SEC-645: Deprecated old X.509 provider.

core/src/main/java/org/springframework/security/providers/x509/X509AuthenticationProvider.java

@@ -44,6 +44,8 @@ import java.security.cert.X509Certificate;
  * org.springframework.security.ui.x509.X509ProcessingFilter}).</p>
  *
  * @author Luke Taylor
+ * @deprecated superceded by the preauth provider. Use the X.509 authentication support in org.springframework.security.ui.preauth.x509 instead
+ *             or namespace support via the &lt;x509 /&gt; element. 
  * @version $Id$
  */
 public class X509AuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {

core/src/main/java/org/springframework/security/providers/x509/X509AuthenticationToken.java

@@ -26,6 +26,7 @@ import java.security.cert.X509Certificate;
  * <code>Authentication</code> implementation for X.509 client-certificate authentication.
  *
  * @author Luke Taylor
+ * @deprecated superceded by the preauth provider. Use the X.509 authentication support in org.springframework.security.ui.preauth.x509 instead. 
  * @version $Id$
  */
 public class X509AuthenticationToken extends AbstractAuthenticationToken {
@@ -49,7 +50,7 @@ public class X509AuthenticationToken extends AbstractAuthenticationToken {
     }
 
     /**
-     * Used for an authentication response object. The {@link Authentication#isAuthenticated()}
+     * Used for an authentication response object. The {@link org.springframework.security.Authentication#isAuthenticated()}
      * will return <code>true</code>.
      *
      * @param principal the principal, which is generally a

core/src/main/java/org/springframework/security/providers/x509/X509AuthoritiesPopulator.java

@@ -33,6 +33,7 @@ import java.security.cert.X509Certificate;
  * </p>
  *
  * @author Luke Taylor
+ * @deprecated
  * @version $Id$
  */
 public interface X509AuthoritiesPopulator {

core/src/main/java/org/springframework/security/providers/x509/X509UserCache.java

@@ -30,6 +30,7 @@ import java.security.cert.X509Certificate;
  * </p>
  *
  * @author Luke Taylor
+ * @deprecated
  * @version $Id$
  */
 public interface X509UserCache {

core/src/main/java/org/springframework/security/providers/x509/cache/EhCacheBasedX509UserCache.java

@@ -41,6 +41,7 @@ import java.security.cert.X509Certificate;
  *
  * @author Luke Taylor
  * @author Ben Alex
+ * @deprecated use the X509 preauthenticated  
  * @version $Id$
  */
 public class EhCacheBasedX509UserCache implements X509UserCache, InitializingBean {

core/src/main/java/org/springframework/security/providers/x509/cache/NullX509UserCache.java

@@ -26,6 +26,7 @@ import java.security.cert.X509Certificate;
  * "Cache" that doesn't do any caching.
  *
  * @author Luke Taylor
+ * @deprecated
  * @version $Id$
  */
 public class NullX509UserCache implements X509UserCache {

core/src/main/java/org/springframework/security/providers/x509/cache/package.html

@@ -1,5 +1,5 @@
 <html>
 <body>
-User caches for the X509 provider.
+Deprecated and will be removed in a future version. Use a caching UserDetailsService instead.
 </body>
 </html>

core/src/main/java/org/springframework/security/providers/x509/package.html

@@ -1,5 +1,6 @@
 <html>
 <body>
-An authentication provider that can process X.509 certificaties.
+This package is now deprecated and will be removed in a future version.
+Use the X.509 authentication support in org.springframework.security.ui.preauth.x509 instead.
 </body>
 </html>

core/src/main/java/org/springframework/security/providers/x509/populator/DaoX509AuthoritiesPopulator.java

@@ -44,6 +44,8 @@ import java.util.regex.Matcher;
  * Populates the X509 authorities via an {@link org.springframework.security.userdetails.UserDetailsService}.
  *
  * @author Luke Taylor
+ * @deprecated This package is now deprecated. Use the X.509 authentication support in
+ *              org.springframework.security.ui.preauth.x509 instead.
  * @version $Id$
  */
 public class DaoX509AuthoritiesPopulator implements X509AuthoritiesPopulator, InitializingBean, MessageSourceAware {

core/src/main/java/org/springframework/security/providers/x509/populator/package.html

@@ -1,5 +1,7 @@
 <html>
 <body>
-Implementations that populate GrantedAuthority[]s of X509 authentications.
+This package is now deprecated and will be removed in a future version.
+Use the X.509 authentication support in org.springframework.security.ui.preauth.x509 instead.
+Authorities are loaded by a UserDetailsService.
 </body>
 </html>

core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java

@@ -66,6 +66,7 @@ import javax.servlet.FilterConfig;
  * org.springframework.security.util.FilterToBeanProxy}.</p>
  *
  * @author Luke Taylor
+ * @deprecated Use <tt>X509PreAuthenticatedProcessingFilter</tt> from the preauth.x509 package instead 
  * @version $Id$
  */
 public class X509ProcessingFilter implements Filter, InitializingBean, ApplicationEventPublisherAware {

core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilterEntryPoint.java

@@ -41,8 +41,8 @@ import org.apache.commons.logging.LogFactory;
  * <code>HttpServletResponse.SC_FORBIDDEN</code> (403 error).
  *
  * @author Luke Taylor
- * @version $Id: X509ProcessingFilterEntryPoint.java 1496 2006-05-23 13:38:33Z
- * benalex $
+ * @deprecated Use the preauth package instead 
+ * @version $Id$
  *
  * @see org.springframework.security.ui.ExceptionTranslationFilter
  */

core/src/main/java/org/springframework/security/ui/x509/package.html

@@ -1,5 +1,6 @@
 <html>
 <body>
-X.509 authentication filter and related classes. 
+This package is now deprecated and will be removed in a future version.
+Use the X.509 authentication support in org.springframework.security.ui.preauth.x509 instead.
 </body>
 </html>