From 059ac644bb0783ad425c2efef71ae89ef631341e Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Tue, 29 Jan 2008 11:50:33 +0000
Subject: [PATCH] SEC-645: Deprecated old X.509 provider.

---
 .../security/providers/x509/X509AuthenticationProvider.java   | 2 ++
 .../security/providers/x509/X509AuthenticationToken.java      | 3 ++-
 .../security/providers/x509/X509AuthoritiesPopulator.java     | 1 +
 .../security/providers/x509/X509UserCache.java                | 1 +
 .../providers/x509/cache/EhCacheBasedX509UserCache.java       | 1 +
 .../security/providers/x509/cache/NullX509UserCache.java      | 1 +
 .../security/providers/x509/cache/package.html                | 2 +-
 .../org/springframework/security/providers/x509/package.html  | 3 ++-
 .../providers/x509/populator/DaoX509AuthoritiesPopulator.java | 2 ++
 .../security/providers/x509/populator/package.html            | 4 +++-
 .../security/ui/x509/X509ProcessingFilter.java                | 1 +
 .../security/ui/x509/X509ProcessingFilterEntryPoint.java      | 4 ++--
 .../java/org/springframework/security/ui/x509/package.html    | 3 ++-
 13 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/core/src/main/java/org/springframework/security/providers/x509/X509AuthenticationProvider.java b/core/src/main/java/org/springframework/security/providers/x509/X509AuthenticationProvider.java
index 2c98128c3e..1ef30a5334 100644
--- a/core/src/main/java/org/springframework/security/providers/x509/X509AuthenticationProvider.java
+++ b/core/src/main/java/org/springframework/security/providers/x509/X509AuthenticationProvider.java
@@ -44,6 +44,8 @@ import java.security.cert.X509Certificate;
  * org.springframework.security.ui.x509.X509ProcessingFilter}).</p>
  *
  * @author Luke Taylor
+ * @deprecated superceded by the preauth provider. Use the X.509 authentication support in org.springframework.security.ui.preauth.x509 instead
+ *             or namespace support via the &lt;x509 /&gt; element. 
  * @version $Id$
  */
 public class X509AuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {
diff --git a/core/src/main/java/org/springframework/security/providers/x509/X509AuthenticationToken.java b/core/src/main/java/org/springframework/security/providers/x509/X509AuthenticationToken.java
index ec6256d7ff..0d2f6b7203 100644
--- a/core/src/main/java/org/springframework/security/providers/x509/X509AuthenticationToken.java
+++ b/core/src/main/java/org/springframework/security/providers/x509/X509AuthenticationToken.java
@@ -26,6 +26,7 @@ import java.security.cert.X509Certificate;
  * <code>Authentication</code> implementation for X.509 client-certificate authentication.
  *
  * @author Luke Taylor
+ * @deprecated superceded by the preauth provider. Use the X.509 authentication support in org.springframework.security.ui.preauth.x509 instead. 
  * @version $Id$
  */
 public class X509AuthenticationToken extends AbstractAuthenticationToken {
@@ -49,7 +50,7 @@ public class X509AuthenticationToken extends AbstractAuthenticationToken {
     }
 
     /**
-     * Used for an authentication response object. The {@link Authentication#isAuthenticated()}
+     * Used for an authentication response object. The {@link org.springframework.security.Authentication#isAuthenticated()}
      * will return <code>true</code>.
      *
      * @param principal the principal, which is generally a
diff --git a/core/src/main/java/org/springframework/security/providers/x509/X509AuthoritiesPopulator.java b/core/src/main/java/org/springframework/security/providers/x509/X509AuthoritiesPopulator.java
index ee81086c51..ad37c39972 100644
--- a/core/src/main/java/org/springframework/security/providers/x509/X509AuthoritiesPopulator.java
+++ b/core/src/main/java/org/springframework/security/providers/x509/X509AuthoritiesPopulator.java
@@ -33,6 +33,7 @@ import java.security.cert.X509Certificate;
  * </p>
  *
  * @author Luke Taylor
+ * @deprecated
  * @version $Id$
  */
 public interface X509AuthoritiesPopulator {
diff --git a/core/src/main/java/org/springframework/security/providers/x509/X509UserCache.java b/core/src/main/java/org/springframework/security/providers/x509/X509UserCache.java
index 2521eb7c07..1c413d36bb 100644
--- a/core/src/main/java/org/springframework/security/providers/x509/X509UserCache.java
+++ b/core/src/main/java/org/springframework/security/providers/x509/X509UserCache.java
@@ -30,6 +30,7 @@ import java.security.cert.X509Certificate;
  * </p>
  *
  * @author Luke Taylor
+ * @deprecated
  * @version $Id$
  */
 public interface X509UserCache {
diff --git a/core/src/main/java/org/springframework/security/providers/x509/cache/EhCacheBasedX509UserCache.java b/core/src/main/java/org/springframework/security/providers/x509/cache/EhCacheBasedX509UserCache.java
index d1a307f641..9cbf17f4fd 100644
--- a/core/src/main/java/org/springframework/security/providers/x509/cache/EhCacheBasedX509UserCache.java
+++ b/core/src/main/java/org/springframework/security/providers/x509/cache/EhCacheBasedX509UserCache.java
@@ -41,6 +41,7 @@ import java.security.cert.X509Certificate;
  *
  * @author Luke Taylor
  * @author Ben Alex
+ * @deprecated use the X509 preauthenticated  
  * @version $Id$
  */
 public class EhCacheBasedX509UserCache implements X509UserCache, InitializingBean {
diff --git a/core/src/main/java/org/springframework/security/providers/x509/cache/NullX509UserCache.java b/core/src/main/java/org/springframework/security/providers/x509/cache/NullX509UserCache.java
index 46cebc2b54..c2612719b1 100644
--- a/core/src/main/java/org/springframework/security/providers/x509/cache/NullX509UserCache.java
+++ b/core/src/main/java/org/springframework/security/providers/x509/cache/NullX509UserCache.java
@@ -26,6 +26,7 @@ import java.security.cert.X509Certificate;
  * "Cache" that doesn't do any caching.
