a
-          username.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="group-authorities-by-username-query" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>An SQL statement to query user's group authorities given a
-          username.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="role-prefix" type="xs:token">
-      <xs:annotation>
-        <xs:documentation>A non-empty string prefix that will be added to role strings loaded from
-          persistent storage (e.g. "ROLE_"). Use the value "none" for no prefix in cases where the
-          default is non-empty.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:element name="any-user-service" abstract="true"/>
-  <xs:element name="custom-filter">
-    <xs:annotation>
-      <xs:documentation>Used to indicate that a filter bean declaration should be incorporated into
-        the security filter chain. </xs:documentation>
-    </xs:annotation>
-    <xs:complexType>
-      <xs:attributeGroup ref="security:custom-filter.attlist"/>
-    </xs:complexType>
-  </xs:element>
-  <xs:attributeGroup name="custom-filter.attlist">
-    <xs:attributeGroup ref="security:ref"/>
-    <xs:attribute name="after" type="security:named-security-filter">
-      <xs:annotation>
-        <xs:documentation>The filter immediately after which the custom-filter should be placed in
-          the chain. This feature will only be needed by advanced users who wish to mix their own
-          filters into the security filter chain and have some knowledge of the standard Spring
-          Security filters. The filter names map to specific Spring Security implementation filters.
-        </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="before" type="security:named-security-filter">
-      <xs:annotation>
-        <xs:documentation>The filter immediately before which the custom-filter should be placed in
-          the chain</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-    <xs:attribute name="position" type="security:named-security-filter">
-      <xs:annotation>
-        <xs:documentation>The explicit position at which the custom-filter should be placed in the
-          chain. Use if you are replacing a standard filter.</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="after">
-    <xs:attribute name="after" use="required" type="security:named-security-filter">
-      <xs:annotation>
-        <xs:documentation>The filter immediately after which the custom-filter should be placed in
-          the chain. This feature will only be needed by advanced users who wish to mix their own
-          filters into the security filter chain and have some knowledge of the standard Spring
-          Security filters. The filter names map to specific Spring Security implementation filters.
-        </xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="before">
-    <xs:attribute name="before" use="required" type="security:named-security-filter">
-      <xs:annotation>
-        <xs:documentation>The filter immediately before which the custom-filter should be placed in
-          the chain</xs:documentation>
-      </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:attributeGroup name="position">
-    <xs:attribute name="position" use="required" type="security:named-security-filter">
+         <xs:annotation>
+            <xs:documentation>A bean identifier, used for referring to the bean elsewhere in the
+               context.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="lowercase-comparisons" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>as for http element</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="path-type">
+         <xs:annotation>
+            <xs:documentation>Defines the type of pattern used to specify URL paths (either JDK
+               1.4-compatible regular expressions, or Apache Ant expressions). Defaults to "ant" if
+               unspecified.</xs:documentation>
+         </xs:annotation>
+         <xs:simpleType>
+            <xs:restriction base="xs:token">
+               <xs:enumeration value="ant"/>
+               <xs:enumeration value="regex"/>
+            </xs:restriction>
+         </xs:simpleType>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:element name="filter-invocation-definition-source">
+      <xs:annotation>
+         <xs:documentation>Deprecated synonym for filter-security-metadata-source</xs:documentation>
+      </xs:annotation>
+      <xs:complexType>
+         <xs:sequence>
+            <xs:element maxOccurs="unbounded" name="intercept-url">
+               <xs:annotation>
+                  <xs:documentation>Specifies the access attributes and/or filter list for a
+                     particular set of URLs.</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:intercept-url.attlist"/>
+               </xs:complexType>
+            </xs:element>
+         </xs:sequence>
+         <xs:attributeGroup ref="security:fsmds.attlist"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="concurrent-sessions.attlist">
+      <xs:attribute name="max-sessions" type="xs:positiveInteger">
+         <xs:annotation>
+            <xs:documentation>The maximum number of sessions a single user can have open at the same
+               time. Defaults to "1".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="expired-url" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The URL a user will be redirected to if they attempt to use a session
+               which has been "expired" by the concurrent session controller because they have
+               logged in again.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="exception-if-maximum-exceeded" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Specifies that an exception should be raised when a user attempts to
+               login when they already have the maximum configured sessions open. The default
+               behaviour is to expire the original session.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="session-registry-alias" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Allows you to define an alias for the SessionRegistry bean in order to
