SEC-562: More changes of Acegi name in comments, docs etc.

adapters/cas/src/main/java/org/springframework/security/adapters/cas/CasPasswordHandlerProxy.java

@@ -32,13 +32,13 @@ import javax.servlet.http.HttpServletRequest;
 
 
 /**
- * Enables CAS to use the Acegi Security System for authentication.<P>This class works along with {@link
- * CasPasswordHandler} to enable users to easily migrate from stand-alone Acegi Security System deployments to
+ * Enables CAS to use the Spring Security for authentication.<P>This class works along with {@link
+ * CasPasswordHandler} to enable users to easily migrate from stand-alone Spring Security deployments to
  * enterprise-wide CAS deployments.</p>
- *  <p>It should be noted that the Acegi Security System will operate as a CAS client irrespective of the
+ *  <p>It should be noted that Spring Security will operate as a CAS client irrespective of the
  * <code>PasswordHandler</code> used on the CAS server. In other words, this class need <B>not</B> be used on the CAS
- * server if not desired. It exists solely for the convenience of users wishing have CAS delegate to an Acegi Security
- * System-based <code>AuthenticationManager</code>.</p>
+ * server if not desired. It exists solely for the convenience of users wishing have CAS delegate to a Spring Security-based
+ * <code>AuthenticationManager</code>.</p>
  *  <p>This class works requires a properly configured <code>CasPasswordHandler</code>. On the first authentication
  * request, the class will use Spring's {@link WebApplicationContextUtils#getRequiredWebApplicationContext(ServletContext)}
  * method to obtain an <code>ApplicationContext</code> instance, inside which must be a configured
@@ -49,7 +49,7 @@ import javax.servlet.http.HttpServletRequest;
  * <code>org.springframework.security.adapters.cas.CasPasswordHandlerProxy</code>.</p>
  *
  * @author Ben Alex
- * @version $Id$
+ * @version $Id:CasPasswordHandlerProxy.java 2151 2007-09-22 11:54:13Z luke_t $
  */
 public class CasPasswordHandlerProxy implements PasswordHandler {
     //~ Static fields/initializers =====================================================================================

adapters/cas/src/main/java/org/springframework/security/adapters/cas3/CasAuthenticationHandler.java

@@ -32,12 +32,12 @@ import org.springframework.util.Assert;
 
 
 /**
- * <p>Provides JA-SIG CAS 3 authentication by delegating to the Acegi <code>AuthenticationManager</code>.</p>
+ * <p>Provides JA-SIG CAS 3 authentication by delegating to the Spring Security <code>AuthenticationManager</code>.</p>
  *  <p>This class would be configured in the <code>webapp/WEB-INF/deployerConfigContext.xml</code> file in the CAS
  * distribution.</p>
  *
  * @author Scott Battaglia
- * @version $Id$
+ * @version $Id:CasAuthenticationHandler.java 2151 2007-09-22 11:54:13Z luke_t $
  *
  * @see AuthenticationHandler
  * @see AuthenticationManager
@@ -81,9 +81,9 @@ public final class CasAuthenticationHandler extends AbstractUsernamePasswordAuth
     }
 
     /**
-     * Method to set the Acegi <code>AuthenticationManager</code> to delegate to.
+     * Method to set the Spring Security <code>AuthenticationManager</code> to delegate to.
      *
-     * @param authenticationManager the Acegi AuthenticationManager that knows how to authenticate users.
+     * @param authenticationManager the Spring Security AuthenticationManager that knows how to authenticate users.
      */
     public void setAuthenticationManager(final AuthenticationManager authenticationManager) {
         this.authenticationManager = authenticationManager;

adapters/cas/src/main/resources/org/springframework/security/adapters/cas3/applicationContext.xml

@@ -20,9 +20,9 @@
  * The example CAS AuthenticationHandler should be placed within CAS's
  * AuthenticationManager's authenticationHandler list property.
  *
- * The Acegi-specific beans can just be placed in the context file.
+ * The Spring Security-specific beans can just be placed in the context file.
  * 
- * $Id$
+ * $Id:applicationContext.xml 2151 2007-09-22 11:54:13Z luke_t $
 -->
 <beans>
 

adapters/cas/src/main/site/site.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
 
-<project name="Acegi Security CAS Adapter">
+<project name="Spring Security CAS Adapter">
     <body>
         <menu ref="parent"/>
         <menu ref="reports"/>

adapters/catalina/src/main/java/org/springframework/security/adapters/catalina/CatalinaAcegiUserRealm.java → adapters/catalina/src/main/java/org/springframework/security/adapters/catalina/CatalinaSpringSecurityUserRealm.java

@@ -19,7 +19,7 @@ import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.AuthenticationManager;
 
-import org.springframework.security.adapters.PrincipalAcegiUserToken;
+import org.springframework.security.adapters.PrincipalSpringSecurityUserToken;
 
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 
@@ -41,17 +41,17 @@ import java.util.Map;
 
 
 /**
- * Adapter to enable Catalina (Tomcat) to authenticate via the Acegi Security System for Spring.<p>Returns a {@link
- * PrincipalAcegiUserToken} to Catalina's authentication system, which is subsequently available via
+ * Adapter to enable Catalina (Tomcat) to authenticate via the Spring Security.<p>Returns a {@link
+ * PrincipalSpringSecurityUserToken} to Catalina's authentication system, which is subsequently available via
  * <code>HttpServletRequest.getUserPrincipal()</code>.</p>
  *
  * @author Ben Alex
- * @version $Id$
+ * @version $Id:CatalinaSpringSecurityUserRealm.java 2151 2007-09-22 11:54:13Z luke_t $
  */
-public class CatalinaAcegiUserRealm extends RealmBase {
+public class CatalinaSpringSecurityUserRealm extends RealmBase {
     //~ Static fields/initializers =====================================================================================
 
-    private static final Log logger = LogFactory.getLog(CatalinaAcegiUserRealm.class);
+    private static final Log logger = LogFactory.getLog(CatalinaSpringSecurityUserRealm.class);
 
     //~ Instance fields ================================================================================================
 
@@ -59,7 +59,7 @@ public class CatalinaAcegiUserRealm extends RealmBase {
     private Container container;
     private String appContextLocation;
     private String key;
-    protected final String name = "CatalinaSpringUserRealm / $Id$";
+    protected final String name = "CatalinaSpringUserRealm / $Id:CatalinaSpringSecurityUserRealm.java 2151 2007-09-22 11:54:13Z luke_t $";
 
     //~ Methods ========================================================================================================
 
@@ -85,7 +85,7 @@ public class CatalinaAcegiUserRealm extends RealmBase {
             return null;
         }
 
-        return new PrincipalAcegiUserToken(this.key, response.getPrincipal().toString(),
+        return new PrincipalSpringSecurityUserToken(this.key, response.getPrincipal().toString(),
             response.getCredentials().toString(), response.getAuthorities(), response.getPrincipal());
     }
 
@@ -163,14 +163,14 @@ public class CatalinaAcegiUserRealm extends RealmBase {
             return false;
         }
 
-        if (!(principal instanceof PrincipalAcegiUserToken)) {
-            logger.warn("Expected passed principal to be of type PrincipalAcegiUserToken but was "
+        if (!(principal instanceof PrincipalSpringSecurityUserToken)) {
+            logger.warn("Expected passed principal to be of type PrincipalSpringSecurityUserToken but was "
                 + principal.getClass().getName());
 
             return false;
         }
 
-        PrincipalAcegiUserToken test = (PrincipalAcegiUserToken) principal;
+        PrincipalSpringSecurityUserToken test = (PrincipalSpringSecurityUserToken) principal;
 
         return test.isUserInRole(role);
     }
@@ -221,7 +221,7 @@ public class CatalinaAcegiUserRealm extends RealmBase {
 
         String beanName = (String) beans.keySet().iterator().next();
         authenticationManager = (AuthenticationManager) beans.get(beanName);
-        logger.info("CatalinaAcegiUserRealm Started");
+        logger.info("CatalinaSpringSecurityUserRealm Started");
     }
 
     /**

adapters/catalina/src/test/java/org/springframework/security/adapters/catalina/CatalinaAcegiUserRealmTests.java → adapters/catalina/src/test/java/org/springframework/security/adapters/catalina/CatalinaSpringSecurityUserRealmTests.java

@@ -20,7 +20,7 @@ import junit.framework.TestCase;
 import org.springframework.security.GrantedAuthority;
 import org.springframework.security.GrantedAuthorityImpl;
 
-import org.springframework.security.adapters.PrincipalAcegiUserToken;
+import org.springframework.security.adapters.PrincipalSpringSecurityUserToken;
 
 import org.apache.catalina.LifecycleException;
 
@@ -32,35 +32,35 @@ import java.security.Principal;
 
 
 /**
- * Tests {@link CatalinaAcegiUserRealm}.
+ * Tests {@link CatalinaSpringSecurityUserRealm}.
  *
  * @author Ben Alex
- * @version $Id$
+ * @version $Id:CatalinaSpringSecurityUserRealmTests.java 2151 2007-09-22 11:54:13Z luke_t $
  */
-public class CatalinaAcegiUserRealmTests extends TestCase {
+public class CatalinaSpringSecurityUserRealmTests extends TestCase {
     //~ Instance fields ================================================================================================
 
     private final String ADAPTER_KEY = "my_key";
 
     //~ Constructors ===================================================================================================
 
-    public CatalinaAcegiUserRealmTests() {
+    public CatalinaSpringSecurityUserRealmTests() {
         super();
     }
 
-    public CatalinaAcegiUserRealmTests(String arg0) {
+    public CatalinaSpringSecurityUserRealmTests(String arg0) {
         super(arg0);
     }
 
     //~ Methods ========================================================================================================
 
     public static void main(String[] args) {
-        junit.textui.TestRunner.run(CatalinaAcegiUserRealmTests.class);
+        junit.textui.TestRunner.run(CatalinaSpringSecurityUserRealmTests.class);
     }
 
-    private CatalinaAcegiUserRealm makeAdapter(String fileName)
+    private CatalinaSpringSecurityUserRealm makeAdapter(String fileName)
         throws Exception {
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
 
         URL url = Thread.currentThread().getContextClassLoader().getResource("org/springframework/security/adapters/" + fileName);
 
@@ -86,7 +86,7 @@ public class CatalinaAcegiUserRealmTests extends TestCase {
     public void testAdapterAbortsIfAppContextDoesNotContainAnAuthenticationBean()
         throws Exception {
         try {
-            CatalinaAcegiUserRealm adapter = makeAdapter("catalinaAdapterTest-invalid.xml");
+            CatalinaSpringSecurityUserRealm adapter = makeAdapter("catalinaAdapterTest-invalid.xml");
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
             assertTrue(true);
@@ -95,7 +95,7 @@ public class CatalinaAcegiUserRealmTests extends TestCase {
 
     public void testAdapterAbortsIfNoAppContextSpecified()
         throws Exception {
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
 
         adapter.setKey("KEY");
 
@@ -117,7 +117,7 @@ public class CatalinaAcegiUserRealmTests extends TestCase {
     }
 
     public void testAdapterAbortsIfNoKeySpecified() throws Exception {
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
 
         adapter.setAppContextLocation("SOMETHING");
 
@@ -140,7 +140,7 @@ public class CatalinaAcegiUserRealmTests extends TestCase {
 
     public void testAdapterAbortsWithIncorrectApplicationContextLocation()
         throws Exception {
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
         adapter.setAppContextLocation("SOME_INVALID_PATH");
         adapter.setKey("KEY");
 
@@ -153,48 +153,48 @@ public class CatalinaAcegiUserRealmTests extends TestCase {
     }
 
     public void testAdapterIdentifiesItself() throws Exception {
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
         assertTrue(adapter.getName().lastIndexOf("CatalinaSpringUserRealm") != -1);
     }
 
     public void testAdapterStartsUpSuccess() throws Exception {
-        CatalinaAcegiUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
+        CatalinaSpringSecurityUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
         assertTrue(true);
     }
 
     public void testAuthenticateManyParamsReturnsNull() {
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
         assertEquals(null, adapter.authenticate(null, null, null, null, null, null, null, null));
     }
 
     public void testAuthenticateX509ReturnsNull() {
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
         assertEquals(null, adapter.authenticate(null));
     }
 
     public void testAuthenticationFailsForIncorrectPassword()
         throws Exception {
-        CatalinaAcegiUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
+        CatalinaSpringSecurityUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
         assertEquals(null, adapter.authenticate("marissa", "kangaroo"));
     }
 
     public void testAuthenticationFailsForIncorrectUserName()
         throws Exception {
-        CatalinaAcegiUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
+        CatalinaSpringSecurityUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
         assertEquals(null, adapter.authenticate("melissa", "koala"));
     }
 
     public void testAuthenticationUsingByteArrayForCredentials()
         throws Exception {
-        CatalinaAcegiUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
+        CatalinaSpringSecurityUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
         byte[] credentials = {'k', 'o', 'a', 'l', 'a'};
         Principal result = adapter.authenticate("marissa", credentials);
 
-        if (!(result instanceof PrincipalAcegiUserToken)) {
-            fail("Should have returned PrincipalAcegiUserToken");
+        if (!(result instanceof PrincipalSpringSecurityUserToken)) {
+            fail("Should have returned PrincipalSpringSecurityUserToken");
         }
 
-        PrincipalAcegiUserToken castResult = (PrincipalAcegiUserToken) result;
+        PrincipalSpringSecurityUserToken castResult = (PrincipalSpringSecurityUserToken) result;
         assertEquals("marissa", castResult.getPrincipal());
         assertEquals("koala", castResult.getCredentials());
         assertEquals("ROLE_TELLER", castResult.getAuthorities()[0].getAuthority());
@@ -204,14 +204,14 @@ public class CatalinaAcegiUserRealmTests extends TestCase {
 
     public void testAuthenticationUsingStringForCredentials()
         throws Exception {
-        CatalinaAcegiUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
+        CatalinaSpringSecurityUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
         Principal result = adapter.authenticate("marissa", "koala");
 
-        if (!(result instanceof PrincipalAcegiUserToken)) {
-            fail("Should have returned PrincipalAcegiUserToken");
+        if (!(result instanceof PrincipalSpringSecurityUserToken)) {
+            fail("Should have returned PrincipalSpringSecurityUserToken");
         }
 
-        PrincipalAcegiUserToken castResult = (PrincipalAcegiUserToken) result;
+        PrincipalSpringSecurityUserToken castResult = (PrincipalSpringSecurityUserToken) result;
         assertEquals("marissa", castResult.getPrincipal());
         assertEquals("koala", castResult.getCredentials());
         assertEquals("ROLE_TELLER", castResult.getAuthorities()[0].getAuthority());
@@ -221,28 +221,28 @@ public class CatalinaAcegiUserRealmTests extends TestCase {
 
     public void testAuthenticationWithNullPasswordHandledGracefully()
         throws Exception {
-        CatalinaAcegiUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
+        CatalinaSpringSecurityUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
         assertEquals(null, adapter.authenticate("marissa", (String) null));
     }
 
     public void testAuthenticationWithNullUserNameHandledGracefully()
         throws Exception {
-        CatalinaAcegiUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
+        CatalinaSpringSecurityUserRealm adapter = makeAdapter("catalinaAdapterTest-valid.xml");
         assertEquals(null, adapter.authenticate(null, "koala"));
     }
 
     public void testGetPasswordReturnsNull() {
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
         assertEquals(null, adapter.getPassword(null));
     }
 
     public void testGetPrincipalReturnsNull() {
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
         assertEquals(null, adapter.getPrincipal(null));
     }
 
     public void testGetters() {
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
         adapter.setKey("KEY");
         assertEquals("KEY", adapter.getKey());
         adapter.setAppContextLocation("SOME_LOCATION");
@@ -250,12 +250,12 @@ public class CatalinaAcegiUserRealmTests extends TestCase {
     }
 
     public void testHasRoleWithANullPrincipalFails() {
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
         assertTrue(!adapter.hasRole(null, "ROLE_ONE"));
     }
 
     public void testHasRoleWithAPrincipalTheAdapterDidNotCreateFails() {
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
         assertTrue(!adapter.hasRole(new Principal() {
                 public String getName() {
                     return "MockPrincipal";
@@ -264,10 +264,10 @@ public class CatalinaAcegiUserRealmTests extends TestCase {
     }
 
     public void testHasRoleWithPrincipalAcegiUserToken() {
-        PrincipalAcegiUserToken token = new PrincipalAcegiUserToken("KEY", "Test", "Password",
+        PrincipalSpringSecurityUserToken token = new PrincipalSpringSecurityUserToken("KEY", "Test", "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")},
                 null);
-        CatalinaAcegiUserRealm adapter = new CatalinaAcegiUserRealm();
+        CatalinaSpringSecurityUserRealm adapter = new CatalinaSpringSecurityUserRealm();
         assertTrue(adapter.hasRole(token, "ROLE_ONE"));
         assertTrue(adapter.hasRole(token, "ROLE_TWO"));
         assertTrue(!adapter.hasRole(token, "ROLE_WE_DO_NOT_HAVE"));

adapters/jboss/src/main/java/org/springframework/security/adapters/jboss/JbossAcegiLoginModule.java → adapters/jboss/src/main/java/org/springframework/security/adapters/jboss/JbossSpringSecurityLoginModule.java

