Refactoring to use Spring mock web classes.

core/src/test/java/org/acegisecurity/MockHttpServletRequest.java

@@ -1,376 +0,0 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package net.sf.acegisecurity;
-
-import org.springframework.mock.web.MockHttpSession;
-
-import java.io.BufferedReader;
-import java.io.IOException;
-
-import java.security.Principal;
-
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Locale;
-import java.util.Map;
-
-import javax.servlet.RequestDispatcher;
-import javax.servlet.ServletInputStream;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
-
-
-/**
- * Mocks a <code>HttpServletRequest</code> and provides the
- * <code>getUserPrincipal()</code>, <code>getContextPath()</code>,
- * <code>getServletPath()</code> and <code>getSession()</code> methods.
- * 
- * <P>
- * Also provides a convenience <code>Map</code> for storing request parameters.
- * </p>
- *
- * @author Ben Alex
- * @author colin sampaleanu
- * @version $Id$
- */
-public class MockHttpServletRequest implements HttpServletRequest {
-    //~ Instance fields ========================================================
-
-    private HttpSession session = new MockHttpSession();
-    private Map attribMap = new HashMap();
-    private Map cookiesMap = new HashMap();
-    private Map headersMap = new HashMap();
-    private Map paramMap = new HashMap();
-    private Principal principal;
-    private String contextPath = "";
-    private String pathInfo; // null for no extra path
-    private String queryString = null;
-    private String requestURL;
-    private String scheme;
-    private String serverName;
-    private String servletPath;
-    private int serverPort;
-
-    //~ Constructors ===========================================================
-
-    public MockHttpServletRequest(Principal principal, HttpSession session) {
-        this.principal = principal;
-        this.session = session;
-    }
-
-    public MockHttpServletRequest(String queryString) {
-        this.queryString = queryString;
-    }
-
-    public MockHttpServletRequest(Map headers, HttpSession session,
-        String queryString, Cookie[] cookies) {
-        this.queryString = queryString;
-        this.headersMap = headers;
-        this.session = session;
-
-        for (int i = 0; i < cookies.length; i++) {
-            cookiesMap.put(cookies[i].getName(), cookies[i]);
-        }
-    }
-
-    public MockHttpServletRequest(Map headers, Principal principal,
-        HttpSession session) {
-        this.headersMap = headers;
-        this.principal = principal;
-        this.session = session;
-    }
-
-    private MockHttpServletRequest() {
-        super();
-    }
-
-    //~ Methods ================================================================
-
-    public void setAttribute(String arg0, Object arg1) {
-        this.attribMap.put(arg0, arg1);
-    }
-
-    public Object getAttribute(String arg0) {
-        return this.attribMap.get(arg0);
-    }
-
-    public Enumeration getAttributeNames() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getAuthType() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void setCharacterEncoding(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getCharacterEncoding() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public int getContentLength() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getContentType() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void setContextPath(String contextPath) {
-        this.contextPath = contextPath;
-    }
-
-    public String getContextPath() {
-        return contextPath;
-    }
-
-    public Cookie[] getCookies() {
-        return (Cookie[]) cookiesMap.values().toArray(new Cookie[] {});
-    }
-
-    public long getDateHeader(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getHeader(String arg0) {
-        Object result = headersMap.get(arg0);
-
-        if (result != null) {
-            return (String) headersMap.get(arg0);
-        } else {
-            return null;
-        }
-    }
-
-    public Enumeration getHeaderNames() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public Enumeration getHeaders(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public ServletInputStream getInputStream() throws IOException {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public int getIntHeader(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getLocalAddr() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getLocalName() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public int getLocalPort() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public Locale getLocale() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public Enumeration getLocales() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getMethod() {
-        return "GET";
-    }
-
-    public void setParameter(String arg0, String value) {
-        paramMap.put(arg0, value);
-    }
-
-    public String getParameter(String arg0) {
-        Object result = paramMap.get(arg0);
-
-        if (result != null) {
-            return (String) paramMap.get(arg0);
-        } else {
-            return null;
-        }
-    }
-
-    public Map getParameterMap() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public Enumeration getParameterNames() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String[] getParameterValues(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void setPathInfo(String pathInfo) {
-        this.pathInfo = pathInfo;
-    }
-
-    public String getPathInfo() {
-        return pathInfo;
-    }
-
-    public String getPathTranslated() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getProtocol() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getQueryString() {
-        return this.queryString;
-    }
-
-    public BufferedReader getReader() throws IOException {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getRealPath(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getRemoteAddr() {
-        return "127.0.0.1";
-    }
-
-    public String getRemoteHost() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public int getRemotePort() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getRemoteUser() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public RequestDispatcher getRequestDispatcher(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getRequestURI() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void setRequestURL(String requestURL) {
-        this.requestURL = requestURL;
-    }
-
-    public StringBuffer getRequestURL() {
-        return new StringBuffer(requestURL);
-    }
-
-    public String getRequestedSessionId() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public boolean isRequestedSessionIdFromCookie() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public boolean isRequestedSessionIdFromURL() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public boolean isRequestedSessionIdFromUrl() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public boolean isRequestedSessionIdValid() {
-        return true;
-    }
-
-    public void setScheme(String scheme) {
-        this.scheme = scheme;
-    }
-
-    public String getScheme() {
-        return scheme;
-    }
-
-    public boolean isSecure() {
-        if ("https".equals(scheme)) {
-            return true;
-        } else {
-            return false;
-        }
-    }
-
-    public void setServerName(String serverName) {
-        this.serverName = serverName;
-    }
-
-    public String getServerName() {
-        return serverName;
-    }
-
-    public void setServerPort(int serverPort) {
-        this.serverPort = serverPort;
-    }
-
-    public int getServerPort() {
-        return serverPort;
-    }
-
-    public void setServletPath(String servletPath) {
-        this.servletPath = servletPath;
-    }
-
-    public String getServletPath() {
-        return this.servletPath;
-    }
-
-    public HttpSession getSession(boolean arg0) {
-        if (arg0) {
-            if (this.session == null) {
-                this.session = new MockHttpSession();
-            }
-        }
-
-        return this.session;
-    }
-
-    public HttpSession getSession() {
-        if (this.session == null) {
-            this.session = new MockHttpSession();
-        }
-
-        return this.session;
-    }
-
-    public boolean isUserInRole(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public Principal getUserPrincipal() {
-        return this.principal;
-    }
-
-    public void removeAttribute(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-}

core/src/test/java/org/acegisecurity/MockHttpServletResponse.java

@@ -1,206 +0,0 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package net.sf.acegisecurity;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-
-import java.util.HashMap;
-import java.util.Locale;
-import java.util.Map;
-
-import javax.servlet.ServletOutputStream;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletResponse;
-
-
-/**
- * Mocks a <code>HttpServletResponse</code>, recording the
- * <code>sendRedirect</code> URL and <code>sendError</code> code.
- *
- * @author Ben Alex
- * @version $Id$
- */
-public class MockHttpServletResponse implements HttpServletResponse {
-    //~ Instance fields ========================================================
-
-    private Map cookiesMap = new HashMap();
-    private Map headersMap = new HashMap();
-    private String errorMessage;
-    private String redirect;
-    private int error;
-
-    //~ Methods ================================================================
-
-    public void setBufferSize(int arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public int getBufferSize() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void setCharacterEncoding(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getCharacterEncoding() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public boolean isCommitted() {
-        if (redirect == null) {
-            return false;
-        } else {
-            return true;
-        }
-    }
-
-    public void setContentLength(int arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void setContentType(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getContentType() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public Cookie getCookieByName(String name) {
-        return (Cookie) cookiesMap.get(name);
-    }
-
-    public void setDateHeader(String arg0, long arg1) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public int getError() {
-        return this.error;
-    }
-
-    public String getErrorMessage() {
-        return this.errorMessage;
-    }
-
-    public void setHeader(String arg0, String arg1) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getHeader(String arg0) {
-        Object result = headersMap.get(arg0);
-
-        if (result != null) {
-            return (String) headersMap.get(arg0);
-        } else {
-            return null;
-        }
-    }
-
-    public void setIntHeader(String arg0, int arg1) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void setLocale(Locale arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public Locale getLocale() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public ServletOutputStream getOutputStream() throws IOException {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getRedirect() {
-        return redirect;
-    }
-
-    public void setStatus(int arg0, String arg1) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void setStatus(int arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public PrintWriter getWriter() throws IOException {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void addCookie(Cookie arg0) {
-        cookiesMap.put(arg0.getName(), arg0);
-    }
-
-    public void addDateHeader(String arg0, long arg1) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void addHeader(String arg0, String arg1) {
-        headersMap.put(arg0, arg1);
-    }
-
-    public void addIntHeader(String arg0, int arg1) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public boolean containsHeader(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String encodeRedirectURL(String arg0) {
-        return arg0;
-    }
-
-    public String encodeRedirectUrl(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String encodeURL(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String encodeUrl(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void flushBuffer() throws IOException {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void reset() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void resetBuffer() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void sendError(int arg0, String arg1) throws IOException {
-        this.error = arg0;
-        this.errorMessage = arg1;
-    }
-
-    public void sendError(int arg0) throws IOException {
-        this.error = arg0;
-    }
-
-    public void sendRedirect(String arg0) throws IOException {
-        this.redirect = arg0;
-    }
-}

core/src/test/java/org/acegisecurity/MockHttpSession.java

@@ -1,122 +0,0 @@
-/* Copyright 2004, 2005 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package net.sf.acegisecurity;
-
-import javax.servlet.ServletContext;
-import javax.servlet.http.HttpSession;
-import javax.servlet.http.HttpSessionContext;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Map;
-
-
-/**
- * Mocks a <code>HttpSession</code> and provides the
- * <code>getAttribute()</code> and <code>setAttribute()</code> methods.
- *
- * @author Ben Alex
- * @version $Id$
- */
-public class MockHttpSession implements HttpSession {
-    //~ Instance fields ========================================================
-
-    private Map map = new HashMap();
-    private String sessionId = "3984594856968";
-
-    /**
-     * Default constructor using default sessionId
-     */
-    public MockHttpSession() {
-    }
-
-    /**
-     * Constructor for using a specified sessionId
-     * @param sessionId
-     */
-    public MockHttpSession(String sessionId) {
-        this.sessionId = sessionId;
-    }
-
-    //~ Methods ================================================================
-
-    public void setAttribute(String arg0, Object arg1) {
-        map.put(arg0, arg1);
-    }
-
-    public Object getAttribute(String arg0) {
-        return map.get(arg0);
-    }
-
-    public Enumeration getAttributeNames() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public long getCreationTime() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String getId() {
-        return sessionId;
-    }
-
-    public long getLastAccessedTime() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void setMaxInactiveInterval(int arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public int getMaxInactiveInterval() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public boolean isNew() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public ServletContext getServletContext() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public HttpSessionContext getSessionContext() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public Object getValue(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public String[] getValueNames() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void invalidate() {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void putValue(String arg0, Object arg1) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-
-    public void removeAttribute(String arg0) {
-        map.remove(arg0);
-    }
-
-    public void removeValue(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
-    }
-}

core/src/test/java/org/acegisecurity/adapters/HttpRequestIntegrationFilterTests.java

