Deleted superseded dao-auth-provider.xml chapter.

docs/manual/src/docbook/dao-auth-provider.xml

@@ -1,95 +0,0 @@
-<chapter xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="dao-provider">
-    <info>
-        <title>DAO Authentication Provider</title>
-    </info>
-    <section xml:id="dao-provider-overview">
-        <info>
-            <title>Overview</title>
-        </info>
-        <para>Spring Security includes a production-quality
-            <classname>AuthenticationProvider</classname> implementation called
-            <literal>DaoAuthenticationProvider</literal>. This authentication provider is compatible
-            with all of the authentication mechanisms that generate a
-            <literal>UsernamePasswordAuthenticationToken</literal>, and is probably the most
-            commonly used provider in the framework. Like most of the other authentication
-            providers, the DaoAuthenticationProvider leverages a UserDetailsService in order to
-            lookup the username, password and GrantedAuthority[]s. Unlike most of the other
-            authentication providers that leverage UserDetailsService, this authentication provider
-            actually requires the password to be presented, and the provider will actually evaluate
-            the validity or otherwise of the password presented in an authentication request
-            object.</para>
-    </section>
-    <section xml:id="dao-provider-config">
-        <info>
-            <title>Configuration</title>
-        </info>
-        <para>Aside from adding DaoAuthenticationProvider to your ProviderManager list (as discussed
-            at the start of this part of the reference guide), and ensuring a suitable
-            authentication mechanism is configured to present a UsernamePasswordAuthenticationToken,
-            the configuration of the provider itself is rather simple:</para>
-        <para> <programlisting>
-        <![CDATA[
-<bean id="daoAuthenticationProvider"
-    class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
-  <property name="userDetailsService" ref="inMemoryDaoImpl"/>
-  <property name="saltSource" ref bean="saltSource"/>
-  <property name="passwordEncoder" ref="passwordEncoder"/>
-</bean>  ]]>
-    </programlisting> </para>
-        <para>The <literal>PasswordEncoder</literal> and <literal>SaltSource</literal> are optional.
-            A <literal>PasswordEncoder</literal> provides encoding and decoding of passwords
-            presented in the <interfacename>UserDetails</interfacename> object that is returned from
-            the configured <interfacename>UserDetailsService</interfacename>. A
-            <literal>SaltSource</literal> enables the passwords to be populated with a "salt", which
-            enhances the security of the passwords in the authentication repository.
-            <literal>PasswordEncoder</literal> implementations are provided with Spring Security
-            covering MD5, SHA and cleartext encodings. Two <literal>SaltSource</literal>
-            implementations are also provided: <literal>SystemWideSaltSource</literal> which encodes
-            all passwords with the same salt, and <literal>ReflectionSaltSource</literal>, which
-            inspects a given property of the returned <interfacename>UserDetails</interfacename>
-            object to obtain the salt. Please refer to the JavaDocs for further details on these
-            optional features.</para>
-        <para>In addition to the properties above, the <literal>DaoAuthenticationProvider</literal>
-            supports optional caching of <interfacename>UserDetails</interfacename> objects. The
-            <literal>UserCache</literal> interface enables the
-            <literal>DaoAuthenticationProvider</literal> to place a
-            <interfacename>UserDetails</interfacename> object into the cache, and retrieve it from
-            the cache upon subsequent authentication attempts for the same username. By default the
-            <literal>DaoAuthenticationProvider</literal> uses the <literal>NullUserCache</literal>,
-            which performs no caching. A usable caching implementation is also provided,
-            <literal>EhCacheBasedUserCache</literal>, which is configured as follows:</para>
-        <para> <programlisting><![CDATA[
-<bean id="daoAuthenticationProvider"
-    class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
-  <property name="userDetailsService" ref="userDetailsService"/>
-  <property name="userCache" ref="userCache"/>
-</bean>
-
-<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
-  <property name="configLocation" value="classpath:/ehcache-failsafe.xml"/>
-</bean>
-
-<bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
-  <property name="cacheManager" ref="cacheManager"/>
-  <property name="cacheName" value="userCache"/>
-</bean>
-
-<bean id="userCache"
-    class="org.springframework.security.core.userdetails.cache.EhCacheBasedUserCache">
-  <property name="cache" ref="userCacheBackend"/>
-</bean>]]>
-    </programlisting> </para>
-        <para>All Spring Security EH-CACHE implementations (including
-            <literal>EhCacheBasedUserCache</literal>) require an EH-CACHE <literal>Cache</literal>
-            object. The <literal>Cache</literal> object can be obtained from wherever you like,
-            although we recommend you use Spring's factory classes as shown in the above
-            configuration. If using Spring's factory classes, please refer to the Spring
-            documentation for further details on how to optimise the cache storage location, memory
-            usage, eviction policies, timeouts etc.</para>
-        <note>
-            <para>In the majority of cases, where your application is a stateful web application,
-                you don't need to use a cache as the user's authentication information will be
-                stored in the <literal>HttpSession</literal>. </para>
-        </note>
-    </section>
-</chapter>

docs/manual/src/docbook/springsecurity.xml

@@ -130,31 +130,7 @@
         <xi:include href="session-mgmt.xml"/>
         <xi:include href="anon-auth-provider.xml"/>
     </part>
-    <!--
-  <part xml:id="authentication">
-    <title>Authentication</title>
-    <partintro>
-      <para>We've already introduced Spring Security's authentication architecture in the <link
-          xlink:href="#technical-overview">Technical Overview</link> chapter. In this part of the
-        reference guide we will examine individual authentication mechanisms and their corresponding
-          <classname>AuthenticationProvider</classname>s. We'll also look at how to configure
-        authentication more generally, including if you have several authentication approaches that
-        need to be chained together.</para>
-      <para> With some exceptions, we will be discussing the full details of Spring Security bean
-        configuration rather than the shorthand <link xlink:href="#ns-config">namespace
-          syntax</link>. You should review the introduction to using namespace configuration and the
-        options it provides to see if they will meet your needs. As you come to use the framework
-        more, and need to customize the internal behaviour, you will probably want to understand
-        more about how the individual services are implemented, which classes to look at extending
-        and so on. This part is more targeted at providing this kind of information. We'd recommend
-        that you supplement the content by browsing the Javadoc and the source itself <footnote>
-          <para>Links to both Javadoc APIs and browsable source cross-reference are available from
-            the project web site.</para>
-        </footnote>. </para>
-    </partintro>
-    <xi:include href="dao-auth-provider.xml"/>
-  </part>
--->
+
     <part xml:id="authorization">
         <title>Authorization</title>
         <partintro>