@@ -21,7 +21,7 @@ import org.springframework.security.AuthenticationException;
 import org.springframework.security.AuthenticationManager;
 import org.springframework.security.CredentialsExpiredException;
 
-import org.springframework.security.adapters.PrincipalAcegiUserToken;
+import org.springframework.security.adapters.PrincipalSpringSecurityUserToken;
 
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 
@@ -52,15 +52,15 @@ import javax.security.auth.login.LoginException;
 
 
 /**
- * Adapter to enable JBoss to authenticate via the Acegi Security System for Spring.<p>Returns a {@link
- * PrincipalAcegiUserToken} to JBoss' authentication system, which is subsequently available from
- * <code>java:comp/env/security/subject</code>.</p>
+ * Adapter to enable JBoss to authenticate via the Spring Security System for Spring.
+ * <p>Returns a {@link PrincipalSpringSecurityUserToken} to JBoss' authentication system,
+ * which is subsequently available from <code>java:comp/env/security/subject</code>.</p>
  *
  * @author Ben Alex
  * @author Sergio Bern�
- * @version $Id$
+ * @version $Id:JbossSpringSecurityLoginModule.java 2151 2007-09-22 11:54:13Z luke_t $
  */
-public class JbossAcegiLoginModule extends AbstractServerLoginModule {
+public class JbossSpringSecurityLoginModule extends AbstractServerLoginModule {
     //~ Instance fields ================================================================================================
 
     private AuthenticationManager authenticationManager;
@@ -284,7 +284,7 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
 
             super.log.debug("user is logged. redirecting to jaas classes");
 
-            identity = new PrincipalAcegiUserToken(this.key, response.getName(), response.getCredentials().toString(),
+            identity = new PrincipalSpringSecurityUserToken(this.key, response.getName(), response.getCredentials().toString(),
                     response.getAuthorities(), response.getPrincipal());
         }
 

adapters/jboss/src/test/java/org/springframework/security/adapters/jboss/JbossIntegrationFilterTests.java

@@ -20,7 +20,7 @@ import junit.framework.TestCase;
 import org.springframework.security.GrantedAuthority;
 import org.springframework.security.GrantedAuthorityImpl;
 
-import org.springframework.security.adapters.PrincipalAcegiUserToken;
+import org.springframework.security.adapters.PrincipalSpringSecurityUserToken;
 
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.context.SecurityContextImpl;
@@ -50,7 +50,7 @@ import javax.servlet.ServletResponse;
  * Tests {@link JbossIntegrationFilter}.
  *
  * @author Ben Alex
- * @version $Id$
+ * @version $Id:JbossIntegrationFilterTests.java 2151 2007-09-22 11:54:13Z luke_t $
  */
 public class JbossIntegrationFilterTests extends TestCase {
     //~ Constructors ===================================================================================================
@@ -95,7 +95,7 @@ public class JbossIntegrationFilterTests extends TestCase {
     }
 
     public void testCorrectOperation() throws Exception {
-        PrincipalAcegiUserToken principal = new PrincipalAcegiUserToken("key", "someone", "password",
+        PrincipalSpringSecurityUserToken principal = new PrincipalSpringSecurityUserToken("key", "someone", "password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("SOME_ROLE")}, null);
 
         JbossIntegrationFilter filter = new MockJbossIntegrationFilter(new MockInitialContext(makeIntoSubject(principal)));

adapters/jboss/src/test/java/org/springframework/security/adapters/jboss/JbossAcegiLoginModuleTests.java → adapters/jboss/src/test/java/org/springframework/security/adapters/jboss/JbossSpringSecurityLoginModuleTests.java

@@ -17,10 +17,9 @@ package org.springframework.security.adapters.jboss;
 
 import junit.framework.TestCase;
 
-import org.springframework.security.adapters.PrincipalAcegiUserToken;
+import org.springframework.security.adapters.PrincipalSpringSecurityUserToken;
 
 import org.jboss.security.SimplePrincipal;
-import org.jboss.security.SimpleGroup;
 
 import java.io.IOException;
 
@@ -28,7 +27,6 @@ import java.security.Principal;
 import java.security.acl.Group;
 
 import java.util.Properties;
-import java.util.Enumeration;
 
 import javax.security.auth.Subject;
 import javax.security.auth.callback.Callback;
@@ -41,30 +39,30 @@ import javax.security.auth.login.LoginException;
 
 
 /**
- * Tests {@link JbossAcegiLoginModule}.
+ * Tests {@link JbossSpringSecurityLoginModule}.
  *
  * @author Ben Alex
- * @version $Id$
+ * @version $Id:JbossSpringSecurityLoginModuleTests.java 2151 2007-09-22 11:54:13Z luke_t $
  */
-public class JbossAcegiLoginModuleTests extends TestCase {
+public class JbossSpringSecurityLoginModuleTests extends TestCase {
     //~ Instance fields ================================================================================================
 
     private final String ADAPTER_KEY = "my_key";
 
     //~ Constructors ===================================================================================================
 
-    public JbossAcegiLoginModuleTests() {
+    public JbossSpringSecurityLoginModuleTests() {
         super();
     }
 
-    public JbossAcegiLoginModuleTests(String arg0) {
+    public JbossSpringSecurityLoginModuleTests(String arg0) {
         super(arg0);
     }
 
     //~ Methods ========================================================================================================
 
     public static void main(String[] args) {
-        junit.textui.TestRunner.run(JbossAcegiLoginModuleTests.class);
+        junit.textui.TestRunner.run(JbossSpringSecurityLoginModuleTests.class);
     }
 
     public final void setUp() throws Exception {
@@ -73,7 +71,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
 
     public void testAdapterAbortsIfAppContextDoesNotContainAnAuthenticationBean()
         throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
         Properties props = new Properties();
         props.put("key", ADAPTER_KEY);
         props.put("appContextLocation", "org/springframework/security/adapters/adaptertest-invalid.xml");
@@ -88,7 +86,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
 
     public void testAdapterAbortsIfNoAppContextSpecified()
         throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
 
         Properties props = new Properties();
         props.put("key", ADAPTER_KEY);
@@ -113,7 +111,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
     }
 
     public void testAdapterAbortsIfNoKeySpecified() throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
 
         Properties props = new Properties();
         props.put("appContextLocation", "org/springframework/security/adapters/adaptertest-valid.xml");
@@ -139,7 +137,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
 
     public void testAdapterAbortsWithIncorrectApplicationContextLocation()
         throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
 
         Properties props = new Properties();
         props.put("key", ADAPTER_KEY);
@@ -155,7 +153,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
 
     public void testAdapterFailsToAuthenticateIfNoCallbackHandlerAvailable()
         throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
         Properties props = new Properties();
         props.put("key", ADAPTER_KEY);
         props.put("appContextLocation", "org/springframework/security/adapters/adaptertest-valid.xml");
@@ -173,7 +171,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
     }
 
     public void testAdapterStartsUpSuccess() throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
         Properties props = new Properties();
         props.put("key", ADAPTER_KEY);
         props.put("appContextLocation", "org/springframework/security/adapters/adaptertest-valid.xml");
@@ -183,7 +181,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
 
     public void testAuthenticationFailsForIncorrectPassword()
         throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
         Properties props = new Properties();
         props.put("key", ADAPTER_KEY);
         props.put("appContextLocation", "org/springframework/security/adapters/adaptertest-valid.xml");
@@ -203,7 +201,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
 
     public void testAuthenticationFailsForIncorrectUserName()
         throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
         Properties props = new Properties();
         props.put("key", ADAPTER_KEY);
         props.put("appContextLocation", "org/springframework/security/adapters/adaptertest-valid.xml");
@@ -222,7 +220,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
     }
 
     public void testAuthenticationSuccess() throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
         Properties props = new Properties();
         props.put("key", ADAPTER_KEY);
         props.put("appContextLocation", "org/springframework/security/adapters/adaptertest-valid.xml");
@@ -235,11 +233,11 @@ public class JbossAcegiLoginModuleTests extends TestCase {
 
         Principal result = adapter.getIdentity();
 
-        if (!(result instanceof PrincipalAcegiUserToken)) {
-            fail("Should have returned PrincipalAcegiUserToken");
+        if (!(result instanceof PrincipalSpringSecurityUserToken)) {
+            fail("Should have returned PrincipalSpringSecurityUserToken");
         }
 
-        PrincipalAcegiUserToken castResult = (PrincipalAcegiUserToken) result;
+        PrincipalSpringSecurityUserToken castResult = (PrincipalSpringSecurityUserToken) result;
         assertEquals("marissa", castResult.getPrincipal());
         assertEquals("koala", castResult.getCredentials());
         assertEquals("ROLE_TELLER", castResult.getAuthorities()[0].getAuthority());
@@ -249,7 +247,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
 
     public void testAuthenticationWithNullPasswordHandledGracefully()
         throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
         Properties props = new Properties();
         props.put("key", ADAPTER_KEY);
         props.put("appContextLocation", "org/springframework/security/adapters/adaptertest-valid.xml");
@@ -269,7 +267,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
 
     public void testAuthenticationWithNullUserNameAndNullPasswordHandledGracefully()
         throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
         Properties props = new Properties();
         props.put("key", ADAPTER_KEY);
         props.put("appContextLocation", "org/springframework/security/adapters/adaptertest-valid.xml");
@@ -289,7 +287,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
 
     public void testAuthenticationWithNullUserNameHandledGracefully()
         throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
         Properties props = new Properties();
         props.put("key", ADAPTER_KEY);
         props.put("appContextLocation", "org/springframework/security/adapters/adaptertest-valid.xml");
@@ -308,7 +306,7 @@ public class JbossAcegiLoginModuleTests extends TestCase {
     }
 
     public void testGetRoleSets() throws Exception {
-        JbossAcegiLoginModule adapter = new JbossAcegiLoginModule();
+        JbossSpringSecurityLoginModule adapter = new JbossSpringSecurityLoginModule();
         Properties props = new Properties();
         props.put("key", ADAPTER_KEY);
         props.put("appContextLocation", "org/springframework/security/adapters/adaptertest-valid.xml");

adapters/jetty/src/main/java/org/springframework/security/adapters/jetty/JettyAcegiUserRealm.java → adapters/jetty/src/main/java/org/springframework/security/adapters/jetty/JettySpringSecurityUserRealm.java

@@ -34,17 +34,17 @@ import java.util.Map;
 
 
 /**
- * Adapter to enable Jetty to authenticate via the Acegi Security System for Spring.<p>Returns a {@link
- * JettyAcegiUserToken} to Jetty's authentication system, which is subsequently available via
+ * Adapter to enable Jetty to authenticate via Spring Security.<p>Returns a {@link
+ * JettySpringSecurityUserToken} to Jetty's authentication system, which is subsequently available via
  * <code>HttpServletRequest.getUserPrincipal()</code>.</p>
  *
  * @author Ben Alex
- * @version $Id$
+ * @version $Id:JettySpringSecurityUserRealm.java 2151 2007-09-22 11:54:13Z luke_t $
  */
-public final class JettyAcegiUserRealm implements UserRealm {
+public final class JettySpringSecurityUserRealm implements UserRealm {
     //~ Static fields/initializers =====================================================================================
 
-    private static final Log logger = LogFactory.getLog(JettyAcegiUserRealm.class);
+    private static final Log logger = LogFactory.getLog(JettySpringSecurityUserRealm.class);
 
     //~ Instance fields ================================================================================================
 
@@ -64,7 +64,7 @@ public final class JettyAcegiUserRealm implements UserRealm {
      *
      * @throws IllegalArgumentException DOCUMENT ME!
      */
-    public JettyAcegiUserRealm(String realm, String providerKey, String appContextLocation) {
+    public JettySpringSecurityUserRealm(String realm, String providerKey, String appContextLocation) {
         this.realm = realm;
         this.key = providerKey;
 
@@ -96,7 +96,7 @@ public final class JettyAcegiUserRealm implements UserRealm {
         authenticationManager = (AuthenticationManager) beans.get(beanName);
     }
 
-    protected JettyAcegiUserRealm() {
+    protected JettySpringSecurityUserRealm() {
         throw new IllegalArgumentException("Cannot use default constructor");
     }
 
@@ -124,7 +124,7 @@ public final class JettyAcegiUserRealm implements UserRealm {
             return null;
         }
 
-        return new JettyAcegiUserToken(this.key, response.getPrincipal().toString(),
+        return new JettySpringSecurityUserToken(this.key, response.getPrincipal().toString(),
             response.getCredentials().toString(), response.getAuthorities());
     }
 

adapters/jetty/src/main/java/org/springframework/security/adapters/jetty/JettyAcegiUserToken.java → adapters/jetty/src/main/java/org/springframework/security/adapters/jetty/JettySpringSecurityUserToken.java

@@ -26,9 +26,9 @@ import org.mortbay.http.UserPrincipal;
  * A Jetty compatible {@link org.springframework.security.Authentication} object.
  *
  * @author Ben Alex
- * @version $Id$
+ * @version $Id:JettySpringSecurityUserToken.java 2151 2007-09-22 11:54:13Z luke_t $
  */
-public class JettyAcegiUserToken extends AbstractAdapterAuthenticationToken implements UserPrincipal {
+public class JettySpringSecurityUserToken extends AbstractAdapterAuthenticationToken implements UserPrincipal {
     //~ Instance fields ================================================================================================
 
 	private static final long serialVersionUID = 1L;
@@ -37,13 +37,13 @@ public class JettyAcegiUserToken extends AbstractAdapterAuthenticationToken impl
 
     //~ Constructors ===================================================================================================
 
-    public JettyAcegiUserToken(String key, String username, String password, GrantedAuthority[] authorities) {
+    public JettySpringSecurityUserToken(String key, String username, String password, GrantedAuthority[] authorities) {
         super(key, authorities);
         this.username = username;
         this.password = password;
     }
 
-    protected JettyAcegiUserToken() {
+    protected JettySpringSecurityUserToken() {
         throw new IllegalArgumentException("Cannot use default constructor");
     }
 

adapters/jetty/src/test/java/org/springframework/security/adapters/jetty/JettyAcegiUserRealmTests.java

@@ -21,10 +21,10 @@ import org.mortbay.http.UserPrincipal;
 
 
 /**
- * Tests {@link JettyAcegiUserRealm}.
+ * Tests {@link JettySpringSecurityUserRealm}.
  *
  * @author Ben Alex
- * @version $Id$
+ * @version $Id:JettyAcegiUserRealmTests.java 2151 2007-09-22 11:54:13Z luke_t $
  */
 public class JettyAcegiUserRealmTests extends TestCase {
     //~ Instance fields ================================================================================================
@@ -48,11 +48,11 @@ public class JettyAcegiUserRealmTests extends TestCase {
         junit.textui.TestRunner.run(JettyAcegiUserRealmTests.class);
     }
 
-    private JettyAcegiUserRealm makeAdapter(String fileName)
+    private JettySpringSecurityUserRealm makeAdapter(String fileName)
         throws Exception {
         String useFile = "org/springframework/security/adapters/" + fileName;
 