@@ -19,12 +19,12 @@ import junit.framework.TestCase;
 
 import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.GrantedAuthorityImpl;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
 import net.sf.acegisecurity.context.ContextHolder;
 import net.sf.acegisecurity.context.security.SecureContextImpl;
 import net.sf.acegisecurity.context.security.SecureContextUtils;
 import net.sf.acegisecurity.util.MockFilterChain;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
 
 
 /**
@@ -56,8 +56,8 @@ public class HttpRequestIntegrationFilterTests extends TestCase {
                 "someone", "password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("SOME_ROLE")});
 
-        MockHttpServletRequest request = new MockHttpServletRequest(principal,
-                null);
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setUserPrincipal(principal);
         MockHttpServletResponse response = new MockHttpServletResponse();
         MockFilterChain chain = new MockFilterChain(true);
 
@@ -86,7 +86,7 @@ public class HttpRequestIntegrationFilterTests extends TestCase {
 
     public void testHandlesIfThereIsNoPrincipal() throws Exception {
         HttpRequestIntegrationFilter filter = new HttpRequestIntegrationFilter();
-        MockHttpServletRequest request = new MockHttpServletRequest("foo");
+        MockHttpServletRequest request = new MockHttpServletRequest();
         MockHttpServletResponse response = new MockHttpServletResponse();
         MockFilterChain chain = new MockFilterChain(true);
 

core/src/test/java/org/acegisecurity/context/HttpSessionContextIntegrationFilterTests.java

@@ -21,9 +21,6 @@ import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.GrantedAuthorityImpl;
 import net.sf.acegisecurity.MockFilterConfig;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
-import net.sf.acegisecurity.MockHttpSession;
 import net.sf.acegisecurity.adapters.PrincipalAcegiUserToken;
 import net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter;
 import net.sf.acegisecurity.context.security.SecureContext;
@@ -39,6 +36,10 @@ import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpSession;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests {@link HttpSessionContextIntegrationFilter}.
@@ -100,12 +101,11 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
         sc.setAuthentication(sessionPrincipal);
 
         // Build a mock request
-        MockHttpSession session = new MockHttpSession();
-        session.setAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
+
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.getSession().setAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
             sc);
 
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                session);
         MockHttpServletResponse response = new MockHttpServletResponse();
         FilterChain chain = new MockFilterChain(sessionPrincipal,
                 updatedPrincipal);
@@ -120,7 +120,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
             request, response, chain);
 
         // Obtain new/update Authentication from HttpSession
-        Context context = (Context) session.getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
+        Context context = (Context) request.getSession().getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
         assertEquals(updatedPrincipal,
             ((SecureContext) context).getAuthentication());
     }
@@ -133,9 +133,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
                 new GrantedAuthority[] {new GrantedAuthorityImpl("SOME_DIFFERENT_ROLE")});
 
         // Build a mock request
-        MockHttpSession session = null;
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                session);
+        MockHttpServletRequest request = new MockHttpServletRequest();
         MockHttpServletResponse response = new MockHttpServletResponse();
         FilterChain chain = new MockFilterChain(null, updatedPrincipal);
 
@@ -149,9 +147,8 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
             request, response, chain);
 
         // Obtain new/update Authentication from HttpSession
-        Context context = (Context) request.getSession().getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
-        assertEquals(updatedPrincipal,
-            ((SecureContext) context).getAuthentication());
+        Context context = (Context) request.getSession(false).getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
+        assertEquals(updatedPrincipal, ((SecureContext) context).getAuthentication());
     }
 
     public void testHttpSessionNotCreatedUnlessContextHolderChanges()
@@ -182,12 +179,10 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
                 new GrantedAuthority[] {new GrantedAuthorityImpl("SOME_DIFFERENT_ROLE")});
 
         // Build a mock request
-        MockHttpSession session = new MockHttpSession();
-        session.setAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
-            "NOT_A_CONTEXT_OBJECT");
 
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                session);
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.getSession().setAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY,
+            "NOT_A_CONTEXT_OBJECT");
         MockHttpServletResponse response = new MockHttpServletResponse();
         FilterChain chain = new MockFilterChain(null, updatedPrincipal);
 
@@ -201,7 +196,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
             request, response, chain);
 
         // Obtain new/update Authentication from HttpSession
-        Context context = (Context) session.getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
+        Context context = (Context) request.getSession().getAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
         assertEquals(updatedPrincipal,
             ((SecureContext) context).getAuthentication());
     }

core/src/test/java/org/acegisecurity/intercept/web/AbstractFilterInvocationDefinitionSourceTests.java

@@ -17,8 +17,8 @@ package net.sf.acegisecurity.intercept.web;
 
 import junit.framework.TestCase;
 
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
 
 import java.io.IOException;
 
@@ -27,6 +27,10 @@ import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
+
 
 /**
  * Tests {@link AbstractFilterInvocationDefinitionSource}.

core/src/test/java/org/acegisecurity/intercept/web/FilterInvocationDefinitionSourceEditorTests.java

@@ -19,12 +19,15 @@ import junit.framework.TestCase;
 
 import net.sf.acegisecurity.ConfigAttributeDefinition;
 import net.sf.acegisecurity.MockFilterChain;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
 import net.sf.acegisecurity.SecurityConfig;
 
 import java.util.Iterator;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests {@link FilterInvocationDefinitionSourceEditor} and its associated

core/src/test/java/org/acegisecurity/intercept/web/FilterInvocationDefinitionSourceEditorWithPathsTests.java

@@ -19,12 +19,15 @@ import junit.framework.TestCase;
 
 import net.sf.acegisecurity.ConfigAttributeDefinition;
 import net.sf.acegisecurity.MockFilterChain;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
 import net.sf.acegisecurity.SecurityConfig;
 
 import java.util.Iterator;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests {@link FilterInvocationDefinitionSourceEditor} and its associated

core/src/test/java/org/acegisecurity/intercept/web/FilterInvocationTests.java

@@ -18,8 +18,6 @@ package net.sf.acegisecurity.intercept.web;
 import junit.framework.TestCase;
 
 import net.sf.acegisecurity.MockFilterChain;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
 
 import java.io.BufferedReader;
 import java.io.IOException;
@@ -36,6 +34,9 @@ import javax.servlet.ServletOutputStream;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests {@link FilterInvocation}.
@@ -73,8 +74,7 @@ public class FilterInvocationTests extends TestCase {
         request.setScheme("http");
         request.setServerPort(80);
         request.setContextPath("/mycontext");
-        request.setRequestURL(
-            "http://www.example.com/mycontext/HelloWorld/some/more/segments.html");
+        request.setRequestURI("/mycontext/HelloWorld/some/more/segments.html");
 
         MockHttpServletResponse response = new MockHttpServletResponse();
         MockFilterChain chain = new MockFilterChain();
@@ -165,13 +165,14 @@ public class FilterInvocationTests extends TestCase {
     }
 
     public void testStringMethodsWithAQueryString() {
-        MockHttpServletRequest request = new MockHttpServletRequest("foo=bar");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("foo=bar");
         request.setServletPath("/HelloWorld");
         request.setServerName("www.example.com");
         request.setScheme("http");
         request.setServerPort(80);
         request.setContextPath("/mycontext");
-        request.setRequestURL("http://www.example.com/mycontext/HelloWorld");
+        request.setRequestURI("/mycontext/HelloWorld");
 
         MockHttpServletResponse response = new MockHttpServletResponse();
         MockFilterChain chain = new MockFilterChain();
@@ -189,7 +190,7 @@ public class FilterInvocationTests extends TestCase {
         request.setScheme("http");
         request.setServerPort(80);
         request.setContextPath("/mycontext");
-        request.setRequestURL("http://www.example.com/mycontext/HelloWorld");
+        request.setRequestURI("/mycontext/HelloWorld");
 
         MockHttpServletResponse response = new MockHttpServletResponse();
         MockFilterChain chain = new MockFilterChain();

core/src/test/java/org/acegisecurity/intercept/web/FilterSecurityInterceptorTests.java

@@ -27,9 +27,6 @@ import net.sf.acegisecurity.GrantedAuthorityImpl;
 import net.sf.acegisecurity.MockAccessDecisionManager;
 import net.sf.acegisecurity.MockApplicationContext;
 import net.sf.acegisecurity.MockAuthenticationManager;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
-import net.sf.acegisecurity.MockHttpSession;
 import net.sf.acegisecurity.MockRunAsManager;
 import net.sf.acegisecurity.RunAsManager;
 import net.sf.acegisecurity.SecurityConfig;
@@ -47,6 +44,9 @@ import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.mock.web.MockHttpServletRequest;
+
 
 /**
  * Tests {@link FilterSecurityInterceptor}.
@@ -163,8 +163,7 @@ public class FilterSecurityInterceptorTests extends TestCase {
 
         // Setup our HTTPS request and response
         MockHttpServletResponse response = new MockHttpServletResponse();
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
         request.setServletPath("/secure/page.html");
         request.setScheme("https");
         request.setServerPort(443);
@@ -226,8 +225,7 @@ public class FilterSecurityInterceptorTests extends TestCase {
 
         // Setup our HTTP request and response
         MockHttpServletResponse response = new MockHttpServletResponse();
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
         request.setServletPath("/secure/page.html");
 
         // Setup a Context

core/src/test/java/org/acegisecurity/intercept/web/PathBasedFilterDefinitionMapTests.java

@@ -19,10 +19,13 @@ import junit.framework.TestCase;
 
 import net.sf.acegisecurity.ConfigAttributeDefinition;
 import net.sf.acegisecurity.MockFilterChain;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
 import net.sf.acegisecurity.SecurityConfig;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests parts of {@link PathBasedFilterInvocationDefinitionMap} not tested by
@@ -73,7 +76,9 @@ public class PathBasedFilterDefinitionMapTests extends TestCase {
         map.addSecureUrl("/secure/super/**", def);
 
         // Build a HTTP request
-        MockHttpServletRequest req = new MockHttpServletRequest(null);
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI(null);
+        MockHttpServletRequest req = request;
         req.setServletPath("/SeCuRE/super/somefile.html");
 
         FilterInvocation fi = new FilterInvocation(req,
@@ -93,7 +98,9 @@ public class PathBasedFilterDefinitionMapTests extends TestCase {
         map.addSecureUrl("/secure/super/**", def);
 
         // Build a HTTP request
-        MockHttpServletRequest req = new MockHttpServletRequest(null);
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI(null);
+        MockHttpServletRequest req = request;
         req.setServletPath("/SeCuRE/super/somefile.html");
 
         FilterInvocation fi = new FilterInvocation(req,
@@ -113,7 +120,9 @@ public class PathBasedFilterDefinitionMapTests extends TestCase {
         map.addSecureUrl("/secure/super/**", def);
 
         // Build a HTTP request
-        MockHttpServletRequest req = new MockHttpServletRequest(null);
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI(null);
+        MockHttpServletRequest req = request;
         req.setServletPath("/secure/super/somefile.html");
 
         FilterInvocation fi = new FilterInvocation(req,

core/src/test/java/org/acegisecurity/intercept/web/RegExpBasedFilterDefinitionMapTests.java

