16 năm trước cách đây · bec84f874a
--- a/cas/src/main/java/org/springframework/security/ui/cas/CasProcessingFilter.java
+++ b/cas/src/main/java/org/springframework/security/ui/cas/CasProcessingFilter.java
@@ -25,8 +25,8 @@ import org.springframework.security.AuthenticationException;
 
				 
			
 
				 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
			
 
				 
			
 
				-import org.springframework.security.ui.AbstractProcessingFilter;
			
 
				-import org.springframework.security.ui.FilterChainOrder;
			
 
				+import org.springframework.security.web.FilterChainOrder;
			
 
				+import org.springframework.security.web.authentication.AbstractProcessingFilter;
			
 
				 
			
 
				 import javax.servlet.http.HttpServletRequest;
			
 
				 import javax.servlet.http.HttpServletResponse;
			
--- a/cas/src/main/java/org/springframework/security/ui/cas/CasProcessingFilterEntryPoint.java
+++ b/cas/src/main/java/org/springframework/security/ui/cas/CasProcessingFilterEntryPoint.java
@@ -23,7 +23,7 @@ import javax.servlet.http.HttpServletResponse;
 
				 
			
 
				 import org.jasig.cas.client.util.CommonUtils;
			
 
				 import org.springframework.security.AuthenticationException;
			
 
				-import org.springframework.security.ui.AuthenticationEntryPoint;
			
 
				+import org.springframework.security.web.AuthenticationEntryPoint;
			
 
				 import org.springframework.beans.factory.InitializingBean;
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
--- a/config/pom.xml
+++ b/config/pom.xml
@@ -22,22 +22,28 @@
 
				         </dependency>
			
 
				         <dependency>
			
 
				             <groupId>org.springframework.security</groupId>
			
 
				-            <artifactId>spring-security-web</artifactId>
			
 
				+            <artifactId>spring-security-core</artifactId>
			
 
				             <version>${project.version}</version>
			
 
				             <classifier>tests</classifier>
			
 
				             <scope>test</scope>
			
 
				         </dependency>
			
 
				         <dependency>
			
 
				-            <groupId>commons-logging</groupId>
			
 
				-            <artifactId>commons-logging</artifactId>
			
 
				+            <groupId>org.springframework.security</groupId>
			
 
				+            <artifactId>spring-security-web</artifactId>
			
 
				+            <version>${project.version}</version>
			
 
				+            <classifier>tests</classifier>
			
 
				+            <scope>test</scope>
			
 
				         </dependency>
			
 
				         <dependency>
			
 
				             <groupId>org.springframework.security</groupId>
			
 
				-            <artifactId>spring-security-core</artifactId>
			
 
				+            <artifactId>spring-security-openid</artifactId>
			
 
				             <version>${project.version}</version>
			
 
				-            <classifier>tests</classifier>
			
 
				             <scope>test</scope>
			
 
				         </dependency>
			
 
				+        <dependency>
			
 
				+            <groupId>commons-logging</groupId>
			
 
				+            <artifactId>commons-logging</artifactId>
			
 
				+        </dependency>
			
 
				         <dependency>
			
 
				             <groupId>org.springframework.security</groupId>
			
 
				             <artifactId>spring-security-ldap</artifactId>
			
--- a/config/src/main/java/org/springframework/security/config/AnonymousBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/AnonymousBeanDefinitionParser.java
@@ -8,8 +8,8 @@ import org.springframework.beans.factory.parsing.BeanComponentDefinition;
 
				 import org.springframework.beans.factory.support.RootBeanDefinition;
			
 
				 import org.springframework.beans.factory.xml.BeanDefinitionParser;
			
 
				 import org.springframework.beans.factory.xml.ParserContext;
			
 
				-import org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider;
			
 
				-import org.springframework.security.ui.anonymous.AnonymousProcessingFilter;
			
 
				+import org.springframework.security.providers.AnonymousAuthenticationProvider;
			
 
				+import org.springframework.security.web.authentication.AnonymousProcessingFilter;
			
 
				 import org.springframework.util.StringUtils;
			
 
				 import org.w3c.dom.Element;
			
 
				 
			
--- a/config/src/main/java/org/springframework/security/config/BasicAuthenticationBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/BasicAuthenticationBeanDefinitionParser.java
@@ -7,8 +7,8 @@ import org.springframework.beans.factory.support.BeanDefinitionBuilder;
 
				 import org.springframework.beans.factory.support.RootBeanDefinition;
			
 
				 import org.springframework.beans.factory.xml.BeanDefinitionParser;
			
 
				 import org.springframework.beans.factory.xml.ParserContext;
			
 
				-import org.springframework.security.ui.basicauth.BasicProcessingFilter;
			
 
				-import org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint;
			
 
				+import org.springframework.security.web.authentication.www.BasicProcessingFilter;
			
 
				+import org.springframework.security.web.authentication.www.BasicProcessingFilterEntryPoint;
			
 
				 import org.w3c.dom.Element;
			
 
				 
			
 
				 /**
			
--- a/config/src/main/java/org/springframework/security/config/CachingUserDetailsService.java
+++ b/config/src/main/java/org/springframework/security/config/CachingUserDetailsService.java
@@ -1,9 +1,9 @@
 
				 package org.springframework.security.config;
			
 
				 
			
 
				-import org.springframework.security.providers.dao.UserCache;
			
 
				-import org.springframework.security.providers.dao.cache.NullUserCache;
			
 
				+import org.springframework.security.userdetails.UserCache;
			
 
				 import org.springframework.security.userdetails.UserDetailsService;
			
 
				 import org.springframework.security.userdetails.UserDetails;
			
 
				+import org.springframework.security.userdetails.cache.NullUserCache;
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
 
				 /**
			
--- a/config/src/main/java/org/springframework/security/config/ConcurrentSessionsBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/ConcurrentSessionsBeanDefinitionParser.java
@@ -10,9 +10,9 @@ import org.springframework.beans.factory.support.RootBeanDefinition;
 
				 import org.springframework.beans.factory.xml.BeanDefinitionParser;
			
 
				 import org.springframework.beans.factory.xml.ParserContext;
			
 
				 import org.springframework.security.concurrent.ConcurrentSessionControllerImpl;
			
 
				-import org.springframework.security.concurrent.ConcurrentSessionFilter;
			
 
				-import org.springframework.security.concurrent.SessionRegistryImpl;
			
 
				 import org.springframework.security.providers.ProviderManager;
			
 
				+import org.springframework.security.web.concurrent.ConcurrentSessionFilter;
			
 
				+import org.springframework.security.web.concurrent.SessionRegistryImpl;
			
 
				 import org.springframework.util.StringUtils;
			
 
				 import org.w3c.dom.Element;
			
 
				 
			
--- a/config/src/main/java/org/springframework/security/config/EntryPointInjectionBeanPostProcessor.java
+++ b/config/src/main/java/org/springframework/security/config/EntryPointInjectionBeanPostProcessor.java
@@ -9,8 +9,8 @@ import org.springframework.beans.factory.BeanFactory;
 
				 import org.springframework.beans.factory.BeanFactoryAware;
			
 
				 import org.springframework.beans.factory.config.BeanPostProcessor;
			
 
				 import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
			
 
				-import org.springframework.security.ui.AuthenticationEntryPoint;
			
 
				-import org.springframework.security.ui.ExceptionTranslationFilter;
			
 
				+import org.springframework.security.web.AuthenticationEntryPoint;
			
 
				+import org.springframework.security.web.ExceptionTranslationFilter;
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
 
				 /**
			
--- a/config/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java
+++ b/config/src/main/java/org/springframework/security/config/FilterChainProxyPostProcessor.java
@@ -18,19 +18,19 @@ import org.springframework.core.OrderComparator;
 
				 import org.springframework.core.Ordered;
			
 
				 import org.springframework.security.ConfigAttribute;
			
 
				 import org.springframework.security.config.ConfigUtils.FilterChainList;
			
 
				-import org.springframework.security.context.web.SecurityContextPersistenceFilter;
			
 
				-import org.springframework.security.intercept.web.DefaultFilterInvocationSecurityMetadataSource;
			
 
				-import org.springframework.security.intercept.web.FilterSecurityInterceptor;
			
 
				-import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
			
 
				-import org.springframework.security.ui.ExceptionTranslationFilter;
			
 
				-import org.springframework.security.ui.SessionFixationProtectionFilter;
			
 
				-import org.springframework.security.ui.anonymous.AnonymousProcessingFilter;
			
 
				-import org.springframework.security.ui.basicauth.BasicProcessingFilter;
			
 
				-import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
			
 
				-import org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint;
			
 
				-import org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter;
			
 
				-import org.springframework.security.web.util.FilterChainProxy;
			
 
				-import org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter;
			
 
				+import org.springframework.security.providers.AnonymousAuthenticationToken;
			
 
				+import org.springframework.security.web.ExceptionTranslationFilter;
			
 
				+import org.springframework.security.web.FilterChainProxy;
			
 
				+import org.springframework.security.web.SessionFixationProtectionFilter;
			
 
				+import org.springframework.security.web.authentication.AnonymousProcessingFilter;
			
 
				+import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
			
 
				+import org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint;
			
 
				+import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter;
			
 
				+import org.springframework.security.web.authentication.www.BasicProcessingFilter;
			
 
				+import org.springframework.security.web.context.SecurityContextPersistenceFilter;
			
 
				+import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource;
			
 
				+import org.springframework.security.web.intercept.FilterSecurityInterceptor;
			
 
				+import org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter;
			
 
				 
			
 
				 /**
			
 
				  *
			
--- a/config/src/main/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParser.java
@@ -7,10 +7,10 @@ import org.springframework.beans.factory.support.BeanDefinitionBuilder;
 
				 import org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser;
			
 
				 import org.springframework.beans.factory.xml.ParserContext;
			
 
				 import org.springframework.security.ConfigAttribute;
			
 
				-import org.springframework.security.intercept.web.FilterInvocationSecurityMetadataSource;
			
 
				-import org.springframework.security.intercept.web.RequestKey;
			
 
				 import org.springframework.security.util.AntUrlPathMatcher;
			
 
				 import org.springframework.security.util.UrlMatcher;
			
 
				+import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource;
			
 
				+import org.springframework.security.web.intercept.RequestKey;
			
 
				 import org.springframework.util.StringUtils;
			
 
				 import org.springframework.util.xml.DomUtils;
			
 
				 import org.w3c.dom.Element;
			
@@ -24,7 +24,7 @@ import org.w3c.dom.Element;
 
				 public class FilterInvocationSecurityMetadataSourceBeanDefinitionParser extends AbstractSingleBeanDefinitionParser {
			
 
				 
			
 
				     protected String getBeanClassName(Element element) {
			
 
				-        return "org.springframework.security.intercept.web.DefaultFilterInvocationSecurityMetadataSource";
			
 
				+        return "org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource";
			
 
				     }
			
 
				 
			
 
				     protected void doParse(Element element, ParserContext parserContext, BeanDefinitionBuilder builder) {
			
--- a/config/src/main/java/org/springframework/security/config/FormLoginBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/FormLoginBeanDefinitionParser.java
@@ -7,10 +7,10 @@ import org.springframework.beans.factory.support.BeanDefinitionBuilder;
 
				 import org.springframework.beans.factory.support.RootBeanDefinition;
			
 
				 import org.springframework.beans.factory.xml.BeanDefinitionParser;
			
 
				 import org.springframework.beans.factory.xml.ParserContext;
			
 
				-import org.springframework.security.ui.SavedRequestAwareAuthenticationSuccessHandler;
			
 
				-import org.springframework.security.ui.SimpleUrlAuthenticationFailureHandler;
			
 
				-import org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint;
			
 
				-import org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter;
			
 
				+import org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint;
			
 
				+import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter;
			
 
				+import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
			
 
				+import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
			
 
				 import org.springframework.util.StringUtils;
			
 
				 
			
 
				 import org.w3c.dom.Element;
			
--- a/config/src/main/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParser.java
@@ -45,10 +45,10 @@ class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionParser {
 
				 
			
 
				     private final Log logger = LogFactory.getLog(getClass());
			
 
				 
			
 
				-    private static final String SECURED_METHOD_DEFINITION_SOURCE_CLASS = "org.springframework.security.annotation.SecuredMethodSecurityMetadataSource";
			
 
				-    private static final String EXPRESSION_METHOD_DEFINITION_SOURCE_CLASS = "org.springframework.security.expression.method.ExpressionAnnotationMethodSecurityMetadataSource";
			
 
				-    private static final String JSR_250_SECURITY_METHOD_DEFINITION_SOURCE_CLASS = "org.springframework.security.annotation.Jsr250MethodSecurityMetadataSource";
			
 
				-    private static final String JSR_250_VOTER_CLASS = "org.springframework.security.annotation.Jsr250Voter";
			
 
				+    static final String SECURED_METHOD_DEFINITION_SOURCE_CLASS = "org.springframework.security.annotation.SecuredMethodSecurityMetadataSource";
			
 
				+    static final String EXPRESSION_METHOD_DEFINITION_SOURCE_CLASS = "org.springframework.security.expression.method.ExpressionAnnotationMethodSecurityMetadataSource";
			
 
				+    static final String JSR_250_SECURITY_METHOD_DEFINITION_SOURCE_CLASS = "org.springframework.security.annotation.Jsr250MethodSecurityMetadataSource";
			
 
				+    static final String JSR_250_VOTER_CLASS = "org.springframework.security.annotation.Jsr250Voter";
			
 
				 
			
 
				     /*
			
 
				      * Internal Bean IDs which are only used within this class
			
--- a/config/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java
@@ -19,30 +19,30 @@ import org.springframework.beans.factory.xml.ParserContext;
 
				 import org.springframework.security.ConfigAttribute;
			
 
				 import org.springframework.security.ConfigAttributeEditor;
			
 
				 import org.springframework.security.SecurityConfig;
			
 
				-import org.springframework.security.context.web.HttpSessionSecurityContextRepository;
			
 
				-import org.springframework.security.context.web.SecurityContextPersistenceFilter;
			
 
				-import org.springframework.security.expression.web.WebExpressionVoter;
			
 
				-import org.springframework.security.intercept.web.DefaultFilterInvocationSecurityMetadataSource;
			
 
				-import org.springframework.security.intercept.web.FilterSecurityInterceptor;
			
 
				-import org.springframework.security.intercept.web.RequestKey;
			
 
				-import org.springframework.security.securechannel.ChannelDecisionManagerImpl;
			
 
				-import org.springframework.security.securechannel.ChannelProcessingFilter;
			
 
				-import org.springframework.security.securechannel.InsecureChannelProcessor;
			
 
				-import org.springframework.security.securechannel.RetryWithHttpEntryPoint;
			
 
				-import org.springframework.security.securechannel.RetryWithHttpsEntryPoint;
			
 
				-import org.springframework.security.securechannel.SecureChannelProcessor;
			
 
				-import org.springframework.security.ui.AccessDeniedHandlerImpl;
			
 
				-import org.springframework.security.ui.ExceptionTranslationFilter;
			
 
				-import org.springframework.security.ui.SessionFixationProtectionFilter;
			
 
				-import org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter;
			
 
				 import org.springframework.security.util.AntUrlPathMatcher;
			
 
				 import org.springframework.security.util.RegexUrlPathMatcher;
			
 
				 import org.springframework.security.util.UrlMatcher;
			
 
				 import org.springframework.security.vote.AccessDecisionVoter;
			
 
				 import org.springframework.security.vote.AuthenticatedVoter;
			
 
				 import org.springframework.security.vote.RoleVoter;
			
 
				-import org.springframework.security.web.util.FilterChainProxy;
			
 
				-import org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter;
			
 
				+import org.springframework.security.web.AccessDeniedHandlerImpl;
			