-        return new JettyAcegiUserRealm(REALM_NAME, ADAPTER_KEY, useFile);
+        return new JettySpringSecurityUserRealm(REALM_NAME, ADAPTER_KEY, useFile);
     }
 
     public final void setUp() throws Exception {
@@ -62,7 +62,7 @@ public class JettyAcegiUserRealmTests extends TestCase {
     public void testAdapterAbortsIfAppContextDoesNotContainAnAuthenticationBean()
         throws Exception {
         try {
-            JettyAcegiUserRealm adapter = makeAdapter("adaptertest-invalid.xml");
+            JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-invalid.xml");
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
             assertEquals("Bean context must contain at least one bean of type AuthenticationManager",
@@ -73,14 +73,14 @@ public class JettyAcegiUserRealmTests extends TestCase {
     public void testAdapterAbortsIfNoAppContextSpecified()
         throws Exception {
         try {
-            new JettyAcegiUserRealm(REALM_NAME, ADAPTER_KEY, null);
+            new JettySpringSecurityUserRealm(REALM_NAME, ADAPTER_KEY, null);
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
             assertEquals("appContextLocation must be specified", expected.getMessage());
         }
 
         try {
-            new JettyAcegiUserRealm(REALM_NAME, ADAPTER_KEY, "");
+            new JettySpringSecurityUserRealm(REALM_NAME, ADAPTER_KEY, "");
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
             assertEquals("appContextLocation must be specified", expected.getMessage());
@@ -89,14 +89,14 @@ public class JettyAcegiUserRealmTests extends TestCase {
 
     public void testAdapterAbortsIfNoKeySpecified() throws Exception {
         try {
-            new JettyAcegiUserRealm(REALM_NAME, null, "SOME_PATH");
+            new JettySpringSecurityUserRealm(REALM_NAME, null, "SOME_PATH");
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
             assertEquals("key must be specified", expected.getMessage());
         }
 
         try {
-            new JettyAcegiUserRealm(REALM_NAME, "", "SOME_PATH");
+            new JettySpringSecurityUserRealm(REALM_NAME, "", "SOME_PATH");
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
             assertEquals("key must be specified", expected.getMessage());
@@ -106,14 +106,14 @@ public class JettyAcegiUserRealmTests extends TestCase {
     public void testAdapterAbortsIfNoRealmNameSpecified()
         throws Exception {
         try {
-            new JettyAcegiUserRealm(null, ADAPTER_KEY, "SOME_PATH");
+            new JettySpringSecurityUserRealm(null, ADAPTER_KEY, "SOME_PATH");
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
             assertEquals("realm must be specified", expected.getMessage());
         }
 
         try {
-            new JettyAcegiUserRealm(null, ADAPTER_KEY, "SOME_PATH");
+            new JettySpringSecurityUserRealm(null, ADAPTER_KEY, "SOME_PATH");
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
             assertEquals("realm must be specified", expected.getMessage());
@@ -123,7 +123,7 @@ public class JettyAcegiUserRealmTests extends TestCase {
     public void testAdapterAbortsWithIncorrectApplicationContextLocation()
         throws Exception {
         try {
-            new JettyAcegiUserRealm(REALM_NAME, ADAPTER_KEY, "SOME_INVALID_LOCATION");
+            new JettySpringSecurityUserRealm(REALM_NAME, ADAPTER_KEY, "SOME_INVALID_LOCATION");
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
             assertTrue(expected.getMessage().startsWith("Cannot locate"));
@@ -132,36 +132,36 @@ public class JettyAcegiUserRealmTests extends TestCase {
 
     public void testAdapterIdentifiesTheRealmItManages()
         throws Exception {
-        JettyAcegiUserRealm adapter = makeAdapter("adaptertest-valid.xml");
+        JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-valid.xml");
         assertEquals(REALM_NAME, adapter.getName());
     }
 
     public void testAdapterStartsUpSuccess() throws Exception {
-        JettyAcegiUserRealm adapter = makeAdapter("adaptertest-valid.xml");
+        JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-valid.xml");
         assertTrue(true);
     }
 
     public void testAuthenticationFailsForIncorrectPassword()
         throws Exception {
-        JettyAcegiUserRealm adapter = makeAdapter("adaptertest-valid.xml");
+        JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-valid.xml");
         assertEquals(null, adapter.authenticate("marissa", "kangaroo", null));
     }
 
     public void testAuthenticationFailsForIncorrectUserName()
         throws Exception {
-        JettyAcegiUserRealm adapter = makeAdapter("adaptertest-valid.xml");
+        JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-valid.xml");
         assertEquals(null, adapter.authenticate("melissa", "koala", null));
     }
 
     public void testAuthenticationSuccess() throws Exception {
-        JettyAcegiUserRealm adapter = makeAdapter("adaptertest-valid.xml");
+        JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-valid.xml");
         UserPrincipal result = adapter.authenticate("marissa", "koala", null);
 
-        if (!(result instanceof JettyAcegiUserToken)) {
-            fail("Should have returned JettyAcegiUserToken");
+        if (!(result instanceof JettySpringSecurityUserToken)) {
+            fail("Should have returned JettySpringSecurityUserToken");
         }
 
-        JettyAcegiUserToken castResult = (JettyAcegiUserToken) result;
+        JettySpringSecurityUserToken castResult = (JettySpringSecurityUserToken) result;
         assertEquals("marissa", castResult.getPrincipal());
         assertEquals("koala", castResult.getCredentials());
         assertEquals("ROLE_TELLER", castResult.getAuthorities()[0].getAuthority());
@@ -171,36 +171,36 @@ public class JettyAcegiUserRealmTests extends TestCase {
 
     public void testAuthenticationWithNullPasswordHandledGracefully()
         throws Exception {
-        JettyAcegiUserRealm adapter = makeAdapter("adaptertest-valid.xml");
+        JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-valid.xml");
         assertEquals(null, adapter.authenticate("marissa", null, null));
     }
 
     public void testAuthenticationWithNullUserNameHandledGracefully()
         throws Exception {
-        JettyAcegiUserRealm adapter = makeAdapter("adaptertest-valid.xml");
+        JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-valid.xml");
         assertEquals(null, adapter.authenticate(null, "koala", null));
     }
 
     public void testDisassociateImplemented() throws Exception {
-        JettyAcegiUserRealm adapter = makeAdapter("adaptertest-valid.xml");
+        JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-valid.xml");
         adapter.disassociate(new MockUserPrincipal());
         assertTrue(true);
     }
 
     public void testGetAuthenticationManager() throws Exception {
-        JettyAcegiUserRealm adapter = makeAdapter("adaptertest-valid.xml");
+        JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-valid.xml");
         assertTrue(adapter.getAuthenticationManager() != null);
     }
 
     public void testLogoutImplemented() throws Exception {
-        JettyAcegiUserRealm adapter = makeAdapter("adaptertest-valid.xml");
+        JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-valid.xml");
         adapter.logout(new MockUserPrincipal());
         assertTrue(true);
     }
 
     public void testNoArgsConstructor() {
         try {
-            new JettyAcegiUserRealm();
+            new JettySpringSecurityUserRealm();
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
             assertTrue(true);
@@ -208,13 +208,13 @@ public class JettyAcegiUserRealmTests extends TestCase {
     }
 
     public void testPopRoleImplemented() throws Exception {
-        JettyAcegiUserRealm adapter = makeAdapter("adaptertest-valid.xml");
+        JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-valid.xml");
         MockUserPrincipal user = new MockUserPrincipal();
         assertEquals(user, adapter.popRole(user));
     }
 
     public void testPushRoleImplemented() throws Exception {
-        JettyAcegiUserRealm adapter = makeAdapter("adaptertest-valid.xml");
+        JettySpringSecurityUserRealm adapter = makeAdapter("adaptertest-valid.xml");
         MockUserPrincipal user = new MockUserPrincipal();
         assertEquals(user, adapter.pushRole(user, "SOME_ROLE"));
     }

adapters/jetty/src/test/java/org/springframework/security/adapters/jetty/JettyAcegiUserTokenTests.java → adapters/jetty/src/test/java/org/springframework/security/adapters/jetty/JettySpringSecurityUserTokenTests.java

@@ -22,34 +22,25 @@ import org.springframework.security.GrantedAuthorityImpl;
 
 
 /**
- * Tests {@link JettyAcegiUserToken}.
+ * Tests {@link JettySpringSecurityUserToken}.
  *
  * @author Ben Alex
- * @version $Id$
+ * @version $Id:JettySpringSecurityUserTokenTests.java 2151 2007-09-22 11:54:13Z luke_t $
  */
-public class JettyAcegiUserTokenTests extends TestCase {
+public class JettySpringSecurityUserTokenTests extends TestCase {
     //~ Constructors ===================================================================================================
 
-    public JettyAcegiUserTokenTests() {
-        super();
+    public JettySpringSecurityUserTokenTests() {
     }
 
-    public JettyAcegiUserTokenTests(String arg0) {
+    public JettySpringSecurityUserTokenTests(String arg0) {
         super(arg0);
     }
 
     //~ Methods ========================================================================================================
 
-    public static void main(String[] args) {
-        junit.textui.TestRunner.run(JettyAcegiUserTokenTests.class);
-    }
-
-    public final void setUp() throws Exception {
-        super.setUp();
-    }
-
     public void testGetters() throws Exception {
-        JettyAcegiUserToken token = new JettyAcegiUserToken("my_password", "Test", "Password",
+        JettySpringSecurityUserToken token = new JettySpringSecurityUserToken("my_password", "Test", "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
         assertEquals("Test", token.getPrincipal());
         assertEquals("Password", token.getCredentials());
@@ -59,7 +50,7 @@ public class JettyAcegiUserTokenTests extends TestCase {
 
     public void testNoArgsConstructor() {
         try {
-            new JettyAcegiUserToken();
+            new JettySpringSecurityUserToken();
             fail("Should have thrown IllegalArgumentException");
         } catch (IllegalArgumentException expected) {
             assertTrue(true);

adapters/resin/src/main/java/org/springframework/security/adapters/resin/ResinAcegiAuthenticator.java

@@ -21,7 +21,7 @@ import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.AuthenticationManager;
 
-import org.springframework.security.adapters.PrincipalAcegiUserToken;
+import org.springframework.security.adapters.PrincipalSpringSecurityUserToken;
 
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 
@@ -41,12 +41,12 @@ import javax.servlet.http.HttpServletResponse;
 
 
 /**
- * Adapter to enable Resin to authenticate via the Acegi Security System for Spring.<p>Returns a {@link
- * PrincipalAcegiUserToken} to Resin's authentication system, which is subsequently available via
+ * Adapter to enable Resin to authenticate via Spring Security.<p>Returns a {@link
+ * PrincipalSpringSecurityUserToken} to Resin's authentication system, which is subsequently available via
  * <code>HttpServletRequest.getUserPrincipal()</code>.</p>
  *
  * @author Ben Alex
- * @version $Id$
+ * @version $Id:ResinAcegiAuthenticator.java 2151 2007-09-22 11:54:13Z luke_t $
  */
 public class ResinAcegiAuthenticator extends AbstractAuthenticator {
     //~ Static fields/initializers =====================================================================================
@@ -98,15 +98,15 @@ public class ResinAcegiAuthenticator extends AbstractAuthenticator {
 
     public boolean isUserInRole(HttpServletRequest request, HttpServletResponse response, ServletContext application,
         Principal principal, String role) {
-        if (!(principal instanceof PrincipalAcegiUserToken)) {
+        if (!(principal instanceof PrincipalSpringSecurityUserToken)) {
             if (logger.isWarnEnabled()) {
-                logger.warn("Expected passed principal to be of type PrincipalAcegiUserToken");
+                logger.warn("Expected passed principal to be of type PrincipalSpringSecurityUserToken");
             }
 
             return false;
         }
 
-        PrincipalAcegiUserToken test = (PrincipalAcegiUserToken) principal;
+        PrincipalSpringSecurityUserToken test = (PrincipalSpringSecurityUserToken) principal;
 
         return test.isUserInRole(role);
     }
@@ -133,7 +133,7 @@ public class ResinAcegiAuthenticator extends AbstractAuthenticator {
             return null;
         }
 
-        return new PrincipalAcegiUserToken(this.key, response.getPrincipal().toString(),
+        return new PrincipalSpringSecurityUserToken(this.key, response.getPrincipal().toString(),
             response.getCredentials().toString(), response.getAuthorities(), response.getPrincipal());
     }
 

adapters/resin/src/test/java/org/springframework/security/adapters/resin/ResinAcegiAuthenticatorTests.java

@@ -20,7 +20,7 @@ import junit.framework.TestCase;
 import org.springframework.security.GrantedAuthority;
 import org.springframework.security.GrantedAuthorityImpl;
 
-import org.springframework.security.adapters.PrincipalAcegiUserToken;
+import org.springframework.security.adapters.PrincipalSpringSecurityUserToken;
 
 import java.security.Principal;
 
@@ -31,7 +31,7 @@ import javax.servlet.ServletException;
  * Tests {@link ResinAcegiAuthenticator}.
  *
  * @author Ben Alex
- * @version $Id$
+ * @version $Id:ResinAcegiAuthenticatorTests.java 2151 2007-09-22 11:54:13Z luke_t $
  */
 public class ResinAcegiAuthenticatorTests extends TestCase {
     //~ Instance fields ================================================================================================
@@ -164,11 +164,11 @@ public class ResinAcegiAuthenticatorTests extends TestCase {
 
         Principal result = adapter.loginImpl("marissa", "koala");
 
-        if (!(result instanceof PrincipalAcegiUserToken)) {
-            fail("Should have returned PrincipalAcegiUserToken");
+        if (!(result instanceof PrincipalSpringSecurityUserToken)) {
+            fail("Should have returned PrincipalSpringSecurityUserToken");
         }
 
-        PrincipalAcegiUserToken castResult = (PrincipalAcegiUserToken) result;
+        PrincipalSpringSecurityUserToken castResult = (PrincipalSpringSecurityUserToken) result;
         assertEquals("marissa", castResult.getPrincipal());
         assertEquals("koala", castResult.getCredentials());
         assertEquals("ROLE_TELLER", castResult.getAuthorities()[0].getAuthority());
@@ -185,11 +185,11 @@ public class ResinAcegiAuthenticatorTests extends TestCase {
 
         Principal result = adapter.loginImpl(null, null, null, "marissa", "koala");
 
-        if (!(result instanceof PrincipalAcegiUserToken)) {
-            fail("Should have returned PrincipalAcegiUserToken");
+        if (!(result instanceof PrincipalSpringSecurityUserToken)) {
+            fail("Should have returned PrincipalSpringSecurityUserToken");
         }
 
-        PrincipalAcegiUserToken castResult = (PrincipalAcegiUserToken) result;
+        PrincipalSpringSecurityUserToken castResult = (PrincipalSpringSecurityUserToken) result;
         assertEquals("marissa", castResult.getPrincipal());
         assertEquals("koala", castResult.getCredentials());
         assertEquals("ROLE_TELLER", castResult.getAuthorities()[0].getAuthority());
@@ -247,7 +247,7 @@ public class ResinAcegiAuthenticatorTests extends TestCase {
 
     public void testHasRoleWithPrincipalAcegiUserToken()
         throws Exception {
-        PrincipalAcegiUserToken token = new PrincipalAcegiUserToken("KEY", "Test", "Password",
+        PrincipalSpringSecurityUserToken token = new PrincipalSpringSecurityUserToken("KEY", "Test", "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")},
                 null);
         ResinAcegiAuthenticator adapter = new ResinAcegiAuthenticator();

core/src/main/java/org/springframework/security/AcegiMessageSource.java → core/src/main/java/org/springframework/security/SpringSecurityMessageSource.java

@@ -20,24 +20,25 @@ import org.springframework.context.support.ResourceBundleMessageSource;
 