@@ -19,10 +19,13 @@ import junit.framework.TestCase;
 
 import net.sf.acegisecurity.ConfigAttributeDefinition;
 import net.sf.acegisecurity.MockFilterChain;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
 import net.sf.acegisecurity.SecurityConfig;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests parts of {@link RegExpBasedFilterInvocationDefinitionMap} not tested
@@ -73,7 +76,9 @@ public class RegExpBasedFilterDefinitionMapTests extends TestCase {
         map.addSecureUrl("\\A/secure/super.*\\Z", def);
 
         // Build a HTTP request
-        MockHttpServletRequest req = new MockHttpServletRequest(null);
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI(null);
+        MockHttpServletRequest req = request;
         req.setServletPath("/SeCuRE/super/somefile.html");
 
         FilterInvocation fi = new FilterInvocation(req,
@@ -93,7 +98,9 @@ public class RegExpBasedFilterDefinitionMapTests extends TestCase {
         map.addSecureUrl("\\A/secure/super.*\\Z", def);
 
         // Build a HTTP request
-        MockHttpServletRequest req = new MockHttpServletRequest(null);
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI(null);
+        MockHttpServletRequest req = request;
         req.setServletPath("/SeCuRE/super/somefile.html");
 
         FilterInvocation fi = new FilterInvocation(req,
@@ -113,7 +120,9 @@ public class RegExpBasedFilterDefinitionMapTests extends TestCase {
         map.addSecureUrl("\\A/secure/super.*\\Z", def);
 
         // Build a HTTP request
-        MockHttpServletRequest req = new MockHttpServletRequest(null);
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI(null);
+        MockHttpServletRequest req = request;
         req.setServletPath("/secure/super/somefile.html");
 
         FilterInvocation fi = new FilterInvocation(req,

core/src/test/java/org/acegisecurity/intercept/web/SecurityEnforcementFilterTests.java

@@ -22,9 +22,6 @@ import net.sf.acegisecurity.BadCredentialsException;
 import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.GrantedAuthorityImpl;
 import net.sf.acegisecurity.MockAuthenticationEntryPoint;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
-import net.sf.acegisecurity.MockHttpSession;
 import net.sf.acegisecurity.MockPortResolver;
 import net.sf.acegisecurity.context.ContextHolder;
 import net.sf.acegisecurity.context.security.SecureContext;
@@ -38,7 +35,9 @@ import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpSession;
+
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.mock.web.MockHttpServletRequest;
 
 
 /**
@@ -70,16 +69,13 @@ public class SecurityEnforcementFilterTests extends TestCase {
 
     public void testAccessDeniedWhenAnonymous() throws Exception {
         // Setup our HTTP request
-        HttpSession session = new MockHttpSession();
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                session);
+        MockHttpServletRequest request = new MockHttpServletRequest();
         request.setServletPath("/secure/page.html");
         request.setServerPort(80);
         request.setScheme("http");
         request.setServerName("www.example.com");
         request.setContextPath("/mycontext");
-        request.setRequestURL(
-            "http://www.example.com/mycontext/secure/page.html");
+        request.setRequestURI("/mycontext/secure/page.html");
 
         // Setup our expectation that the filter chain will not be invoked, as access is denied
         MockFilterChain chain = new MockFilterChain(false);
@@ -103,16 +99,14 @@ public class SecurityEnforcementFilterTests extends TestCase {
 
         MockHttpServletResponse response = new MockHttpServletResponse();
         filter.doFilter(request, response, chain);
-        assertEquals("/mycontext/login.jsp", response.getRedirect());
+        assertEquals("/mycontext/login.jsp", response.getRedirectedUrl());
         assertEquals("http://www.example.com/mycontext/secure/page.html",
             request.getSession().getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY));
     }
 
     public void testAccessDeniedWhenNonAnonymous() throws Exception {
         // Setup our HTTP request
-        HttpSession session = new MockHttpSession();
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                session);
+        MockHttpServletRequest request = new MockHttpServletRequest();
         request.setServletPath("/secure/page.html");
 
         // Setup our expectation that the filter chain will not be invoked, as access is denied
@@ -135,9 +129,9 @@ public class SecurityEnforcementFilterTests extends TestCase {
 
         MockHttpServletResponse response = new MockHttpServletResponse();
         filter.doFilter(request, response, chain);
-        assertEquals(403, response.getError());
+        assertEquals(403, response.getStatus());
         assertEquals(AccessDeniedException.class,
-            session.getAttribute(
+            request.getSession().getAttribute(
                 SecurityEnforcementFilter.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)
                    .getClass());
     }
@@ -185,15 +179,13 @@ public class SecurityEnforcementFilterTests extends TestCase {
     public void testRedirectedToLoginFormAndSessionShowsOriginalTargetWhenAuthenticationException()
         throws Exception {
         // Setup our HTTP request
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
         request.setServletPath("/secure/page.html");
         request.setServerPort(80);
         request.setScheme("http");
         request.setServerName("www.example.com");
         request.setContextPath("/mycontext");
-        request.setRequestURL(
-            "http://www.example.com/mycontext/secure/page.html");
+        request.setRequestURI("/mycontext/secure/page.html");
 
         // Setup our expectation that the filter chain will not be invoked, as access is denied
         MockFilterChain chain = new MockFilterChain(false);
@@ -212,7 +204,7 @@ public class SecurityEnforcementFilterTests extends TestCase {
 
         MockHttpServletResponse response = new MockHttpServletResponse();
         filter.doFilter(request, response, chain);
-        assertEquals("/mycontext/login.jsp", response.getRedirect());
+        assertEquals("/mycontext/login.jsp", response.getRedirectedUrl());
         assertEquals("http://www.example.com/mycontext/secure/page.html",
             request.getSession().getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY));
     }
@@ -220,15 +212,13 @@ public class SecurityEnforcementFilterTests extends TestCase {
     public void testRedirectedToLoginFormAndSessionShowsOriginalTargetWithExoticPortWhenAuthenticationException()
         throws Exception {
         // Setup our HTTP request
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
         request.setServletPath("/secure/page.html");
         request.setServerPort(8080);
         request.setScheme("http");
         request.setServerName("www.example.com");
         request.setContextPath("/mycontext");
-        request.setRequestURL(
-            "http://www.example.com:8080/mycontext/secure/page.html");
+        request.setRequestURI("/mycontext/secure/page.html");
 
         // Setup our expectation that the filter chain will not be invoked, as access is denied
         MockFilterChain chain = new MockFilterChain(false);
@@ -247,7 +237,7 @@ public class SecurityEnforcementFilterTests extends TestCase {
 
         MockHttpServletResponse response = new MockHttpServletResponse();
         filter.doFilter(request, response, chain);
-        assertEquals("/mycontext/login.jsp", response.getRedirect());
+        assertEquals("/mycontext/login.jsp", response.getRedirectedUrl());
         assertEquals("http://www.example.com:8080/mycontext/secure/page.html",
             request.getSession().getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_TARGET_URL_KEY));
     }
@@ -301,8 +291,7 @@ public class SecurityEnforcementFilterTests extends TestCase {
 
     public void testSuccessfulAccessGrant() throws Exception {
         // Setup our HTTP request
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
         request.setServletPath("/secure/page.html");
 
         // Setup our expectation that the filter chain will be invoked, as access is granted

core/src/test/java/org/acegisecurity/providers/ConcurrentSessionControllerImplTests.java

@@ -17,14 +17,22 @@ package net.sf.acegisecurity.providers;
 
 import junit.framework.TestCase;
 
-import net.sf.acegisecurity.*;
+
 import net.sf.acegisecurity.providers.anonymous.AnonymousAuthenticationToken;
 import net.sf.acegisecurity.providers.dao.User;
 import net.sf.acegisecurity.ui.WebAuthenticationDetails;
 import net.sf.acegisecurity.ui.session.HttpSessionCreatedEvent;
 import net.sf.acegisecurity.ui.session.HttpSessionDestroyedEvent;
+import net.sf.acegisecurity.GrantedAuthority;
+import net.sf.acegisecurity.GrantedAuthorityImpl;
+import net.sf.acegisecurity.Authentication;
+import net.sf.acegisecurity.UserDetails;
+import net.sf.acegisecurity.AuthenticationTrustResolverImpl;
+import net.sf.acegisecurity.MockApplicationContext;
 
 import org.springframework.context.ApplicationListener;
+import org.springframework.mock.web.MockHttpSession;
+import org.springframework.mock.web.MockHttpServletRequest;
 
 import java.security.Principal;
 
@@ -33,6 +41,8 @@ import java.security.Principal;
  * Tests for {@link ConcurrentSessionControllerImpl}
  *
  * @author Ray Krueger
+ * @author Luke Taylor
+ * @version $Id$
  */
 public class ConcurrentSessionControllerImplTests extends TestCase {
     //~ Instance fields ========================================================
@@ -55,7 +65,7 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
     }
 
     public void testEnforcementKnownGood() throws Exception {
-        Authentication auth = createAuthentication("user", "password", "session");
+        Authentication auth = createAuthentication("user", "password");
         target.beforeAuthentication(auth);
         target.afterAuthentication(auth, auth);
     }
@@ -65,14 +75,14 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
 
         Authentication auth = null;
 
-        for (int i = 0; i < 5; i++) {
-            auth = createAuthentication("user", "password", String.valueOf(i));
+        for (int i = 0; i < 5; i++) {  // creates 5 sessions
+            auth = createAuthentication("user", "password");
             target.beforeAuthentication(auth);
             target.afterAuthentication(auth, auth);
         }
 
         try {
-            auth = createAuthentication("user", "password", "lastsession");
+            auth = createAuthentication("user", "password");
             target.beforeAuthentication(auth);
             fail(
                 "Only allowed 5 sessions, this should have thrown a ConcurrentLoginException");
@@ -84,15 +94,13 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
     public void testEnforcementSingleSession() throws Exception {
         target.setMaxSessions(1);
 
-        Authentication auth = createAuthentication("user", "password",
-                "session1");
+        Authentication auth = createAuthentication("user", "password");
 
         target.beforeAuthentication(auth);
         target.afterAuthentication(auth, auth);
 
         try {
-            target.beforeAuthentication(createAuthentication("user",
-                    "password", "session2"));
+            target.beforeAuthentication(createAuthentication("user", "password"));
             fail(
                 "Only allowed 1 session, this should have thrown a ConcurrentLoginException");
         } catch (ConcurrentLoginException e) {}
@@ -100,10 +108,15 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
 
     public void testEnforcementUnlimitedSameSession() throws Exception {
         target.setMaxSessions(1);
+        MockHttpSession session = new MockHttpSession(); // all requests are within this session
 
         for (int i = 0; i < 100; i++) {
-            Authentication auth = createAuthentication("user", "password",
-                    "samesession");
+            UsernamePasswordAuthenticationToken auth =  new UsernamePasswordAuthenticationToken("user",
+                    "password");
+            MockHttpServletRequest request = new MockHttpServletRequest();
+            request.setSession(session);
+            request.setUserPrincipal(auth);
+            auth.setDetails(new WebAuthenticationDetails(request));
             target.beforeAuthentication(auth);
             target.afterAuthentication(auth, auth);
         }
@@ -113,8 +126,7 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
         target.setMaxSessions(0);
 
         for (int i = 0; i < 100; i++) {
-            Authentication auth = createAuthentication("user", "password",
-                    String.valueOf(i));
+            Authentication auth = createAuthentication("user", "password");
             target.beforeAuthentication(auth);
             target.afterAuthentication(auth, auth);
         }
@@ -126,8 +138,9 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
         UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("user",
                 "password");
         MockHttpSession session = new MockHttpSession();
-        MockHttpServletRequest request = new MockHttpServletRequest(auth,
-                session);
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setSession(session);
+        request.setUserPrincipal(auth);
         auth.setDetails(new WebAuthenticationDetails(request));
 
         target.beforeAuthentication(auth);
@@ -135,8 +148,7 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
 
         target.onApplicationEvent(new HttpSessionDestroyedEvent(session));
 
