diff --git a/core/src/main/java/org/acegisecurity/providers/dao/PasswordDaoAuthenticationProvider.java b/core/src/main/java/org/acegisecurity/providers/dao/PasswordDaoAuthenticationProvider.java
index 57c3d38833..83955036d8 100644
--- a/core/src/main/java/org/acegisecurity/providers/dao/PasswordDaoAuthenticationProvider.java
+++ b/core/src/main/java/org/acegisecurity/providers/dao/PasswordDaoAuthenticationProvider.java
@@ -293,7 +293,7 @@ public class PasswordDaoAuthenticationProvider implements AuthenticationProvider
UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(principal,
authentication.getCredentials(), user.getAuthorities());
result.setDetails((authentication.getDetails() != null)
- ? authentication.getDetails().toString() : null);
+ ? authentication.getDetails() : null);
return result;
}
diff --git a/doc/xdocs/changes.xml b/doc/xdocs/changes.xml
index ef80cd4ba4..8a5a2fe257 100644
--- a/doc/xdocs/changes.xml
+++ b/doc/xdocs/changes.xml
@@ -29,6 +29,7 @@
Correct location of AuthenticationSimpleHttpInvokerRequestExecutor in clientContext.xml
TokenBasedRememberMeServices changed to use long instead of int for tokenValiditySeconds (SPR-807)
Handle null Authentication.getAuthorities() in AuthorizeTag
+ PasswordDaoAuthenticationProvider no longer stores String against Authentication.setDetails()
Add credentialsExpiredFailureUrl getter/setter to AbstractProcessingFilter
Update commons-codec dependency to 1.3
AbstractProcessingFilter no longer has setters for failures, it uses the exceptionMappings property