+               access it in your own configuration</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="session-registry-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A reference to an external SessionRegistry implementation which will
+               be used in place of the standard one. </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="session-controller-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Allows a custom session controller to be set on the internal http
+               AuthenticationManager. If used, the session-registry-ref attribute must also be
+               set.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="remember-me.attlist">
+      <xs:attribute name="key" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The "key" used to identify cookies from a specific token-based
+               remember-me application. You should set this to a unique value for your
+               application.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="token-repository-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Reference to a PersistentTokenRepository bean for use with the
+               persistent token remember-me implementation. </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="data-source-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A reference to a DataSource bean</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attributeGroup ref="security:remember-me-services-ref"/>
+      <xs:attribute name="user-service-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A reference to a user-service (or UserDetailsService bean)
+               Id</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="services-alias" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Exports the internally defined RememberMeServices as a bean alias,
+               allowing it to be used by other beans in the application context.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="use-secure-cookie" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Determines whether the "secure" flag will be set on the remember-me
+               cookie. If set to true, the cookie will only be submitted over HTTPS. Defaults to
+               false.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="token-validity-seconds" type="xs:integer">
+         <xs:annotation>
+            <xs:documentation>The period (in seconds) for which the remember-me cookie should be
+               valid.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="token-repository-ref">
+      <xs:attribute name="token-repository-ref" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Reference to a PersistentTokenRepository bean for use with the
+               persistent token remember-me implementation. </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="remember-me-services-ref">
+      <xs:attribute name="services-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Allows a custom implementation of RememberMeServices to be used. Note
+               that this implementation should return RememberMeAuthenticationToken instances with
+               the same "key" value as specified in the remember-me element. Alternatively it should
+               register its own AuthenticationProvider. </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="remember-me-data-source-ref">
+      <xs:attributeGroup ref="security:data-source-ref"/>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="anonymous.attlist">
+      <xs:attribute name="key" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The key shared between the provider and filter. This generally does
+               not need to be set. If unset, it will default to "doesNotMatter".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="username" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The username that should be assigned to the anonymous request. This
+               allows the principal to be identified, which may be important for logging and
+               auditing. if unset, defaults to "anonymousUser".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="granted-authority" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The granted authority that should be assigned to the anonymous
+               request. Commonly this is used to assign the anonymous request particular roles,
+               which can subsequently be used in authorization decisions. If unset, defaults to
+               "ROLE_ANONYMOUS".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="enabled" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>With the default namespace setup, the anonymous "authentication"
+               facility is automatically enabled. You can disable it using this property.
+            </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="http-port">
+      <xs:attribute name="http" use="required" type="xs:token"/>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="https-port">
+      <xs:attribute name="https" use="required" type="xs:token"/>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="x509.attlist">
+      <xs:attribute name="subject-principal-regex" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The regular expression used to obtain the username from the
+               certificate's subject. Defaults to matching on the common name using the pattern
+               "CN=(.*?),".</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="user-service-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A reference to a user-service (or UserDetailsService bean)
+               Id</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:element name="authentication-manager">
+      <xs:annotation>
+         <xs:documentation>Registers the AuthenticationManager instance and allows its list of
+            AuthenticationProviders to be defined. should use. Also allows you to define an alias to
+            allow you to reference the AuthenticationManager in your own beans. </xs:documentation>
+      </xs:annotation>
+      <xs:complexType>
+         <xs:sequence>
+            <xs:element minOccurs="0" maxOccurs="unbounded" name="authentication-provider">
+               <xs:annotation>
+                  <xs:documentation>Indicates that the contained user-service should be used as an