-        Authentication different = createAuthentication("user", "password",
-                "differentsession");
+        Authentication different = createAuthentication("user", "password");
         target.beforeAuthentication(different);
         target.afterAuthentication(different, different);
     }
@@ -169,7 +181,7 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
                 true, new GrantedAuthority[0]);
         final UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(user,
                 "password", user.getAuthorities());
-        auth.setDetails(createWebDetails(auth, "session1"));
+        auth.setDetails(createWebDetails(auth));
 
         target.beforeAuthentication(auth);
         target.afterAuthentication(auth, auth);
@@ -185,7 +197,7 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
                         }
                     }, "password");
 
-            otherAuth.setDetails(createWebDetails(otherAuth, "session2"));
+            otherAuth.setDetails(createWebDetails(otherAuth));
             target.beforeAuthentication(otherAuth);
             fail(
                 "Same principal, different principal type, different session should have thrown ConcurrentLoginException");
@@ -249,20 +261,19 @@ public class ConcurrentSessionControllerImplTests extends TestCase {
         target.setApplicationContext(MockApplicationContext.getContext());
     }
 
-    private Authentication createAuthentication(String user, String password,
-        String sessionId) {
+    private Authentication createAuthentication(String user, String password) {
         UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(user,
                 password);
-        auth.setDetails(createWebDetails(auth, sessionId));
+        auth.setDetails(createWebDetails(auth));
 
         return auth;
     }
 
-    private WebAuthenticationDetails createWebDetails(Authentication auth,
-        String sessionId) {
-        MockHttpSession session = new MockHttpSession(sessionId);
-        MockHttpServletRequest request = new MockHttpServletRequest(auth,
-                session);
+    private WebAuthenticationDetails createWebDetails(Authentication auth) {
+        MockHttpSession session = new MockHttpSession();
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setSession(session);
+        request.setUserPrincipal(auth);
 
         return new WebAuthenticationDetails(request);
     }

core/src/test/java/org/acegisecurity/providers/anonymous/AnonymousProcessingFilterTests.java

@@ -21,8 +21,9 @@ import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.GrantedAuthorityImpl;
 import net.sf.acegisecurity.MockFilterConfig;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
+
 import net.sf.acegisecurity.context.ContextHolder;
 import net.sf.acegisecurity.context.security.SecureContext;
 import net.sf.acegisecurity.context.security.SecureContextImpl;
@@ -39,6 +40,9 @@ import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests {@link AnonymousProcessingFilter}.
@@ -126,8 +130,10 @@ public class AnonymousProcessingFilterTests extends TestCase {
         filter.afterPropertiesSet();
 
         // Test
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("x");
         executeFilterInContainerSimulator(new MockFilterConfig(), filter,
-            new MockHttpServletRequest("x"), new MockHttpServletResponse(),
+                request, new MockHttpServletResponse(),
             new MockFilterChain(true));
 
         // Ensure filter didn't change our original object
@@ -146,8 +152,10 @@ public class AnonymousProcessingFilterTests extends TestCase {
         filter.setUserAttribute(user);
         filter.afterPropertiesSet();
 
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("x");
         executeFilterInContainerSimulator(new MockFilterConfig(), filter,
-            new MockHttpServletRequest("x"), new MockHttpServletResponse(),
+                request, new MockHttpServletResponse(),
             new MockFilterChain(true));
 
         Authentication auth = SecureContextUtils.getSecureContext()

core/src/test/java/org/acegisecurity/securechannel/ChannelDecisionManagerImplTests.java

@@ -20,8 +20,6 @@ import junit.framework.TestCase;
 import net.sf.acegisecurity.ConfigAttribute;
 import net.sf.acegisecurity.ConfigAttributeDefinition;
 import net.sf.acegisecurity.MockFilterChain;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
 import net.sf.acegisecurity.SecurityConfig;
 import net.sf.acegisecurity.intercept.web.FilterInvocation;
 
@@ -33,6 +31,9 @@ import java.util.Vector;
 
 import javax.servlet.ServletException;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests {@link ChannelDecisionManagerImpl}.
@@ -101,7 +102,7 @@ public class ChannelDecisionManagerImplTests extends TestCase {
         cdm.setChannelProcessors(list);
         cdm.afterPropertiesSet();
 
-        MockHttpServletRequest request = new MockHttpServletRequest("not used");
+        MockHttpServletRequest request = new MockHttpServletRequest();
         MockHttpServletResponse response = new MockHttpServletResponse();
         MockFilterChain chain = new MockFilterChain();
         FilterInvocation fi = new FilterInvocation(request, response, chain);
@@ -124,7 +125,7 @@ public class ChannelDecisionManagerImplTests extends TestCase {
         cdm.setChannelProcessors(list);
         cdm.afterPropertiesSet();
 
-        MockHttpServletRequest request = new MockHttpServletRequest("not used");
+        MockHttpServletRequest request = new MockHttpServletRequest();
         MockHttpServletResponse response = new MockHttpServletResponse();
         MockFilterChain chain = new MockFilterChain();
         FilterInvocation fi = new FilterInvocation(request, response, chain);

core/src/test/java/org/acegisecurity/securechannel/ChannelProcessingFilterTests.java

@@ -19,9 +19,10 @@ import junit.framework.TestCase;
 
 import net.sf.acegisecurity.ConfigAttribute;
 import net.sf.acegisecurity.ConfigAttributeDefinition;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
 import net.sf.acegisecurity.SecurityConfig;
+
 import net.sf.acegisecurity.intercept.web.FilterInvocation;
 import net.sf.acegisecurity.intercept.web.FilterInvocationDefinitionSource;
 
@@ -36,6 +37,9 @@ import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests {@link ChannelProcessingFilter}.
@@ -143,7 +147,8 @@ public class ChannelProcessingFilterTests extends TestCase {
 
         filter.setFilterInvocationDefinitionSource(fids);
 
-        MockHttpServletRequest request = new MockHttpServletRequest("info=now");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("info=now");
         request.setServletPath("/path");
 
         MockHttpServletResponse response = new MockHttpServletResponse();
@@ -167,7 +172,8 @@ public class ChannelProcessingFilterTests extends TestCase {
 
         filter.setFilterInvocationDefinitionSource(fids);
 
-        MockHttpServletRequest request = new MockHttpServletRequest("info=now");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("info=now");
         request.setServletPath("/path");
 
         MockHttpServletResponse response = new MockHttpServletResponse();
@@ -191,7 +197,8 @@ public class ChannelProcessingFilterTests extends TestCase {
 
         filter.setFilterInvocationDefinitionSource(fids);
 
-        MockHttpServletRequest request = new MockHttpServletRequest("info=now");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("info=now");
         request.setServletPath("/PATH_NOT_MATCHING_CONFIG_ATTRIBUTE");
 
         MockHttpServletResponse response = new MockHttpServletResponse();

core/src/test/java/org/acegisecurity/securechannel/InsecureChannelProcessorTests.java

@@ -19,10 +19,13 @@ import junit.framework.TestCase;
 
 import net.sf.acegisecurity.ConfigAttributeDefinition;
 import net.sf.acegisecurity.MockFilterChain;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
 import net.sf.acegisecurity.SecurityConfig;
+
 import net.sf.acegisecurity.intercept.web.FilterInvocation;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
 
 
 /**
@@ -47,7 +50,8 @@ public class InsecureChannelProcessorTests extends TestCase {
         cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE"));
         cad.addConfigAttribute(new SecurityConfig("REQUIRES_INSECURE_CHANNEL"));
 
-        MockHttpServletRequest request = new MockHttpServletRequest("info=true");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("info=true");
         request.setServerName("localhost");
         request.setContextPath("/bigapp");
         request.setServletPath("/servlet");
@@ -70,11 +74,13 @@ public class InsecureChannelProcessorTests extends TestCase {
         cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE"));
         cad.addConfigAttribute(new SecurityConfig("REQUIRES_INSECURE_CHANNEL"));
 
-        MockHttpServletRequest request = new MockHttpServletRequest("info=true");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("info=true");
         request.setServerName("localhost");
         request.setContextPath("/bigapp");
         request.setServletPath("/servlet");
         request.setScheme("https");
+        request.setSecure(true);
         request.setServerPort(8443);
 
         MockHttpServletResponse response = new MockHttpServletResponse();

core/src/test/java/org/acegisecurity/securechannel/RetryWithHttpEntryPointTests.java

@@ -17,14 +17,18 @@ package net.sf.acegisecurity.securechannel;
 
 import junit.framework.TestCase;
 
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
 import net.sf.acegisecurity.MockPortResolver;
+
 import net.sf.acegisecurity.util.PortMapperImpl;
 
 import java.util.HashMap;
 import java.util.Map;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests {@link RetryWithHttpEntryPoint}.
@@ -76,7 +80,8 @@ public class RetryWithHttpEntryPointTests extends TestCase {
     }
 
     public void testNormalOperation() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest("open=true");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("open=true");
         request.setScheme("https");
         request.setServerName("www.example.com");
         request.setContextPath("/bigWebApp");
@@ -93,12 +98,12 @@ public class RetryWithHttpEntryPointTests extends TestCase {
 
         ep.commence(request, response);
         assertEquals("http://www.example.com/bigWebApp/hello/pathInfo.html?open=true",
-            response.getRedirect());
+            response.getRedirectedUrl());
     }
 
     public void testNormalOperationWithNullPathInfoAndNullQueryString()
         throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest(null);
+        MockHttpServletRequest request = new MockHttpServletRequest();
         request.setScheme("https");
         request.setServerName("www.example.com");
         request.setContextPath("/bigWebApp");
@@ -115,12 +120,13 @@ public class RetryWithHttpEntryPointTests extends TestCase {
 
         ep.commence(request, response);
         assertEquals("http://www.example.com/bigWebApp/hello",
-            response.getRedirect());
+            response.getRedirectedUrl());
     }
 
     public void testOperationWhenTargetPortIsUnknown()
         throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest("open=true");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("open=true");
         request.setScheme("https");
         request.setServerName("www.example.com");
         request.setContextPath("/bigWebApp");
@@ -136,11 +142,12 @@ public class RetryWithHttpEntryPointTests extends TestCase {
         ep.afterPropertiesSet();
 
         ep.commence(request, response);
-        assertEquals("/bigWebApp", response.getRedirect());
+        assertEquals("/bigWebApp", response.getRedirectedUrl());
     }
 
     public void testOperationWithNonStandardPort() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest("open=true");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("open=true");
         request.setScheme("https");
         request.setServerName("www.example.com");
         request.setContextPath("/bigWebApp");
@@ -162,6 +169,6 @@ public class RetryWithHttpEntryPointTests extends TestCase {
 
         ep.commence(request, response);
         assertEquals("http://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true",
-            response.getRedirect());
+            response.getRedirectedUrl());
     }
 }

core/src/test/java/org/acegisecurity/securechannel/RetryWithHttpsEntryPointTests.java