 
				+import org.springframework.security.web.ExceptionTranslationFilter;
			
 
				+import org.springframework.security.web.FilterChainProxy;
			
 
				+import org.springframework.security.web.SessionFixationProtectionFilter;
			
 
				+import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter;
			
 
				+import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
			
 
				+import org.springframework.security.web.context.SecurityContextPersistenceFilter;
			
 
				+import org.springframework.security.web.expression.WebExpressionVoter;
			
 
				+import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource;
			
 
				+import org.springframework.security.web.intercept.FilterSecurityInterceptor;
			
 
				+import org.springframework.security.web.intercept.RequestKey;
			
 
				+import org.springframework.security.web.securechannel.ChannelDecisionManagerImpl;
			
 
				+import org.springframework.security.web.securechannel.ChannelProcessingFilter;
			
 
				+import org.springframework.security.web.securechannel.InsecureChannelProcessor;
			
 
				+import org.springframework.security.web.securechannel.RetryWithHttpEntryPoint;
			
 
				+import org.springframework.security.web.securechannel.RetryWithHttpsEntryPoint;
			
 
				+import org.springframework.security.web.securechannel.SecureChannelProcessor;
			
 
				+import org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter;
			
 
				 import org.springframework.util.StringUtils;
			
 
				 import org.springframework.util.xml.DomUtils;
			
 
				 import org.w3c.dom.Element;
			
@@ -106,8 +106,12 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
 
				 
			
 
				     private static final String ATT_DISABLE_URL_REWRITING = "disable-url-rewriting";
			
 
				 
			
 
				-    private static final String EXPRESSION_FIDS_CLASS = "org.springframework.security.expression.web.ExpressionBasedFilterInvocationSecurityMetadataSource";
			
 
				-    private static final String EXPRESSION_HANDLER_CLASS = "org.springframework.security.expression.web.support.DefaultWebSecurityExpressionHandler";
			
 
				+    static final String OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS = "org.springframework.security.openid.OpenIDAuthenticationProcessingFilter";
			
 
				+    static final String OPEN_ID_AUTHENTICATION_PROVIDER_CLASS = "org.springframework.security.openid.OpenIDAuthenticationProvider";
			
 
				+    static final String AUTHENTICATION_PROCESSING_FILTER_CLASS = "org.springframework.security.web.authentication.AuthenticationProcessingFilter";
			
 
				+
			
 
				+    static final String EXPRESSION_FIMDS_CLASS = "org.springframework.security.web.expression.ExpressionBasedFilterInvocationSecurityMetadataSource";
			
 
				+    static final String EXPRESSION_HANDLER_CLASS = "org.springframework.security.web.expression.DefaultWebSecurityExpressionHandler";
			
 
				     private static final String EXPRESSION_HANDLER_ID = "_webExpressionHandler";
			
 
				 
			
 
				     @SuppressWarnings("unchecked")
			
@@ -166,7 +170,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
 
				                 expressionHandlerRef = EXPRESSION_HANDLER_ID;
			
 
				             }
			
 
				 
			
 
				-            fidsBuilder = BeanDefinitionBuilder.rootBeanDefinition(EXPRESSION_FIDS_CLASS);
			
 
				+            fidsBuilder = BeanDefinitionBuilder.rootBeanDefinition(EXPRESSION_FIMDS_CLASS);
			
 
				             fidsBuilder.addConstructorArgValue(matcher);
			
 
				             fidsBuilder.addConstructorArgValue(requestToAttributesMap);
			
 
				             fidsBuilder.addConstructorArgReference(expressionHandlerRef);
			
@@ -437,7 +441,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
 
				 
			
 
				         if (formLoginElt != null || autoConfig) {
			
 
				             FormLoginBeanDefinitionParser parser = new FormLoginBeanDefinitionParser("/j_spring_security_check",
			
 
				-                    "org.springframework.security.ui.webapp.AuthenticationProcessingFilter");
			
 
				+                    AUTHENTICATION_PROCESSING_FILTER_CLASS);
			
 
				 
			
 
				             parser.parse(formLoginElt, pc);
			
 
				             formLoginFilter = parser.getFilterBean();
			
@@ -449,7 +453,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
 
				 
			
 
				         if (openIDLoginElt != null) {
			
 
				             FormLoginBeanDefinitionParser parser = new FormLoginBeanDefinitionParser("/j_spring_openid_security_check",
			
 
				-                    "org.springframework.security.ui.openid.OpenIDAuthenticationProcessingFilter");
			
 
				+                    OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS);
			
 
				 
			
 
				             parser.parse(openIDLoginElt, pc);
			
 
				             openIDFilter = parser.getFilterBean();
			
@@ -457,7 +461,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
 
				             openIDLoginPage = parser.getLoginPage();
			
 
				 
			
 
				             BeanDefinitionBuilder openIDProviderBuilder =
			
 
				-                BeanDefinitionBuilder.rootBeanDefinition("org.springframework.security.providers.openid.OpenIDAuthenticationProvider");
			
 
				+                BeanDefinitionBuilder.rootBeanDefinition(OPEN_ID_AUTHENTICATION_PROVIDER_CLASS);
			
 
				 
			
 
				             String userService = openIDLoginElt.getAttribute(ATT_USER_SERVICE_REF);
			
 
				 
			
--- a/config/src/main/java/org/springframework/security/config/LogoutBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/LogoutBeanDefinitionParser.java
@@ -6,8 +6,8 @@ import org.springframework.beans.factory.support.BeanDefinitionBuilder;
 
				 import org.springframework.beans.factory.support.ManagedList;
			
 
				 import org.springframework.beans.factory.xml.BeanDefinitionParser;
			
 
				 import org.springframework.beans.factory.xml.ParserContext;
			
 
				-import org.springframework.security.ui.logout.LogoutFilter;
			
 
				-import org.springframework.security.ui.logout.SecurityContextLogoutHandler;
			
 
				+import org.springframework.security.web.logout.LogoutFilter;
			
 
				+import org.springframework.security.web.logout.SecurityContextLogoutHandler;
			
 
				 import org.springframework.util.StringUtils;
			
 
				 import org.w3c.dom.Element;
			
 
				 
			
--- a/config/src/main/java/org/springframework/security/config/OrderedFilterBeanDefinitionDecorator.java
+++ b/config/src/main/java/org/springframework/security/config/OrderedFilterBeanDefinitionDecorator.java
@@ -15,7 +15,7 @@ import org.springframework.beans.factory.support.BeanDefinitionBuilder;
 
				 import org.springframework.beans.factory.xml.BeanDefinitionDecorator;
			
 
				 import org.springframework.beans.factory.xml.ParserContext;
			
 
				 import org.springframework.core.Ordered;
			
 
				-import org.springframework.security.ui.FilterChainOrder;
			
 
				+import org.springframework.security.web.FilterChainOrder;
			
 
				 import org.springframework.util.Assert;
			
 
				 import org.springframework.util.StringUtils;
			
 
				 import org.w3c.dom.Element;
			
--- a/config/src/main/java/org/springframework/security/config/PortMappingsBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/PortMappingsBeanDefinitionParser.java
@@ -1,6 +1,6 @@
 
				 package org.springframework.security.config;
			
 
				 
			
 
				-import org.springframework.security.web.util.PortMapperImpl;
			
 
				+import org.springframework.security.web.PortMapperImpl;
			
 
				 import org.springframework.beans.factory.xml.BeanDefinitionParser;
			
 
				 import org.springframework.beans.factory.xml.ParserContext;
			
 
				 import org.springframework.beans.factory.config.BeanDefinition;
			
@@ -15,7 +15,7 @@ import java.util.Map;
 
				 import java.util.HashMap;
			
 
				 
			
 
				 /**
			
 
				- * Parses a port-mappings element, producing a single {@link org.springframework.security.web.util.PortMapperImpl}
			
 
				+ * Parses a port-mappings element, producing a single {@link org.springframework.security.web.PortMapperImpl}
			
 
				  * bean.
			
 
				  *
			
 
				  * @author Luke Taylor
			
--- a/config/src/main/java/org/springframework/security/config/RememberMeBeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/RememberMeBeanDefinitionParser.java
@@ -7,11 +7,11 @@ import org.springframework.beans.factory.config.RuntimeBeanReference;
 
				 import org.springframework.beans.factory.support.RootBeanDefinition;
			
 
				 import org.springframework.beans.factory.xml.BeanDefinitionParser;
			
 
				 import org.springframework.beans.factory.xml.ParserContext;
			
 
				-import org.springframework.security.ui.rememberme.JdbcTokenRepositoryImpl;
			
 
				-import org.springframework.security.ui.rememberme.PersistentTokenBasedRememberMeServices;
			
 
				-import org.springframework.security.ui.rememberme.RememberMeProcessingFilter;
			
 
				-import org.springframework.security.ui.rememberme.TokenBasedRememberMeServices;
			
 
				-import org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider;
			
 
				+import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
			
 
				+import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
			
 
				+import org.springframework.security.web.authentication.rememberme.RememberMeProcessingFilter;
			
 
				+import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;
			
 
				+import org.springframework.security.providers.RememberMeAuthenticationProvider;
			
 
				 import org.springframework.util.StringUtils;
			
 
				 import org.w3c.dom.Element;
			
 
				 
			
--- a/config/src/main/java/org/springframework/security/config/RememberMeServicesInjectionBeanPostProcessor.java
+++ b/config/src/main/java/org/springframework/security/config/RememberMeServicesInjectionBeanPostProcessor.java
@@ -9,9 +9,9 @@ import org.springframework.beans.factory.BeanFactory;
 
				 import org.springframework.beans.factory.BeanFactoryAware;
			
 
				 import org.springframework.beans.factory.ListableBeanFactory;
			
 
				 import org.springframework.beans.factory.config.BeanPostProcessor;
			
 
				-import org.springframework.security.ui.AbstractProcessingFilter;
			
 
				-import org.springframework.security.ui.basicauth.BasicProcessingFilter;
			
 
				-import org.springframework.security.ui.rememberme.RememberMeServices;
			
 
				+import org.springframework.security.web.authentication.AbstractProcessingFilter;
			
 
				+import org.springframework.security.web.authentication.rememberme.RememberMeServices;
			
 
				+import org.springframework.security.web.authentication.www.BasicProcessingFilter;
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
 
				 /**
			
--- a/config/src/main/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessor.java
+++ b/config/src/main/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessor.java
@@ -11,8 +11,8 @@ import org.springframework.beans.factory.config.BeanPostProcessor;
 
				 import org.springframework.security.concurrent.ConcurrentSessionController;
			
 
				 import org.springframework.security.concurrent.ConcurrentSessionControllerImpl;
			
 
				 import org.springframework.security.concurrent.SessionRegistry;
			
 
				-import org.springframework.security.ui.AbstractProcessingFilter;
			
 
				-import org.springframework.security.ui.SessionFixationProtectionFilter;
			
 
				+import org.springframework.security.web.SessionFixationProtectionFilter;
			
 
				+import org.springframework.security.web.authentication.AbstractProcessingFilter;
			
 
				 
			
 
				 import org.apache.commons.logging.Log;
			
 
				 import org.apache.commons.logging.LogFactory;
			
--- a/config/src/main/java/org/springframework/security/config/UserDetailsServiceInjectionBeanPostProcessor.java
+++ b/config/src/main/java/org/springframework/security/config/UserDetailsServiceInjectionBeanPostProcessor.java
@@ -13,9 +13,9 @@ import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
 
				 import org.springframework.beans.factory.config.RuntimeBeanReference;
			
 
				 import org.springframework.beans.factory.support.RootBeanDefinition;
			
 
				 import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider;
			
 
				-import org.springframework.security.ui.rememberme.AbstractRememberMeServices;
			
 
				 import org.springframework.security.userdetails.UserDetailsByNameServiceWrapper;
			
 
				 import org.springframework.security.userdetails.UserDetailsService;
			
 
				+import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
 
				 /**
			
--- a/config/src/main/java/org/springframework/security/config/X509BeanDefinitionParser.java
+++ b/config/src/main/java/org/springframework/security/config/X509BeanDefinitionParser.java
@@ -1,9 +1,9 @@
 
				 package org.springframework.security.config;
			
 
				 
			
 
				-import org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint;
			
 
				-import org.springframework.security.ui.preauth.x509.X509PreAuthenticatedProcessingFilter;
			
 
				-import org.springframework.security.ui.preauth.x509.SubjectDnX509PrincipalExtractor;
			
 
				 import org.springframework.security.userdetails.UserDetailsByNameServiceWrapper;
			
 
				+import org.springframework.security.web.authentication.preauth.PreAuthenticatedProcessingFilterEntryPoint;
			
 
				+import org.springframework.security.web.authentication.preauth.x509.SubjectDnX509PrincipalExtractor;
			
 
				+import org.springframework.security.web.authentication.preauth.x509.X509PreAuthenticatedProcessingFilter;
			
 
				 import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider;
			
 
				 import org.springframework.beans.factory.xml.BeanDefinitionParser;
			
 
				 import org.springframework.beans.factory.xml.ParserContext;
			
--- a/config/src/test/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParserTests.java
+++ b/config/src/test/java/org/springframework/security/config/FilterInvocationSecurityMetadataSourceBeanDefinitionParserTests.java
@@ -1,6 +1,7 @@
 
				 package org.springframework.security.config;
			
 
				 
			
 
				 import static org.junit.Assert.*;
			
 
				+import static org.mockito.Mockito.*;
			
 
				 
			
 
				 import java.util.List;
			
 
				 
			
@@ -13,15 +14,16 @@ import org.springframework.mock.web.MockHttpServletResponse;
 
				 import org.springframework.security.ConfigAttribute;
			
 
				 import org.springframework.security.SecurityConfig;
			
 
				 import org.springframework.security.config.util.InMemoryXmlApplicationContext;
			
 
				-import org.springframework.security.intercept.web.DefaultFilterInvocationSecurityMetadataSource;
			
 
				-import org.springframework.security.intercept.web.FilterInvocation;
			
 
				+import org.springframework.security.web.intercept.DefaultFilterInvocationSecurityMetadataSource;
			
 
				+import org.springframework.security.web.intercept.FilterInvocation;
			
 
				+import org.w3c.dom.Element;
			
 
				 
			
 
				 /**
			
 
				- *
			
 
				+ * Tests for {@link FilterInvocationSecurityMetadataSourceBeanDefinitionParser}.
			