+                     authentication source. </xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:choice minOccurs="0" maxOccurs="unbounded">
+                     <xs:element ref="security:any-user-service"/>
+                     <xs:element name="password-encoder">
+                        <xs:annotation>
+                           <xs:documentation>element which defines a password encoding strategy.
+                              Used by an authentication provider to convert submitted passwords to
+                              hashed versions, for example.</xs:documentation>
+                        </xs:annotation>
+                        <xs:complexType>
+                           <xs:sequence>
+                              <xs:element minOccurs="0" name="salt-source">
+                                 <xs:annotation>
+                                    <xs:documentation>Password salting strategy. A system-wide
+                                       constant or a property from the UserDetails object can be
+                                       used.</xs:documentation>
+                                 </xs:annotation>
+                                 <xs:complexType>
+                                    <xs:attribute name="user-property" type="xs:token">
+                                       <xs:annotation>
+                                          <xs:documentation>A property of the UserDetails object
+                                             which will be used as salt by a password encoder.
+                                             Typically something like "username" might be used.
+                                          </xs:documentation>
+                                       </xs:annotation>
+                                    </xs:attribute>
+                                    <xs:attribute name="system-wide" type="xs:token">
+                                       <xs:annotation>
+                                          <xs:documentation>A single value that will be used as the
+                                             salt for a password encoder. </xs:documentation>
+                                       </xs:annotation>
+                                    </xs:attribute>
+                                    <xs:attribute name="ref" type="xs:token">
+                                       <xs:annotation>
+                                          <xs:documentation>Defines a reference to a Spring bean
+                                             Id.</xs:documentation>
+                                       </xs:annotation>
+                                    </xs:attribute>
+                                 </xs:complexType>
+                              </xs:element>
+                           </xs:sequence>
+                           <xs:attributeGroup ref="security:password-encoder.attlist"/>
+                        </xs:complexType>
+                     </xs:element>
+                  </xs:choice>
+                  <xs:attributeGroup ref="security:ap.attlist"/>
+               </xs:complexType>
+            </xs:element>
+            <xs:element minOccurs="0" maxOccurs="unbounded" name="ldap-authentication-provider">
+               <xs:annotation>
+                  <xs:documentation>Sets up an ldap authentication provider</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:sequence>
+                     <xs:element minOccurs="0" name="password-compare">
+                        <xs:annotation>
+                           <xs:documentation>Specifies that an LDAP provider should use an LDAP
+                              compare operation of the user's password to authenticate the
+                              user</xs:documentation>
+                        </xs:annotation>
+                        <xs:complexType>
+                           <xs:sequence>
+                              <xs:element minOccurs="0" name="password-encoder">
+                                 <xs:annotation>
+                                    <xs:documentation>element which defines a password encoding
+                                       strategy. Used by an authentication provider to convert
+                                       submitted passwords to hashed versions, for
+                                       example.</xs:documentation>
+                                 </xs:annotation>
+                                 <xs:complexType>
+                                    <xs:sequence>
+                                       <xs:element minOccurs="0" name="salt-source">
+                                          <xs:annotation>
+                                             <xs:documentation>Password salting strategy. A
+                                                system-wide constant or a property from the
+                                                UserDetails object can be used.</xs:documentation>
+                                          </xs:annotation>
+                                          <xs:complexType>
+                                             <xs:attribute name="user-property" type="xs:token">
+                                                <xs:annotation>
+                                                  <xs:documentation>A property of the UserDetails
+                                                  object which will be used as salt by a password
+                                                  encoder. Typically something like "username" might
+                                                  be used. </xs:documentation>
+                                                </xs:annotation>
+                                             </xs:attribute>
+                                             <xs:attribute name="system-wide" type="xs:token">
+                                                <xs:annotation>
+                                                  <xs:documentation>A single value that will be used
+                                                  as the salt for a password encoder.
+                                                  </xs:documentation>