@@ -17,14 +17,18 @@ package net.sf.acegisecurity.securechannel;
 
 import junit.framework.TestCase;
 
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
 import net.sf.acegisecurity.MockPortResolver;
+
 import net.sf.acegisecurity.util.PortMapperImpl;
 
 import java.util.HashMap;
 import java.util.Map;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests {@link RetryWithHttpsEntryPoint}.
@@ -76,7 +80,8 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
     }
 
     public void testNormalOperation() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest("open=true");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("open=true");
         request.setScheme("http");
         request.setServerName("www.example.com");
         request.setContextPath("/bigWebApp");
@@ -93,12 +98,12 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
 
         ep.commence(request, response);
         assertEquals("https://www.example.com/bigWebApp/hello/pathInfo.html?open=true",
-            response.getRedirect());
+            response.getRedirectedUrl());
     }
 
     public void testNormalOperationWithNullPathInfoAndNullQueryString()
         throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest(null);
+        MockHttpServletRequest request = new MockHttpServletRequest();
         request.setScheme("http");
         request.setServerName("www.example.com");
         request.setContextPath("/bigWebApp");
@@ -115,12 +120,13 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
 
         ep.commence(request, response);
         assertEquals("https://www.example.com/bigWebApp/hello",
-            response.getRedirect());
+            response.getRedirectedUrl());
     }
 
     public void testOperationWhenTargetPortIsUnknown()
         throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest("open=true");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("open=true");
         request.setScheme("http");
         request.setServerName("www.example.com");
         request.setContextPath("/bigWebApp");
@@ -136,11 +142,12 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
         ep.afterPropertiesSet();
 
         ep.commence(request, response);
-        assertEquals("/bigWebApp", response.getRedirect());
+        assertEquals("/bigWebApp", response.getRedirectedUrl());
     }
 
     public void testOperationWithNonStandardPort() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest("open=true");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("open=true");
         request.setScheme("http");
         request.setServerName("www.example.com");
         request.setContextPath("/bigWebApp");
@@ -162,6 +169,6 @@ public class RetryWithHttpsEntryPointTests extends TestCase {
 
         ep.commence(request, response);
         assertEquals("https://www.example.com:9999/bigWebApp/hello/pathInfo.html?open=true",
-            response.getRedirect());
+            response.getRedirectedUrl());
     }
 }

core/src/test/java/org/acegisecurity/securechannel/SecureChannelProcessorTests.java

@@ -19,10 +19,13 @@ import junit.framework.TestCase;
 
 import net.sf.acegisecurity.ConfigAttributeDefinition;
 import net.sf.acegisecurity.MockFilterChain;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
 import net.sf.acegisecurity.SecurityConfig;
+
 import net.sf.acegisecurity.intercept.web.FilterInvocation;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
 
 
 /**
@@ -47,11 +50,13 @@ public class SecureChannelProcessorTests extends TestCase {
         cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE"));
         cad.addConfigAttribute(new SecurityConfig("REQUIRES_SECURE_CHANNEL"));
 
-        MockHttpServletRequest request = new MockHttpServletRequest("info=true");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("info=true");
         request.setServerName("localhost");
         request.setContextPath("/bigapp");
         request.setServletPath("/servlet");
         request.setScheme("https");
+        request.setSecure(true);
         request.setServerPort(8443);
 
         MockHttpServletResponse response = new MockHttpServletResponse();
@@ -70,7 +75,8 @@ public class SecureChannelProcessorTests extends TestCase {
         cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE"));
         cad.addConfigAttribute(new SecurityConfig("REQUIRES_SECURE_CHANNEL"));
 
-        MockHttpServletRequest request = new MockHttpServletRequest("info=true");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setQueryString("info=true");
         request.setServerName("localhost");
         request.setContextPath("/bigapp");
         request.setServletPath("/servlet");

core/src/test/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterEntryPointTests.java

@@ -18,8 +18,11 @@ package net.sf.acegisecurity.ui.basicauth;
 import junit.framework.TestCase;
 
 import net.sf.acegisecurity.DisabledException;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
+
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
 
 
 /**
@@ -70,8 +73,8 @@ public class BasicProcessingFilterEntryPointTests extends TestCase {
         BasicProcessingFilterEntryPoint ep = new BasicProcessingFilterEntryPoint();
         ep.setRealmName("hello");
 
-        MockHttpServletRequest request = new MockHttpServletRequest(
-                "/some_path");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/some_path");
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         ep.afterPropertiesSet();
@@ -79,7 +82,7 @@ public class BasicProcessingFilterEntryPointTests extends TestCase {
         String msg = "These are the jokes kid";
         ep.commence(request, response, new DisabledException(msg));
 
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
         assertEquals(msg, response.getErrorMessage());
 
         assertEquals("Basic realm=\"hello\"",

core/src/test/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterTests.java

@@ -20,9 +20,6 @@ import junit.framework.TestCase;
 import net.sf.acegisecurity.MockAuthenticationEntryPoint;
 import net.sf.acegisecurity.MockAuthenticationManager;
 import net.sf.acegisecurity.MockFilterConfig;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
-import net.sf.acegisecurity.MockHttpSession;
 import net.sf.acegisecurity.UserDetails;
 import net.sf.acegisecurity.context.ContextHolder;
 import net.sf.acegisecurity.context.security.SecureContextImpl;
@@ -32,12 +29,11 @@ import org.apache.commons.codec.binary.Base64;
 
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.support.ClassPathXmlApplicationContext;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.mock.web.MockHttpServletRequest;
 
 import java.io.IOException;
 
-import java.util.HashMap;
-import java.util.Map;
-
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
@@ -100,9 +96,7 @@ public class BasicProcessingFilterTests extends TestCase {
     public void testFilterIgnoresRequestsContainingNoAuthorizationHeader()
         throws Exception {
         // Setup our HTTP request
-        Map headers = new HashMap();
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -138,13 +132,9 @@ public class BasicProcessingFilterTests extends TestCase {
     public void testInvalidBasicAuthorizationTokenIsIgnored()
         throws Exception {
         // Setup our HTTP request
-        Map headers = new HashMap();
         String token = "NOT_A_VALID_TOKEN_AS_MISSING_COLON";
-        headers.put("Authorization",
-            "Basic " + new String(Base64.encodeBase64(token.getBytes())));
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64(token.getBytes())));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -169,13 +159,10 @@ public class BasicProcessingFilterTests extends TestCase {
 
     public void testNormalOperation() throws Exception {
         // Setup our HTTP request
-        Map headers = new HashMap();
         String token = "marissa:koala";
-        headers.put("Authorization",
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addHeader("Authorization",
             "Basic " + new String(Base64.encodeBase64(token.getBytes())));
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -205,11 +192,8 @@ public class BasicProcessingFilterTests extends TestCase {
     public void testOtherAuthorizationSchemeIsIgnored()
         throws Exception {
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization", "SOME_OTHER_AUTHENTICATION_SCHEME");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addHeader("Authorization", "SOME_OTHER_AUTHENTICATION_SCHEME");
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -262,13 +246,10 @@ public class BasicProcessingFilterTests extends TestCase {
     public void testSuccessLoginThenFailureLoginResultsInSessionLoosingToken()
         throws Exception {
         // Setup our HTTP request
-        Map headers = new HashMap();
         String token = "marissa:koala";
-        headers.put("Authorization",
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addHeader("Authorization",
             "Basic " + new String(Base64.encodeBase64(token.getBytes())));
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -296,12 +277,10 @@ public class BasicProcessingFilterTests extends TestCase {
 
         // NOW PERFORM FAILED AUTHENTICATION
         // Setup our HTTP request
-        headers = new HashMap();
         token = "marissa:WRONG_PASSWORD";
-        headers.put("Authorization",
+        request = new MockHttpServletRequest();
+        request.addHeader("Authorization",
             "Basic " + new String(Base64.encodeBase64(token.getBytes())));
-        request = new MockHttpServletRequest(headers, null,
-                new MockHttpSession());
         request.setServletPath("/some_file.html");
 
         // Setup our expectation that the filter chain will not be invoked, as we get a 403 forbidden response
@@ -313,18 +292,15 @@ public class BasicProcessingFilterTests extends TestCase {
             chain);
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
     }
 
     public void testWrongPasswordReturnsForbidden() throws Exception {
         // Setup our HTTP request
-        Map headers = new HashMap();
         String token = "marissa:WRONG_PASSWORD";
-        headers.put("Authorization",
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addHeader("Authorization",
             "Basic " + new String(Base64.encodeBase64(token.getBytes())));
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -345,7 +321,7 @@ public class BasicProcessingFilterTests extends TestCase {
             chain);
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
     }
 
     protected void setUp() throws Exception {

core/src/test/java/org/acegisecurity/ui/cas/CasProcessingFilterEntryPointTests.java

@@ -17,11 +17,15 @@ package net.sf.acegisecurity.ui.cas;
 
 import junit.framework.TestCase;
 
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
+
 
 import java.net.URLEncoder;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests {@link CasProcessingFilterEntryPoint}.
@@ -94,8 +98,8 @@ public class CasProcessingFilterEntryPointTests extends TestCase {
         ep.setLoginUrl("https://cas/login");
         ep.setServiceProperties(sp);
 
-        MockHttpServletRequest request = new MockHttpServletRequest(
-                "/some_path");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/some_path");
 
         MockHttpServletResponse response = new MockHttpServletResponse();
 
@@ -105,7 +109,7 @@ public class CasProcessingFilterEntryPointTests extends TestCase {
         assertEquals("https://cas/login?service="
             + URLEncoder.encode(
                 "https://mycompany.com/bigWebApp/j_acegi_cas_security_check",
-                "UTF-8"), response.getRedirect());
+                "UTF-8"), response.getRedirectedUrl());
     }
 
     public void testNormalOperationWithRenewTrue() throws Exception {
@@ -118,14 +122,14 @@ public class CasProcessingFilterEntryPointTests extends TestCase {
         ep.setLoginUrl("https://cas/login");
         ep.setServiceProperties(sp);
 
-        MockHttpServletRequest request = new MockHttpServletRequest(
-                "/some_path");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/some_path");
 
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         ep.afterPropertiesSet();
         ep.commence(request, response, null);
         assertEquals("https://cas/login?renew=true&service=https://mycompany.com/bigWebApp/j_acegi_cas_security_check",
-            response.getRedirect());
+            response.getRedirectedUrl());
     }
 }

core/src/test/java/org/acegisecurity/ui/cas/CasProcessingFilterTests.java

@@ -20,8 +20,8 @@ import junit.framework.TestCase;
 import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.AuthenticationException;
 import net.sf.acegisecurity.MockAuthenticationManager;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpSession;
+
+import org.springframework.mock.web.MockHttpServletRequest;
 