  *
  * @author Luke Taylor
+ * @deprecated
  * @version $Id$
  */
 public class NullX509UserCache implements X509UserCache {
diff --git a/core/src/main/java/org/springframework/security/providers/x509/cache/package.html b/core/src/main/java/org/springframework/security/providers/x509/cache/package.html
index ad7bfc523e..c592e2763f 100644
--- a/core/src/main/java/org/springframework/security/providers/x509/cache/package.html
+++ b/core/src/main/java/org/springframework/security/providers/x509/cache/package.html
@@ -1,5 +1,5 @@
 <html>
 <body>
-User caches for the X509 provider.
+Deprecated and will be removed in a future version. Use a caching UserDetailsService instead.
 </body>
 </html>
diff --git a/core/src/main/java/org/springframework/security/providers/x509/package.html b/core/src/main/java/org/springframework/security/providers/x509/package.html
index 6fc654a11f..7000b3c528 100644
--- a/core/src/main/java/org/springframework/security/providers/x509/package.html
+++ b/core/src/main/java/org/springframework/security/providers/x509/package.html
@@ -1,5 +1,6 @@
 <html>
 <body>
-An authentication provider that can process X.509 certificaties.
+This package is now deprecated and will be removed in a future version.
+Use the X.509 authentication support in org.springframework.security.ui.preauth.x509 instead.
 </body>
 </html>
diff --git a/core/src/main/java/org/springframework/security/providers/x509/populator/DaoX509AuthoritiesPopulator.java b/core/src/main/java/org/springframework/security/providers/x509/populator/DaoX509AuthoritiesPopulator.java
index 5d14b6c2bd..57998aa628 100644
--- a/core/src/main/java/org/springframework/security/providers/x509/populator/DaoX509AuthoritiesPopulator.java
+++ b/core/src/main/java/org/springframework/security/providers/x509/populator/DaoX509AuthoritiesPopulator.java
@@ -44,6 +44,8 @@ import java.util.regex.Matcher;
  * Populates the X509 authorities via an {@link org.springframework.security.userdetails.UserDetailsService}.
  *
  * @author Luke Taylor
+ * @deprecated This package is now deprecated. Use the X.509 authentication support in
+ *              org.springframework.security.ui.preauth.x509 instead.
  * @version $Id$
  */
 public class DaoX509AuthoritiesPopulator implements X509AuthoritiesPopulator, InitializingBean, MessageSourceAware {
diff --git a/core/src/main/java/org/springframework/security/providers/x509/populator/package.html b/core/src/main/java/org/springframework/security/providers/x509/populator/package.html
index 4080252240..cfda487895 100644
--- a/core/src/main/java/org/springframework/security/providers/x509/populator/package.html
+++ b/core/src/main/java/org/springframework/security/providers/x509/populator/package.html
@@ -1,5 +1,7 @@
 <html>
 <body>
-Implementations that populate GrantedAuthority[]s of X509 authentications.
+This package is now deprecated and will be removed in a future version.
+Use the X.509 authentication support in org.springframework.security.ui.preauth.x509 instead.
+Authorities are loaded by a UserDetailsService.
 </body>
 </html>
diff --git a/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java b/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java
index 8a412bf9b2..e5da71ca08 100644
--- a/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java
+++ b/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilter.java
@@ -66,6 +66,7 @@ import javax.servlet.FilterConfig;
  * org.springframework.security.util.FilterToBeanProxy}.</p>
  *
  * @author Luke Taylor
+ * @deprecated Use <tt>X509PreAuthenticatedProcessingFilter</tt> from the preauth.x509 package instead 
  * @version $Id$
  */
 public class X509ProcessingFilter implements Filter, InitializingBean, ApplicationEventPublisherAware {
diff --git a/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilterEntryPoint.java b/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilterEntryPoint.java
index fa443573b4..d3b2cffa8d 100644
--- a/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilterEntryPoint.java
+++ b/core/src/main/java/org/springframework/security/ui/x509/X509ProcessingFilterEntryPoint.java
@@ -41,8 +41,8 @@ import org.apache.commons.logging.LogFactory;
  * <code>HttpServletResponse.SC_FORBIDDEN</code> (403 error).
  *
  * @author Luke Taylor
- * @version $Id: X509ProcessingFilterEntryPoint.java 1496 2006-05-23 13:38:33Z
- * benalex $
+ * @deprecated Use the preauth package instead 
+ * @version $Id$
  *
  * @see org.springframework.security.ui.ExceptionTranslationFilter
  */
diff --git a/core/src/main/java/org/springframework/security/ui/x509/package.html b/core/src/main/java/org/springframework/security/ui/x509/package.html
index d1a6542e04..7000b3c528 100644
--- a/core/src/main/java/org/springframework/security/ui/x509/package.html
+++ b/core/src/main/java/org/springframework/security/ui/x509/package.html
@@ -1,5 +1,6 @@
 <html>
 <body>
-X.509 authentication filter and related classes. 
+This package is now deprecated and will be removed in a future version.
+Use the X.509 authentication support in org.springframework.security.ui.preauth.x509 instead.
 </body>
 </html>