 
 /**
- * The default <code>MessageSource</code> used by Acegi Security.<p>All Acegi Security classes requiring messge
- * localization will by default use this class. However, all such classes will also implement
- * <code>MessageSourceAware</code> so that the application context can inject an alternative message source. Therefore
- * this class is only used when the deployment environment has not specified an alternative message source.</p>
+ * The default <code>MessageSource</code> used by Spring Security.
+ * <p>All Spring Security classes requiring messge localization will by default use this class.
+ * However, all such classes will also implement <code>MessageSourceAware</code> so that the application context can
+ * inject an alternative message source. Therefore this class is only used when the deployment environment has not
+ * specified an alternative message source.</p>
  *
  * @author Ben Alex
  * @version $Id$
  */
-public class AcegiMessageSource extends ResourceBundleMessageSource {
+public class SpringSecurityMessageSource extends ResourceBundleMessageSource {
     //~ Constructors ===================================================================================================
 
-    public AcegiMessageSource() {
+    public SpringSecurityMessageSource() {
         setBasename("org.springframework.security.messages");
     }
 
     //~ Methods ========================================================================================================
 
     public static MessageSourceAccessor getAccessor() {
-        return new MessageSourceAccessor(new AcegiMessageSource());
+        return new MessageSourceAccessor(new SpringSecurityMessageSource());
     }
 }

core/src/main/java/org/springframework/security/acl/basic/GrantedAuthorityEffectiveAclsResolver.java

@@ -35,7 +35,7 @@ import java.util.Vector;
  * Authentication#getPrincipal()} or {@link Authentication#getAuthorities()}. The principal object or granted
  * authorities object has its <code>Object.equals(recipient)</code> method called to make the decision as to whether
  * the recipient in the <code>BasicAclEntry</code> is the same as the principal or granted authority.</p>
- *  <P>This class should prove an adequate ACLs resolver if you're using standard Acegi Security classes. This is
+ *  <P>This class should prove an adequate ACLs resolver if you're using standard Spring Security classes. This is
  * because the typical <code>Authentication</code> token is <code>UsernamePasswordAuthenticationToken</code>, which
  * for its <code>principal</code> is usually a <code>String</code>. The <code>GrantedAuthorityImpl</code> is typically
  * used for granted authorities, which tests for equality based on a <code>String</code>. This means

core/src/main/java/org/springframework/security/adapters/AuthByAdapterProvider.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.adapters;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.BadCredentialsException;
@@ -41,7 +41,7 @@ import org.springframework.util.Assert;
 public class AuthByAdapterProvider implements InitializingBean, AuthenticationProvider, MessageSourceAware {
     //~ Instance fields ================================================================================================
 
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private String key;
 
     //~ Methods ========================================================================================================

core/src/main/java/org/springframework/security/adapters/PrincipalAcegiUserToken.java → core/src/main/java/org/springframework/security/adapters/PrincipalSpringSecurityUserToken.java

@@ -26,7 +26,7 @@ import java.security.Principal;
  * @author Ben Alex
  * @version $Id$
  */
-public class PrincipalAcegiUserToken extends AbstractAdapterAuthenticationToken implements Principal {
+public class PrincipalSpringSecurityUserToken extends AbstractAdapterAuthenticationToken implements Principal {
     //~ Instance fields ================================================================================================
 
     private static final long serialVersionUID = 1L;
@@ -36,7 +36,7 @@ public class PrincipalAcegiUserToken extends AbstractAdapterAuthenticationToken
 
     //~ Constructors ===================================================================================================
 
-    public PrincipalAcegiUserToken(String key, String username, String password, GrantedAuthority[] authorities,
+    public PrincipalSpringSecurityUserToken(String key, String username, String password, GrantedAuthority[] authorities,
         Object principal) {
         super(key, authorities);
         this.username = username;

core/src/main/java/org/springframework/security/afterinvocation/AclEntryAfterInvocationProvider.java

@@ -15,7 +15,7 @@
 package org.springframework.security.afterinvocation;
 
 import org.springframework.security.AccessDeniedException;
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.ConfigAttribute;
 import org.springframework.security.ConfigAttributeDefinition;
@@ -58,7 +58,7 @@ public class AclEntryAfterInvocationProvider extends AbstractAclProvider impleme
 
     //~ Instance fields ================================================================================================
 
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
 
     //~ Constructors ===================================================================================================
 

core/src/main/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationProvider.java

@@ -16,7 +16,7 @@
 package org.springframework.security.afterinvocation;
 
 import org.springframework.security.AccessDeniedException;
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.ConfigAttribute;
 import org.springframework.security.ConfigAttributeDefinition;
@@ -72,7 +72,7 @@ public class BasicAclEntryAfterInvocationProvider implements AfterInvocationProv
 
     private AclManager aclManager;
     private Class processDomainObjectClass = Object.class;
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private String processConfigAttribute = "AFTER_ACL_READ";
     private int[] requirePermission = {SimpleAclEntry.READ};
 

core/src/main/java/org/springframework/security/concurrent/ConcurrentSessionControllerImpl.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.concurrent;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 
@@ -39,7 +39,7 @@ public class ConcurrentSessionControllerImpl implements ConcurrentSessionControl
     MessageSourceAware {
     //~ Instance fields ================================================================================================
 
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private SessionRegistry sessionRegistry = new SessionRegistryImpl();
     private boolean exceptionIfMaximumExceeded = false;
     private int maximumSessions = 1;

core/src/main/java/org/springframework/security/concurrent/SessionInformation.java

@@ -22,11 +22,11 @@ import java.io.Serializable;
 
 
 /**
- * Represents a record of a session within the Acegi Security framework.<p>This is primarily used for concurrent
- * session support.</p>
- *  <p>Sessions have three states: active, expired, and destroyed. A session can that is invalidated by
+ * Represents a record of a session within the Spring Security framework.
+ * <p>This is primarily used for concurrent session support.</p>
+ * <p>Sessions have three states: active, expired, and destroyed. A session can that is invalidated by
  * <code>session.invalidate()</code> or via Servlet Container management is considered "destroyed". An "expired"
- * session, on the other hand, is a session that Acegi Security wants to end because it was selected for removal for
+ * session, on the other hand, is a session that Spring Security wants to end because it was selected for removal for
  * some reason (generally as it was the least recently used session and the maximum sessions for the user were
  * reached). An "expired" session is removed as soon as possible by a <code>Filter</code>.</p>
  *

core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java

@@ -17,7 +17,7 @@ package org.springframework.security.intercept;
 
 import org.springframework.security.AccessDecisionManager;
 import org.springframework.security.AccessDeniedException;
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.AfterInvocationManager;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationCredentialsNotFoundException;
@@ -134,7 +134,7 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
 
 	private AuthenticationManager authenticationManager;
 
-	protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+	protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
 
 	private RunAsManager runAsManager = new NullRunAsManager();
 

core/src/main/java/org/springframework/security/intercept/package.html

@@ -5,17 +5,17 @@ Actually enforces the security and ties the whole security system together.
 A <i>secure object</i> is a term frequently used throughout the security
 system. It does <b>not</b> refer to a business object that is being
 secured, but instead refers to some infrastructure object that can have
-security facilities provided for it by the Acegi Security System for
-Spring. For example, one secure object would be
-<code>MethodInvocation</code>, whilst another would be HTTP {@link
-org.springframwork.security.intercept.web.FilterInvocation}. Note these are
+security facilities provided for it by Spring Security.
+For example, one secure object would be <code>MethodInvocation</code>,
+whilst another would be HTTP
+{@link org.springframwork.security.intercept.web.FilterInvocation}. Note these are
 infrastructure objects and their design allows them to represent a large
 variety of actual resources that might need to be secured, such as business
 objects or HTTP request URLs.
 </p>
 
 <P>Each secure object typically has its
-own <code>org.acegisecurity.intercept</code> package.
+own <code>org.springframwork.security.intercept</code> package.
 Each package usually includes a concrete security interceptor (which
 subclasses {@link org.springframework.security.intercept.AbstractSecurityInterceptor},
 an appropriate {@link org.springframework.security.intercept.ObjectDefinitionSource}

core/src/main/java/org/springframework/security/intercept/web/FilterSecurityInterceptor.java

@@ -41,7 +41,7 @@ import javax.servlet.ServletResponse;
 public class FilterSecurityInterceptor extends AbstractSecurityInterceptor implements Filter {
     //~ Static fields/initializers =====================================================================================
 
-    private static final String FILTER_APPLIED = "__acegi_security_filterSecurityInterceptor_filterApplied";
+    private static final String FILTER_APPLIED = "__spring_security_filterSecurityInterceptor_filterApplied";
 
     //~ Instance fields ================================================================================================
 

core/src/main/java/org/springframework/security/ldap/DefaultInitialDirContextFactory.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.ldap;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.BadCredentialsException;
 
 import org.apache.commons.logging.Log;
@@ -78,7 +78,7 @@ public class DefaultInitialDirContextFactory implements InitialDirContextFactory
 
     /** Allows extra environment variables to be added at config time. */
     private Map extraEnvVars = null;
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
 
     /** Type of authentication within LDAP; default is simple. */
     private String authenticationType = "simple";

core/src/main/java/org/springframework/security/ldap/SpringSecurityLdapTemplate.java

@@ -50,7 +50,7 @@ import javax.naming.directory.SearchResult;
 /**
  * LDAP equivalent of the Spring JdbcTemplate class.
  * <p>
- * This is mainly intended to simplify Ldap access within Acegi Security's LDAP-related services.
+ * This is mainly intended to simplify Ldap access within Spring Security's LDAP-related services.
  * </p>
  *
  * @author Ben Alex

core/src/main/java/org/springframework/security/package.html

@@ -1,6 +1,6 @@
 <html>
 <body>
-Provides core Acegi Security System for Spring interfaces and classes.
+Provides core Spring Security interfaces and classes.
 </body>
 </html>
 

core/src/main/java/org/springframework/security/providers/ProviderManager.java

@@ -17,7 +17,7 @@ package org.springframework.security.providers;
 
 import org.springframework.security.AbstractAuthenticationManager;
 import org.springframework.security.AccountExpiredException;
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.AuthenticationServiceException;
@@ -108,7 +108,7 @@ public class ProviderManager extends AbstractAuthenticationManager implements In
     private ApplicationEventPublisher applicationEventPublisher;
     private ConcurrentSessionController sessionController = new NullConcurrentSessionController();
     private List providers;
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private Properties exceptionMappings = new Properties();
 
     static {

core/src/main/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationProvider.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.providers.anonymous;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.BadCredentialsException;
@@ -42,7 +42,7 @@ public class AnonymousAuthenticationProvider implements AuthenticationProvider,
 
     //~ Instance fields ================================================================================================
 
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private String key;
 
     //~ Methods ========================================================================================================

core/src/main/java/org/springframework/security/providers/cas/CasAuthenticationProvider.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.providers.cas;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.BadCredentialsException;
@@ -58,7 +58,7 @@ public class CasAuthenticationProvider implements AuthenticationProvider, Initia
 
     private CasAuthoritiesPopulator casAuthoritiesPopulator;
     private CasProxyDecider casProxyDecider;
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private StatelessTicketCache statelessTicketCache;
     private String key;
     private TicketValidator ticketValidator;

core/src/main/java/org/springframework/security/providers/cas/CasAuthoritiesPopulator.java

@@ -26,7 +26,7 @@ import org.springframework.security.userdetails.UserDetails;
  *
  * <p>
  * CAS does not provide the authorities (roles) granted to a user. It merely
- * authenticates their identity. As the Acegi Security System for Spring needs
+ * authenticates their identity. As Spring Security needs
  * to know the authorities granted to a user in order to construct a valid
  * <code>Authentication</code> object, implementations of this interface will
  * provide this information.
@@ -36,7 +36,7 @@ import org.springframework.security.userdetails.UserDetails;
  * A {@link UserDetails} is returned by implementations. The
  * <code>UserDetails</code> must, at minimum, contain the username and
  * <code>GrantedAuthority[]</code> objects applicable to the CAS-authenticated
- * user. Note that Acegi Security ignores the password and enabled/disabled
+ * user. Note that Spring Security ignores the password and enabled/disabled
  * status of the <code>UserDetails</code> because this is
  * authentication-related and should have been enforced by the CAS server. The
  * <code>UserDetails</code> returned by implementations is stored in the

core/src/main/java/org/springframework/security/providers/cas/StatelessTicketCache.java

@@ -37,7 +37,7 @@ package org.springframework.security.providers.cas;
  * <P>
  * To avoid this issue with stateless callers, it is expected stateless callers
  * will obtain a single service ticket or proxy ticket, and then present this
- * same ticket to the Acegi Security System secured application on each
+ * same ticket to the Spring Security secured application on each
  * occasion. As no <code>HttpSession</code> is available for such callers, the
  * affirmative CAS validation outcome cannot be stored in this location.
  * </p>

core/src/main/java/org/springframework/security/providers/cas/proxy/NamedCasProxyDecider.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.providers.cas.proxy;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 
 import org.springframework.security.providers.cas.CasProxyDecider;
 import org.springframework.security.providers.cas.ProxyUntrustedException;
@@ -46,7 +46,7 @@ public class NamedCasProxyDecider implements CasProxyDecider, InitializingBean,
     //~ Instance fields ================================================================================================
 
     private List validProxies;
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
 
     //~ Methods ========================================================================================================
 

core/src/main/java/org/springframework/security/providers/cas/proxy/RejectProxyTickets.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.providers.cas.proxy;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 
 import org.springframework.security.providers.cas.CasProxyDecider;
 import org.springframework.security.providers.cas.ProxyUntrustedException;
@@ -45,7 +45,7 @@ public class RejectProxyTickets implements CasProxyDecider, MessageSourceAware,
 
     //~ Instance fields ================================================================================================
 
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
 
     //~ Methods ========================================================================================================
 

core/src/main/java/org/springframework/security/providers/cas/ticketvalidator/CasProxyTicketValidator.java

@@ -69,14 +69,14 @@ public class CasProxyTicketValidator extends AbstractTicketValidator {
 
     /**
      * Optional callback URL to obtain a proxy-granting ticket from CAS.
-     * <p>This callback URL belongs to the Acegi Security System for Spring secured application. We suggest you use
+     * <p>This callback URL belongs to the Spring Security secured application. We suggest you use
      * CAS' <code>ProxyTicketReceptor</code> servlet to receive this callback and manage the proxy-granting ticket list.
      * The callback URL is usually something like
      * <code>https://www.mycompany.com/application/casProxy/receptor</code>.
      * </p>
      * <p>If left <code>null</code>, the <code>CasAuthenticationToken</code> will not have a proxy granting
-     * ticket IOU and there will be no proxy-granting ticket callback. Accordingly, the Acegi Securty System for
-     * Spring secured application will be unable to obtain a proxy ticket to call another CAS-secured service on
+     * ticket IOU and there will be no proxy-granting ticket callback. Accordingly, the Spring Securty
+     * secured application will be unable to obtain a proxy ticket to call another CAS-secured service on
      * behalf of the user. This is not really an issue for most applications.</p>
      *
      * @return the proxy callback URL, or <code>null</code> if not used

core/src/main/java/org/springframework/security/providers/dao/AbstractUserDetailsAuthenticationProvider.java

@@ -16,7 +16,7 @@
 package org.springframework.security.providers.dao;
 
 import org.springframework.security.AccountExpiredException;
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.BadCredentialsException;
@@ -69,7 +69,7 @@ public abstract class AbstractUserDetailsAuthenticationProvider implements Authe
     MessageSourceAware {
     //~ Instance fields ================================================================================================
 
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private UserCache userCache = new NullUserCache();
     private boolean forcePrincipalAsString = false;
     protected boolean hideUserNotFoundExceptions = true;

core/src/main/java/org/springframework/security/providers/jaas/JaasAuthenticationProvider.java

@@ -146,7 +146,7 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Appli
 
     private LoginExceptionResolver loginExceptionResolver = new DefaultLoginExceptionResolver();
     private Resource loginConfig;
-    private String loginContextName = "ACEGI";
+    private String loginContextName = "SPRINGSECURITY";
     private AuthorityGranter[] authorityGranters;
     private JaasAuthenticationCallbackHandler[] callbackHandlers;
     private ApplicationEventPublisher applicationEventPublisher;

core/src/main/java/org/springframework/security/providers/jaas/JaasNameCallbackHandler.java