 
 /**
@@ -58,9 +58,8 @@ public class CasProcessingFilterTests extends TestCase {
     }
 
     public void testNormalOperation() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                new MockHttpSession());
-        request.setParameter("ticket", "ST-0-ER94xMJmn6pha35CQRoZ");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addParameter("ticket", "ST-0-ER94xMJmn6pha35CQRoZ");
 
         MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
 
@@ -74,8 +73,7 @@ public class CasProcessingFilterTests extends TestCase {
 
     public void testNullServiceTicketHandledGracefully()
         throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
 
         MockAuthenticationManager authMgr = new MockAuthenticationManager(false);
 

core/src/test/java/org/acegisecurity/ui/digestauth/DigestProcessingFilterEntryPointTests.java

@@ -18,14 +18,17 @@ package net.sf.acegisecurity.ui.digestauth;
 import junit.framework.TestCase;
 
 import net.sf.acegisecurity.DisabledException;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
+
 import net.sf.acegisecurity.util.StringSplitUtils;
 
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.codec.digest.DigestUtils;
 
 import org.springframework.util.StringUtils;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
 
 import java.util.Map;
 
@@ -98,8 +101,8 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
         ep.setRealmName("hello");
         ep.setKey("key");
 
-        MockHttpServletRequest request = new MockHttpServletRequest(
-                "/some_path");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/some_path");
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         ep.afterPropertiesSet();
@@ -107,14 +110,13 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
         ep.commence(request, response, new DisabledException("foobar"));
 
         // Check response is properly formed
-        assertEquals(401, response.getError());
-        assertTrue(response.getHeader("WWW-Authenticate").startsWith("Digest "));
+        assertEquals(401, response.getStatus());
+        assertEquals(true, response.getHeader("WWW-Authenticate").toString().startsWith("Digest "));
 
         // Break up response header
-        String header = response.getHeader("WWW-Authenticate").substring(7);
+        String header = response.getHeader("WWW-Authenticate").toString().substring(7);
         String[] headerEntries = StringUtils.commaDelimitedListToStringArray(header);
-        Map headerMap = StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries,
-                "=", "\"");
+        Map headerMap = StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries, "=", "\"");
 
         assertEquals("hello", headerMap.get("realm"));
         assertEquals("auth", headerMap.get("qop"));
@@ -128,8 +130,8 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
         ep.setRealmName("hello");
         ep.setKey("key");
 
-        MockHttpServletRequest request = new MockHttpServletRequest(
-                "/some_path");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/some_path");
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         ep.afterPropertiesSet();
@@ -138,11 +140,11 @@ public class DigestProcessingFilterEntryPointTests extends TestCase {
             new NonceExpiredException("expired nonce"));
 
         // Check response is properly formed
-        assertEquals(401, response.getError());
-        assertTrue(response.getHeader("WWW-Authenticate").startsWith("Digest "));
+        assertEquals(401, response.getStatus());
+        assertTrue(response.getHeader("WWW-Authenticate").toString().startsWith("Digest "));
 
         // Break up response header
-        String header = response.getHeader("WWW-Authenticate").substring(7);
+        String header = response.getHeader("WWW-Authenticate").toString().substring(7);
         String[] headerEntries = StringUtils.commaDelimitedListToStringArray(header);
         Map headerMap = StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries,
                 "=", "\"");

core/src/test/java/org/acegisecurity/ui/digestauth/DigestProcessingFilterTests.java

@@ -19,9 +19,6 @@ import junit.framework.TestCase;
 
 import net.sf.acegisecurity.DisabledException;
 import net.sf.acegisecurity.MockFilterConfig;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
-import net.sf.acegisecurity.MockHttpSession;
 import net.sf.acegisecurity.UserDetails;
 import net.sf.acegisecurity.context.ContextHolder;
 import net.sf.acegisecurity.context.security.SecureContextImpl;
@@ -35,14 +32,12 @@ import org.apache.commons.codec.binary.Base64;
 
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.support.ClassPathXmlApplicationContext;
-
 import org.springframework.dao.DataAccessException;
-
 import org.springframework.util.StringUtils;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
 
 import java.io.IOException;
-
-import java.util.HashMap;
 import java.util.Map;
 
 import javax.servlet.Filter;
@@ -120,15 +115,9 @@ public class DigestProcessingFilterTests extends TestCase {
                 realm, password, "GET", uri, qop, nonce, nc, cnonce);
 
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization",
-            "Digest username=\"" + username + "\", realm=\"" + realm
-            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-            + cnonce + "\"");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
+        request.addHeader("Authorization",
+                createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -150,9 +139,9 @@ public class DigestProcessingFilterTests extends TestCase {
             chain);
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
 
-        String header = response.getHeader("WWW-Authenticate").substring(7);
+        String header = response.getHeader("WWW-Authenticate").toString().substring(7);
         String[] headerEntries = StringUtils.commaDelimitedListToStringArray(header);
         Map headerMap = StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries,
                 "=", "\"");
@@ -162,9 +151,7 @@ public class DigestProcessingFilterTests extends TestCase {
     public void testFilterIgnoresRequestsContainingNoAuthorizationHeader()
         throws Exception {
         // Setup our HTTP request
-        Map headers = new HashMap();
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -204,13 +191,11 @@ public class DigestProcessingFilterTests extends TestCase {
     public void testInvalidDigestAuthorizationTokenGeneratesError()
         throws Exception {
         // Setup our HTTP request
-        Map headers = new HashMap();
         String token = "NOT_A_VALID_TOKEN_AS_MISSING_COLON";
-        headers.put("Authorization",
-            "Digest " + new String(Base64.encodeBase64(token.getBytes())));
 
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addHeader("Authorization",
+            "Digest " + new String(Base64.encodeBase64(token.getBytes())));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -229,18 +214,15 @@ public class DigestProcessingFilterTests extends TestCase {
         // Test
         executeFilterInContainerSimulator(config, filter, request, response,
             chain);
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
     }
 
     public void testMalformedHeaderReturnsForbidden() throws Exception {
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization", "Digest scsdcsdc");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addHeader("Authorization", "Digest scsdcsdc");
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -261,7 +243,7 @@ public class DigestProcessingFilterTests extends TestCase {
             chain);
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
     }
 
     public void testNonBase64EncodedNonceReturnsForbidden()
@@ -280,15 +262,9 @@ public class DigestProcessingFilterTests extends TestCase {
                 realm, password, "GET", uri, qop, nonce, nc, cnonce);
 
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization",
-            "Digest username=\"" + username + "\", realm=\"" + realm
-            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-            + cnonce + "\"");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addHeader("Authorization",
+                createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -309,7 +285,7 @@ public class DigestProcessingFilterTests extends TestCase {
             chain);
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
     }
 
     public void testNonceWithIncorrectSignatureForNumericFieldReturnsForbidden()
@@ -329,15 +305,9 @@ public class DigestProcessingFilterTests extends TestCase {
                 realm, password, "GET", uri, qop, nonce, nc, cnonce);
 
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization",
-            "Digest username=\"" + username + "\", realm=\"" + realm
-            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-            + cnonce + "\"");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addHeader("Authorization",
+                createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -358,7 +328,7 @@ public class DigestProcessingFilterTests extends TestCase {
             chain);
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
     }
 
     public void testNonceWithNonNumericFirstElementReturnsForbidden()
@@ -378,15 +348,9 @@ public class DigestProcessingFilterTests extends TestCase {
                 realm, password, "GET", uri, qop, nonce, nc, cnonce);
 
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization",
-            "Digest username=\"" + username + "\", realm=\"" + realm
-            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-            + cnonce + "\"");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addHeader("Authorization",
+                createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -407,7 +371,7 @@ public class DigestProcessingFilterTests extends TestCase {
             chain);
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
     }
 
     public void testNonceWithoutTwoColonSeparatedElementsReturnsForbidden()
@@ -427,15 +391,9 @@ public class DigestProcessingFilterTests extends TestCase {
                 realm, password, "GET", uri, qop, nonce, nc, cnonce);
 
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization",
-            "Digest username=\"" + username + "\", realm=\"" + realm
-            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-            + cnonce + "\"");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addHeader("Authorization",
+                createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -456,7 +414,7 @@ public class DigestProcessingFilterTests extends TestCase {
             chain);
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
     }
 
     public void testNormalOperation() throws Exception {
@@ -474,15 +432,9 @@ public class DigestProcessingFilterTests extends TestCase {
                 realm, password, "GET", uri, qop, nonce, nc, cnonce);
 
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization",
-            "Digest username=\"" + username + "\", realm=\"" + realm
-            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-            + cnonce + "\"");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
+        request.addHeader("Authorization",
+                createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -512,11 +464,8 @@ public class DigestProcessingFilterTests extends TestCase {
     public void testOtherAuthorizationSchemeIsIgnored()
         throws Exception {
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization", "SOME_OTHER_AUTHENTICATION_SCHEME");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addHeader("Authorization", "SOME_OTHER_AUTHENTICATION_SCHEME");
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -581,15 +530,9 @@ public class DigestProcessingFilterTests extends TestCase {
                 realm, password, "GET", uri, qop, nonce, nc, cnonce);
 
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization",
-            "Digest username=\"" + username + "\", realm=\"" + realm
-            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-            + cnonce + "\"");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
+        request.addHeader("Authorization",
+                createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -616,20 +559,15 @@ public class DigestProcessingFilterTests extends TestCase {
         responseDigest = DigestProcessingFilter.generateDigest(username, realm,
                 password, "GET", uri, qop, nonce, nc, cnonce);
 
-        headers.put("Authorization",
-            "Digest username=\"" + username + "\", realm=\"" + realm
-            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-            + cnonce + "\"");
-
-        request = new MockHttpServletRequest(headers, null,
-                new MockHttpSession());
+        request = new MockHttpServletRequest();
+        request.addHeader("Authorization",
+                createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
         executeFilterInContainerSimulator(config, filter, request, response,
             chain);
 
         // Check we lost our previous authentication
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
     }
 
     public void testWrongCnonceBasedOnDigestReturnsForbidden()
@@ -648,15 +586,9 @@ public class DigestProcessingFilterTests extends TestCase {
                 realm, password, "GET", uri, qop, nonce, nc, "DIFFERENT_CNONCE");
 
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization",
-            "Digest username=\"" + username + "\", realm=\"" + realm
-            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-            + cnonce + "\"");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
+        request.addHeader("Authorization",
+                createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -677,7 +609,7 @@ public class DigestProcessingFilterTests extends TestCase {
             chain);
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
     }
 
     public void testWrongDigestReturnsForbidden() throws Exception {
@@ -695,15 +627,9 @@ public class DigestProcessingFilterTests extends TestCase {
                 realm, password, "GET", uri, qop, nonce, nc, cnonce);
 
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization",
-            "Digest username=\"" + username + "\", realm=\"" + realm
-            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-            + cnonce + "\"");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
+        request.addHeader("Authorization",
+                createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -724,7 +650,7 @@ public class DigestProcessingFilterTests extends TestCase {
             chain);
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
     }
 
     public void testWrongRealmReturnsForbidden() throws Exception {
@@ -742,15 +668,9 @@ public class DigestProcessingFilterTests extends TestCase {
                 realm, password, "GET", uri, qop, nonce, nc, cnonce);
 