+                                                </xs:annotation>
+                                             </xs:attribute>
+                                             <xs:attribute name="ref" type="xs:token">
+                                                <xs:annotation>
+                                                  <xs:documentation>Defines a reference to a Spring
+                                                  bean Id.</xs:documentation>
+                                                </xs:annotation>
+                                             </xs:attribute>
+                                          </xs:complexType>
+                                       </xs:element>
+                                    </xs:sequence>
+                                    <xs:attributeGroup ref="security:password-encoder.attlist"/>
+                                 </xs:complexType>
+                              </xs:element>
+                           </xs:sequence>
+                           <xs:attributeGroup ref="security:password-compare.attlist"/>
+                        </xs:complexType>
+                     </xs:element>
+                  </xs:sequence>
+                  <xs:attributeGroup ref="security:ldap-ap.attlist"/>
+               </xs:complexType>
+            </xs:element>
+         </xs:sequence>
+         <xs:attributeGroup ref="security:authman.attlist"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="authman.attlist">
+      <xs:attribute name="alias" type="xs:ID">
+         <xs:annotation>
+            <xs:documentation>The alias you wish to use for the AuthenticationManager
+               bean</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="ap.attlist">
+      <xs:attribute name="ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Defines a reference to a Spring bean Id.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="user-service-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A reference to a user-service (or UserDetailsService bean)
+               Id</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:element name="user-service" substitutionGroup="security:any-user-service">
+      <xs:annotation>
+         <xs:documentation>Creates an in-memory UserDetailsService from a properties file or a list
+            of "user" child elements.</xs:documentation>
+      </xs:annotation>
+      <xs:complexType>
+         <xs:sequence>
+            <xs:element minOccurs="0" maxOccurs="unbounded" name="user">
+               <xs:annotation>
+                  <xs:documentation>Represents a user in the application.</xs:documentation>
+               </xs:annotation>
+               <xs:complexType>
+                  <xs:attributeGroup ref="security:user.attlist"/>
+               </xs:complexType>
+            </xs:element>
+         </xs:sequence>
+         <xs:attribute name="id" type="xs:ID">
+            <xs:annotation>
+               <xs:documentation>A bean identifier, used for referring to the bean elsewhere in the
+                  context.</xs:documentation>
+            </xs:annotation>
+         </xs:attribute>
+         <xs:attributeGroup ref="security:properties-file"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="properties-file">
+      <xs:attribute name="properties" type="xs:token"/>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="user.attlist">
+      <xs:attribute name="name" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The username assigned to the user.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="password" use="required" type="xs:string">
+         <xs:annotation>
+            <xs:documentation>The password assigned to the user. This may be hashed if the
+               corresponding authentication provider supports hashing (remember to set the "hash"
+               attribute of the "user-service" element).</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="authorities" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>One of more authorities granted to the user. Separate authorities with
+               a comma (but no space). For example,
+               "ROLE_USER,ROLE_ADMINISTRATOR"</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="locked" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Can be set to "true" to mark an account as locked and
+               unusable.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="disabled" type="security:boolean">
+         <xs:annotation>
+            <xs:documentation>Can be set to "true" to mark an account as disabled and
+               unusable.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:element name="jdbc-user-service" substitutionGroup="security:any-user-service">
       <xs:annotation>
-        <xs:documentation>The explicit position at which the custom-filter should be placed in the
-          chain. Use if you are replacing a standard filter.</xs:documentation>
+         <xs:documentation>Causes creation of a JDBC-based UserDetailsService.</xs:documentation>
       </xs:annotation>
-    </xs:attribute>
-  </xs:attributeGroup>
-  <xs:simpleType name="named-security-filter">
-    <xs:restriction base="xs:token">
-      <xs:enumeration value="FIRST"/>
-      <xs:enumeration value="CHANNEL_FILTER"/>
-      <xs:enumeration value="CONCURRENT_SESSION_FILTER"/>
-      <xs:enumeration value="SESSION_CONTEXT_INTEGRATION_FILTER"/>
-      <xs:enumeration value="LOGOUT_FILTER"/>
-      <xs:enumeration value="X509_FILTER"/>
-      <xs:enumeration value="PRE_AUTH_FILTER"/>
-      <xs:enumeration value="CAS_PROCESSING_FILTER"/>
-      <xs:enumeration value="AUTHENTICATION_PROCESSING_FILTER"/>
-      <xs:enumeration value="OPENID_PROCESSING_FILTER"/>
-      <xs:enumeration value="BASIC_PROCESSING_FILTER"/>
-      <xs:enumeration value="SERVLET_API_SUPPORT_FILTER"/>
-      <xs:enumeration value="REMEMBER_ME_FILTER"/>
-      <xs:enumeration value="ANONYMOUS_FILTER"/>
-      <xs:enumeration value="EXCEPTION_TRANSLATION_FILTER"/>
-      <xs:enumeration value="NTLM_FILTER"/>
-      <xs:enumeration value="FILTER_SECURITY_INTERCEPTOR"/>
-      <xs:enumeration value="SWITCH_USER_FILTER"/>
-      <xs:enumeration value="LAST"/>
-    </xs:restriction>
-  </xs:simpleType>