 
				  * @author Luke Taylor
			
 
				  * @version $Id$
			
 
				  */
			
 
				-public class FilterInvocationDefinitionSourceParserTests {
			
 
				+public class FilterInvocationSecurityMetadataSourceBeanDefinitionParserTests {
			
 
				     private AbstractXmlApplicationContext appContext;
			
 
				 
			
 
				     @After
			
@@ -36,6 +38,11 @@ public class FilterInvocationDefinitionSourceParserTests {
 
				         appContext = new InMemoryXmlApplicationContext(context);
			
 
				     }
			
 
				 
			
 
				+    @Test
			
 
				+    public void beanClassNameIsCorrect() throws Exception {
			
 
				+        assertEquals(DefaultFilterInvocationSecurityMetadataSource.class.getName(), new FilterInvocationSecurityMetadataSourceBeanDefinitionParser().getBeanClassName(mock(Element.class)));
			
 
				+    }
			
 
				+
			
 
				     @Test
			
 
				     public void parsingMinimalConfigurationIsSuccessful() {
			
 
				         setContext(
			
@@ -52,7 +59,7 @@ public class FilterInvocationDefinitionSourceParserTests {
 
				     public void parsingWithinFilterSecurityInterceptorIsSuccessful() {
			
 
				         setContext(
			
 
				                 "<http auto-config='true'/>" +
			
 
				-                "<b:bean id='fsi' class='org.springframework.security.intercept.web.FilterSecurityInterceptor' autowire='byType'>" +
			
 
				+                "<b:bean id='fsi' class='org.springframework.security.web.intercept.FilterSecurityInterceptor' autowire='byType'>" +
			
 
				                 "   <b:property name='securityMetadataSource'>" +
			
 
				                 "       <filter-invocation-definition-source>" +
			
 
				                 "           <intercept-url pattern='/secure/extreme/**' access='ROLE_SUPERVISOR'/>" +
			
--- a/config/src/test/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParserTests.java
+++ b/config/src/test/java/org/springframework/security/config/GlobalMethodSecurityBeanDefinitionParserTests.java
@@ -1,6 +1,7 @@
 
				 package org.springframework.security.config;
			
 
				 
			
 
				 import static org.junit.Assert.*;
			
 
				+import static org.springframework.security.config.GlobalMethodSecurityBeanDefinitionParser.*;
			
 
				 import static org.springframework.security.config.ConfigTestUtils.AUTH_PROVIDER_XML;
			
 
				 
			
 
				 import java.util.ArrayList;
			
@@ -14,8 +15,12 @@ import org.springframework.security.AccessDeniedException;
 
				 import org.springframework.security.AuthenticationCredentialsNotFoundException;
			
 
				 import org.springframework.security.afterinvocation.AfterInvocationProviderManager;
			
 
				 import org.springframework.security.annotation.BusinessService;
			
 
				+import org.springframework.security.annotation.Jsr250MethodSecurityMetadataSource;
			
 
				+import org.springframework.security.annotation.Jsr250Voter;
			
 
				+import org.springframework.security.annotation.SecuredMethodSecurityMetadataSource;
			
 
				 import org.springframework.security.config.util.InMemoryXmlApplicationContext;
			
 
				 import org.springframework.security.context.SecurityContextHolder;
			
 
				+import org.springframework.security.expression.method.ExpressionAnnotationMethodSecurityMetadataSource;
			
 
				 import org.springframework.security.expression.method.MethodExpressionAfterInvocationProvider;
			
 
				 import org.springframework.security.expression.method.MethodExpressionVoter;
			
 
				 import org.springframework.security.providers.TestingAuthenticationToken;
			
@@ -56,6 +61,14 @@ public class GlobalMethodSecurityBeanDefinitionParserTests {
 
				         target = null;
			
 
				     }
			
 
				 
			
 
				+    @Test
			
 
				+    public void beanClassNamesAreCorrect() throws Exception {
			
 
				+        assertEquals(SecuredMethodSecurityMetadataSource.class.getName(), SECURED_METHOD_DEFINITION_SOURCE_CLASS);
			
 
				+        assertEquals(ExpressionAnnotationMethodSecurityMetadataSource.class.getName(), EXPRESSION_METHOD_DEFINITION_SOURCE_CLASS);
			
 
				+        assertEquals(Jsr250MethodSecurityMetadataSource.class.getName(), JSR_250_SECURITY_METHOD_DEFINITION_SOURCE_CLASS);
			
 
				+        assertEquals(Jsr250Voter.class.getName(), JSR_250_VOTER_CLASS);
			
 
				+    }
			
 
				+
			
 
				     @Test(expected=AuthenticationCredentialsNotFoundException.class)
			
 
				     public void targetShouldPreventProtectedMethodInvocationWithNoContext() {
			
 
				         loadContext();
			
--- a/config/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java
+++ b/config/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java
@@ -2,6 +2,7 @@ package org.springframework.security.config;
 
				 
			
 
				 import static org.junit.Assert.*;
			
 
				 import static org.springframework.security.config.ConfigTestUtils.AUTH_PROVIDER_XML;
			
 
				+import static org.springframework.security.config.HttpSecurityBeanDefinitionParser.*;
			
 
				 
			
 
				 import java.lang.reflect.Method;
			
 
				 import java.util.Iterator;
			
@@ -24,34 +25,43 @@ import org.springframework.security.MockAuthenticationEntryPoint;
 
				 import org.springframework.security.SecurityConfig;
			
 
				 import org.springframework.security.concurrent.ConcurrentLoginException;
			
 
				 import org.springframework.security.concurrent.ConcurrentSessionControllerImpl;
			
 
				-import org.springframework.security.concurrent.ConcurrentSessionFilter;
			
 
				 import org.springframework.security.config.util.InMemoryXmlApplicationContext;
			
 
				 import org.springframework.security.context.SecurityContextHolder;
			
 
				-import org.springframework.security.context.web.HttpSessionSecurityContextRepository;
			
 
				-import org.springframework.security.context.web.SecurityContextPersistenceFilter;
			
 
				-import org.springframework.security.intercept.web.FilterInvocation;
			
 
				-import org.springframework.security.intercept.web.FilterInvocationSecurityMetadataSource;
			
 
				-import org.springframework.security.intercept.web.FilterSecurityInterceptor;
			
 
				+import org.springframework.security.openid.OpenIDAuthenticationProcessingFilter;
			
 
				+import org.springframework.security.openid.OpenIDAuthenticationProvider;
			
 
				 import org.springframework.security.providers.TestingAuthenticationToken;
			
 
				 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
			
 
				-import org.springframework.security.securechannel.ChannelProcessingFilter;
			
 
				-import org.springframework.security.ui.AuthenticationFailureHandler;
			
 
				-import org.springframework.security.ui.AuthenticationSuccessHandler;
			
 
				-import org.springframework.security.ui.ExceptionTranslationFilter;
			
 
				-import org.springframework.security.ui.SessionFixationProtectionFilter;
			
 
				-import org.springframework.security.ui.WebAuthenticationDetails;
			
 
				-import org.springframework.security.ui.anonymous.AnonymousProcessingFilter;
			
 
				-import org.springframework.security.ui.basicauth.BasicProcessingFilter;
			
 
				-import org.springframework.security.ui.logout.LogoutFilter;
			
 
				-import org.springframework.security.ui.logout.LogoutHandler;
			
 
				-import org.springframework.security.ui.preauth.x509.X509PreAuthenticatedProcessingFilter;
			
 
				-import org.springframework.security.ui.rememberme.PersistentTokenBasedRememberMeServices;
			
 
				-import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
			
 
				-import org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter;
			
 
				 import org.springframework.security.util.FieldUtils;
			
 
				-import org.springframework.security.web.util.FilterChainProxy;
			
 
				-import org.springframework.security.web.util.PortMapperImpl;
			
 
				-import org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter;
			
 
				+import org.springframework.security.web.ExceptionTranslationFilter;
			
 
				+import org.springframework.security.web.FilterChainProxy;
			
 
				+import org.springframework.security.web.PortMapperImpl;
			
 
				+import org.springframework.security.web.SessionFixationProtectionFilter;
			
 
				+import org.springframework.security.web.WebAuthenticationDetails;
			
 
				+import org.springframework.security.web.authentication.AnonymousProcessingFilter;
			
 
				+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
			
 
				+import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
			
 
				+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
			
 
				+import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter;
			
 
				+import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
			
 
				+import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
			
 
				+import org.springframework.security.web.authentication.preauth.x509.X509PreAuthenticatedProcessingFilter;
			
 
				+import org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl;
			
 
				+import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
			
 
				+import org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices;
			
 
				+import org.springframework.security.web.authentication.www.BasicProcessingFilter;
			
 
				+import org.springframework.security.web.concurrent.ConcurrentSessionFilter;
			
 
				+import org.springframework.security.web.concurrent.SessionRegistryImpl;
			
 
				+import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
			
 
				+import org.springframework.security.web.context.SecurityContextPersistenceFilter;
			
 
				+import org.springframework.security.web.expression.DefaultWebSecurityExpressionHandler;
			
 
				+import org.springframework.security.web.expression.ExpressionBasedFilterInvocationSecurityMetadataSource;
			
 
				+import org.springframework.security.web.intercept.FilterInvocation;
			
 
				+import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource;
			
 
				+import org.springframework.security.web.intercept.FilterSecurityInterceptor;
			
 
				+import org.springframework.security.web.logout.LogoutFilter;
			
 
				+import org.springframework.security.web.logout.LogoutHandler;
			
 
				+import org.springframework.security.web.securechannel.ChannelProcessingFilter;
			
 
				+import org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter;
			
 
				 import org.springframework.util.ReflectionUtils;
			
 
				 
			
 
				 /**
			
@@ -76,6 +86,15 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				         setContext("<http><http-basic /></http>" + AUTH_PROVIDER_XML);
			
 
				     }
			
 
				 
			
 
				+    @Test
			
 
				+    public void beanClassNamesAreCorrect() throws Exception {
			
 
				+        assertEquals(DefaultWebSecurityExpressionHandler.class.getName(), EXPRESSION_HANDLER_CLASS);
			
 
				+        assertEquals(ExpressionBasedFilterInvocationSecurityMetadataSource.class.getName(), EXPRESSION_FIMDS_CLASS);
			
 
				+        assertEquals(AuthenticationProcessingFilter.class.getName(), AUTHENTICATION_PROCESSING_FILTER_CLASS);
			
 
				+        assertEquals(OpenIDAuthenticationProcessingFilter.class.getName(), OPEN_ID_AUTHENTICATION_PROCESSING_FILTER_CLASS);
			
 
				+        assertEquals(OpenIDAuthenticationProvider.class.getName(), OPEN_ID_AUTHENTICATION_PROVIDER_CLASS);
			
 
				+    }
			
 
				+
			
 
				     @Test
			
 
				     public void httpAutoConfigSetsUpCorrectFilterList() throws Exception {
			
 
				         setContext("<http auto-config='true' />" + AUTH_PROVIDER_XML);
			
@@ -142,7 +161,7 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				         // This will be matched by the default pattern ".*"
			
 
				         List<Filter> allFilters = getFilters("/ImCaughtByTheUniversalMatchPattern");
			
 
				         checkAutoConfigFilters(allFilters);
			
 
				-        assertEquals(false, FieldUtils.getFieldValue(appContext.getBean("_filterChainProxy"), "stripQueryStringFromUrls"));
			
 
				+        assertEquals(false, FieldUtils.getFieldValue(appContext.getBean(BeanIds.FILTER_CHAIN_PROXY), "stripQueryStringFromUrls"));
			
 
				         assertEquals(false, FieldUtils.getFieldValue(allFilters.get(AUTO_CONFIG_FILTERS-1), "securityMetadataSource.stripQueryStringFromUrls"));
			
 
				     }
			
 
				 
			
@@ -335,19 +354,22 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				     @Test
			
 
				     public void externalFiltersAreTreatedCorrectly() throws Exception {
			
 
				         // Decorated user-filters should be added to stack. The others should be ignored.
			
 
				+        String contextHolderFilterClass = SecurityContextHolderAwareRequestFilter.class.getName();
			
 
				+        String contextPersistenceFilterClass = SecurityContextPersistenceFilter.class.getName();
			
 
				+
			
 
				         setContext(
			
 
				                 "<http auto-config='true'/>" + AUTH_PROVIDER_XML +
			
 
				-                "<b:bean id='userFilter' class='org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter'>" +
			
 
				+                "<b:bean id='userFilter' class='"+ contextHolderFilterClass +"'>" +
			
 
				                 "    <custom-filter after='LOGOUT_FILTER'/>" +
			
 
				                 "</b:bean>" +
			
 
				-                "<b:bean id='userFilter1' class='org.springframework.security.context.web.SecurityContextPersistenceFilter'>" +
			
 
				+                "<b:bean id='userFilter1' class='" + contextPersistenceFilterClass + "'>" +
			
 
				                 "    <custom-filter before='SESSION_CONTEXT_INTEGRATION_FILTER'/>" +
			
 
				                 "</b:bean>" +
			
 
				-                "<b:bean id='userFilter2' class='org.springframework.security.context.web.SecurityContextPersistenceFilter'>" +
			
 
				+                "<b:bean id='userFilter2' class='" + contextPersistenceFilterClass + "'>" +
			
 
				                 "    <custom-filter position='FIRST'/>" +
			
 
				                 "</b:bean>" +
			
 
				-                "<b:bean id='userFilter3' class='org.springframework.security.context.web.SecurityContextPersistenceFilter'/>" +
			
 
				-                "<b:bean id='userFilter4' class='org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter'/>"
			
 
				+                "<b:bean id='userFilter3' class='" + contextPersistenceFilterClass + "'/>" +
			
 
				+                "<b:bean id='userFilter4' class='"+ contextHolderFilterClass +"'/>"
			
 
				                 );
			
 
				         List<Filter> filters = getFilters("/someurl");
			
 
				 
			
@@ -361,7 +383,7 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				     public void twoFiltersWithSameOrderAreRejected() {
			
 
				         setContext(
			
 
				                 "<http auto-config='true'/>" + AUTH_PROVIDER_XML +
			
 
				-                "<b:bean id='userFilter' class='org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter'>" +
			
 
				+                "<b:bean id='userFilter' class='" + SecurityContextHolderAwareRequestFilter.class.getName() + "'>" +
			
 
				                 "    <custom-filter position='LOGOUT_FILTER'/>" +
			
 
				                 "</b:bean>");
			
 
				     }
			
@@ -373,7 +395,7 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				             "    <remember-me token-repository-ref='tokenRepo'/>" +
			
 
				             "</http>" +
			
 
				             "<b:bean id='tokenRepo' " +
			
 
				-                    "class='org.springframework.security.ui.rememberme.InMemoryTokenRepositoryImpl'/> " + AUTH_PROVIDER_XML);
			
 
				+                    "class='" + InMemoryTokenRepositoryImpl.class.getName() + "'/> " + AUTH_PROVIDER_XML);
			
 
				         Object rememberMeServices = appContext.getBean(BeanIds.REMEMBER_ME_SERVICES);
			
 
				 
			
 
				         assertTrue(rememberMeServices instanceof PersistentTokenBasedRememberMeServices);
			
@@ -400,7 +422,7 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				                 "<http auto-config='true'>" +
			
 
				                 "    <remember-me key='ourkey' services-ref='rms'/>" +
			
 
				                 "</http>" +
			
 
				-                "<b:bean id='rms' class='org.springframework.security.ui.rememberme.TokenBasedRememberMeServices'> " +
			
 
				+                "<b:bean id='rms' class='"+ TokenBasedRememberMeServices.class.getName() +"'> " +
			
 
				                 "    <b:property name='userDetailsService' ref='us'/>" +
			
 
				                 "    <b:property name='key' value='ourkey'/>" +
			
 
				                 "    <b:property name='tokenValiditySeconds' value='5000'/>" +
			
@@ -486,7 +508,7 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				                 "<http auto-config='true'>" +
			
 
				                 "    <concurrent-session-control session-registry-ref='seshRegistry' />" +
			
 
				                 "</http>" +
			
 
				-                "<b:bean id='seshRegistry' class='org.springframework.security.concurrent.SessionRegistryImpl'/>" +
			
 
				+                "<b:bean id='seshRegistry' class='" + SessionRegistryImpl.class.getName() + "'/>" +
			
 
				                 AUTH_PROVIDER_XML);
			
 
				         Object sessionRegistry = appContext.getBean("seshRegistry");
			
 
				         Object sessionRegistryFromFilter = FieldUtils.getFieldValue(
			
@@ -508,9 +530,9 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				                 "<http auto-config='true'>" +
			
 
				                 "    <concurrent-session-control session-registry-alias='seshRegistry' expired-url='/expired'/>" +
			
 
				                 "</http>" +
			
 
				-                "<b:bean id='sc' class='org.springframework.security.concurrent.ConcurrentSessionControllerImpl'>" +
			
 
				+                "<b:bean id='sc' class='" + ConcurrentSessionControllerImpl.class.getName() +"'>" +
			