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization",
-            "Digest username=\"" + username + "\", realm=\"" + realm
-            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-            + cnonce + "\"");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
+        request.addHeader("Authorization",
+                createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -771,7 +691,7 @@ public class DigestProcessingFilterTests extends TestCase {
             chain);
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
     }
 
     public void testWrongUsernameReturnsForbidden() throws Exception {
@@ -789,15 +709,9 @@ public class DigestProcessingFilterTests extends TestCase {
                 realm, password, "GET", uri, qop, nonce, nc, cnonce);
 
         // Setup our HTTP request
-        Map headers = new HashMap();
-        headers.put("Authorization",
-            "Digest username=\"" + username + "\", realm=\"" + realm
-            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
-            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
-            + cnonce + "\"");
-
-        MockHttpServletRequest request = new MockHttpServletRequest(headers,
-                null, new MockHttpSession());
+        MockHttpServletRequest request = new MockHttpServletRequest("GET", uri);
+        request.addHeader("Authorization",
+                createAuthorizationHeader(username, realm, nonce, uri, responseDigest, qop, nc, cnonce));
         request.setServletPath("/some_file.html");
 
         // Launch an application context and access our bean
@@ -818,7 +732,7 @@ public class DigestProcessingFilterTests extends TestCase {
             chain);
 
         assertNull(SecureContextUtils.getSecureContext().getAuthentication());
-        assertEquals(401, response.getError());
+        assertEquals(401, response.getStatus());
     }
 
     protected void setUp() throws Exception {
@@ -847,20 +761,34 @@ public class DigestProcessingFilterTests extends TestCase {
             .getBean("digestProcessingFilterEntryPoint");
         ep.setNonceValiditySeconds(nonceValidityPeriod);
 
-        MockHttpServletRequest request = new MockHttpServletRequest(
-                "/some_path");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/some_path");
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         ep.commence(request, response, new DisabledException("foobar"));
 
         // Break up response header
-        String header = response.getHeader("WWW-Authenticate").substring(7);
+        String header = response.getHeader("WWW-Authenticate").toString().substring(7);
         String[] headerEntries = StringUtils.commaDelimitedListToStringArray(header);
         Map headerMap = StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries,
                 "=", "\"");
 
         return headerMap;
     }
+    
+    private String createAuthorizationHeader(String username, 
+                                             String realm, 
+                                             String nonce, 
+                                             String uri,
+                                             String responseDigest,
+                                             String qop,
+                                             String nc,
+                                             String cnonce) {
+        return "Digest username=\"" + username + "\", realm=\"" + realm
+            + "\", nonce=\"" + nonce + "\", uri=\"" + uri + "\", response=\""
+            + responseDigest + "\", qop=" + qop + ", nc=" + nc + ", cnonce=\""
+            + cnonce + "\"";
+    }
 
     //~ Inner Classes ==========================================================
 

core/src/test/java/org/acegisecurity/ui/rememberme/RememberMeProcessingFilterTests.java

@@ -31,13 +31,16 @@ import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.GrantedAuthorityImpl;
 import net.sf.acegisecurity.MockFilterConfig;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
+
 import net.sf.acegisecurity.context.ContextHolder;
 import net.sf.acegisecurity.context.security.SecureContext;
 import net.sf.acegisecurity.context.security.SecureContextImpl;
 import net.sf.acegisecurity.context.security.SecureContextUtils;
 import net.sf.acegisecurity.providers.TestingAuthenticationToken;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
 
 
 /**
@@ -82,7 +85,9 @@ public class RememberMeProcessingFilterTests extends TestCase {
         RememberMeProcessingFilter filter = new RememberMeProcessingFilter();
 
     try {
-        filter.doFilter(new MockHttpServletRequest("dc"), null,
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("dc");
+        filter.doFilter(request, null,
             new MockFilterChain());
         fail("Should have thrown ServletException");
     } catch (ServletException expected) {
@@ -129,8 +134,10 @@ public class RememberMeProcessingFilterTests extends TestCase {
         filter.afterPropertiesSet();
 
         // Test
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("x");
         executeFilterInContainerSimulator(new MockFilterConfig(), filter,
-            new MockHttpServletRequest("x"), new MockHttpServletResponse(),
+                request, new MockHttpServletResponse(),
             new MockFilterChain(true));
 
         // Ensure filter didn't change our original object
@@ -147,8 +154,10 @@ public class RememberMeProcessingFilterTests extends TestCase {
         filter.setRememberMeServices(new MockRememberMeServices(remembered));
         filter.afterPropertiesSet();
 
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("x");
         executeFilterInContainerSimulator(new MockFilterConfig(), filter,
-            new MockHttpServletRequest("x"), new MockHttpServletResponse(),
+                request, new MockHttpServletResponse(),
             new MockFilterChain(true));
 
         Authentication auth = SecureContextUtils.getSecureContext()

core/src/test/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServicesTests.java

@@ -20,8 +20,8 @@ import junit.framework.TestCase;
 import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.GrantedAuthorityImpl;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
 import net.sf.acegisecurity.UserDetails;
 import net.sf.acegisecurity.providers.TestingAuthenticationToken;
 import net.sf.acegisecurity.providers.dao.AuthenticationDao;
@@ -34,6 +34,8 @@ import org.apache.commons.codec.digest.DigestUtils;
 import org.springframework.dao.DataAccessException;
 
 import org.springframework.util.StringUtils;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
 
 import java.util.Date;
 
@@ -71,14 +73,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
         services.setAuthenticationDao(new MockAuthenticationDao(null, true));
         services.afterPropertiesSet();
 
-        MockHttpServletRequest request = new MockHttpServletRequest("dc");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("dc");
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         Authentication result = services.autoLogin(request, response);
 
         assertNull(result);
 
-        Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+        Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
         assertNull(returnedCookie); // shouldn't try to invalidate our cookie
     }
 
@@ -90,15 +93,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
         services.afterPropertiesSet();
 
         Cookie cookie = new Cookie("unrelated_cookie", "foobar");
-        MockHttpServletRequest request = new MockHttpServletRequest(null, null,
-                "null", new Cookie[] {cookie});
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setCookies(new Cookie[] {cookie});
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         Authentication result = services.autoLogin(request, response);
 
         assertNull(result);
 
-        Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+        Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
         assertNull(returnedCookie); // shouldn't try to invalidate our cookie
     }
 
@@ -115,15 +118,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
         Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
                 generateCorrectCookieContentForToken(System.currentTimeMillis()
                     - 1000000, "someone", "password", "key"));
-        MockHttpServletRequest request = new MockHttpServletRequest(null, null,
-                "null", new Cookie[] {cookie});
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setCookies(new Cookie[] {cookie});
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         Authentication result = services.autoLogin(request, response);
 
         assertNull(result);
 
-        Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+        Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
         assertNotNull(returnedCookie);
         assertEquals(0, returnedCookie.getMaxAge());
     }
@@ -141,15 +144,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
 
         Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
                 new String(Base64.encodeBase64("x".getBytes())));
-        MockHttpServletRequest request = new MockHttpServletRequest(null, null,
-                "null", new Cookie[] {cookie});
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setCookies(new Cookie[] {cookie});
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         Authentication result = services.autoLogin(request, response);
 
         assertNull(result);
 
-        Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+        Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
         assertNotNull(returnedCookie);
         assertEquals(0, returnedCookie.getMaxAge());
     }
@@ -166,15 +169,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
 
         Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
                 "NOT_BASE_64_ENCODED");
-        MockHttpServletRequest request = new MockHttpServletRequest(null, null,
-                "null", new Cookie[] {cookie});
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setCookies(new Cookie[] {cookie});
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         Authentication result = services.autoLogin(request, response);
 
         assertNull(result);
 
-        Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+        Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
         assertNotNull(returnedCookie);
         assertEquals(0, returnedCookie.getMaxAge());
     }
@@ -193,15 +196,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
         Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
                 generateCorrectCookieContentForToken(System.currentTimeMillis()
                     + 1000000, "someone", "password", "WRONG_KEY"));
-        MockHttpServletRequest request = new MockHttpServletRequest(null, null,
-                "null", new Cookie[] {cookie});
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setCookies(new Cookie[] {cookie});
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         Authentication result = services.autoLogin(request, response);
 
         assertNull(result);
 
-        Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+        Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
         assertNotNull(returnedCookie);
         assertEquals(0, returnedCookie.getMaxAge());
     }
@@ -220,15 +223,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
         Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
                 new String(Base64.encodeBase64(
                         "username:NOT_A_NUMBER:signature".getBytes())));
-        MockHttpServletRequest request = new MockHttpServletRequest(null, null,
-                "null", new Cookie[] {cookie});
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setCookies(new Cookie[] {cookie});
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         Authentication result = services.autoLogin(request, response);
 
         assertNull(result);
 
-        Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+        Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
         assertNotNull(returnedCookie);
         assertEquals(0, returnedCookie.getMaxAge());
     }
@@ -242,15 +245,15 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
         Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
                 generateCorrectCookieContentForToken(System.currentTimeMillis()
                     + 1000000, "someone", "password", "key"));
-        MockHttpServletRequest request = new MockHttpServletRequest(null, null,
-                "null", new Cookie[] {cookie});
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setCookies(new Cookie[] {cookie});
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         Authentication result = services.autoLogin(request, response);
 
         assertNull(result);
 
-        Cookie returnedCookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+        Cookie returnedCookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
         assertNotNull(returnedCookie);
         assertEquals(0, returnedCookie.getMaxAge());
     }
@@ -268,8 +271,8 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
         Cookie cookie = new Cookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY,
                 generateCorrectCookieContentForToken(System.currentTimeMillis()
                     + 1000000, "someone", "password", "key"));
-        MockHttpServletRequest request = new MockHttpServletRequest(null, null,
-                "null", new Cookie[] {cookie});
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setCookies(new Cookie[] {cookie});
         MockHttpServletResponse response = new MockHttpServletResponse();
 
         Authentication result = services.autoLogin(request, response);
@@ -300,19 +303,21 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
 
     public void testLoginFail() {
         TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
-        MockHttpServletRequest request = new MockHttpServletRequest("fv");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("fv");
         MockHttpServletResponse response = new MockHttpServletResponse();
         services.loginFail(request, response);
 
-        Cookie cookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+        Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
         assertNotNull(cookie);
         assertEquals(0, cookie.getMaxAge());
     }
 
     public void testLoginSuccessIgnoredIfParameterNotSetOrFalse() {
         TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
-        MockHttpServletRequest request = new MockHttpServletRequest("d");
-        request.setParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER,
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("d");
+        request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER,
             "false");
 
         MockHttpServletResponse response = new MockHttpServletResponse();
@@ -320,22 +325,22 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
             new TestingAuthenticationToken("someone", "password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
 
-        Cookie cookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+        Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
         assertNull(cookie);
     }
 
     public void testLoginSuccessNormalWithNonUserDetailsBasedPrincipal() {
         TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
-        MockHttpServletRequest request = new MockHttpServletRequest("d");
-        request.setParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER,
-            "true");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("d");
+        request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "true");
 
         MockHttpServletResponse response = new MockHttpServletResponse();
         services.loginSuccess(request, response,
             new TestingAuthenticationToken("someone", "password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
 