@@ -28,7 +28,7 @@ import javax.security.auth.callback.UnsupportedCallbackException;
 
 /**
  * The most basic Callbacks to be handled when using a LoginContext from JAAS, are the NameCallback and
- * PasswordCallback. The acegi security framework provides the JaasNameCallbackHandler specifically tailored to
+ * PasswordCallback. Spring Security provides the JaasNameCallbackHandler specifically tailored to
  * handling the NameCallback. <br>
  *
  * @author Ray Krueger

core/src/main/java/org/springframework/security/providers/jaas/JaasPasswordCallbackHandler.java

@@ -26,7 +26,7 @@ import javax.security.auth.callback.UnsupportedCallbackException;
 
 /**
  * The most basic Callbacks to be handled when using a LoginContext from JAAS, are the NameCallback and
- * PasswordCallback. The acegi security framework provides the JaasPasswordCallbackHandler specifically tailored to
+ * PasswordCallback. Spring Security provides the JaasPasswordCallbackHandler specifically tailored to
  * handling the PasswordCallback. <br>
  *
  * @author Ray Krueger

core/src/main/java/org/springframework/security/providers/jaas/LoginExceptionResolver.java

@@ -22,7 +22,7 @@ import javax.security.auth.login.LoginException;
 
 /**
  * The JaasAuthenticationProvider takes an instance of LoginExceptionResolver
- * to resolve LoginModule specific exceptions to Acegi exceptions.  For
+ * to resolve LoginModule specific exceptions to Spring Security exceptions.  For
  * instance, a configured login module could throw a
  * ScrewedUpPasswordException that extends LoginException, in this instance
  * the LoginExceptionResolver implementation would return a {@link

core/src/main/java/org/springframework/security/providers/jaas/SecurityContextLoginModule.java

@@ -31,13 +31,14 @@ import javax.security.auth.spi.LoginModule;
 
 
 /**
- * An implementation of {@link LoginModule} that uses an Acegi Security {@link
+ * An implementation of {@link LoginModule} that uses a Spring Security {@link
  * org.springframework.security.context.SecurityContext SecurityContext} to provide authentication.<p>This LoginModule
  * provides opposite functionality to the {@link JaasAuthenticationProvider} API, and should not really be used in
  * conjunction with it.</p>
- *  <p>The {@link JaasAuthenticationProvider} allows Acegi to authenticate against Jaas.</p>
- *  <p>The SecurityContextLoginModule allows a Jaas based application to authenticate against Acegi. If there is no
- * Authentication in the  {@link SecurityContextHolder} the login() method will throw a LoginException by default.
+ *  <p>The {@link JaasAuthenticationProvider} allows Spring Security to authenticate against Jaas.</p>
+ *  <p>The SecurityContextLoginModule allows a Jaas based application to authenticate against Spring Security.
+ * If there is no Authentication in the  {@link SecurityContextHolder} the login() method will throw a LoginException
+ * by default.
  * This functionality can be changed with the <tt>ignoreMissingAuthentication</tt> option by setting it to "true".
  * Setting ignoreMissingAuthentication=true will tell the SecurityContextLoginModule to simply return false and be
  * ignored if the authentication is null.</p>
@@ -59,7 +60,7 @@ public class SecurityContextLoginModule implements LoginModule {
     //~ Methods ========================================================================================================
 
     /**
-     * Abort the authentication process by forgetting the Acegi Security <code>Authentication</code>.
+     * Abort the authentication process by forgetting the Spring Security <code>Authentication</code>.
      *
      * @return true if this method succeeded, or false if this <code>LoginModule</code> should be ignored.
      *
@@ -76,7 +77,7 @@ public class SecurityContextLoginModule implements LoginModule {
     }
 
     /**
-     * Authenticate the <code>Subject</code> (phase two) by adding the Acegi Security
+     * Authenticate the <code>Subject</code> (phase two) by adding the Spring Security
      * <code>Authentication</code> to the <code>Subject</code>'s principals.
      *
      * @return true if this method succeeded, or false if this <code>LoginModule</code> should be ignored.
@@ -103,7 +104,7 @@ public class SecurityContextLoginModule implements LoginModule {
 
     /**
      * Initialize this <code>LoginModule</code>. Ignores the callback handler, since the code establishing the
-     * <code>LoginContext</code> likely won't provide one that understands Acegi Security. Also ignores the
+     * <code>LoginContext</code> likely won't provide one that understands Spring Security. Also ignores the
      * <code>sharedState</code> and <code>options</code> parameters, since none are recognized.
      *
      * @param subject the <code>Subject</code> to be authenticated. <p>
@@ -120,7 +121,7 @@ public class SecurityContextLoginModule implements LoginModule {
     }
 
     /**
-     * Authenticate the <code>Subject</code> (phase one) by extracting the Acegi Security
+     * Authenticate the <code>Subject</code> (phase one) by extracting the Spring Security
      * <code>Authentication</code> from the current <code>SecurityContext</code>.
      *
      * @return true if the authentication succeeded, or false if this <code>LoginModule</code> should be ignored.

core/src/main/java/org/springframework/security/providers/ldap/authenticator/AbstractLdapAuthenticator.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.providers.ldap.authenticator;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 
 import org.springframework.security.ldap.InitialDirContextFactory;
 import org.springframework.security.ldap.LdapUserSearch;
@@ -49,7 +49,7 @@ public abstract class AbstractLdapAuthenticator implements LdapAuthenticator, In
 
     /** Optional search object which can be used to locate a user when a simple DN match isn't sufficient */
     private LdapUserSearch userSearch;
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
 
     /**
      * The suffix to be added to the DN patterns, worked out internally from the root DN of the configured

core/src/main/java/org/springframework/security/providers/ldap/populator/DefaultLdapAuthoritiesPopulator.java

@@ -38,20 +38,27 @@ import javax.naming.directory.SearchControls;
 
 /**
  * The default strategy for obtaining user role information from the directory.
- * <p/>
  * <p>It obtains roles by performing a search for "groups" the user is a member of.</p>
  * <p/>
- * <p/>
  * A typical group search scenario would be where each group/role is specified using the <tt>groupOfNames</tt>
  * (or <tt>groupOfUniqueNames</tt>) LDAP objectClass and the user's DN is listed in the <tt>member</tt> (or
  * <tt>uniqueMember</tt>) attribute to indicate that they should be assigned that role. The following LDIF sample has
  * the groups stored under the DN <tt>ou=groups,dc=springframework,dc=org</tt> and a group called "developers" with
  * "ben" and "marissa" as members:
  * <pre>
- * dn: ou=groups,dc=springframework,dc=orgobjectClass: top
- * objectClass: organizationalUnitou: groupsdn: cn=developers,ou=groups,dc=springframework,dc=org
- * objectClass: groupOfNamesobjectClass: topcn: developersdescription: Acegi Security Developers
- * member: uid=ben,ou=people,dc=springframework,dc=orgmember: uid=marissa,ou=people,dc=springframework,dc=orgou: developer
+ * dn: ou=groups,dc=springframework,dc=org
+ * objectClass: top
+ * objectClass: organizationalUnit
+ * ou: groups
+ *
+ * dn: cn=developers,ou=groups,dc=springframework,dc=org
+ * objectClass: groupOfNameso
+ * objectClass: top
+ * cn: developers
+ * description: Spring Security Developers
+ * member: uid=ben,ou=people,dc=springframework,dc=org
+ * member: uid=marissa,ou=people,dc=springframework,dc=org
+ * ou: developer
  * </pre>
  * </p>
  * <p/>
@@ -65,7 +72,7 @@ import javax.naming.directory.SearchControls;
  * <p>The configuration below shows how the group search might be performed with the above schema.
  * <pre>
  * &lt;bean id="ldapAuthoritiesPopulator"
- *         class="org.springframework.security.providers.ldap.populator.DefaultLdapAuthoritiesPopulator">
+ *       class="org.springframework.security.providers.ldap.populator.DefaultLdapAuthoritiesPopulator">
  *   &lt;constructor-arg>&lt;ref local="initialDirContextFactory"/>&lt;/constructor-arg>
  *   &lt;constructor-arg>&lt;value>ou=groups&lt;/value>&lt;/constructor-arg>
  *   &lt;property name="groupRoleAttribute">&lt;value>ou&lt;/value>&lt;/property>

core/src/main/java/org/springframework/security/providers/rememberme/RememberMeAuthenticationProvider.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.providers.rememberme;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.BadCredentialsException;
@@ -47,7 +47,7 @@ public class RememberMeAuthenticationProvider implements AuthenticationProvider,
 
     //~ Instance fields ================================================================================================
 
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private String key;
 
     //~ Methods ========================================================================================================

core/src/main/java/org/springframework/security/providers/x509/X509AuthenticationProvider.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.providers.x509;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.BadCredentialsException;
@@ -53,7 +53,7 @@ public class X509AuthenticationProvider implements AuthenticationProvider, Initi
 
     //~ Instance fields ================================================================================================
 
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private X509AuthoritiesPopulator x509AuthoritiesPopulator;
     private X509UserCache userCache = new NullX509UserCache();
 

core/src/main/java/org/springframework/security/providers/x509/populator/DaoX509AuthoritiesPopulator.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.providers.x509.populator;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.BadCredentialsException;
 import org.springframework.security.AuthenticationServiceException;
@@ -53,7 +53,7 @@ public class DaoX509AuthoritiesPopulator implements X509AuthoritiesPopulator, In
 
     //~ Instance fields ================================================================================================
 
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private Pattern subjectDNPattern;
     private String subjectDNRegex = "CN=(.*?),";
     private UserDetailsService userDetailsService;

core/src/main/java/org/springframework/security/runas/RunAsImplAuthenticationProvider.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.runas;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.BadCredentialsException;
@@ -41,7 +41,7 @@ import org.springframework.util.Assert;
 public class RunAsImplAuthenticationProvider implements InitializingBean, AuthenticationProvider, MessageSourceAware {
     //~ Instance fields ================================================================================================
 
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private String key;
 
     //~ Methods ========================================================================================================

core/src/main/java/org/springframework/security/taglibs/authz/AuthorizeTag.java

@@ -173,7 +173,7 @@ public class AuthorizeTag extends TagSupport {
      * returns a <code>null</code> string as the return value of {@link
      * org.springframework.security.GrantedAuthority#getAuthority()}.
      * </p>
-     * <p>Reported by rawdave, on Fri Feb 04, 2005 2:11 pm in the Acegi Security System for Spring forums.</p>
+     * <p>Reported by rawdave, on Fri Feb 04, 2005 2:11 pm in the Spring Security forum.</p>
      *
      * @param granted The authorities granted by the authentication. May be any implementation of {@link
      *        GrantedAuthority} that does <strong>not</strong> return <code>null</code> from {@link

core/src/main/java/org/springframework/security/taglibs/velocity/Authz.java

@@ -29,7 +29,7 @@ import org.springframework.context.ApplicationContext;
 
 
 /**
- * Wrapper the implementation of Acegi Security for Spring JSP tag includes:
+ * Wrapper the implementation of Spring Security JSP tag includes:
  * {@link AuthenticationTag}, {@link AclTag}, {@link AuthorizeTag}
  *
  * @author Wang Qi

core/src/main/java/org/springframework/security/ui/AbstractProcessingFilter.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.ui;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.AuthenticationManager;
@@ -157,7 +157,7 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
 
 	protected final Log logger = LogFactory.getLog(this.getClass());
 
-	protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+	protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
 
 	private Properties exceptionMappings = new Properties();
 

core/src/main/java/org/springframework/security/ui/WebAuthenticationDetails.java

@@ -42,7 +42,7 @@ public class WebAuthenticationDetails implements SessionIdentifierAware, Seriali
      *
      * <p>
      * NB: This constructor will cause a <code>HttpSession</code> to be created
-     * (this is considered reasonable as all Acegi Security authentication
+     * (this is considered reasonable as all Spring Security authentication
      * requests rely on <code>HttpSession</code> to store the
      * <code>Authentication</code> between requests
      * </p>

core/src/main/java/org/springframework/security/ui/basicauth/BasicProcessingFilter.java

@@ -61,7 +61,7 @@ import org.springframework.util.Assert;
  * which will prompt the user to authenticate again via BASIC authentication.</p>
  *  <p>Basic authentication is an attractive protocol because it is simple and widely deployed. However, it still
  * transmits a password in clear text and as such is undesirable in many situations. Digest authentication is also
- * provided by Acegi Security and should be used instead of Basic authentication wherever possible. See {@link
+ * provided by Spring Security and should be used instead of Basic authentication wherever possible. See {@link
  * org.springframework.security.ui.digestauth.DigestProcessingFilter}.</p>
  *  <p>Note that if a {@link #rememberMeServices} is set, this filter will automatically send back remember-me
  * details to the client. Therefore, subsequent requests will not need to present a BASIC authentication header as

core/src/main/java/org/springframework/security/ui/cas/ServiceProperties.java

@@ -19,9 +19,10 @@ import org.springframework.beans.factory.InitializingBean;
 
 
 /**
- * Stores properties related to this CAS service.<P>Each web application capable of processing CAS tickets is known
- * as a service. This class stores the properties that are relevant to the local CAS service, being the application
- * that is being secured by the Acegi Security System for Spring.</p>
+ * Stores properties related to this CAS service.
+ * <p>Each web application capable of processing CAS tickets is known as a service.
+ * This class stores the properties that are relevant to the local CAS service, being the application
+ * that is being secured by Spring Security.</p>
  *
  * @author Ben Alex
  * @version $Id$
@@ -41,9 +42,12 @@ public class ServiceProperties implements InitializingBean {
     }
 
     /**
-     * Represents the service the user is authenticating to.<p>This service is the callback URL belonging to
-     * the local Acegi Security System for Spring secured application. For example,</p>
-     *  <code>https://www.mycompany.com/application/j_spring_cas_security_check</code>
+     * Represents the service the user is authenticating to.
+     * <p>This service is the callback URL belonging to the local Spring Security System for Spring secured application.
+     * For example,
+     * <pre>
+     * https://www.mycompany.com/application/j_spring_cas_security_check
+     * </pre>
      *
      * @return the URL of the service the user is authenticating to
      */

core/src/main/java/org/springframework/security/ui/digestauth/DigestProcessingFilter.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.ui.digestauth;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.AuthenticationServiceException;
 import org.springframework.security.BadCredentialsException;
@@ -93,7 +93,7 @@ public class DigestProcessingFilter implements Filter, InitializingBean, Message
 
     private AuthenticationDetailsSource authenticationDetailsSource = new AuthenticationDetailsSourceImpl();
     private DigestProcessingFilterEntryPoint authenticationEntryPoint;
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private UserCache userCache = new NullUserCache();
     private UserDetailsService userDetailsService;
     private boolean passwordAlreadyEncoded = false;

core/src/main/java/org/springframework/security/ui/rememberme/RememberMeServices.java

@@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletResponse;
  * Implement by a class that is capable of providing a remember-me service.
  *
  * <p>
- * Acegi Security filters (namely {@link
+ * Spring Security filters (namely {@link
  * org.springframework.security.ui.AbstractProcessingFilter} and {@link
  * org.springframework.security.ui.rememberme.RememberMeProcessingFilter} will call
  * the methods provided by an implementation of this interface.
@@ -44,7 +44,7 @@ import javax.servlet.http.HttpServletResponse;
  * <p>
  * This interface does not define how remember-me services should offer a
  * "cancel all remember-me tokens" type capability, as this will be
- * implementation specific and requires no hooks into Acegi Security.
+ * implementation specific and requires no hooks into Spring Security.
  * </p>
  *
  * @author Ben Alex
@@ -55,14 +55,14 @@ public interface RememberMeServices {
 