 
				                 "  <b:property name='sessionRegistry'>" +
			
 
				-                "    <b:bean class='org.springframework.security.concurrent.SessionRegistryImpl'/>" +
			
 
				+                "    <b:bean class='"+ SessionRegistryImpl.class.getName() + "'/>" +
			
 
				                 "  </b:property>" +
			
 
				                 "</b:bean>" + AUTH_PROVIDER_XML);
			
 
				     }
			
@@ -523,7 +545,7 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				                 "</http>" +
			
 
				                 "<b:bean id='sc' class='org.springframework.security.concurrent.ConcurrentSessionControllerImpl'>" +
			
 
				                 "  <b:property name='sessionRegistry'>" +
			
 
				-                "    <b:bean class='org.springframework.security.concurrent.SessionRegistryImpl'/>" +
			
 
				+                "    <b:bean class='" + SessionRegistryImpl.class.getName() + "'/>" +
			
 
				                 "  </b:property>" +
			
 
				                 "</b:bean>" +
			
 
				                 "<authentication-manager alias='authManager' session-controller-ref='sc'/>" + AUTH_PROVIDER_XML);
			
@@ -564,7 +586,7 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				     public void customEntryPointIsSupported() throws Exception {
			
 
				         setContext(
			
 
				                 "<http auto-config='true' entry-point-ref='entryPoint'/>" +
			
 
				-                "<b:bean id='entryPoint' class='org.springframework.security.MockAuthenticationEntryPoint'>" +
			
 
				+                "<b:bean id='entryPoint' class='" + MockAuthenticationEntryPoint.class.getName() + "'>" +
			
 
				                 "    <b:constructor-arg value='/customlogin'/>" +
			
 
				                 "</b:bean>" + AUTH_PROVIDER_XML);
			
 
				         ExceptionTranslationFilter etf = (ExceptionTranslationFilter) getFilters("/someurl").get(AUTO_CONFIG_FILTERS-3);
			
@@ -693,7 +715,7 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				     @Test
			
 
				     public void supportsExternallyDefinedSecurityContextRepository() throws Exception {
			
 
				         setContext(
			
 
				-                "<b:bean id='repo' class='org.springframework.security.context.web.HttpSessionSecurityContextRepository'/>" +
			
 
				+                "<b:bean id='repo' class='" + HttpSessionSecurityContextRepository.class.getName() + "'/>" +
			
 
				                 "<http create-session='always' security-context-repository-ref='repo'>" +
			
 
				                 "    <http-basic />" +
			
 
				                 "</http>" + AUTH_PROVIDER_XML);
			
@@ -706,7 +728,7 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				     @Test(expected=BeanDefinitionParsingException.class)
			
 
				     public void cantUseUnsupportedSessionCreationAttributeWithExternallyDefinedSecurityContextRepository() throws Exception {
			
 
				         setContext(
			
 
				-                "<b:bean id='repo' class='org.springframework.security.context.web.HttpSessionSecurityContextRepository'/>" +
			
 
				+                "<b:bean id='repo' class='" + HttpSessionSecurityContextRepository.class.getName() + "'/>" +
			
 
				                 "<http create-session='never' security-context-repository-ref='repo'>" +
			
 
				                 "    <http-basic />" +
			
 
				                 "</http>" + AUTH_PROVIDER_XML);
			
@@ -746,8 +768,8 @@ public class HttpSecurityBeanDefinitionParserTests {
 
				                 "<http>" +
			
 
				                 "   <form-login authentication-success-handler-ref='sh' authentication-failure-handler-ref='fh'/>" +
			
 
				                 "</http>" +
			
 
				-                "<b:bean id='sh' class='org.springframework.security.ui.SavedRequestAwareAuthenticationSuccessHandler'/>" +
			
 
				-                "<b:bean id='fh' class='org.springframework.security.ui.SimpleUrlAuthenticationFailureHandler'/>" +
			
 
				+                "<b:bean id='sh' class='" + SavedRequestAwareAuthenticationSuccessHandler.class.getName() +"'/>" +
			
 
				+                "<b:bean id='fh' class='" + SimpleUrlAuthenticationFailureHandler.class.getName() + "'/>" +
			
 
				                 AUTH_PROVIDER_XML);
			
 
				         AuthenticationProcessingFilter apf = (AuthenticationProcessingFilter) appContext.getBean(BeanIds.FORM_LOGIN_FILTER);
			
 
				         AuthenticationSuccessHandler sh = (AuthenticationSuccessHandler) appContext.getBean("sh");
			
--- a/config/src/test/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessorTests.java
+++ b/config/src/test/java/org/springframework/security/config/SessionRegistryInjectionBeanPostProcessorTests.java
@@ -8,8 +8,10 @@ import org.springframework.context.support.AbstractXmlApplicationContext;
 
				 import org.springframework.security.Authentication;
			
 
				 import org.springframework.security.AuthenticationException;
			
 
				 import org.springframework.security.concurrent.ConcurrentSessionController;
			
 
				+import org.springframework.security.concurrent.ConcurrentSessionControllerImpl;
			
 
				 import org.springframework.security.config.util.InMemoryXmlApplicationContext;
			
 
				 import org.springframework.security.util.FieldUtils;
			
 
				+import org.springframework.security.web.concurrent.SessionRegistryImpl;
			
 
				 
			
 
				 /**
			
 
				  *
			
@@ -35,9 +37,9 @@ public class SessionRegistryInjectionBeanPostProcessorTests {
 
				     public void sessionRegistryIsSetOnFiltersWhenUsingCustomControllerWithInternalRegistryBean() throws Exception {
			
 
				         setContext(
			
 
				                 "<http auto-config='true'/>" +
			
 
				-                "<b:bean id='sc' class='org.springframework.security.concurrent.ConcurrentSessionControllerImpl'>" +
			
 
				+                "<b:bean id='sc' class='" + ConcurrentSessionControllerImpl.class.getName() + "'>" +
			
 
				                 "  <b:property name='sessionRegistry'>" +
			
 
				-                "      <b:bean class='org.springframework.security.concurrent.SessionRegistryImpl'/>" +
			
 
				+                "      <b:bean class='" + SessionRegistryImpl.class.getName() + "'/>" +
			
 
				                 "  </b:property>" +
			
 
				                 "</b:bean>" +
			
 
				                 "<authentication-manager alias='authManager' session-controller-ref='sc'/>" +
			
@@ -51,7 +53,7 @@ public class SessionRegistryInjectionBeanPostProcessorTests {
 
				         setContext(
			
 
				                 "<http auto-config='true'/>" +
			
 
				                 "<b:bean id='sc' class='org.springframework.security.config.SessionRegistryInjectionBeanPostProcessorTests$MockConcurrentSessionController'/>" +
			
 
				-                "<b:bean id='sessionRegistry' class='org.springframework.security.concurrent.SessionRegistryImpl'/>" +
			
 
				+                "<b:bean id='sessionRegistry' class='" + SessionRegistryImpl.class.getName() + "'/>" +
			
 
				                 "<authentication-manager alias='authManager' session-controller-ref='sc'/>" +
			
 
				                 ConfigTestUtils.AUTH_PROVIDER_XML);
			
 
				         assertNotNull(FieldUtils.getFieldValue(appContext.getBean(BeanIds.SESSION_FIXATION_PROTECTION_FILTER), "sessionRegistry"));
			
--- a/config/src/test/java/org/springframework/security/util/FilterChainProxyConfigTests.java
+++ b/config/src/test/java/org/springframework/security/util/FilterChainProxyConfigTests.java
@@ -34,10 +34,10 @@ import org.springframework.context.support.ClassPathXmlApplicationContext;
 
				 import org.springframework.mock.web.MockHttpServletRequest;
			
 
				 import org.springframework.mock.web.MockHttpServletResponse;
			
 
				 import org.springframework.security.MockFilterConfig;
			
 
				-import org.springframework.security.context.web.SecurityContextPersistenceFilter;
			
 
				-import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
			
 
				-import org.springframework.security.web.util.FilterChainProxy;
			
 
				-import org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter;
			
 
				+import org.springframework.security.web.FilterChainProxy;
			
 
				+import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
			
 
				+import org.springframework.security.web.context.SecurityContextPersistenceFilter;
			
 
				+import org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter;
			
 
				 
			
 
				 /**
			
 
				  * Tests {@link FilterChainProxy}.
			
--- a/config/src/test/resources/org/springframework/security/util/filtertest-valid.xml
+++ b/config/src/test/resources/org/springframework/security/util/filtertest-valid.xml
@@ -24,14 +24,14 @@
 
				     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
			
 
				 http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
			
 
				 
			
 
				-    <bean id="mockFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter"/>
			
 
				+    <bean id="mockFilter" class="org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter"/>
			
 
				 
			
 
				-    <bean id="mockFilter2" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter"/>
			
 
				+    <bean id="mockFilter2" class="org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter"/>
			
 
				 
			
 
				     <!-- These are just here so we have filters of a specific type to check the ordering is as expected -->
			
 
				-    <bean id="sif" class="org.springframework.security.context.web.SecurityContextPersistenceFilter"/>
			
 
				+    <bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
			
 
				 
			
 
				-    <bean id="apf" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
			
 
				+    <bean id="apf" class="org.springframework.security.web.authentication.AuthenticationProcessingFilter">
			
 
				        <property name="authenticationManager">
			
 
				            <bean class="org.springframework.security.MockAuthenticationManager"/>
			
 
				        </property>
			
@@ -39,7 +39,7 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
 
				 
			
 
				     <bean id="mockNotAFilter" class="org.springframework.security.util.MockNotAFilter"/>
			
 
				 
			
 
				-    <bean id="filterChain" class="org.springframework.security.web.util.FilterChainProxy">
			
 
				+    <bean id="filterChain" class="org.springframework.security.web.FilterChainProxy">
			
 
				         <sec:filter-chain-map path-type="ant">
			
 
				             <sec:filter-chain pattern="/foo/**" filters="mockFilter"/>
			
 
				             <sec:filter-chain pattern="/some/other/path/**" filters="mockFilter"/>
			
@@ -48,7 +48,7 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
 
				     </bean>
			
 
				 
			
 
				 <!-- TODO: Refactor to replace the above (SEC-1034: 'new' is now the only valid syntax) -->
			
 
				-    <bean id="newFilterChainProxy" class="org.springframework.security.web.util.FilterChainProxy">
			
 
				+    <bean id="newFilterChainProxy" class="org.springframework.security.web.FilterChainProxy">
			
 
				         <sec:filter-chain-map path-type="ant">
			
 
				             <sec:filter-chain pattern="/foo/**" filters="mockFilter"/>
			
 
				             <sec:filter-chain pattern="/some/other/path/**" filters="sif,mockFilter,mockFilter2"/>
			
@@ -57,14 +57,14 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
 
				         </sec:filter-chain-map>
			
 
				     </bean>
			
 
				 
			
 
				-    <bean id="newFilterChainProxyNoDefaultPath" class="org.springframework.security.web.util.FilterChainProxy">
			
 
				+    <bean id="newFilterChainProxyNoDefaultPath" class="org.springframework.security.web.FilterChainProxy">
			
 
				         <sec:filter-chain-map path-type="ant">
			
 
				             <sec:filter-chain pattern="/foo/**" filters="mockFilter"/>
			
 
				             <sec:filter-chain pattern="/*.bar" filters="mockFilter,mockFilter2"/>
			
 
				         </sec:filter-chain-map>
			
 
				     </bean>
			
 
				 
			
 
				-    <bean id="newFilterChainProxyWrongPathOrder" class="org.springframework.security.web.util.FilterChainProxy">
			
 
				+    <bean id="newFilterChainProxyWrongPathOrder" class="org.springframework.security.web.FilterChainProxy">
			
 
				         <sec:filter-chain-map path-type="ant">
			
 
				             <sec:filter-chain pattern="/foo/**" filters="mockFilter"/>
			
 
				             <sec:filter-chain pattern="/**" filters="sif,apf,mockFilter"/>
			
@@ -72,7 +72,7 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
 
				         </sec:filter-chain-map>
			
 
				     </bean>
			
 
				 
			
 
				-    <bean id="newFilterChainProxyRegex" class="org.springframework.security.web.util.FilterChainProxy">
			
 
				+    <bean id="newFilterChainProxyRegex" class="org.springframework.security.web.FilterChainProxy">
			
 
				         <sec:filter-chain-map path-type="regex">
			
 
				             <sec:filter-chain pattern="\A/foo/.*\Z" filters="mockFilter"/>
			
 
				             <sec:filter-chain pattern="\A/s[oO]me/other/path/.*\Z" filters="sif,mockFilter,mockFilter2"/>
			
@@ -81,7 +81,7 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
 
				         </sec:filter-chain-map>
			
 
				     </bean>
			
 
				 
			
 
				-    <bean id="newFilterChainProxyNonNamespace" class="org.springframework.security.web.util.FilterChainProxy">
			
 
				+    <bean id="newFilterChainProxyNonNamespace" class="org.springframework.security.web.FilterChainProxy">
			
 
				         <property name="matcher">
			
 
				             <bean class="org.springframework.security.util.AntUrlPathMatcher"/>
			
 
				         </property>
			
--- a/core/src/main/java/org/springframework/security/ui/AuthenticationDetails.java
+++ b/core/src/main/java/org/springframework/security/ui/AuthenticationDetails.java
@@ -1,4 +1,4 @@
 
				-package org.springframework.security.ui;
			
 
				+package org.springframework.security;
			
 
				 
			
 
				 import java.io.Serializable;
			
 
				 
			
--- a/core/src/main/java/org/springframework/security/ui/AuthenticationDetailsSource.java
+++ b/core/src/main/java/org/springframework/security/ui/AuthenticationDetailsSource.java
@@ -13,7 +13,7 @@
 
				  * limitations under the License.