+      <xs:complexType>
+         <xs:attribute name="id" type="xs:ID">
+            <xs:annotation>
+               <xs:documentation>A bean identifier, used for referring to the bean elsewhere in the
+                  context.</xs:documentation>
+            </xs:annotation>
+         </xs:attribute>
+         <xs:attributeGroup ref="security:jdbc-user-service.attlist"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="jdbc-user-service.attlist">
+      <xs:attribute name="data-source-ref" use="required" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>The bean ID of the DataSource which provides the required
+               tables.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="cache-ref" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>Defines a reference to a cache for use with a
+               UserDetailsService.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="users-by-username-query" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>An SQL statement to query a username, password, and enabled status
+               given a username</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="authorities-by-username-query" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>An SQL statement to query for a user's granted authorities given a
+               username.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="group-authorities-by-username-query" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>An SQL statement to query user's group authorities given a
+               username.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="role-prefix" type="xs:token">
+         <xs:annotation>
+            <xs:documentation>A non-empty string prefix that will be added to role strings loaded
+               from persistent storage (e.g. "ROLE_"). Use the value "none" for no prefix in cases
+               where the default is non-empty.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:element name="any-user-service" abstract="true"/>
+   <xs:element name="custom-filter">
+      <xs:annotation>
+         <xs:documentation>Used to indicate that a filter bean declaration should be incorporated
+            into the security filter chain. </xs:documentation>
+      </xs:annotation>
+      <xs:complexType>
+         <xs:attributeGroup ref="security:custom-filter.attlist"/>
+      </xs:complexType>
+   </xs:element>
+   <xs:attributeGroup name="custom-filter.attlist">
+      <xs:attributeGroup ref="security:ref"/>
+      <xs:attribute name="after" type="security:named-security-filter">
+         <xs:annotation>
+            <xs:documentation>The filter immediately after which the custom-filter should be placed
+               in the chain. This feature will only be needed by advanced users who wish to mix
+               their own filters into the security filter chain and have some knowledge of the
+               standard Spring Security filters. The filter names map to specific Spring Security
+               implementation filters. </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="before" type="security:named-security-filter">
+         <xs:annotation>
+            <xs:documentation>The filter immediately before which the custom-filter should be placed
+               in the chain</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+      <xs:attribute name="position" type="security:named-security-filter">
+         <xs:annotation>
+            <xs:documentation>The explicit position at which the custom-filter should be placed in
+               the chain. Use if you are replacing a standard filter.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="after">
+      <xs:attribute name="after" use="required" type="security:named-security-filter">
+         <xs:annotation>
+            <xs:documentation>The filter immediately after which the custom-filter should be placed
+               in the chain. This feature will only be needed by advanced users who wish to mix
+               their own filters into the security filter chain and have some knowledge of the
+               standard Spring Security filters. The filter names map to specific Spring Security
+               implementation filters. </xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="before">
+      <xs:attribute name="before" use="required" type="security:named-security-filter">
+         <xs:annotation>
+            <xs:documentation>The filter immediately before which the custom-filter should be placed
+               in the chain</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:attributeGroup name="position">
+      <xs:attribute name="position" use="required" type="security:named-security-filter">
+         <xs:annotation>
+            <xs:documentation>The explicit position at which the custom-filter should be placed in
+               the chain. Use if you are replacing a standard filter.</xs:documentation>
+         </xs:annotation>
+      </xs:attribute>
+   </xs:attributeGroup>
+   <xs:simpleType name="named-security-filter">
+      <xs:restriction base="xs:token">
+         <xs:enumeration value="FIRST"/>
+         <xs:enumeration value="CHANNEL_FILTER"/>
+         <xs:enumeration value="CONCURRENT_SESSION_FILTER"/>
+         <xs:enumeration value="SESSION_CONTEXT_INTEGRATION_FILTER"/>
+         <xs:enumeration value="LOGOUT_FILTER"/>
+         <xs:enumeration value="X509_FILTER"/>
+         <xs:enumeration value="PRE_AUTH_FILTER"/>
+         <xs:enumeration value="CAS_PROCESSING_FILTER"/>
+         <xs:enumeration value="AUTHENTICATION_PROCESSING_FILTER"/>
+         <xs:enumeration value="OPENID_PROCESSING_FILTER"/>
+         <xs:enumeration value="BASIC_PROCESSING_FILTER"/>
+         <xs:enumeration value="SERVLET_API_SUPPORT_FILTER"/>
+         <xs:enumeration value="REMEMBER_ME_FILTER"/>
+         <xs:enumeration value="ANONYMOUS_FILTER"/>
+         <xs:enumeration value="EXCEPTION_TRANSLATION_FILTER"/>
+         <xs:enumeration value="NTLM_FILTER"/>
+         <xs:enumeration value="FILTER_SECURITY_INTERCEPTOR"/>
+         <xs:enumeration value="SWITCH_USER_FILTER"/>
+         <xs:enumeration value="LAST"/>
+      </xs:restriction>
+   </xs:simpleType>
 </xs:schema>

config/src/test/java/org/springframework/security/config/http/HttpSecurityBeanDefinitionParserTests.java

@@ -544,6 +544,7 @@ public class HttpSecurityBeanDefinitionParserTests {
         RememberMeServices rememberMeServices = getRememberMeServices();
 
         assertTrue(rememberMeServices instanceof PersistentTokenBasedRememberMeServices);
+        assertFalse((Boolean)FieldUtils.getFieldValue(getRememberMeServices(), "useSecureCookie"));
     }
 
     @Test
@@ -587,8 +588,7 @@ public class HttpSecurityBeanDefinitionParserTests {
                 "<http auto-config='true'>" +
                 "    <remember-me key='ourkey' token-validity-seconds='10000' />" +
                 "</http>" + AUTH_PROVIDER_XML);
-        assertEquals(10000, FieldUtils.getFieldValue(getRememberMeServices(),
-                "tokenValiditySeconds"));
+        assertEquals(10000, FieldUtils.getFieldValue(getRememberMeServices(), "tokenValiditySeconds"));
     }
 
     @Test
@@ -597,8 +597,16 @@ public class HttpSecurityBeanDefinitionParserTests {
                 "<http auto-config='true'>" +
                 "    <remember-me key='ourkey' token-validity-seconds='-1' />" +
                 "</http>" + AUTH_PROVIDER_XML);
-        assertEquals(-1, FieldUtils.getFieldValue(getRememberMeServices(),
-                "tokenValiditySeconds"));
+        assertEquals(-1, FieldUtils.getFieldValue(getRememberMeServices(), "tokenValiditySeconds"));
+    }
+
+    @Test
+    public void rememberMeSecureCookieAttributeIsSetCorrectly() throws Exception {
+        setContext(
+                "<http auto-config='true'>" +
+                "    <remember-me key='ourkey' use-secure-cookie='true' />" +
+                "</http>" + AUTH_PROVIDER_XML);
+        assertTrue((Boolean)FieldUtils.getFieldValue(getRememberMeServices(), "useSecureCookie"));
     }
 
     @Test(expected=BeanDefinitionParsingException.class)

web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java

@@ -55,6 +55,7 @@ public abstract class AbstractRememberMeServices implements RememberMeServices,
     private boolean alwaysRemember;
     private String key;
     private int tokenValiditySeconds = TWO_WEEKS_S;
+    private boolean useSecureCookie = false;
 
     public void afterPropertiesSet() throws Exception {
         Assert.hasLength(key);
@@ -308,6 +309,7 @@ public abstract class AbstractRememberMeServices implements RememberMeServices,
         Cookie cookie = new Cookie(cookieName, cookieValue);
         cookie.setMaxAge(maxAge);
         cookie.setPath(StringUtils.hasLength(request.getContextPath()) ? request.getContextPath() : "/");
+        cookie.setSecure(useSecureCookie);
         response.addCookie(cookie);
     }
 
@@ -374,6 +376,10 @@ public abstract class AbstractRememberMeServices implements RememberMeServices,
         return tokenValiditySeconds;
     }
 
+    public void setUseSecureCookie(boolean useSecureCookie) {
+        this.useSecureCookie = useSecureCookie;
+    }
+
     protected AuthenticationDetailsSource getAuthenticationDetailsSource() {
         return authenticationDetailsSource;
     }

web/src/test/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServicesTests.java

@@ -226,7 +226,24 @@ public class AbstractRememberMeServicesTests {
         assertEquals("mycookie", cookie.getValue());
         assertEquals("mycookiename", cookie.getName());
         assertEquals("contextpath", cookie.getPath());
+        assertFalse(cookie.getSecure());
+    }
+
+    @Test
+    public void setCookieSetsSecureFlagIfConfigured() throws Exception {
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        MockHttpServletResponse response = new MockHttpServletResponse();
+        request.setContextPath("contextpath");
 
+        MockRememberMeServices services = new MockRememberMeServices() {
+            protected String encodeCookie(String[] cookieTokens) {
+                return cookieTokens[0];
+            }
+        };
+        services.setUseSecureCookie(true);
+        services.setCookie(new String[] {"mycookie"}, 1000, request, response);
+        Cookie cookie = response.getCookie(AbstractRememberMeServices.SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY);
+        assertTrue(cookie.getSecure());
     }
 
     private Cookie[] createLoginCookie(String cookieToken) {