     /**
      * This method will be called whenever the <code>SecurityContextHolder</code> does not contain an
-     * <code>Authentication</code> and the Acegi Security system wishes to provide an implementation with an
-     * opportunity to authenticate the request using remember-me capabilities. Acegi Security makes no attempt
+     * <code>Authentication</code> object and Spring Security wishes to provide an implementation with an
+     * opportunity to authenticate the request using remember-me capabilities. Spring Security makes no attempt
      * whatsoever to determine whether the browser has requested remember-me services or presented a valid cookie.
      * Such determinations are left to the implementation. If a browser has presented an unauthorised cookie for
      * whatever reason, it should be silently ignored and invalidated using the <code>HttpServletResponse</code>
      * object.<p>The returned <code>Authentication</code> must be acceptable to  {@link
-     * org.springframework.security.AuthenticationManager} or {@link org.springframework.security.providers.AuthenticationProvider} defined
-     * by the web application. It is recommended {@link
+     * org.springframework.security.AuthenticationManager} or
+     * {@link org.springframework.security.providers.AuthenticationProvider} defined by the web application. It is recommended {@link
      * org.springframework.security.providers.rememberme.RememberMeAuthenticationToken} be used in most cases, as it has a
      * corresponding authentication provider.</p>
      *

core/src/main/java/org/springframework/security/ui/rememberme/TokenBasedRememberMeServices.java

@@ -106,7 +106,7 @@ public class TokenBasedRememberMeServices implements RememberMeServices, Initial
 
 	public static final String SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY = "SPRING_SECURITY_HASHED_REMEMBER_ME_COOKIE";
 
-	public static final String DEFAULT_PARAMETER = "_acegi_security_remember_me";
+	public static final String DEFAULT_PARAMETER = "_spring_security_remember_me";
 
 	protected static final Log logger = LogFactory.getLog(TokenBasedRememberMeServices.class);
 

core/src/main/java/org/springframework/security/ui/switchuser/SwitchUserProcessingFilter.java

@@ -16,7 +16,7 @@
 package org.springframework.security.ui.switchuser;
 
 import org.springframework.security.AccountExpiredException;
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationCredentialsNotFoundException;
 import org.springframework.security.AuthenticationException;
@@ -70,7 +70,7 @@ import javax.servlet.http.HttpServletResponse;
 
 /**
  * Switch User processing filter responsible for user context switching.<p>This filter is similar to Unix 'su'
- * however for Acegi-managed web applications.  A common use-case for this feature is the ability to allow
+ * however for Spring Security-managed web applications.  A common use-case for this feature is the ability to allow
  * higher-authority users (i.e. ROLE_ADMIN) to switch to a regular user (i.e. ROLE_USER).</p>
  *  <p>This filter assumes that the user performing the switch will be required to be logged in as normal (i.e.
  * ROLE_ADMIN user). The user will then access a page/controller that enables the administrator to specify who they
@@ -111,7 +111,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
 
     private ApplicationEventPublisher eventPublisher;
     private AuthenticationDetailsSource authenticationDetailsSource = new AuthenticationDetailsSourceImpl();
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     private String exitUserUrl = "/j_spring_security_exit_user";
     private String switchUserUrl = "/j_spring_security_switch_user";
     private String targetUrl;

core/src/main/java/org/springframework/security/ui/webapp/SiteminderAuthenticationProcessingFilter.java

@@ -31,17 +31,17 @@ import javax.servlet.http.HttpServletResponse;
 
 
 /**
- * Extends Acegi's AuthenticationProcessingFilter to pick up CA/Netegrity Siteminder headers.<P>Also provides a
- * backup form-based authentication and the ability set source key names.</p>
- *  <P><B>Siteminder</B> must present two <B>headers</B> to this filter, a username and password. You must set the
+ * Extends Spring Security's AuthenticationProcessingFilter to pick up CA/Netegrity Siteminder headers.
+ * <p>Also provides a backup form-based authentication and the ability set source key names.</p>
+ * <p><b>Siteminder</b> must present two <b>headers</b> to this filter, a username and password. You must set the
  * header keys before this filter is used for authentication, otherwise Siteminder checks will be skipped. If the
  * Siteminder check is unsuccessful (i.e. if the headers are not found), then the form parameters will be checked (see
  * next paragraph). This allows applications to optionally function even when their Siteminder infrastructure is
  * unavailable, as is often the case during development.</p>
- *  <P><B>Login forms</B> must present two <B>parameters</B> to this filter: a username and password. If not
+ *  <p><b>Login forms</b> must present two <b>parameters</b> to this filter: a username and password. If not
  * specified, the parameter names to use are contained in the static fields {@link #SPRING_SECURITY_FORM_USERNAME_KEY}
  * and {@link #SPRING_SECURITY_FORM_PASSWORD_KEY}.</p>
- *  <P><B>Do not use this class directly.</B> Instead, configure <code>web.xml</code> to use the {@link
+ *  <p><b>Do not use this class directly.</b> Instead, configure <code>web.xml</code> to use the {@link
  * org.springframework.security.util.FilterToBeanProxy}.</p>
  */
 public class SiteminderAuthenticationProcessingFilter extends AuthenticationProcessingFilter {
@@ -66,7 +66,7 @@ public class SiteminderAuthenticationProcessingFilter extends AuthenticationProc
 
     //~ Constructors ===================================================================================================
 
-/**
+    /**
      * Basic constructor.
      */
     public SiteminderAuthenticationProcessingFilter() {

core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilterEntryPoint.java

@@ -34,7 +34,7 @@ import org.apache.commons.logging.LogFactory;
  * <p>
  * Therefore this class isn't actually responsible for the commencement of
  * authentication, as it is in the case of other providers. It will be called if
- * the certificate was rejected by Acegi's X509AuthenticationProvider, resulting
+ * the certificate was rejected by Spring Security's X509AuthenticationProvider, resulting
  * in a null authentication.
  * </p>
  * The <code>commence</code> method will always return an

core/src/main/java/org/springframework/security/userdetails/UserDetails.java

@@ -25,7 +25,7 @@ import java.io.Serializable;
  * Provides core user information.
  *
  * <p>
- * Implementations are not used directly by Acegi Security for security
+ * Implementations are not used directly by Spring Security for security
  * purposes. They simply store user information which is later encapsulated
  * into {@link Authentication} objects. This allows non-security related user
  * information (such as email addresses, telephone numbers etc) to be stored

core/src/main/java/org/springframework/security/userdetails/hierarchicalroles/RoleHierarchyImpl.java

@@ -51,7 +51,7 @@ import java.util.*;
  * Hierarchical Roles will dramatically shorten your access rules (and also make the access rules much more elegant).
  * </p>
  * <p>
- * Consider this access rule for Acegi's RoleVoter (background: every user that is authenticated should be
+ * Consider this access rule for Spring Security's RoleVoter (background: every user that is authenticated should be
  * able to log out):<br>
  * /logout.html=ROLE_A,ROLE_B,ROLE_AUTHENTICATED<br>
  * With hierarchical roles this can now be shortened to:<br>

core/src/main/java/org/springframework/security/userdetails/hierarchicalroles/UserDetailsServiceWrapper.java

@@ -20,8 +20,8 @@ import org.springframework.security.userdetails.UsernameNotFoundException;
 import org.springframework.dao.DataAccessException;
 
 /**
- * This class wraps Acegi's UserDetailsService in a way that its loadUserByUsername()
- * method returns wrapped UserDetails that return all hierachically reachable authorities
+ * This class wraps Spring Security's <tt>UserDetailsService</tt> in a way that its <tt>loadUserByUsername()</tt>
+ * method returns wrapped <tt>UserDetails</tt> that return all hierachically reachable authorities
  * instead of only the directly assigned authorities.
  *
  * @author Michael Mayr

core/src/main/java/org/springframework/security/userdetails/hierarchicalroles/UserDetailsWrapper.java

@@ -18,9 +18,9 @@ import org.springframework.security.GrantedAuthority;
 import org.springframework.security.userdetails.UserDetails;
 
 /**
- * This class wraps Acegi's UserDetails in a way that its getAuthorities()-Method is
- * delegated to RoleHierarchy.getReachableGrantedAuthorities. All other methods are
- * delegated to the UserDetails implementation.
+ * This class wraps Spring Security's <tt>UserDetails</tt> in a way that its <tt>getAuthorities()</tt> method is
+ * delegated to <tt>RoleHierarchy.getReachableGrantedAuthorities</tt>. All other methods are
+ * delegated to the <tt>UserDetails</tt> implementation.
  *
  * @author Michael Mayr
  */

core/src/main/java/org/springframework/security/userdetails/jdbc/JdbcDaoImpl.java

@@ -17,7 +17,7 @@ package org.springframework.security.userdetails.jdbc;
 
 import org.springframework.security.GrantedAuthority;
 import org.springframework.security.GrantedAuthorityImpl;
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 
 import org.springframework.security.userdetails.User;
 import org.springframework.security.userdetails.UserDetails;
@@ -67,7 +67,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
 
     //~ Instance fields ================================================================================================
 
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
     protected MappingSqlQuery authoritiesByUsernameMapping;
     protected MappingSqlQuery usersByUsernameMapping;
     private String authoritiesByUsernameQuery;
@@ -169,7 +169,7 @@ public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
     /**
      * Allows a default role prefix to be specified. If this is set to a non-empty value, then it is
      * automatically prepended to any roles read in from the db. This may for example be used to add the
-     * <code>ROLE_</code> prefix expected to exist in role names (by default) by some other Acegi Security framework
+     * <code>ROLE_</code> prefix expected to exist in role names (by default) by some other Spring Security
      * classes, in the case that the prefix is not already present in the db.
      *
      * @param rolePrefix the new prefix

core/src/main/java/org/springframework/security/util/FilterInvocationUtils.java

@@ -31,7 +31,7 @@ import javax.servlet.ServletResponse;
 
 
 /**
- * Static utility methods for creating <code>FilterInvocation</code>s usable within Acegi Security.<p>The generated
+ * Static utility methods for creating <code>FilterInvocation</code>s usable within Spring Security.<p>The generated
  * <code>FilterInvocation</code> objects are not intended for use with <code>AbstractSecurityInterceptor</code>
  * subclasses. Instead they are generally used by <code>WebInvocationPrivilegeEvaluator</code>.</p>
  *

core/src/main/java/org/springframework/security/util/InMemoryResource.java

@@ -24,7 +24,7 @@ import java.io.InputStream;
 
 /**
  * An in memory implementation of Spring's {@link org.springframework.core.io.Resource} interface.
- * <p>Used by the "Acegifier" web application to create a bean factory from an XML string, rather than a file.</p>
+ * <p>Used to create a bean factory from an XML string, rather than a file.</p>
  *
  * @author Luke Taylor
  * @version $Id$

core/src/main/java/org/springframework/security/util/MethodInvocationUtils.java

@@ -26,8 +26,8 @@ import java.util.List;
 
 
 /**
- * Static utility methods for creating <code>MethodInvocation</code>s usable within Acegi Security.<p>All methods
- * of this class return a {@link org.springframework.security.util.SimpleMethodInvocation}.</p>
+ * Static utility methods for creating <code>MethodInvocation</code>s usable within Spring Security.
+ * <p>All methods of this class return a {@link org.springframework.security.util.SimpleMethodInvocation}.</p>
  *
  * @author Ben Alex
  * @version $Id$

core/src/main/java/org/springframework/security/util/package.html

@@ -1,5 +1,5 @@
 <html>
 <body>
-General utility classes used throughout the Acegi Security System.
+General utility classes used throughout the Spring Security framework.
 </body>
 </html>

core/src/main/java/org/springframework/security/vote/AbstractAccessDecisionManager.java

@@ -20,7 +20,7 @@ import java.util.List;
 
 import org.springframework.security.AccessDecisionManager;
 import org.springframework.security.AccessDeniedException;
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.ConfigAttribute;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.MessageSource;
@@ -43,7 +43,7 @@ public abstract class AbstractAccessDecisionManager implements AccessDecisionMan
 
     private List decisionVoters;
 
-    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
 
     private boolean allowIfAllAbstainDecisions = false;
 

core/src/main/java/org/springframework/security/wrapper/SecurityContextHolderAwareRequestWrapper.java

@@ -31,7 +31,7 @@ import javax.servlet.http.HttpServletRequestWrapper;
 
 
 /**
- * An Acegi Security-aware <code>HttpServletRequestWrapper</code>, which uses the
+ * A Spring Security-aware <code>HttpServletRequestWrapper</code>, which uses the
  * <code>SecurityContext</code>-defined <code>Authentication</code> object for {@link
  * SecurityContextHolderAwareRequestWrapper#isUserInRole(java.lang.String)} and {@link
  * javax.servlet.http.HttpServletRequestWrapper#getRemoteUser()} responses.

core/src/main/java/org/springframework/security/wrapper/package.html

@@ -1,9 +1,9 @@
 <html>
 <body>
-Populates a Servlet request with a new Acegi Security compliant
+Populates a Servlet request with a new Spring Security compliant
 <code>HttpServletRequestWrapper</code>.
 
-<p>To use, simply add the <code>ContextHolderAwareRequestFilter</code>
+<p>To use, simply add the <code>SecurityContextHolderAwareRequestFilter</code>
 to <code>web.xml</code>.
 </body>
 </html>

core/src/main/resources/org/springframework/security/messages_fr.properties

@@ -1,4 +1,4 @@
-# Acegi security
+# Spring security
 # Messages in French
 # Translation by Laurent Pireyn (laurent.pireyn@pisolutions.eu)
 

core/src/main/resources/org/springframework/security/providers/dao/jdbc/acegisecurity-jdbc.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
 <!--
- * The Acegi Security System for Spring is published under the terms
+ * Spring Security is published under the terms
  * of the Apache Software License.
  * $Id$
 -->

core/src/main/resources/org/springframework/security/taglibs/authz.tld

@@ -8,7 +8,7 @@
 	<short-name>authz</short-name>
 	<uri>http://acegisecurity.org/authz</uri>
 	<description>
-        Acegi Security Systems Authorization Tag Library
+        Spring Securitys Authorization Tag Library
 		$Id$
 	</description>
 

core/src/site/site.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
 
-<project name="Acegi Security Core">
+<project name="Spring Security Core">
 
     <body>
         <menu ref="parent"/>

core/src/test/java/org/springframework/security/AcegiMessageSourceTests.java → core/src/test/java/org/springframework/security/SpringSecurityMessageSourceTests.java

@@ -24,27 +24,27 @@ import java.util.Locale;
 
 
 /**
- * Tests {@link org.springframework.security.AcegiMessageSource}.
+ * Tests {@link org.springframework.security.SpringSecurityMessageSource}.
  */
-public class AcegiMessageSourceTests extends TestCase {
+public class SpringSecurityMessageSourceTests extends TestCase {
     //~ Constructors ===================================================================================================
 
-    public AcegiMessageSourceTests() {
+    public SpringSecurityMessageSourceTests() {
         super();
     }
 
-    public AcegiMessageSourceTests(String arg0) {
+    public SpringSecurityMessageSourceTests(String arg0) {
         super(arg0);
     }
 
     //~ Methods ========================================================================================================
 
     public static void main(String[] args) {
-        junit.textui.TestRunner.run(AcegiMessageSourceTests.class);
+        junit.textui.TestRunner.run(SpringSecurityMessageSourceTests.class);
     }
 
     public void testOperation() {
-        AcegiMessageSource msgs = new AcegiMessageSource();
+        SpringSecurityMessageSource msgs = new SpringSecurityMessageSource();
         assertEquals("Proxy tickets are rejected", msgs.getMessage("RejectProxyTickets.reject", null, Locale.ENGLISH));
     }
 
@@ -54,7 +54,7 @@ public class AcegiMessageSourceTests extends TestCase {
         LocaleContextHolder.setLocale(Locale.ENGLISH);
 
         // Cause a message to be generated
-        MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
+        MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
         assertEquals("Missing mandatory digest value; received header FOOBAR",
             messages.getMessage("DigestProcessingFilter.missingMandatory", new Object[] {"FOOBAR"},
                 "ERROR - FAILED TO LOOKUP"));

core/src/test/java/org/springframework/security/adapters/AuthByAdapterTests.java

@@ -59,7 +59,7 @@ public class AuthByAdapterTests extends TestCase {
         AuthByAdapterProvider provider = new AuthByAdapterProvider();
         provider.setKey("my_password");
 
-        PrincipalAcegiUserToken token = new PrincipalAcegiUserToken("my_password", "Test", "Password",
+        PrincipalSpringSecurityUserToken token = new PrincipalSpringSecurityUserToken("my_password", "Test", "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")},
                 null);
         assertTrue(provider.supports(token.getClass()));
@@ -75,7 +75,7 @@ public class AuthByAdapterTests extends TestCase {
             fail("Should have returned same type of object it was given");
         }
 