-        Cookie cookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+        Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
         assertNotNull(cookie);
         assertEquals(60 * 60 * 24 * 365 * 5, cookie.getMaxAge()); // 5 years
         assertTrue(Base64.isArrayByteBase64(cookie.getValue().getBytes()));
@@ -346,9 +351,9 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
 
     public void testLoginSuccessNormalWithUserDetailsBasedPrincipal() {
         TokenBasedRememberMeServices services = new TokenBasedRememberMeServices();
-        MockHttpServletRequest request = new MockHttpServletRequest("d");
-        request.setParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER,
-            "true");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("d");
+        request.addParameter(TokenBasedRememberMeServices.DEFAULT_PARAMETER, "true");
 
         MockHttpServletResponse response = new MockHttpServletResponse();
         UserDetails user = new User("someone", "password", true, true, true,
@@ -358,7 +363,7 @@ public class TokenBasedRememberMeServicesTests extends TestCase {
             new TestingAuthenticationToken(user, "ignored",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ABC")}));
 
-        Cookie cookie = response.getCookieByName(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
+        Cookie cookie = response.getCookie(TokenBasedRememberMeServices.ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY);
         assertNotNull(cookie);
         assertEquals(60 * 60 * 24 * 365 * 5, cookie.getMaxAge()); // 5 years
         assertTrue(Base64.isArrayByteBase64(cookie.getValue().getBytes()));

core/src/test/java/org/acegisecurity/ui/session/HttpSessionEventPublisherTests.java

@@ -17,10 +17,8 @@ package net.sf.acegisecurity.ui.session;
 
 import junit.framework.TestCase;
 
-import net.sf.acegisecurity.MockHttpSession;
-
 import org.springframework.mock.web.MockServletContext;
-
+import org.springframework.mock.web.MockHttpSession;
 import org.springframework.web.context.support.StaticWebApplicationContext;
 
 import javax.servlet.ServletContextEvent;

core/src/test/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterEntryPointTests.java

@@ -17,14 +17,18 @@ package net.sf.acegisecurity.ui.webapp;
 
 import junit.framework.TestCase;
 
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpServletResponse;
+
+
 import net.sf.acegisecurity.MockPortResolver;
+
 import net.sf.acegisecurity.util.PortMapperImpl;
 
 import java.util.HashMap;
 import java.util.Map;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+
 
 /**
  * Tests {@link AuthenticationProcessingFilterEntryPoint}.
@@ -100,8 +104,8 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
 
     public void testHttpsOperationFromOriginalHttpUrl()
         throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest(
-                "/some_path");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/some_path");
         request.setScheme("http");
         request.setServerName("www.example.com");
         request.setContextPath("/bigWebApp");
@@ -119,24 +123,27 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
 
         ep.commence(request, response, null);
         assertEquals("https://www.example.com/bigWebApp/hello",
-            response.getRedirect());
+            response.getRedirectedUrl());
 
         request.setServerPort(8080);
+        response = new MockHttpServletResponse();
         ep.setPortResolver(new MockPortResolver(8080, 8443));
         ep.commence(request, response, null);
         assertEquals("https://www.example.com:8443/bigWebApp/hello",
-            response.getRedirect());
+            response.getRedirectedUrl());
 
         // Now test an unusual custom HTTP:HTTPS is handled properly
         request.setServerPort(8888);
+        response = new MockHttpServletResponse();
         ep.commence(request, response, null);
         assertEquals("https://www.example.com:8443/bigWebApp/hello",
-            response.getRedirect());
+            response.getRedirectedUrl());
 
         PortMapperImpl portMapper = new PortMapperImpl();
         Map map = new HashMap();
         map.put("8888", "9999");
         portMapper.setPortMappings(map);
+        response = new MockHttpServletResponse();
 
         ep = new AuthenticationProcessingFilterEntryPoint();
         ep.setLoginFormUrl("/hello");
@@ -148,13 +155,13 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
 
         ep.commence(request, response, null);
         assertEquals("https://www.example.com:9999/bigWebApp/hello",
-            response.getRedirect());
+            response.getRedirectedUrl());
     }
 
     public void testHttpsOperationFromOriginalHttpsUrl()
         throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest(
-                "/some_path");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/some_path");
         request.setScheme("https");
         request.setServerName("www.example.com");
         request.setContextPath("/bigWebApp");
@@ -172,13 +179,14 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
 
         ep.commence(request, response, null);
         assertEquals("https://www.example.com/bigWebApp/hello",
-            response.getRedirect());
+            response.getRedirectedUrl());
 
         request.setServerPort(8443);
+        response = new MockHttpServletResponse();
         ep.setPortResolver(new MockPortResolver(8080, 8443));
         ep.commence(request, response, null);
         assertEquals("https://www.example.com:8443/bigWebApp/hello",
-            response.getRedirect());
+            response.getRedirectedUrl());
     }
 
     public void testNormalOperation() throws Exception {
@@ -188,8 +196,8 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
         ep.setPortResolver(new MockPortResolver(80, 443));
         ep.afterPropertiesSet();
 
-        MockHttpServletRequest request = new MockHttpServletRequest(
-                "/some_path");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/some_path");
         request.setContextPath("/bigWebApp");
         request.setScheme("http");
         request.setServerName("www.example.com");
@@ -201,7 +209,7 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
         ep.afterPropertiesSet();
         ep.commence(request, response, null);
         assertEquals("http://www.example.com/bigWebApp/hello",
-            response.getRedirect());
+            response.getRedirectedUrl());
     }
 
     public void testOperationWhenHttpsRequestsButHttpsPortUnknown()
@@ -213,8 +221,8 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
         ep.setForceHttps(true);
         ep.afterPropertiesSet();
 
-        MockHttpServletRequest request = new MockHttpServletRequest(
-                "/some_path");
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/some_path");
         request.setContextPath("/bigWebApp");
         request.setScheme("http");
         request.setServerName("www.example.com");
@@ -228,6 +236,6 @@ public class AuthenticationProcessingFilterEntryPointTests extends TestCase {
 
         // Response doesn't switch to HTTPS, as we didn't know HTTP port 8888 to HTTP port mapping
         assertEquals("http://www.example.com:8888/bigWebApp/hello",
-            response.getRedirect());
+            response.getRedirectedUrl());
     }
 }

core/src/test/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterTests.java

@@ -19,10 +19,10 @@ import junit.framework.TestCase;
 
 import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.MockAuthenticationManager;
-import net.sf.acegisecurity.MockHttpServletRequest;
-import net.sf.acegisecurity.MockHttpSession;
 import net.sf.acegisecurity.ui.WebAuthenticationDetails;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+
 
 /**
  * Tests {@link AuthenticationProcessingFilter}.
@@ -58,11 +58,10 @@ public class AuthenticationProcessingFilterTests extends TestCase {
     }
 
     public void testNormalOperation() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                new MockHttpSession());
-        request.setParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY,
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY,
             "marissa");
-        request.setParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY,
+        request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY,
             "koala");
 
         MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
@@ -78,9 +77,8 @@ public class AuthenticationProcessingFilterTests extends TestCase {
     }
 
     public void testNullPasswordHandledGracefully() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                new MockHttpSession());
-        request.setParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY,
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY,
             "marissa");
 
         MockAuthenticationManager authMgr = new MockAuthenticationManager(true);
@@ -94,9 +92,8 @@ public class AuthenticationProcessingFilterTests extends TestCase {
     }
 
     public void testNullUsernameHandledGracefully() throws Exception {
-        MockHttpServletRequest request = new MockHttpServletRequest(null,
-                new MockHttpSession());
-        request.setParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY,
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY,
             "koala");
 
         MockAuthenticationManager authMgr = new MockAuthenticationManager(true);

core/src/test/java/org/acegisecurity/wrapper/ContextHolderAwareRequestFilterTests.java

@@ -18,7 +18,7 @@ package net.sf.acegisecurity.wrapper;
 import junit.framework.TestCase;
 
 import net.sf.acegisecurity.MockFilterConfig;
-import net.sf.acegisecurity.MockHttpServletRequest;
+
 import net.sf.acegisecurity.wrapper.ContextHolderAwareRequestFilter;
 import net.sf.acegisecurity.wrapper.ContextHolderAwareRequestWrapper;
 
@@ -29,6 +29,8 @@ import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 
+import org.springframework.mock.web.MockHttpServletRequest;
+
 
 /**
  * Tests {@link ContextHolderAwareRequestFilter}.

core/src/test/java/org/acegisecurity/wrapper/ContextHolderAwareRequestWrapperTests.java

@@ -20,13 +20,15 @@ import junit.framework.TestCase;
 import net.sf.acegisecurity.Authentication;
 import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.GrantedAuthorityImpl;
-import net.sf.acegisecurity.MockHttpServletRequest;
+
+
 import net.sf.acegisecurity.context.ContextHolder;
 import net.sf.acegisecurity.context.security.SecureContext;
 import net.sf.acegisecurity.context.security.SecureContextImpl;
 import net.sf.acegisecurity.providers.TestingAuthenticationToken;
 import net.sf.acegisecurity.providers.dao.User;
 import net.sf.acegisecurity.wrapper.ContextHolderAwareRequestWrapper;
+import org.springframework.mock.web.MockHttpServletRequest;
 
 
 /**
@@ -65,8 +67,9 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
         sc.setAuthentication(auth);
         ContextHolder.setContext(sc);
 
-        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(new MockHttpServletRequest(
-                    "/"));
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/");
+        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
 
         assertEquals("marissa", wrapper.getRemoteUser());
         assertTrue(wrapper.isUserInRole("ROLE_FOO"));
@@ -87,8 +90,9 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
         sc.setAuthentication(auth);
         ContextHolder.setContext(sc);
 
-        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(new MockHttpServletRequest(
-                    "/"));
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/");
+        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
 
         assertEquals("marissaAsUserDetails", wrapper.getRemoteUser());
         assertFalse(wrapper.isUserInRole("ROLE_FOO"));
@@ -105,8 +109,9 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
         sc.setAuthentication(null);
         ContextHolder.setContext(sc);
 
-        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(new MockHttpServletRequest(
-                    "/"));
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/");
+        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
         assertNull(wrapper.getRemoteUser());
         assertFalse(wrapper.isUserInRole("ROLE_ANY"));
         assertNull(wrapper.getUserPrincipal());
@@ -117,8 +122,9 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
     public void testNullContextHolderHandling() throws Exception {
         ContextHolder.setContext(null);
 
-        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(new MockHttpServletRequest(
-                    "/"));
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/");
+        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
         assertNull(wrapper.getRemoteUser());
         assertFalse(wrapper.isUserInRole("ROLE_ANY"));
         assertNull(wrapper.getUserPrincipal());
@@ -132,8 +138,9 @@ public class ContextHolderAwareRequestWrapperTests extends TestCase {
         sc.setAuthentication(auth);
         ContextHolder.setContext(sc);
 
-        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(new MockHttpServletRequest(
-                    "/"));
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.setRequestURI("/");
+        ContextHolderAwareRequestWrapper wrapper = new ContextHolderAwareRequestWrapper(request);
 
         assertNull(wrapper.getRemoteUser());
         assertFalse(wrapper.isUserInRole("ROLE_HELLO")); // principal is null, so reject