			
 
				  */

			
 
				 

			
 
				-package org.springframework.security.ui;

			
 
				+package org.springframework.security;

			
 
				 

			
 
				 

			
 
				 

			
--- a/core/src/main/java/org/springframework/security/ui/AuthenticationDetailsSourceImpl.java
+++ b/core/src/main/java/org/springframework/security/ui/AuthenticationDetailsSourceImpl.java
@@ -1,8 +1,8 @@
 
				-package org.springframework.security.ui;
			
 
				+package org.springframework.security;
			
 
				 
			
 
				 import java.lang.reflect.Constructor;
			
 
				 
			
 
				-import org.springframework.security.ui.AuthenticationDetailsSource;
			
 
				+import org.springframework.security.AuthenticationDetailsSource;
			
 
				 import org.springframework.util.Assert;
			
 
				 import org.springframework.util.ReflectionUtils;
			
 
				 
			
--- a/core/src/main/java/org/springframework/security/AuthenticationTrustResolverImpl.java
+++ b/core/src/main/java/org/springframework/security/AuthenticationTrustResolverImpl.java
@@ -15,8 +15,8 @@
 
				 
			
 
				 package org.springframework.security;
			
 
				 
			
 
				-import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
			
 
				-import org.springframework.security.providers.rememberme.RememberMeAuthenticationToken;
			
 
				+import org.springframework.security.providers.AnonymousAuthenticationToken;
			
 
				+import org.springframework.security.providers.RememberMeAuthenticationToken;
			
 
				 
			
 
				 
			
 
				 /**
			
--- a/core/src/main/java/org/springframework/security/expression/support/AbstractSecurityExpressionHandler.java
+++ b/core/src/main/java/org/springframework/security/expression/support/AbstractSecurityExpressionHandler.java
@@ -0,0 +1,5 @@
 
				+package org.springframework.security.expression.support;
			
 
				+
			
 
				+public class AbstractSecurityExpressionHandler {
			
 
				+
			
 
				+}
			
--- a/core/src/main/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationProvider.java
+++ b/core/src/main/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationProvider.java
@@ -13,7 +13,7 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.springframework.security.providers.anonymous;
			
 
				+package org.springframework.security.providers;
			
 
				 
			
 
				 import org.springframework.beans.factory.InitializingBean;
			
 
				 import org.springframework.context.MessageSource;
			
@@ -23,7 +23,6 @@ import org.springframework.security.Authentication;
 
				 import org.springframework.security.AuthenticationException;
			
 
				 import org.springframework.security.BadCredentialsException;
			
 
				 import org.springframework.security.SpringSecurityMessageSource;
			
 
				-import org.springframework.security.providers.AuthenticationProvider;
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
 
				 
			
--- a/core/src/main/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationToken.java
@@ -13,11 +13,10 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.springframework.security.providers.anonymous;
			
 
				+package org.springframework.security.providers;
			
 
				 
			
 
				 import org.springframework.security.GrantedAuthority;
			
 
				 
			
 
				-import org.springframework.security.providers.AbstractAuthenticationToken;
			
 
				 
			
 
				 import java.io.Serializable;
			
 
				 import java.util.Arrays;
			
--- a/core/src/main/java/org/springframework/security/providers/rememberme/RememberMeAuthenticationProvider.java
+++ b/core/src/main/java/org/springframework/security/providers/rememberme/RememberMeAuthenticationProvider.java
@@ -13,7 +13,7 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.springframework.security.providers.rememberme;
			
 
				+package org.springframework.security.providers;
			
 
				 
			
 
				 import org.springframework.beans.factory.InitializingBean;
			
 
				 import org.springframework.context.MessageSource;
			
@@ -23,7 +23,6 @@ import org.springframework.security.Authentication;
 
				 import org.springframework.security.AuthenticationException;
			
 
				 import org.springframework.security.BadCredentialsException;
			
 
				 import org.springframework.security.SpringSecurityMessageSource;
			
 
				-import org.springframework.security.providers.AuthenticationProvider;
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
 
				 
			
--- a/core/src/main/java/org/springframework/security/providers/rememberme/RememberMeAuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/providers/rememberme/RememberMeAuthenticationToken.java
@@ -13,14 +13,13 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.springframework.security.providers.rememberme;
			
 
				+package org.springframework.security.providers;
			
 
				 
			
 
				 import java.io.Serializable;
			
 
				 import java.util.Arrays;
			
 
				 import java.util.List;
			
 
				 
			
 
				 import org.springframework.security.GrantedAuthority;
			
 
				-import org.springframework.security.providers.AbstractAuthenticationToken;
			
 
				 
			
 
				 
			
 
				 /**
			
--- a/core/src/main/java/org/springframework/security/providers/anonymous/package.html
+++ b/core/src/main/java/org/springframework/security/providers/anonymous/package.html
@@ -1,7 +0,0 @@
 
				-<html>
			
 
				-<body>
			
 
				-Allows you to secure every invocation (especially useful for web request
			
 
				-URI security) by always having either an actual principal or an anonymous
			
 
				-principal authenticated.
			
 
				-</body>
			
 
				-</html>
			
--- a/core/src/main/java/org/springframework/security/providers/dao/AbstractUserDetailsAuthenticationProvider.java
+++ b/core/src/main/java/org/springframework/security/providers/dao/AbstractUserDetailsAuthenticationProvider.java
@@ -26,12 +26,13 @@ import org.springframework.security.LockedException;
 
				 
			
 
				 import org.springframework.security.providers.AuthenticationProvider;
			
 
				 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
			
 
				-import org.springframework.security.providers.dao.cache.NullUserCache;
			
 
				 
			
 
				+import org.springframework.security.userdetails.UserCache;
			
 
				 import org.springframework.security.userdetails.UserDetails;
			
 
				 import org.springframework.security.userdetails.UserDetailsService;
			
 
				 import org.springframework.security.userdetails.UsernameNotFoundException;
			
 
				 import org.springframework.security.userdetails.UserDetailsChecker;
			
 
				+import org.springframework.security.userdetails.cache.NullUserCache;
			
 
				 
			
 
				 import org.springframework.beans.factory.InitializingBean;
			
 
				 
			
--- a/core/src/main/java/org/springframework/security/providers/rememberme/package.html
+++ b/core/src/main/java/org/springframework/security/providers/rememberme/package.html
@@ -1,5 +0,0 @@
 
				-<html>
			
 
				-<body>
			
 
				-Authentication provider that processes <code>RememberMeAuthenticationToken</code>s.
			
 
				-</body>
			
 
				-</html>
			
--- a/core/src/main/java/org/springframework/security/providers/dao/UserCache.java
+++ b/core/src/main/java/org/springframework/security/providers/dao/UserCache.java
@@ -13,10 +13,8 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.springframework.security.providers.dao;
			
 
				+package org.springframework.security.userdetails;
			
 
				 
			
 
				-import org.springframework.security.userdetails.User;
			
 
				-import org.springframework.security.userdetails.UserDetails;
			
 
				 
			
 
				 
			
 
				 /**
			
--- a/core/src/main/java/org/springframework/security/providers/dao/cache/EhCacheBasedUserCache.java
+++ b/core/src/main/java/org/springframework/security/providers/dao/cache/EhCacheBasedUserCache.java
@@ -13,14 +13,14 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.springframework.security.providers.dao.cache;
			
 
				+package org.springframework.security.userdetails.cache;
			
 
				 
			
 
				 import net.sf.ehcache.CacheException;
			
 
				 import net.sf.ehcache.Element;
			
 
				 import net.sf.ehcache.Ehcache;
			
 
				 
			
 
				-import org.springframework.security.providers.dao.UserCache;
			
 
				 
			
 
				+import org.springframework.security.userdetails.UserCache;
			
 
				 import org.springframework.security.userdetails.UserDetails;
			
 
				 
			
 
				 import org.apache.commons.logging.Log;
			
--- a/core/src/main/java/org/springframework/security/providers/dao/cache/NullUserCache.java
+++ b/core/src/main/java/org/springframework/security/providers/dao/cache/NullUserCache.java
@@ -13,10 +13,10 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.springframework.security.providers.dao.cache;
			
 
				+package org.springframework.security.userdetails.cache;
			
 
				 
			
 
				-import org.springframework.security.providers.dao.UserCache;
			
 
				 
			
 
				+import org.springframework.security.userdetails.UserCache;
			
 
				 import org.springframework.security.userdetails.UserDetails;
			
 
				 
			
 
				 
			
--- a/core/src/main/java/org/springframework/security/userdetails/jdbc/JdbcUserDetailsManager.java
+++ b/core/src/main/java/org/springframework/security/userdetails/jdbc/JdbcUserDetailsManager.java
@@ -9,11 +9,11 @@ import org.springframework.security.GrantedAuthorityImpl;
 
				 import org.springframework.security.util.AuthorityUtils;
			
 
				 import org.springframework.security.context.SecurityContextHolder;
			
 
				 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
			
 
				-import org.springframework.security.providers.dao.UserCache;
			
 
				-import org.springframework.security.providers.dao.cache.NullUserCache;
			
 
				+import org.springframework.security.userdetails.UserCache;
			
 
				 import org.springframework.security.userdetails.UserDetails;
			
 
				 import org.springframework.security.userdetails.UserDetailsManager;
			
 
				 import org.springframework.security.userdetails.GroupManager;
			
 
				+import org.springframework.security.userdetails.cache.NullUserCache;
			
 
				 import org.springframework.context.ApplicationContextException;
			
 
				 import org.springframework.dao.IncorrectResultSizeDataAccessException;
			
 
				 import org.springframework.jdbc.core.PreparedStatementSetter;
			
--- a/web/src/test/java/org/springframework/security/ui/AuthenticationDetailsSourceImplTests.java
+++ b/web/src/test/java/org/springframework/security/ui/AuthenticationDetailsSourceImplTests.java
@@ -1,8 +1,10 @@
 
				-package org.springframework.security.ui;
			
 
				+package org.springframework.security;
			
 
				 
			
 
				 import static org.junit.Assert.*;
			
 
				 
			
 
				 import org.junit.Test;
			
 
				+import org.springframework.security.AuthenticationDetails;
			
 
				+import org.springframework.security.AuthenticationDetailsSourceImpl;
			
 
				 import org.springframework.security.providers.TestingAuthenticationToken;
			
 
				 
			
 
				 /**
			
--- a/core/src/test/java/org/springframework/security/AuthenticationTrustResolverImplTests.java
+++ b/core/src/test/java/org/springframework/security/AuthenticationTrustResolverImplTests.java
@@ -17,9 +17,9 @@ package org.springframework.security;
 
				 
			
 
				 import junit.framework.TestCase;
			
 
				 
			
 
				+import org.springframework.security.providers.AnonymousAuthenticationToken;
			
 
				+import org.springframework.security.providers.RememberMeAuthenticationToken;
			
 
				 import org.springframework.security.providers.TestingAuthenticationToken;
			
 
				-import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
			
 
				-import org.springframework.security.providers.rememberme.RememberMeAuthenticationToken;
			
 
				 import org.springframework.security.util.AuthorityUtils;
			
 
				 
			
 
				 
			
--- a/core/src/test/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationProviderTests.java
+++ b/core/src/test/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationProviderTests.java
@@ -22,6 +22,8 @@ import org.springframework.security.BadCredentialsException;
 
				 import org.springframework.security.GrantedAuthority;
			
 
				 import org.springframework.security.GrantedAuthorityImpl;
			
 
				 
			
 
				+import org.springframework.security.providers.AnonymousAuthenticationProvider;
			
 
				+import org.springframework.security.providers.AnonymousAuthenticationToken;
			
 
				 import org.springframework.security.providers.TestingAuthenticationToken;
			
 
				 import org.springframework.security.util.AuthorityUtils;
			
 
				 
			
--- a/core/src/test/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationTokenTests.java
+++ b/core/src/test/java/org/springframework/security/providers/anonymous/AnonymousAuthenticationTokenTests.java
@@ -20,6 +20,7 @@ import java.util.List;
 
				 import junit.framework.TestCase;
			
 
				 
			
 
				 import org.springframework.security.GrantedAuthority;
			
 
				+import org.springframework.security.providers.AnonymousAuthenticationToken;
			
 
				 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
			
 
				 import org.springframework.security.util.AuthorityUtils;
			
 
				 
			
--- a/core/src/test/java/org/springframework/security/providers/dao/DaoAuthenticationProviderTests.java
+++ b/core/src/test/java/org/springframework/security/providers/dao/DaoAuthenticationProviderTests.java
@@ -30,8 +30,6 @@ import org.springframework.security.LockedException;
 
				 
			
 
				 import org.springframework.security.providers.TestingAuthenticationToken;
			
 
				 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
			
 
				-import org.springframework.security.providers.dao.cache.EhCacheBasedUserCache;
			
 
				-import org.springframework.security.providers.dao.cache.NullUserCache;
			
 
				 import org.springframework.security.providers.dao.salt.SystemWideSaltSource;
			
 
				 import org.springframework.security.providers.encoding.ShaPasswordEncoder;
			
 
				 
			
@@ -39,6 +37,8 @@ import org.springframework.security.userdetails.User;
 
				 import org.springframework.security.userdetails.UserDetails;
			
 
				 import org.springframework.security.userdetails.UserDetailsService;
			
 
				 import org.springframework.security.userdetails.UsernameNotFoundException;
			
 
				+import org.springframework.security.userdetails.cache.EhCacheBasedUserCache;
			
 
				+import org.springframework.security.userdetails.cache.NullUserCache;
			
 
				 import org.springframework.security.util.AuthorityUtils;
			
 
				 
			
 
				 import org.springframework.dao.DataAccessException;
			
--- a/core/src/test/java/org/springframework/security/providers/dao/MockUserCache.java
+++ b/core/src/test/java/org/springframework/security/providers/dao/MockUserCache.java
@@ -7,6 +7,7 @@ import java.util.HashMap;
 
				 import java.util.Map;
			
 
				 
			
 
				 import org.springframework.security.userdetails.User;
			
 
				+import org.springframework.security.userdetails.UserCache;
			
 
				 import org.springframework.security.userdetails.UserDetails;
			
 
				 
			
 
				 public class MockUserCache implements UserCache {
			
--- a/core/src/test/java/org/springframework/security/providers/dao/cache/EhCacheBasedUserCacheTests.java
+++ b/core/src/test/java/org/springframework/security/providers/dao/cache/EhCacheBasedUserCacheTests.java
@@ -25,6 +25,7 @@ import org.junit.AfterClass;
 
				 import org.junit.BeforeClass;
			
 
				 import org.junit.Test;
			
 
				 import org.springframework.security.userdetails.User;
			
 
				+import org.springframework.security.userdetails.cache.EhCacheBasedUserCache;
			
 
				 import org.springframework.security.util.AuthorityUtils;
			
 
				 
			
 
				 /**
			
--- a/core/src/test/java/org/springframework/security/providers/dao/cache/NullUserCacheTests.java
+++ b/core/src/test/java/org/springframework/security/providers/dao/cache/NullUserCacheTests.java
@@ -18,6 +18,7 @@ package org.springframework.security.providers.dao.cache;
 
				 import junit.framework.TestCase;
			
 
				 
			
 
				 import org.springframework.security.userdetails.User;
			
 
				+import org.springframework.security.userdetails.cache.NullUserCache;
			
 
				 import org.springframework.security.util.AuthorityUtils;
			
 
				 
			
 
				 
			
--- a/core/src/test/java/org/springframework/security/providers/rememberme/RememberMeAuthenticationProviderTests.java
+++ b/core/src/test/java/org/springframework/security/providers/rememberme/RememberMeAuthenticationProviderTests.java
@@ -19,6 +19,8 @@ import junit.framework.TestCase;
 
				 
			
 
				 import org.springframework.security.Authentication;
			
 
				 import org.springframework.security.BadCredentialsException;
			
 
				+import org.springframework.security.providers.RememberMeAuthenticationProvider;
			
 
				+import org.springframework.security.providers.RememberMeAuthenticationToken;
			
 
				 import org.springframework.security.providers.TestingAuthenticationToken;
			
 
				 import org.springframework.security.util.AuthorityUtils;
			
 
				 
			
--- a/core/src/test/java/org/springframework/security/providers/rememberme/RememberMeAuthenticationTokenTests.java
+++ b/core/src/test/java/org/springframework/security/providers/rememberme/RememberMeAuthenticationTokenTests.java
@@ -21,6 +21,7 @@ import java.util.List;
 
				 import junit.framework.TestCase;
			
 
				 
			
 
				 import org.springframework.security.GrantedAuthority;
			
 
				+import org.springframework.security.providers.RememberMeAuthenticationToken;
			
 
				 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
			
 
				 import org.springframework.security.util.AuthorityUtils;
			
 
				 
			
--- a/core/src/test/java/org/springframework/security/userdetails/jdbc/JdbcUserDetailsManagerTests.java
+++ b/core/src/test/java/org/springframework/security/userdetails/jdbc/JdbcUserDetailsManagerTests.java
@@ -26,8 +26,8 @@ import org.springframework.security.PopulatedDatabase;
 
				 import org.springframework.security.TestDataSource;
			
 
				 import org.springframework.security.context.SecurityContextHolder;
			
 
				 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
			
 
				-import org.springframework.security.providers.dao.UserCache;
			
 
				 import org.springframework.security.userdetails.User;
			
 
				+import org.springframework.security.userdetails.UserCache;
			
 
				 import org.springframework.security.userdetails.UserDetails;
			
 
				 import org.springframework.security.util.AuthorityUtils;
			
 
				 
			
--- a/core/src/test/java/org/springframework/security/vote/AuthenticatedVoterTests.java
+++ b/core/src/test/java/org/springframework/security/vote/AuthenticatedVoterTests.java
@@ -22,9 +22,9 @@ import junit.framework.TestCase;
 
				 import org.springframework.security.Authentication;
			
 
				 import org.springframework.security.ConfigAttribute;
			
 
				 import org.springframework.security.SecurityConfig;
			
 
				+import org.springframework.security.providers.AnonymousAuthenticationToken;
			
 
				+import org.springframework.security.providers.RememberMeAuthenticationToken;
			
 
				 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
			
 
				-import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
			
 
				-import org.springframework.security.providers.rememberme.RememberMeAuthenticationToken;
			
 
				 import org.springframework.security.util.AuthorityUtils;
			
 
				 
			
 
				 
			
--- a/itest/context/src/test/java/org/springframework/security/performance/FilterChainPerformanceTests.java
+++ b/itest/context/src/test/java/org/springframework/security/performance/FilterChainPerformanceTests.java
@@ -19,9 +19,9 @@ import org.springframework.mock.web.MockHttpSession;
 
				 import org.springframework.security.GrantedAuthority;
			
 
				 import org.springframework.security.GrantedAuthorityImpl;
			
 
				 import org.springframework.security.context.SecurityContextHolder;
			
 
				-import org.springframework.security.context.web.HttpSessionSecurityContextRepository;
			
 
				 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
			
 
				-import org.springframework.security.web.util.FilterChainProxy;
			
 
				+import org.springframework.security.web.FilterChainProxy;
			
 
				+import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
			
 
				 import org.springframework.test.context.ContextConfiguration;
			
 
				 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
			
 
				 import org.springframework.util.StopWatch;
			
--- a/itest/context/src/test/resources/filter-chain-performance-app-context.xml
+++ b/itest/context/src/test/resources/filter-chain-performance-app-context.xml
@@ -11,13 +11,13 @@
 
				     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd

			
 
				                         http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">

			
 
				 

			
 
				-    <bean id="fcpMinimalStack" class="org.springframework.security.web.util.FilterChainProxy">

			
 
				+    <bean id="fcpMinimalStack" class="org.springframework.security.web.FilterChainProxy">

			
 
				         <sec:filter-chain-map path-type="ant">

			
 
				             <sec:filter-chain pattern="/**" filters="scpf,preAuthFilter,etf,fsi"/>

			
 
				         </sec:filter-chain-map>

			
 
				     </bean>

			
 
				 

			
 
				-    <bean id="fcpFullStack" class="org.springframework.security.web.util.FilterChainProxy">

			
 
				+    <bean id="fcpFullStack" class="org.springframework.security.web.FilterChainProxy">

			
 
				         <sec:filter-chain-map path-type="ant">

			
 
				             <sec:filter-chain pattern="/**" filters="scpf,preAuthFilter,apf,basicPf,logoutFilter,scharf,etf,fsi"/>

			
 
				         </sec:filter-chain-map>

			
@@ -37,36 +37,36 @@
 
				         <sec:user name="bob" password="bobspassword" authorities="ROLE_0,ROLE_1"/>

			
 
				     </sec:user-service>

			
 
				 

			
 
				-    <bean id="scpf" class="org.springframework.security.context.web.SecurityContextPersistenceFilter"/>
			
 
				+    <bean id="scpf" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
			
 
				 

			
 
				-    <bean id="apf" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">

			
 
				+    <bean id="apf" class="org.springframework.security.web.authentication.AuthenticationProcessingFilter">

			
 
				         <property name="authenticationManager" ref="authenticationManager"/>

			
 
				     </bean>

			
 
				 

			
 
				-    <bean id="basicPf" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">

			
 
				+    <bean id="basicPf" class="org.springframework.security.web.authentication.www.BasicProcessingFilter">

			
 
				         <property name="authenticationManager" ref="authenticationManager"/>

			
 
				         <property name="ignoreFailure" value="true"/>

			
 
				     </bean>

			
 
				 

			
 
				-    <bean id="preAuthFilter" class="org.springframework.security.ui.preauth.header.RequestHeaderPreAuthenticatedProcessingFilter">

			
 
				+    <bean id="preAuthFilter" class="org.springframework.security.web.authentication.preauth.RequestHeaderPreAuthenticatedProcessingFilter">

			
 
				         <property name="authenticationManager" ref="authenticationManager"/>

			
 
				     </bean>

			
 
				 

			
 
				-    <bean id="scharf" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter" />

			
 
				+    <bean id="scharf" class="org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter" />

			
 
				 

			
 
				     <bean id="preAuthenticatedProcessingFilterEntryPoint"

			
 
				-            class="org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint"/>

			
 
				+            class="org.springframework.security.web.authentication.preauth.PreAuthenticatedProcessingFilterEntryPoint"/>

			
 
				 

			
 
				-    <bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">

			
 
				+    <bean id="logoutFilter" class="org.springframework.security.web.logout.LogoutFilter">

			
 
				         <constructor-arg value="/"/>

			
 
				         <constructor-arg>

			
 
				             <list>

			
 
				-                <bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>

			
 
				+                <bean class="org.springframework.security.web.logout.SecurityContextLogoutHandler"/>

			
 
				             </list>

			
 
				         </constructor-arg>

			
 
				     </bean>

			
 
				 

			
 
				-    <bean id="etf" class="org.springframework.security.ui.ExceptionTranslationFilter">

			
 
				+    <bean id="etf" class="org.springframework.security.web.ExceptionTranslationFilter">

			
 
				         <property name="authenticationEntryPoint" ref="preAuthenticatedProcessingFilterEntryPoint"/>

			
 
				     </bean>

			
 
				 

			
@@ -88,7 +88,7 @@
 
				         </property>

			
 
				     </bean>

			
 
				 

			
 
				-    <bean id="fsi" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">

			
 
				+    <bean id="fsi" class="org.springframework.security.web.intercept.FilterSecurityInterceptor">

			
 
				         <property name="authenticationManager" ref="authenticationManager"/>
			
 
				         <property name="accessDecisionManager" ref="accessDecisionManager"/>

			
 
				         <property name="securityMetadataSource">
			
--- a/itest/web/src/main/webapp/WEB-INF/custom-filters.xml
+++ b/itest/web/src/main/webapp/WEB-INF/custom-filters.xml
@@ -7,13 +7,13 @@
 
				                         http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
			
 
				 
			
 
				     <!-- A second APF in addition to the standard namespace one -->
			
 
				-    <bean name="formLoginFilter2" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
			
 
				+    <bean name="formLoginFilter2" class="org.springframework.security.authentication.AuthenticationProcessingFilter">
			
 
				         <sec:custom-filter after="AUTHENTICATION_PROCESSING_FILTER"/>
			
 
				         <property name="filterProcessesUrl" value="/j_spring_security_check_2"/>
			
 
				     </bean>
			
 
				 
			
 
				 
			
 
				-    <bean name="switchUserFilter" class="org.springframework.security.ui.switchuser.SwitchUserProcessingFilter">
			
 
				+    <bean name="switchUserFilter" class="org.springframework.security.web.authentication.switchuser.SwitchUserProcessingFilter">
			
 
				         <sec:custom-filter position="SWITCH_USER_FILTER"/>
			
 
				     </bean>
			
 
				-</beans>
			
 
				+</beans>
			
--- a/itest/web/src/main/webapp/WEB-INF/http-security.xml
+++ b/itest/web/src/main/webapp/WEB-INF/http-security.xml
@@ -6,13 +6,13 @@
 
				     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
			
 
				                         http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
			
 
				 
			
 
				-    <!-- 
			
 
				+    <!--
			
 
				        Http App Context to test form login, remember-me and concurrent session control.
			
 
				-       Needs to be supplemented with authentication provider(s) 
			
 
				+       Needs to be supplemented with authentication provider(s)
			
 
				     -->
			
 
				 
			
 
				     <http>
			
 
				-        <intercept-url pattern="/login.jsp*" filters="none" />        
			
 
				+        <intercept-url pattern="/login.jsp*" filters="none" />
			
 
				         <intercept-url pattern="/secure/**" access="ROLE_DEVELOPER,ROLE_USER" />
			
 
				         <intercept-url pattern="/**" access="ROLE_DEVELOPER,ROLE_USER" />
			
 
				 
			
@@ -27,8 +27,8 @@
 
				         <remember-me key="doesntmatter" token-repository-ref="tokenRepo"/>
			
 
				     </http>
			
 
				 
			
 
				-    <beans:bean name="tokenRepo" class="org.springframework.security.ui.rememberme.InMemoryTokenRepositoryImpl"/>
			
 
				+    <beans:bean name="tokenRepo" class="org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl"/>
			
 
				 
			
 
				     <!-- bean name="rememberMeServices" class="org.springframework.security.ui.rememberme.NullRememberMeServices"/ -->
			
 
				 
			
 
				-</beans:beans>
			
 
				+</beans:beans>
			
--- a/ldap/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java
+++ b/ldap/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java
@@ -2,7 +2,7 @@ package org.springframework.security.ldap;
 
				 
			
 
				 import org.springframework.security.Authentication;
			
 
				 import org.springframework.security.context.SecurityContextHolder;
			
 
				-import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
			
 
				+import org.springframework.security.providers.AnonymousAuthenticationToken;
			
 
				 import org.springframework.security.userdetails.ldap.LdapUserDetails;
			
 
				 import org.springframework.ldap.core.AuthenticationSource;
			
 
				 
			
--- a/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java
+++ b/ldap/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java
@@ -1,8 +1,8 @@
 
				 package org.springframework.security.ldap;
			
 
				 
			
 
				 import org.springframework.security.context.SecurityContextHolder;
			
 
				+import org.springframework.security.providers.AnonymousAuthenticationToken;
			
 
				 import org.springframework.security.providers.TestingAuthenticationToken;
			
 
				-import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
			
 
				 import org.springframework.security.userdetails.ldap.LdapUserDetailsImpl;
			
 
				 import org.springframework.security.util.AuthorityUtils;
			
 
				 import org.springframework.ldap.core.AuthenticationSource;
			
--- a/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java
+++ b/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java
@@ -17,18 +17,18 @@ package org.springframework.security.ui.ntlm;
 
				 

			
 
				 import org.springframework.security.Authentication;

			
 
				 import org.springframework.security.AuthenticationCredentialsNotFoundException;

			
 
				+import org.springframework.security.AuthenticationDetailsSource;

			
 
				 import org.springframework.security.AuthenticationException;

			
 
				 import org.springframework.security.AuthenticationManager;

			
 
				 import org.springframework.security.BadCredentialsException;

			
 
				 import org.springframework.security.InsufficientAuthenticationException;

			
 
				 import org.springframework.security.context.SecurityContextHolder;

			
 
				+import org.springframework.security.providers.AnonymousAuthenticationToken;

			
 
				 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;

			
 
				-import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;

			
 
				-import org.springframework.security.ui.SpringSecurityFilter;

			
 
				-import org.springframework.security.ui.FilterChainOrder;

			
 
				-import org.springframework.security.ui.AuthenticationDetailsSource;

			
 
				-import org.springframework.security.ui.WebAuthenticationDetailsSource;

			
 
				-import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;

			
 
				+import org.springframework.security.web.FilterChainOrder;

			
 
				+import org.springframework.security.web.SpringSecurityFilter;

			
 
				+import org.springframework.security.web.WebAuthenticationDetailsSource;

			
 
				+import org.springframework.security.web.authentication.AuthenticationProcessingFilter;

			
 
				 import org.springframework.beans.factory.InitializingBean;

			
 
				 import org.springframework.util.Assert;

			
 
				 

			
--- a/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilterEntryPoint.java
+++ b/ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilterEntryPoint.java
@@ -22,7 +22,7 @@ import javax.servlet.http.HttpServletRequest;
 
				 import javax.servlet.http.HttpServletResponse;

			
 
				 

			
 
				 import org.springframework.security.AuthenticationException;

			
 
				-import org.springframework.security.ui.AuthenticationEntryPoint;

			
 
				+import org.springframework.security.web.AuthenticationEntryPoint;

			
 
				 import org.springframework.util.Assert;

			
 
				 

			
 
				 /**

			
--- a/openid/src/main/java/org/springframework/security/providers/openid/AuthenticationCancelledException.java
+++ b/openid/src/main/java/org/springframework/security/providers/openid/AuthenticationCancelledException.java
@@ -12,7 +12,7 @@
 
				  * See the License for the specific language governing permissions and

			
 
				  * limitations under the License.

			
 
				  */

			
 
				-package org.springframework.security.providers.openid;

			
 
				+package org.springframework.security.openid;

			
 
				 

			
 
				 import org.springframework.security.AuthenticationException;

			
 
				 

			
--- a/openid/src/main/java/org/springframework/security/ui/openid/consumers/OpenID4JavaConsumer.java
+++ b/openid/src/main/java/org/springframework/security/ui/openid/consumers/OpenID4JavaConsumer.java
@@ -12,13 +12,7 @@
 
				  * See the License for the specific language governing permissions and
			
 
				  * limitations under the License.
			
 
				  */
			
 
				-package org.springframework.security.ui.openid.consumers;
			
 
				-
			
 
				-import org.springframework.security.providers.openid.OpenIDAuthenticationStatus;
			
 
				-import org.springframework.security.providers.openid.OpenIDAuthenticationToken;
			
 
				-
			
 
				-import org.springframework.security.ui.openid.OpenIDConsumer;
			
 
				-import org.springframework.security.ui.openid.OpenIDConsumerException;
			
 
				+package org.springframework.security.openid;
			
 
				 
			
 
				 import org.openid4java.association.AssociationException;
			
 
				 
			
--- a/openid/src/main/java/org/springframework/security/ui/openid/OpenIDAuthenticationProcessingFilter.java
+++ b/openid/src/main/java/org/springframework/security/ui/openid/OpenIDAuthenticationProcessingFilter.java
@@ -13,7 +13,7 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.springframework.security.ui.openid;
			
 
				+package org.springframework.security.openid;
			
 
				 
			
 
				 import java.io.IOException;
			
 
				 import java.net.MalformedURLException;
			
@@ -28,12 +28,9 @@ import javax.servlet.http.HttpSession;
 
				 import org.springframework.security.Authentication;
			
 
				 import org.springframework.security.AuthenticationException;
			
 
				 import org.springframework.security.AuthenticationServiceException;
			
 
				-import org.springframework.security.providers.openid.OpenIDAuthenticationProvider;
			
 
				-import org.springframework.security.providers.openid.OpenIDAuthenticationToken;
			
 
				-import org.springframework.security.ui.AbstractProcessingFilter;
			
 
				-import org.springframework.security.ui.FilterChainOrder;
			
 
				-import org.springframework.security.ui.openid.consumers.OpenID4JavaConsumer;
			
 
				-import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
			
 
				+import org.springframework.security.web.FilterChainOrder;
			
 
				+import org.springframework.security.web.authentication.AbstractProcessingFilter;
			
 
				+import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
			
 
				 import org.springframework.util.StringUtils;
			
 
				 
			
 
				 
			
--- a/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationProvider.java
+++ b/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationProvider.java
@@ -12,7 +12,7 @@
 
				  * See the License for the specific language governing permissions and

			
 
				  * limitations under the License.

			
 
				  */

			
 
				-package org.springframework.security.providers.openid;

			
 
				+package org.springframework.security.openid;

			
 
				 

			
 
				 import org.springframework.beans.factory.InitializingBean;

			
 
				 import org.springframework.security.Authentication;

			
--- a/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationStatus.java
+++ b/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationStatus.java
@@ -12,7 +12,7 @@
 
				  * See the License for the specific language governing permissions and

			
 
				  * limitations under the License.

			
 
				  */

			
 
				-package org.springframework.security.providers.openid;

			
 
				+package org.springframework.security.openid;

			
 
				 

			
 
				 import java.io.ObjectStreamException;

			
 
				 import java.io.Serializable;

			
--- a/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationToken.java
+++ b/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationToken.java
@@ -12,7 +12,7 @@
 
				  * See the License for the specific language governing permissions and

			
 
				  * limitations under the License.

			
 
				  */

			
 
				-package org.springframework.security.providers.openid;

			
 
				+package org.springframework.security.openid;

			
 
				 

			
 
				 import java.util.ArrayList;

			
 
				 import java.util.List;

			
--- a/openid/src/main/java/org/springframework/security/ui/openid/OpenIDConsumer.java
+++ b/openid/src/main/java/org/springframework/security/ui/openid/OpenIDConsumer.java
@@ -12,9 +12,8 @@
 
				  * See the License for the specific language governing permissions and

			
 
				  * limitations under the License.

			
 
				  */

			
 
				-package org.springframework.security.ui.openid;

			
 
				+package org.springframework.security.openid;

			
 
				 

			
 
				-import org.springframework.security.providers.openid.OpenIDAuthenticationToken;

			
 
				 

			
 
				 import javax.servlet.http.HttpServletRequest;

			
 
				 

			
--- a/openid/src/main/java/org/springframework/security/ui/openid/OpenIDConsumerException.java
+++ b/openid/src/main/java/org/springframework/security/ui/openid/OpenIDConsumerException.java
@@ -12,7 +12,7 @@
 
				  * See the License for the specific language governing permissions and

			
 
				  * limitations under the License.

			
 
				  */

			
 
				-package org.springframework.security.ui.openid;

			
 
				+package org.springframework.security.openid;

			
 
				 

			
 
				 /**

			
 
				  * Thrown by an OpenIDConsumer if it cannot process a request

			
--- a/openid/src/main/java/org/springframework/security/ui/openid/package.html
+++ b/openid/src/main/java/org/springframework/security/ui/openid/package.html
--- a/openid/src/main/java/org/springframework/security/providers/openid/package.html
+++ b/openid/src/main/java/org/springframework/security/providers/openid/package.html
@@ -1,6 +0,0 @@
 
				-<html>

			
 
				-<body>

			
 
				-An authentication provider that can process <a href="http://openid.net">OpenID</a> 

			
 
				-Authentication Tokens as created by implementations of the OpenIDConsumer interface.

			
 
				-</body>

			
 
				-</html>

			
--- a/openid/src/main/java/org/springframework/security/ui/openid/consumers/package.html
+++ b/openid/src/main/java/org/springframework/security/ui/openid/consumers/package.html
@@ -1,5 +0,0 @@
 
				-<html>

			
 
				-<body>

			
 
				-Implementations of the OpenIDConsumer interface using 3rd party libraries.

			
 
				-</body>

			
 
				-</html>

			
--- a/openid/src/test/java/org/springframework/security/ui/openid/consumers/MockOpenIDConsumer.java
+++ b/openid/src/test/java/org/springframework/security/ui/openid/consumers/MockOpenIDConsumer.java
@@ -12,11 +12,11 @@
 
				  * See the License for the specific language governing permissions and

			
 
				  * limitations under the License.

			
 
				  */

			
 
				-package org.springframework.security.ui.openid.consumers;

			
 
				+package org.springframework.security.openid;

			
 
				 

			
 
				-import org.springframework.security.providers.openid.OpenIDAuthenticationToken;

			
 
				-import org.springframework.security.ui.openid.OpenIDConsumer;

			
 
				-import org.springframework.security.ui.openid.OpenIDConsumerException;

			
 
				+import org.springframework.security.openid.OpenIDAuthenticationToken;

			
 
				+import org.springframework.security.openid.OpenIDConsumer;

			
 
				+import org.springframework.security.openid.OpenIDConsumerException;

			
 
				 

			
 
				 import javax.servlet.http.HttpServletRequest;

			
 
				 

			
--- a/openid/src/test/java/org/springframework/security/ui/openid/OpenIDAuthenticationProcessingFilterTests.java
+++ b/openid/src/test/java/org/springframework/security/ui/openid/OpenIDAuthenticationProcessingFilterTests.java
@@ -1,4 +1,4 @@
 
				-package org.springframework.security.ui.openid;
			
 
				+package org.springframework.security.openid;
			
 
				 
			
 
				 import static org.junit.Assert.assertEquals;
			
 
				 import static org.mockito.Matchers.any;
			
@@ -13,8 +13,9 @@ import org.junit.Test;
 
				 import org.springframework.mock.web.MockHttpServletRequest;
			
 
				 import org.springframework.mock.web.MockHttpServletResponse;
			
 
				 import org.springframework.security.MockAuthenticationManager;
			
 
				-import org.springframework.security.ui.SavedRequestAwareAuthenticationSuccessHandler;
			
 
				-import org.springframework.security.ui.openid.consumers.MockOpenIDConsumer;
			
 
				+import org.springframework.security.openid.OpenIDAuthenticationProcessingFilter;
			
 
				+import org.springframework.security.openid.OpenIDConsumerException;
			
 
				+import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
			
 
				 
			
 
				 public class OpenIDAuthenticationProcessingFilterTests {
			
 
				 
			
--- a/openid/src/test/java/org/springframework/security/providers/openid/OpenIDAuthenticationProviderTests.java
+++ b/openid/src/test/java/org/springframework/security/providers/openid/OpenIDAuthenticationProviderTests.java
@@ -12,7 +12,7 @@
 
				  * See the License for the specific language governing permissions and

			
 
				  * limitations under the License.

			
 
				  */

			
 
				-package org.springframework.security.providers.openid;

			
 
				+package org.springframework.security.openid;

			
 
				 

			
 
				 import junit.framework.TestCase;

			
 
				 import org.springframework.security.Authentication;

			
@@ -23,6 +23,10 @@ import org.springframework.security.GrantedAuthority;
 
				 import org.springframework.security.GrantedAuthorityImpl;

			
 
				 import org.springframework.security.userdetails.UserDetails;

			
 
				 import org.springframework.security.userdetails.User;

			
 
				+import org.springframework.security.openid.AuthenticationCancelledException;

			
 
				+import org.springframework.security.openid.OpenIDAuthenticationProvider;

			
 
				+import org.springframework.security.openid.OpenIDAuthenticationStatus;

			
 
				+import org.springframework.security.openid.OpenIDAuthenticationToken;

			
 
				 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;

			
 
				 import org.springframework.security.userdetails.UserDetailsService;

			
 
				 

			
--- a/openid/src/test/java/org/springframework/security/providers/openid/OpenIDAuthenticationTokenTests.java
+++ b/openid/src/test/java/org/springframework/security/providers/openid/OpenIDAuthenticationTokenTests.java
@@ -12,7 +12,10 @@
 
				  * See the License for the specific language governing permissions and
			
 
				  * limitations under the License.
			
 
				  */
			
 
				-package org.springframework.security.providers.openid;
			
 
				+package org.springframework.security.openid;
			
 
				+
			
 
				+import org.springframework.security.openid.OpenIDAuthenticationStatus;
			
 
				+import org.springframework.security.openid.OpenIDAuthenticationToken;
			
 
				 
			
 
				 import junit.framework.TestCase;
			
 
				 
			
--- a/portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java
+++ b/portlet/src/main/java/org/springframework/security/ui/portlet/PortletProcessingInterceptor.java
@@ -31,14 +31,14 @@ import javax.portlet.RenderRequest;
 
				 import javax.portlet.RenderResponse;

			
 
				 

			
 
				 import org.springframework.security.Authentication;

			
 
				+import org.springframework.security.AuthenticationDetailsSource;

			
 
				+import org.springframework.security.AuthenticationDetailsSourceImpl;

			
 
				 import org.springframework.security.AuthenticationException;

			
 
				 import org.springframework.security.AuthenticationManager;

			
 
				 import org.springframework.security.context.SecurityContext;

			
 
				 import org.springframework.security.context.SecurityContextHolder;

			
 
				 import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationToken;

			
 
				 import org.springframework.security.ui.AbstractProcessingFilter;

			
 
				-import org.springframework.security.ui.AuthenticationDetailsSource;

			
 
				-import org.springframework.security.ui.AuthenticationDetailsSourceImpl;

			
 
				 import org.apache.commons.logging.Log;

			
 
				 import org.apache.commons.logging.LogFactory;

			
 
				 import org.springframework.beans.factory.InitializingBean;

			
--- a/samples/contacts/src/main/webapp/WEB-INF/applicationContext-security.xml
+++ b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-security.xml
@@ -43,7 +43,7 @@
 
				     <!-- Filter used to switch the user context. Note: the switch and exit url must be secured
			
 
				         based on the role granted the ability to 'switch' to another user -->
			
 
				     <!-- In this example 'rod' has ROLE_SUPERVISOR that can switch to regular ROLE_USER(s) -->
			
 
				-    <b:bean id="switchUserProcessingFilter" class="org.springframework.security.ui.switchuser.SwitchUserProcessingFilter" autowire="byType">
			
 
				+    <b:bean id="switchUserProcessingFilter" class="org.springframework.security.web.authentication.switchuser.SwitchUserProcessingFilter" autowire="byType">
			
 
				        <custom-filter position="SWITCH_USER_FILTER"/>
			
 
				        <b:property name="targetUrl" value="/secure/index.htm"/>
			
 
				     </b:bean>
			
--- a/samples/contacts/src/main/webapp/WEB-INF/web.xml
+++ b/samples/contacts/src/main/webapp/WEB-INF/web.xml
@@ -60,15 +60,6 @@
 
				         <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
			
 
				     </listener>
			
 
				 
			
 
				-    <!--
			
 
				-        The HttpSessionEventPublisher will publish
			
 
				-        HttpSessionCreatedEvent and HttpSessionDestroyedEvent
			
 
				-        to the WebApplicationContext
			
 
				- -->
			
 
				-    <listener>
			
 
				-        <listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>
			
 
				-    </listener>
			
 
				-
			
 
				   <!--
			
 
				     - Provides core MVC application controller. See contacts-servlet.xml.
			
 
				     -->
			
--- a/samples/dms/src/main/resources/applicationContext-dms-secure.xml
+++ b/samples/dms/src/main/resources/applicationContext-dms-secure.xml
@@ -73,7 +73,7 @@
 
				       <property name="cacheName" value="userCache"/>
			
 
				    </bean>
			
 
				 
			
 
				-   <bean id="userCache" class="org.springframework.security.providers.dao.cache.EhCacheBasedUserCache">
			
 
				+   <bean id="userCache" class="org.springframework.security.userdetails.cache.EhCacheBasedUserCache">
			
 
				       <property name="cache" ref="userCacheBackend"/>
			
 
				    </bean>
			
 
				 
			
--- a/samples/ldap/pom.xml
+++ b/samples/ldap/pom.xml
@@ -15,6 +15,16 @@
 
				             <artifactId>spring-security-ldap</artifactId>
			
 
				             <version>${project.version}</version>
			
 
				         </dependency>
			
 
				+        <dependency>
			
 
				+            <groupId>org.springframework.security</groupId>
			
 
				+            <artifactId>spring-security-config</artifactId>
			
 
				+            <version>${project.version}</version>
			
 
				+        </dependency>
			
 
				+        <dependency>
			
 
				+            <groupId>org.springframework.security</groupId>
			
 
				+            <artifactId>spring-security-web</artifactId>
			
 
				+            <version>${project.version}</version>
			
 
				+        </dependency>
			
 
				         <dependency>
			
 
				             <groupId>org.springframework</groupId>
			
 
				             <artifactId>org.springframework.web</artifactId>
			
--- a/samples/ldap/src/main/webapp/WEB-INF/web.xml
+++ b/samples/ldap/src/main/webapp/WEB-INF/web.xml
@@ -46,12 +46,4 @@
 
				         <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>

			
 
				     </listener>

			
 
				 

			
 
				-    <!--

			
 
				-      - Publishes events for session creation and destruction through the application

			
 
				-      - context. Optional unless concurrent session control is being used.

			
 
				-      -->

			
 
				-    <listener>

			
 
				-      <listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>

			
 
				-    </listener>

			
 
				-

			
 
				 </web-app>

			
--- a/samples/preauth/pom.xml
+++ b/samples/preauth/pom.xml
@@ -14,29 +14,30 @@
 
				             <groupId>org.springframework.security</groupId>
			
 
				             <artifactId>spring-security-core</artifactId>
			
 
				             <version>${project.version}</version>
			
 
				+            <scope>runtime</scope>
			
 
				         </dependency>
			
 
				         <dependency>
			
 
				-            <groupId>org.springframework</groupId>
			
 
				-            <artifactId>org.springframework.web</artifactId>
			
 
				-        </dependency>
			
 
				-        <dependency>
			
 
				-            <groupId>org.springframework</groupId>
			
 
				-            <artifactId>org.springframework.web.servlet</artifactId>
			
 
				+            <groupId>org.springframework.security</groupId>
			
 
				+            <artifactId>spring-security-web</artifactId>
			
 
				+            <version>${project.version}</version>
			
 
				+            <scope>runtime</scope>
			
 
				         </dependency>
			
 
				         <dependency>
			
 
				-            <groupId>org.springframework</groupId>
			
 
				-            <artifactId>org.springframework.jdbc</artifactId>
			
 
				+            <groupId>org.springframework.security</groupId>
			
 
				+            <artifactId>spring-security-config</artifactId>
			
 
				+            <version>${project.version}</version>
			
 
				             <scope>runtime</scope>
			
 
				         </dependency>
			
 
				         <dependency>
			
 
				             <groupId>org.springframework</groupId>
			
 
				-            <artifactId>org.springframework.aop</artifactId>
			
 
				+            <artifactId>org.springframework.jdbc</artifactId>
			
 
				             <scope>runtime</scope>
			
 
				         </dependency>
			
 
				         <dependency>
			
 
				             <groupId>jaxen</groupId>
			
 
				             <artifactId>jaxen</artifactId>
			
 
				             <version>1.1.1</version>
			
 
				+            <scope>runtime</scope>
			
 
				         </dependency>
			
 
				     </dependencies>
			
 
				 
			
@@ -58,5 +59,4 @@
 
				             </plugin>
			
 
				         </plugins>
			
 
				     </build>
			
 
				-
			
 
				 </project>
			
--- a/samples/preauth/src/main/webapp/WEB-INF/applicationContext-security.xml
+++ b/samples/preauth/src/main/webapp/WEB-INF/applicationContext-security.xml
@@ -12,13 +12,13 @@
 
				     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd

			
 
				                         http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">

			
 
				 

			
 
				-    <bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">

			
 
				+    <bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">

			
 
				         <sec:filter-chain-map path-type="ant">

			
 
				             <sec:filter-chain pattern="/**" filters="sif,j2eePreAuthFilter,logoutFilter,etf,fsi"/>

			
 
				         </sec:filter-chain-map>

			
 
				     </bean>

			
 
				 

			
 
				-    <bean id="sif" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/>

			
 
				+    <bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>

			
 
				 
			
 
				     <sec:authentication-manager alias="authenticationManager" />
			
 
				 
			
@@ -30,24 +30,24 @@
 
				     <bean id="preAuthenticatedUserDetailsService"

			
 
				             class="org.springframework.security.providers.preauth.PreAuthenticatedGrantedAuthoritiesUserDetailsService"/>

			
 
				 

			
 
				-    <bean id="j2eePreAuthFilter" class="org.springframework.security.ui.preauth.j2ee.J2eePreAuthenticatedProcessingFilter">

			
 
				+    <bean id="j2eePreAuthFilter" class="org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter">

			
 
				         <property name="authenticationManager" ref="authenticationManager"/>

			
 
				         <property name="authenticationDetailsSource" ref="authenticationDetailsSource"/>

			
 
				     </bean>

			
 
				 

			
 
				     <bean id="preAuthenticatedProcessingFilterEntryPoint"

			
 
				-            class="org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint"/>

			
 
				+            class="org.springframework.security.web.authentication.preauth.PreAuthenticatedProcessingFilterEntryPoint"/>

			
 
				 

			
 
				-    <bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">

			
 
				+    <bean id="logoutFilter" class="org.springframework.security.web.logout.LogoutFilter">

			
 
				         <constructor-arg value="/"/>

			
 
				         <constructor-arg>

			
 
				             <list>

			
 
				-                <bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>

			
 
				+                <bean class="org.springframework.security.web.logout.SecurityContextLogoutHandler"/>

			
 
				             </list>

			
 
				         </constructor-arg>

			
 
				     </bean>

			
 
				 

			
 
				-    <bean id="authenticationDetailsSource" class="org.springframework.security.ui.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource">

			
 
				+    <bean id="authenticationDetailsSource" class="org.springframework.security.web.authentication.preauth.j2ee.J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource">

			
 
				         <property name="mappableRolesRetriever" ref="j2eeMappableRolesRetriever"/>

			
 
				         <property name="userRoles2GrantedAuthoritiesMapper" ref="j2eeUserRoles2GrantedAuthoritiesMapper"/>

			
 
				     </bean>

			
@@ -56,7 +56,7 @@
 
				         <property name="convertAttributeToUpperCase" value="true"/>

			
 
				     </bean>

			
 
				 

			
 
				-    <bean id="j2eeMappableRolesRetriever" class="org.springframework.security.ui.preauth.j2ee.WebXmlMappableAttributesRetriever">

			
 
				+    <bean id="j2eeMappableRolesRetriever" class="org.springframework.security.web.authentication.preauth.j2ee.WebXmlMappableAttributesRetriever">

			
 
				 

			
 
				     <property name="webXmlInputStream"><bean factory-bean="webXmlResource" factory-method="getInputStream"/>

			
 
				     </property>

			
@@ -69,7 +69,7 @@
 
				 

			
 
				     <bean id="servletContext" class="org.springframework.web.context.support.ServletContextFactoryBean"/>

			
 
				 

			
 
				-    <bean id="etf" class="org.springframework.security.ui.ExceptionTranslationFilter">

			
 
				+    <bean id="etf" class="org.springframework.security.web.ExceptionTranslationFilter">

			
 
				         <property name="authenticationEntryPoint" ref="preAuthenticatedProcessingFilterEntryPoint"/>

			
 
				     </bean>

			
 
				 

			
@@ -82,7 +82,7 @@
 
				         </property>

			
 
				     </bean>

			
 
				 

			
 
				-    <bean id="fsi" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">

			
 
				+    <bean id="fsi" class="org.springframework.security.web.intercept.FilterSecurityInterceptor">

			
 
				         <property name="authenticationManager" ref="authenticationManager"/>
			
 
				         <property name="accessDecisionManager" ref="httpRequestAccessDecisionManager"/>

			
 
				         <property name="securityMetadataSource">
			
@@ -96,8 +96,8 @@
 
				 

			
 
				     <bean id="roleVoter" class="org.springframework.security.vote.RoleVoter"/>

			
 
				 

			
 
				-    <bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter">

			
 
				-        <property name="wrapperClass" value="org.springframework.security.wrapper.SecurityContextHolderAwareRequestWrapper"/>

			
 
				+    <bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestFilter">

			
 
				+        <property name="wrapperClass" value="org.springframework.security.web.wrapper.SecurityContextHolderAwareRequestWrapper"/>

			
 
				     </bean>

			
 
				 

			
 
				 </beans>

			
--- a/samples/preauth/src/main/webapp/WEB-INF/web.xml
+++ b/samples/preauth/src/main/webapp/WEB-INF/web.xml
@@ -12,15 +12,15 @@
 
				     <display-name>Spring Security Preauthentication Demo Application</display-name>

			
 
				 

			
 
				     <!--

			
 
				-	  - Location of the XML file that defines the root application context

			
 
				-	  - Applied by ContextLoaderListener.

			
 
				-	  -->

			
 
				-	<context-param>

			
 
				-		<param-name>contextConfigLocation</param-name>

			
 
				-		<param-value>

			
 
				-			/WEB-INF/applicationContext-security.xml

			
 
				-		</param-value>

			
 
				-	</context-param>

			
 
				+      - Location of the XML file that defines the root application context

			
 
				+      - Applied by ContextLoaderListener.

			
 
				+      -->

			
 
				+    <context-param>

			
 
				+        <param-name>contextConfigLocation</param-name>

			
 
				+        <param-value>

			
 
				+            /WEB-INF/applicationContext-security.xml

			
 
				+        </param-value>

			
 
				+    </context-param>

			
 
				 

			
 
				     <filter>

			
 
				         <filter-name>filterChainProxy</filter-name>

			
@@ -32,21 +32,13 @@
 
				       <url-pattern>/*</url-pattern>

			
 
				     </filter-mapping>

			
 
				 

			
 
				-	<!--

			
 
				-	  - Loads the root application context of this web app at startup.

			
 
				-	  - The application context is then available via

			
 
				-	  - WebApplicationContextUtils.getWebApplicationContext(servletContext).

			
 
				+    <!--

			
 
				+      - Loads the root application context of this web app at startup.

			
 
				+      - The application context is then available via

			
 
				+      - WebApplicationContextUtils.getWebApplicationContext(servletContext).

			
 
				     -->

			
 
				-	<listener>

			
 
				-		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>

			
 
				-	</listener>

			
 
				-

			
 
				-	<!--

			
 
				-	  - Publishes events for session creation and destruction through the application

			
 
				-	  - context. Optional unless concurrent session control is being used.

			
 
				-      -->

			
 
				     <listener>

			
 
				-      <listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>

			
 
				+        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>

			
 
				     </listener>

			
 
				 

			
 
				     <login-config>

			
--- a/samples/runall.sh
+++ b/samples/runall.sh
@@ -26,20 +26,30 @@ stop_jetty() {
 
				 cleanup
			
 
				 
			
 
				 cd tutorial
			
 
				+echo "Running tutorial app..."
			
 
				 start_jetty
			
 
				 curl http://localhost:8080/tutorial/
			
 
				 stop_jetty
			
 
				 
			
 
				+echo "Running contacts app..."
			
 
				 cd ../contacts
			
 
				 start_jetty
			
 
				 curl http://localhost:8080/contacts/
			
 
				 stop_jetty
			
 
				 
			
 
				+echo "Running ldap app..."
			
 
				 cd ../ldap
			
 
				 start_jetty
			
 
				 curl http://localhost:8080/ldap/
			
 
				 stop_jetty
			
 
				 
			
 
				+echo "Running preauth app..."
			
 
				+cd ../preauth
			
 
				+start_jetty
			
 
				+curl http://localhost:8080/preauth/
			
 
				+stop_jetty
			
 
				+
			
 
				+
			
 
				 cd ../cas
			
 
				 
			
 
				 if [[ -e ./server/cas-server-webapp-3.2.1.war ]]
			
--- a/samples/tutorial/src/main/webapp/WEB-INF/web.xml
+++ b/samples/tutorial/src/main/webapp/WEB-INF/web.xml
@@ -57,7 +57,7 @@
 
				       - context. Optional unless concurrent session control is being used.

			
 
				       -->

			
 
				     <listener>

			
 
				-      <listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>

			
 
				+      <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>

			
 
				     </listener>
			
 
				 
			
 
				     <listener>
			
--- a/web/src/main/java/org/springframework/security/ui/basicauth/package.html
+++ b/web/src/main/java/org/springframework/security/ui/basicauth/package.html
@@ -1,5 +0,0 @@
 
				-<html>
			
 
				-<body>
			
 
				-Authenticates HTTP BASIC authentication requests.
			
 
				-</body>
			
 
				-</html>
			
--- a/web/src/main/java/org/springframework/security/ui/digestauth/package.html
+++ b/web/src/main/java/org/springframework/security/ui/digestauth/package.html
@@ -1,5 +0,0 @@
 
				-<html>
			
 
				-<body>
			
 
				-Authenticates HTTP Digest authentication requests.
			
 
				-</body>
			
 
				-</html>
			
--- a/web/src/main/java/org/springframework/security/ui/webapp/package.html
+++ b/web/src/main/java/org/springframework/security/ui/webapp/package.html
@@ -1,5 +0,0 @@
 
				-<html>
			
 
				-<body>
			
 
				-Authenticates users via HTTP properties, headers and session.
			
 
				-</body>
			
 
				-</html>
			
--- a/web/src/main/java/org/springframework/security/web/AbstractAuthenticationTargetUrlRequestHandler.java
+++ b/web/src/main/java/org/springframework/security/web/AbstractAuthenticationTargetUrlRequestHandler.java
@@ -1,4 +1,4 @@
 
				-package org.springframework.security.ui;
			
 
				+package org.springframework.security.web;
			
 
				 
			
 
				 import java.io.IOException;
			
 
				 import java.io.UnsupportedEncodingException;
			
@@ -11,7 +11,8 @@ import javax.servlet.http.HttpServletResponse;
 
				 import org.apache.commons.logging.Log;
			
 
				 import org.apache.commons.logging.LogFactory;
			
 
				 import org.springframework.security.Authentication;
			
 
				-import org.springframework.security.ui.logout.LogoutHandler;
			
 
				+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
			
 
				+import org.springframework.security.web.logout.LogoutHandler;
			
 
				 import org.springframework.security.web.util.RedirectUtils;
			
 
				 import org.springframework.security.web.util.UrlUtils;
			
 
				 import org.springframework.util.Assert;
			
--- a/web/src/main/java/org/springframework/security/web/AccessDeniedHandler.java
+++ b/web/src/main/java/org/springframework/security/web/AccessDeniedHandler.java
@@ -13,7 +13,7 @@
 
				  * limitations under the License.

			
 
				  */

			
 
				 

			
 
				-package org.springframework.security.ui;

			
 
				+package org.springframework.security.web;

			
 
				 

			
 
				 import org.springframework.security.AccessDeniedException;

			
 
				 

			
--- a/web/src/main/java/org/springframework/security/web/AccessDeniedHandlerImpl.java
+++ b/web/src/main/java/org/springframework/security/web/AccessDeniedHandlerImpl.java
@@ -13,7 +13,7 @@
 
				  * limitations under the License.

			
 
				  */

			
 
				 

			
 
				-package org.springframework.security.ui;

			
 
				+package org.springframework.security.web;

			
 
				 

			
 
				 import java.io.IOException;

			
 
				 

			
--- a/web/src/main/java/org/springframework/security/web/AuthenticationEntryPoint.java
+++ b/web/src/main/java/org/springframework/security/web/AuthenticationEntryPoint.java
@@ -13,7 +13,7 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.springframework.security.ui;
			
 
				+package org.springframework.security.web;
			
 
				 
			
 
				 import org.springframework.security.AuthenticationException;
			
 
				 
			
--- a/web/src/main/java/org/springframework/security/web/ExceptionTranslationFilter.java
+++ b/web/src/main/java/org/springframework/security/web/ExceptionTranslationFilter.java
@@ -13,7 +13,7 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.springframework.security.ui;
			
 
				+package org.springframework.security.web;
			
 
				 
			
 
				 import org.springframework.security.AccessDeniedException;
			
 
				 import org.springframework.security.SpringSecurityException;
			
@@ -22,11 +22,9 @@ import org.springframework.security.AuthenticationTrustResolver;
 
				 import org.springframework.security.AuthenticationTrustResolverImpl;
			
 
				 import org.springframework.security.InsufficientAuthenticationException;
			
 
				 import org.springframework.security.context.SecurityContextHolder;
			
 
				-import org.springframework.security.ui.savedrequest.SavedRequest;
			
 
				 import org.springframework.security.util.ThrowableAnalyzer;
			
 
				 import org.springframework.security.util.ThrowableCauseExtractor;
			
 
				-import org.springframework.security.web.util.PortResolver;
			
 
				-import org.springframework.security.web.util.PortResolverImpl;
			
 
				+import org.springframework.security.web.savedrequest.SavedRequest;
			
 
				 import org.springframework.beans.factory.InitializingBean;
			
 
				 
			
 
				 import org.springframework.util.Assert;
			
@@ -51,8 +49,8 @@ import javax.servlet.http.HttpServletResponse;
 
				  * <p>
			
 
				  * If an {@link AccessDeniedException} is detected, the filter will determine whether or not the user is an anonymous
			
 
				  * user. If they are an anonymous user, the <code>authenticationEntryPoint</code> will be launched. If they are not
			
 
				- * an anonymous user, the filter will delegate to the {@link org.springframework.security.ui.AccessDeniedHandler}.
			
 
				- * By default the filter will use {@link org.springframework.security.ui.AccessDeniedHandlerImpl}.
			
 
				+ * an anonymous user, the filter will delegate to the {@link org.springframework.security.web.AccessDeniedHandler}.
			
 
				+ * By default the filter will use {@link org.springframework.security.web.AccessDeniedHandlerImpl}.
			
 
				  * <p>
			
 
				  * To use this filter, it is necessary to specify the following properties:
			
 
				  * <ul>
			
@@ -176,7 +174,7 @@ public class ExceptionTranslationFilter extends SpringSecurityFilter implements
 
				      * <code>false</code>.
			
 
				      * <p>
			
 
				      * Remember to also set
			
 
				-     * {@link org.springframework.security.context.web.HttpSessionSecurityContextRepository#setAllowSessionCreation(boolean)}
			
 
				+     * {@link org.springframework.security.web.context.HttpSessionSecurityContextRepository#setAllowSessionCreation(boolean)}
			
 
				      * to <code>false</code> if you set this property to <code>false</code>.
			
 
				      *
			
 
				      * @return <code>true</code> if the <code>HttpSession</code> will be
			
--- a/web/src/main/java/org/springframework/security/web/FilterChainOrder.java
+++ b/web/src/main/java/org/springframework/security/web/FilterChainOrder.java
@@ -1,4 +1,4 @@
 
				-package org.springframework.security.ui;
			
 
				+package org.springframework.security.web;
			
 
				 
			
 
				 import org.springframework.util.Assert;
			
 
				 
			
--- a/web/src/main/java/org/springframework/security/web/util/FilterChainProxy.java
+++ b/web/src/main/java/org/springframework/security/web/util/FilterChainProxy.java
@@ -13,7 +13,7 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.springframework.security.web.util;
			
 
				+package org.springframework.security.web;
			
 
				 
			
 
				 import java.io.IOException;
			
 
				 import java.util.Collection;
			
@@ -34,10 +34,10 @@ import javax.servlet.ServletResponse;
 
				 import org.apache.commons.logging.Log;
			
 
				 import org.apache.commons.logging.LogFactory;
			
 
				 import org.springframework.beans.factory.InitializingBean;
			
 
				-import org.springframework.security.intercept.web.FilterInvocation;
			
 
				-import org.springframework.security.intercept.web.FilterInvocationSecurityMetadataSource;
			
 
				 import org.springframework.security.util.AntUrlPathMatcher;
			
 
				 import org.springframework.security.util.UrlMatcher;
			
 
				+import org.springframework.security.web.intercept.FilterInvocation;
			
 
				+import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource;
			
 
				 import org.springframework.util.Assert;
			
 
				 import org.springframework.web.filter.DelegatingFilterProxy;
			
 
				 
			
--- a/web/src/main/java/org/springframework/security/web/util/PortMapper.java
+++ b/web/src/main/java/org/springframework/security/web/util/PortMapper.java
@@ -13,7 +13,7 @@
 
				  * limitations under the License.
			
 
				  */
			
 
				 
			
 
				-package org.springframework.security.web.util;
			
 
				+package org.springframework.security.web;
			
 
				 
			
 
				 /**
			
 
				  * <code>PortMapper</code> implementations provide callers with information