-        PrincipalAcegiUserToken castResponse = (PrincipalAcegiUserToken) response;
+        PrincipalSpringSecurityUserToken castResponse = (PrincipalSpringSecurityUserToken) response;
         assertEquals(token.getName(), castResponse.getName());
     }
 
@@ -120,8 +120,8 @@ public class AuthByAdapterTests extends TestCase {
         AuthByAdapterProvider provider = new AuthByAdapterProvider();
         provider.setKey("my_password");
 
-        // Should fail as PrincipalAcegiUserToken has different key
-        PrincipalAcegiUserToken token = new PrincipalAcegiUserToken("wrong_password", "Test", "Password", null, null);
+        // Should fail as PrincipalSpringSecurityUserToken has different key
+        PrincipalSpringSecurityUserToken token = new PrincipalSpringSecurityUserToken("wrong_password", "Test", "Password", null, null);
 
         try {
             provider.authenticate(token);

core/src/test/java/org/springframework/security/adapters/HttpRequestIntegrationFilterTests.java

@@ -58,7 +58,7 @@ public class HttpRequestIntegrationFilterTests extends TestCase {
 
     public void testCorrectOperation() throws Exception {
         HttpRequestIntegrationFilter filter = new HttpRequestIntegrationFilter();
-        PrincipalAcegiUserToken principal = new PrincipalAcegiUserToken("key", "someone", "password",
+        PrincipalSpringSecurityUserToken principal = new PrincipalSpringSecurityUserToken("key", "someone", "password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("SOME_ROLE")}, null);
 
         MockHttpServletRequest request = new MockHttpServletRequest();
@@ -69,12 +69,12 @@ public class HttpRequestIntegrationFilterTests extends TestCase {
 
         filter.doFilter(request, response, chain);
 
-        if (!(SecurityContextHolder.getContext().getAuthentication() instanceof PrincipalAcegiUserToken)) {
+        if (!(SecurityContextHolder.getContext().getAuthentication() instanceof PrincipalSpringSecurityUserToken)) {
             System.out.println(SecurityContextHolder.getContext().getAuthentication());
-            fail("Should have returned PrincipalAcegiUserToken");
+            fail("Should have returned PrincipalSpringSecurityUserToken");
         }
 
-        PrincipalAcegiUserToken castResult = (PrincipalAcegiUserToken) SecurityContextHolder.getContext()
+        PrincipalSpringSecurityUserToken castResult = (PrincipalSpringSecurityUserToken) SecurityContextHolder.getContext()
                                                                                             .getAuthentication();
         assertEquals(principal, castResult);
     }

core/src/test/java/org/springframework/security/adapters/PrincipalAcegiUserTokenTests.java → core/src/test/java/org/springframework/security/adapters/PrincipalSpringSecurityUserTokenTests.java

@@ -22,34 +22,25 @@ import org.springframework.security.GrantedAuthorityImpl;
 
 
 /**
- * Tests {@link PrincipalAcegiUserToken}.
+ * Tests {@link PrincipalSpringSecurityUserToken}.
  *
  * @author Ben Alex
  * @version $Id$
  */
-public class PrincipalAcegiUserTokenTests extends TestCase {
+public class PrincipalSpringSecurityUserTokenTests extends TestCase {
     //~ Constructors ===================================================================================================
 
-    public PrincipalAcegiUserTokenTests() {
-        super();
+    public PrincipalSpringSecurityUserTokenTests() {
     }
 
-    public PrincipalAcegiUserTokenTests(String arg0) {
+    public PrincipalSpringSecurityUserTokenTests(String arg0) {
         super(arg0);
     }
 
     //~ Methods ========================================================================================================
 
-    public static void main(String[] args) {
-        junit.textui.TestRunner.run(PrincipalAcegiUserTokenTests.class);
-    }
-
-    public final void setUp() throws Exception {
-        super.setUp();
-    }
-
     public void testGetters() throws Exception {
-        PrincipalAcegiUserToken token = new PrincipalAcegiUserToken("my_password", "Test", "Password",
+        PrincipalSpringSecurityUserToken token = new PrincipalSpringSecurityUserToken("my_password", "Test", "Password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")},
                 null);
         assertEquals("Test", token.getPrincipal());
@@ -59,7 +50,7 @@ public class PrincipalAcegiUserTokenTests extends TestCase {
     }
 
     public void testNoArgConstructorDoesntExist() {
-        Class clazz = PrincipalAcegiUserToken.class;
+        Class clazz = PrincipalSpringSecurityUserToken.class;
 
         try {
             clazz.getDeclaredConstructor((Class[]) null);

core/src/test/java/org/springframework/security/context/HttpSessionContextIntegrationFilterTests.java

@@ -22,7 +22,7 @@ import org.springframework.security.GrantedAuthority;
 import org.springframework.security.GrantedAuthorityImpl;
 import org.springframework.security.MockFilterConfig;
 
-import org.springframework.security.adapters.PrincipalAcegiUserToken;
+import org.springframework.security.adapters.PrincipalSpringSecurityUserToken;
 
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
@@ -104,7 +104,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
 
 	public void testExceptionWithinFilterChainStillClearsSecurityContextHolder() throws Exception {
 		// Build an Authentication object we simulate came from HttpSession
-		PrincipalAcegiUserToken sessionPrincipal = new PrincipalAcegiUserToken(
+		PrincipalSpringSecurityUserToken sessionPrincipal = new PrincipalSpringSecurityUserToken(
 				"key",
 				"someone",
 				"password",
@@ -149,7 +149,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
 	public void testExistingContextContentsCopiedIntoContextHolderFromSessionAndChangesToContextCopiedBackToSession()
 			throws Exception {
 		// Build an Authentication object we simulate came from HttpSession
-		PrincipalAcegiUserToken sessionPrincipal = new PrincipalAcegiUserToken(
+		PrincipalSpringSecurityUserToken sessionPrincipal = new PrincipalSpringSecurityUserToken(
 				"key",
 				"someone",
 				"password",
@@ -158,7 +158,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
 
 		// Build an Authentication object we simulate our Authentication changed
 		// it to
-		PrincipalAcegiUserToken updatedPrincipal = new PrincipalAcegiUserToken(
+		PrincipalSpringSecurityUserToken updatedPrincipal = new PrincipalSpringSecurityUserToken(
 				"key", "someone", "password",
 				new GrantedAuthority[] { new GrantedAuthorityImpl(
 						"SOME_DIFFERENT_ROLE") }, null);
@@ -194,7 +194,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
 
 	public void testHttpSessionCreatedWhenContextHolderChanges() throws Exception {
 		// Build an Authentication object we simulate our Authentication changed it to
-		PrincipalAcegiUserToken updatedPrincipal = new PrincipalAcegiUserToken(
+		PrincipalSpringSecurityUserToken updatedPrincipal = new PrincipalSpringSecurityUserToken(
 				"key", "someone", "password",
 				new GrantedAuthority[] { new GrantedAuthorityImpl(
 						"SOME_DIFFERENT_ROLE") }, null);
@@ -260,7 +260,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
 	public void testHttpSessionWithNonContextInWellKnownLocationIsOverwritten() throws Exception {
 		// Build an Authentication object we simulate our Authentication changed
 		// it to
-		PrincipalAcegiUserToken updatedPrincipal = new PrincipalAcegiUserToken(
+		PrincipalSpringSecurityUserToken updatedPrincipal = new PrincipalSpringSecurityUserToken(
 				"key", "someone", "password",
 				new GrantedAuthority[] { new GrantedAuthorityImpl(
 						"SOME_DIFFERENT_ROLE") }, null);
@@ -289,7 +289,7 @@ public class HttpSessionContextIntegrationFilterTests extends TestCase {
 	}
 
 	public void testConcurrentThreadsLazilyChangeFilterAppliedValueToTrue() throws Exception {
-		PrincipalAcegiUserToken sessionPrincipal = new PrincipalAcegiUserToken(
+		PrincipalSpringSecurityUserToken sessionPrincipal = new PrincipalSpringSecurityUserToken(
 				"key",
 				"someone",
 				"password",

core/src/test/java/org/springframework/security/ldap/DefaultInitialDirContextFactoryTests.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.ldap;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.BadCredentialsException;
 import org.springframework.ldap.UncategorizedLdapException;
 
@@ -43,7 +43,7 @@ public class DefaultInitialDirContextFactoryTests extends AbstractLdapIntegratio
     public void onSetUp() throws Exception {
         super.onSetUp();
         idf = getInitialDirContextFactory();
-        idf.setMessageSource(new AcegiMessageSource());
+        idf.setMessageSource(new SpringSecurityMessageSource());
     }
 
     @Test
@@ -57,15 +57,15 @@ public class DefaultInitialDirContextFactoryTests extends AbstractLdapIntegratio
 
     @Test
     public void testBaseDnIsParsedFromCorrectlyFromUrl() {
-        idf = new DefaultInitialDirContextFactory("ldap://acegisecurity.org/dc=springframework,dc=org");
+        idf = new DefaultInitialDirContextFactory("ldap://springsecurity.org/dc=springframework,dc=org");
         assertEquals("dc=springframework,dc=org", idf.getRootDn());
 
         // Check with an empty root
-        idf = new DefaultInitialDirContextFactory("ldap://acegisecurity.org/");
+        idf = new DefaultInitialDirContextFactory("ldap://springsecurity.org/");
         assertEquals("", idf.getRootDn());
 
         // Empty root without trailing slash
-        idf = new DefaultInitialDirContextFactory("ldap://acegisecurity.org");
+        idf = new DefaultInitialDirContextFactory("ldap://springsecurity.org");
         assertEquals("", idf.getRootDn());
     }
 
@@ -125,12 +125,12 @@ public class DefaultInitialDirContextFactoryTests extends AbstractLdapIntegratio
 
     @Test
     public void testEnvironment() {
-        idf = new DefaultInitialDirContextFactory("ldap://acegisecurity.org/");
+        idf = new DefaultInitialDirContextFactory("ldap://springsecurity.org/");
 
         // check basic env
         Hashtable env = idf.getEnvironment();
         //assertEquals("com.sun.jndi.ldap.LdapCtxFactory", env.get(Context.INITIAL_CONTEXT_FACTORY));
-        assertEquals("ldap://acegisecurity.org/", env.get(Context.PROVIDER_URL));
+        assertEquals("ldap://springsecurity.org/", env.get(Context.PROVIDER_URL));
         assertEquals("simple", env.get(Context.SECURITY_AUTHENTICATION));
         assertNull(env.get(Context.SECURITY_PRINCIPAL));
         assertNull(env.get(Context.SECURITY_CREDENTIALS));

core/src/test/java/org/springframework/security/ldap/LdapUtilsTests.java

@@ -60,14 +60,13 @@ public class LdapUtilsTests extends MockObjectTestCase {
             LdapUtils.getRelativeName("cn=jane,dc=springframework,dc=org", (Context) mockCtx.proxy()));
     }
 
-    public void testGetRelativeNameWorksWithArbitrarySpaces()
-        throws Exception {
+    public void testGetRelativeNameWorksWithArbitrarySpaces() throws Exception {
         Mock mockCtx = mock(DirContext.class);
 
-        mockCtx.expects(atLeastOnce()).method("getNameInNamespace").will(returnValue("dc=acegisecurity,dc = org"));
+        mockCtx.expects(atLeastOnce()).method("getNameInNamespace").will(returnValue("dc=springsecurity,dc = org"));
 
         assertEquals("cn=jane smith",
-            LdapUtils.getRelativeName("cn=jane smith, dc = acegisecurity , dc=org", (Context) mockCtx.proxy()));
+            LdapUtils.getRelativeName("cn=jane smith, dc = springsecurity , dc=org", (Context) mockCtx.proxy()));
     }
 
     public void testRootDnsAreParsedFromUrlsCorrectly() {

core/src/test/java/org/springframework/security/providers/ldap/authenticator/BindAuthenticatorTests.java

@@ -15,7 +15,7 @@
 
 package org.springframework.security.providers.ldap.authenticator;
 
-import org.springframework.security.AcegiMessageSource;
+import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.BadCredentialsException;
 import org.springframework.security.Authentication;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
@@ -48,7 +48,7 @@ public class BindAuthenticatorTests extends AbstractLdapIntegrationTests {
 
     public void onSetUp() {
         authenticator = new BindAuthenticator((InitialDirContextFactory) getContextSource());
-        authenticator.setMessageSource(new AcegiMessageSource());
+        authenticator.setMessageSource(new SpringSecurityMessageSource());
         bob = new UsernamePasswordAuthenticationToken("bob", "bobspassword");
         ben = new UsernamePasswordAuthenticationToken("ben", "benspassword");
 

core/src/test/java/org/springframework/security/ui/digestauth/DigestProcessingFilterTests.java

@@ -63,7 +63,7 @@ public class DigestProcessingFilterTests extends MockObjectTestCase {
     private static final String NC = "00000002";
     private static final String CNONCE = "c822c727a648aba7";
     private static final String REALM = "The Actual, Correct Realm Name";
-    private static final String KEY = "acegi";
+    private static final String KEY = "springsecurity";
     private static final String QOP = "auth";
     private static final String USERNAME = "marissa,ok";
     private static final String PASSWORD = "koala";

core/src/test/java/org/springframework/security/util/StringSplitUtilsTests.java

@@ -51,14 +51,14 @@ public class StringSplitUtilsTests extends TestCase {
 
     public void testSplitEachArrayElementAndCreateMapNormalOperation() {
         // note it ignores malformed entries (ie those without an equals sign)
-        String unsplit = "username=\"marissa\", invalidEntryThatHasNoEqualsSign, realm=\"Contacts Realm\", nonce=\"MTEwOTAyMzU1MTQ4NDo1YzY3OWViYWM5NDNmZWUwM2UwY2NmMDBiNDQzMTQ0OQ==\", uri=\"/acegi-security-sample-contacts-filter/secure/adminPermission.htm?contactId=4\", response=\"38644211cf9ac3da63ab639807e2baff\", qop=auth, nc=00000004, cnonce=\"2b8d329a8571b99a\"";
+        String unsplit = "username=\"marissa\", invalidEntryThatHasNoEqualsSign, realm=\"Contacts Realm\", nonce=\"MTEwOTAyMzU1MTQ4NDo1YzY3OWViYWM5NDNmZWUwM2UwY2NmMDBiNDQzMTQ0OQ==\", uri=\"/spring-security-sample-contacts-filter/secure/adminPermission.htm?contactId=4\", response=\"38644211cf9ac3da63ab639807e2baff\", qop=auth, nc=00000004, cnonce=\"2b8d329a8571b99a\"";
         String[] headerEntries = StringUtils.commaDelimitedListToStringArray(unsplit);
         Map headerMap = StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries, "=", "\"");
 
         assertEquals("marissa", headerMap.get("username"));
         assertEquals("Contacts Realm", headerMap.get("realm"));
         assertEquals("MTEwOTAyMzU1MTQ4NDo1YzY3OWViYWM5NDNmZWUwM2UwY2NmMDBiNDQzMTQ0OQ==", headerMap.get("nonce"));
-        assertEquals("/acegi-security-sample-contacts-filter/secure/adminPermission.htm?contactId=4",
+        assertEquals("/spring-security-sample-contacts-filter/secure/adminPermission.htm?contactId=4",
                 headerMap.get("uri"));
         assertEquals("38644211cf9ac3da63ab639807e2baff", headerMap.get("response"));
         assertEquals("auth", headerMap.get("qop"));
@@ -68,14 +68,14 @@ public class StringSplitUtilsTests extends TestCase {
     }
 
     public void testSplitEachArrayElementAndCreateMapRespectsInstructionNotToRemoveCharacters() {
-        String unsplit = "username=\"marissa\", realm=\"Contacts Realm\", nonce=\"MTEwOTAyMzU1MTQ4NDo1YzY3OWViYWM5NDNmZWUwM2UwY2NmMDBiNDQzMTQ0OQ==\", uri=\"/acegi-security-sample-contacts-filter/secure/adminPermission.htm?contactId=4\", response=\"38644211cf9ac3da63ab639807e2baff\", qop=auth, nc=00000004, cnonce=\"2b8d329a8571b99a\"";
+        String unsplit = "username=\"marissa\", realm=\"Contacts Realm\", nonce=\"MTEwOTAyMzU1MTQ4NDo1YzY3OWViYWM5NDNmZWUwM2UwY2NmMDBiNDQzMTQ0OQ==\", uri=\"/spring-security-sample-contacts-filter/secure/adminPermission.htm?contactId=4\", response=\"38644211cf9ac3da63ab639807e2baff\", qop=auth, nc=00000004, cnonce=\"2b8d329a8571b99a\"";
         String[] headerEntries = StringUtils.commaDelimitedListToStringArray(unsplit);
         Map headerMap = StringSplitUtils.splitEachArrayElementAndCreateMap(headerEntries, "=", null);
 
         assertEquals("\"marissa\"", headerMap.get("username"));
         assertEquals("\"Contacts Realm\"", headerMap.get("realm"));
         assertEquals("\"MTEwOTAyMzU1MTQ4NDo1YzY3OWViYWM5NDNmZWUwM2UwY2NmMDBiNDQzMTQ0OQ==\"", headerMap.get("nonce"));
-        assertEquals("\"/acegi-security-sample-contacts-filter/secure/adminPermission.htm?contactId=4\"",
+        assertEquals("\"/spring-security-sample-contacts-filter/secure/adminPermission.htm?contactId=4\"",
                 headerMap.get("uri"));
         assertEquals("\"38644211cf9ac3da63ab639807e2baff\"", headerMap.get("response"));
         assertEquals("auth", headerMap.get("qop"));

jalopy.xml

@@ -5,7 +5,7 @@
 <version>14</version>
 </compliance>
 <style>
-<description>Acegi Security System for Spring</description>
+<description>Spring Security</description>
 <name>acegisecurity</name>
 </style>
 </general>

lib/clover/license.txt

@@ -1,4 +1,4 @@
-Cenque has supported the Acegi Security System for Spring project with a free
+Cenque has supported Spring Security project with a free
 Team Edition license of Clover.
 
 We thank Cenqua for their support.

notice.txt

@@ -1,19 +1,18 @@
    ======================================================================
    == NOTICE file corresponding to section 4(d) of the Apache License, ==
-   == Version 2.0, in this case for the Acegi Security System for      ==
-   == Spring distribution.                                             ==
+   == Version 2.0, in this case for the Spring Security distribution.  ==
    ======================================================================
 
    The end-user documentation included with a redistribution, if any,
    must include the following acknowledgement:
 
-     "This product includes software developed by the Acegi Security
-      System for Spring Project (http://acegisecurity.org)."
+     "This product includes software developed by Spring Security
+      Project (http://acegisecurity.org)."
 
    Alternately, this acknowledgement may appear in the software itself,
    if and wherever such third-party acknowledgements normally appear.
 
-   The names "Acegi", "Acegi Security System" and "Acegi Security System
-   for Spring" must not be used to endorse or promote products derived
+   The names "Spring", "Spring Security" and "Spring Security System" 
+   must not be used to endorse or promote products derived
    from this software without prior written permission. For written
    permission, please contact ben.alex@acegi.com.au.

ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java

@@ -54,7 +54,7 @@ import org.springframework.beans.factory.InitializingBean;
 import org.springframework.util.Assert;
 
 /**
- * A clean-room implementation for Acegi Security System of an NTLM HTTP filter
+ * A clean-room implementation for Spring Security of an NTLM HTTP filter
  * leveraging the JCIFS library.
  * <p>
  * NTLM is a Microsoft-developed protocol providing single sign-on capabilities
@@ -64,13 +64,13 @@ import org.springframework.util.Assert;
  * A web application can then reuse the user's Windows credentials without
  * having to ask for them again.
  * <p>
- * Because NTLM only provides the username of the Windows client, an Acegi
+ * Because NTLM only provides the username of the Windows client, a Spring
  * Security NTLM deployment must have a <code>UserDetailsService</code> that
  * provides a <code>UserDetails</code> object with the empty string as the
  * password and whatever <code>GrantedAuthority</code> values necessary to
  * pass the <code>FilterSecurityInterceptor</code>.
  * <p>
- * The Acegi Security bean configuration file must also place the
+ * The Spring Security bean configuration file must also place the
  * <code>ExceptionTranslationFilter</code> before this filter in the
  * <code>FilterChainProxy</code> definition.
  *
@@ -83,7 +83,7 @@ public class NtlmProcessingFilter extends HttpFilter implements InitializingBean
 
 	private static Log	logger = LogFactory.getLog(NtlmProcessingFilter.class);
 
-	private static final String	STATE_ATTR = "AcegiNtlm";
+	private static final String	STATE_ATTR = "SpringSecurityNtlm";
 	private static final String	CHALLENGE_ATTR = "NtlmChal";
 	private static final Integer BEGIN = new Integer(0);
 	private static final Integer NEGOTIATE = new Integer(1);
@@ -328,7 +328,7 @@ public class NtlmProcessingFilter extends HttpFilter implements InitializingBean
 				this.logon(session, dcAddress, auth);
 				session.setAttribute(STATE_ATTR, COMPLETE);
 
-				// Do not reauthenticate the user in Acegi during an IE POST
+				// Do not reauthenticate the user in Spring Security during an IE POST
 				final Authentication myCurrentAuth = SecurityContextHolder.getContext().getAuthentication();
 				if (myCurrentAuth == null || myCurrentAuth instanceof AnonymousAuthenticationToken) {
 					logger.debug("Authenticating user credentials");
@@ -408,7 +408,7 @@ public class NtlmProcessingFilter extends HttpFilter implements InitializingBean
 	}
 
 	/**
-	 * Authenticates the user credentials acquired from NTLM against the Acegi
+	 * Authenticates the user credentials acquired from NTLM against the Spring
 	 * Security <code>AuthenticationManager</code>.
 	 *
 	 * @param request the <code>HttpServletRequest</code> object.

ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmUsernamePasswordAuthenticationToken.java

@@ -31,7 +31,7 @@ public class NtlmUsernamePasswordAuthenticationToken extends UsernamePasswordAut
 	private static final long serialVersionUID = 1L;
 	
 	/**
-	 * ACEGI often checks password ; but we do not have one. This is the replacement password 
+	 * Spring Security often checks password ; but we do not have one. This is the replacement password 
 	 */
 	public static final String DEFAULT_PASSWORD = "";
 

ntlm/web.xml

@@ -1,10 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
-	<display-name>Acegi NTLM</display-name>
+	<display-name>Spring Security NTLM</display-name>
 
 <!-- 1. Setup two parameters:          -->
-<!--    a) Acegi's configuration file  -->
-<!--    b) Loggin configuration file   -->
+<!--    a) Spring Security's configuration file  -->
+<!--    b) Logging configuration file   -->
 	<context-param>
 		<param-name>contextConfigLocation</param-name>
 		<param-value>/WEB-INF/applicationContext.xml</param-value>
@@ -15,9 +15,9 @@
 		<param-value>/WEB-INF/log4j.properties</param-value>
 	</context-param>
 
-<!-- 2. Setup the Acegi Filter Chain Proxy -->
+<!-- 2. Setup the Spring Security Filter Chain Proxy -->
 	<filter>
-		<filter-name>Acegi Filter Chain Proxy</filter-name>
+		<filter-name>Spring Security Filter Chain Proxy</filter-name>
 		<filter-class>org.springframework.security.util.FilterToBeanProxy</filter-class>
 		<init-param>
 			<param-name>targetClass</param-name>
@@ -26,7 +26,7 @@
 	</filter>
 
 	<filter-mapping>
-		<filter-name>Acegi Filter Chain Proxy</filter-name>
+		<filter-name>Spring Security Filter Chain Proxy</filter-name>
 		<url-pattern>/**</url-pattern>
 	</filter-mapping>
 
@@ -41,7 +41,7 @@
 		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
 	</listener>
 
-<!--    c) Setup ACEGI to subscribe to http session events in the web context -->
+<!--    c) Setup Spring Security to subscribe to http session events in the web context -->
 	<listener>
 		<listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>
 	</listener>

readme.txt

@@ -1,12 +1,12 @@
 ===============================================================================
-              ACEGI SECURITY SYSTEM FOR SPRING - README FILE
+                    SPRING SECURITY - README FILE
 ===============================================================================
 
 -------------------------------------------------------------------------------
 OVERVIEW
 -------------------------------------------------------------------------------
 
-The Acegi Security System for Spring provides security services for 
+Spring Security provides security services for
 The Spring Framework (http://www.springframework.org).
 
 For a detailed list of features and access to the latest release, please visit
@@ -22,7 +22,7 @@ JAR files are no longer signed. They were signed in releases 1.0.0 and earlier.
 BUILDING
 -------------------------------------------------------------------------------
 
-Acegi Security is built using Maven. Please read the "Building with Maven" page
+Spring Security is built using Maven. Please read the "Building" page
 at http://acegisecurity.org. This page is also included in the /docs directory
 of official release ZIPs.
 
@@ -38,7 +38,7 @@ ZIPs.
 DOCUMENTATION
 -------------------------------------------------------------------------------
 
-http://acegisecurity.org has a wide range of articles about Acegi Security,
+http://acegisecurity.org has a wide range of articles about Spring Security,
 including links to external resources. A copy of this web site is included in
 the /docs directory of official release ZIPs.
 
@@ -50,12 +50,12 @@ The core JavaDocs can be found in /docs/multiproject/acegi-security/apidocs/.
 OBTAINING SUPPORT
 -------------------------------------------------------------------------------
 
-If you need any help, please use the Acegi Security System for Spring forum
+If you need any help, please use the Spring Security forum
 located at the Spring Community's forum site: 
 
   http://forum.springframework.org
 
-If you start using Acegi Security in your project, please consider joining
+If you start using Spring Security in your project, please consider joining
 the acegisecurity-developer mailing list. This is currently the best way to
 keep informed about the project's status and provide feedback in design 
 discussions. You can join at:

samples/contacts/client/client.properties

@@ -5,5 +5,5 @@
 
 serverName=localhost
 httpPort=8080
-contextPath=/acegi-security-sample-contacts-filter
+contextPath=/spring-security-sample-contacts-filter
 rmiPort=1099

samples/contacts/src/main/webapp/WEB-INF/web.xml

@@ -46,7 +46,7 @@
 
 
    <filter>
-        <filter-name>Acegi Filter Chain Proxy</filter-name>
+        <filter-name>Spring Security Filter Chain Proxy</filter-name>
         <filter-class>org.springframework.security.util.FilterToBeanProxy</filter-class>
         <init-param>
             <param-name>targetClass</param-name>
@@ -55,7 +55,7 @@
    </filter>
 
     <filter-mapping>
-      <filter-name>Acegi Filter Chain Proxy</filter-name>
+      <filter-name>Spring Security Filter Chain Proxy</filter-name>
       <url-pattern>/*</url-pattern>
     </filter-mapping>
 

samples/contacts/src/site/resources/sslhowto.txt

@@ -9,7 +9,7 @@ might find the troubleshooting section at the end helpful).
 
 The following demonstrates how to create a self-signed certificate and add
 it to the cacerts file. If you just want to use the certificate we have
-already created and shipped with the Acegi Security System for Spring, you
+already created and shipped with Spring Security, you
 can skip directly to step 3.
 
 
@@ -18,7 +18,7 @@ can skip directly to step 3.
 What is your first and last name?
   [Unknown]:  localhost
 What is the name of your organizational unit?
-  [Unknown]:  Acegi Security System for Spring
+  [Unknown]:  Spring Security
 What is the name of your organization?
   [Unknown]:  TEST CERTIFICATE ONLY. DO NOT USE IN PRODUCTION.
 What is the name of your City or Locality?
@@ -27,7 +27,7 @@ What is the name of your State or Province?
   [Unknown]:
 What is the two-letter country code for this unit?
   [Unknown]:
-Is CN=localhost, OU=Acegi Security System for Spring, O=TEST CERTIFICATE ONLY. D
+Is CN=localhost, OU=Spring Security, O=TEST CERTIFICATE ONLY. D
 O NOT USE IN PRODUCTION., L=Unknown, ST=Unknown, C=Unknown correct?
   [no]:  yes
 
@@ -47,9 +47,9 @@ O NOT USE IN PRODUCTION., L=Unknown, ST=Unknown, C=Unknown correct?
 
 6. keytool -import -v -file acegisecurity.txt -keypass password -keystore cacerts -storepass changeit -alias acegisecurity
 
-Owner: CN=localhost, OU=Acegi Security System for Spring, O=TEST CERTIFICATE ONL
+Owner: CN=localhost, OU=Spring Security, O=TEST CERTIFICATE ONL
 Y. DO NOT USE IN PRODUCTION., L=Unknown, ST=Unknown, C=Unknown
-Issuer: CN=localhost, OU=Acegi Security System for Spring, O=TEST CERTIFICATE ON
+Issuer: CN=localhost, OU=Spring Security, O=TEST CERTIFICATE ON
 LY. DO NOT USE IN PRODUCTION., L=Unknown, ST=Unknown, C=Unknown
 Serial number: 4080daf4
 Valid from: Sat Apr 17 07:21:24 GMT 2004 until: Tue Sep 02 07:21:24 GMT 2031

samples/tutorial/src/main/webapp/WEB-INF/web.xml

@@ -25,7 +25,7 @@
 	</context-param>
 
     <filter>
-        <filter-name>Acegi Filter Chain Proxy</filter-name>
+        <filter-name>Spring Security Filter Chain Proxy</filter-name>
         <filter-class>org.springframework.security.util.FilterToBeanProxy</filter-class>
         <init-param>
             <param-name>targetClass</param-name>
@@ -34,7 +34,7 @@
     </filter>
 
     <filter-mapping>
-      <filter-name>Acegi Filter Chain Proxy</filter-name>
+      <filter-name>Spring Security Filter Chain Proxy</filter-name>
       <url-pattern>/*</url-pattern>
     </filter-mapping>
 

sandbox/spring-security-config/src/main/java/org/springframework/security/util/package.html

@@ -1,5 +0,0 @@
-<html>
-<body>
-General utility classes used throughout the Acegi Security System.
-</body>
-</html>

src-readme.txt

@@ -1,12 +1,12 @@
 ===============================================================================
-              ACEGI SECURITY SYSTEM FOR SPRING - README FILE
+              SPRING SECURITY - README FILE
 ===============================================================================
 
 -------------------------------------------------------------------------------
 OVERVIEW
 -------------------------------------------------------------------------------
 
-The Acegi Security System for Spring provides security services for 
+Spring Security System provides security services for
 The Spring Framework (http://www.springframework.org).
 
 For a detailed list of features and access to the latest release, please visit
@@ -16,10 +16,10 @@ http://acegisecurity.org.
 SOURCE RELEASES
 -------------------------------------------------------------------------------
 
-If you have downloaded an acegi-security-xx-src.zip, you will NOT be able to
+If you have downloaded a spring-security-xx-src.zip, you will NOT be able to
 compile the project. The -src releases are intended for source code review
-and IDE integration only. If you wish to use Acegi Security, you must download
-the full release or compile it from CVS. See the "Building with Maven" page
+and IDE integration only. If you wish to use Spring Security, you must download
+the full release or compile it from CVS. See the "Building" page
 at http://acegisecurity.org for further details. There is also a "Download"
 link if you would prefer to download an already compiled release.
 
@@ -27,12 +27,12 @@ link if you would prefer to download an already compiled release.
 OBTAINING SUPPORT
 -------------------------------------------------------------------------------
 
-If you need any help, please use the Acegi Security System for Spring forum
-located at the Spring Community's forum site: 
+If you need any help, please use the Spring Security forum located at the
+Spring Community's forum site:
 
   http://forum.springframework.org
 
-If you start using Acegi Security in your project, please consider joining
+If you start using Spring Security in your project, please consider joining
 the acegisecurity-developer mailing list. This is currently the best way to
 keep informed about the project's status and provide feedback in design 
 discussions. You can join at: