From 48620f35504b8483b15479fb0a33fd9ab361d729 Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Fri, 18 Jan 2008 17:12:21 +0000
Subject: [PATCH] Changed AuthorizeTag to use StringUtils.deleteAny(), instead
 of replace()

---
 .../springframework/security/taglibs/authz/AuthorizeTag.java | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/core/src/main/java/org/springframework/security/taglibs/authz/AuthorizeTag.java b/core/src/main/java/org/springframework/security/taglibs/authz/AuthorizeTag.java
index 297e7311fa..5643d54921 100644
--- a/core/src/main/java/org/springframework/security/taglibs/authz/AuthorizeTag.java
+++ b/core/src/main/java/org/springframework/security/taglibs/authz/AuthorizeTag.java
@@ -151,10 +151,7 @@ public class AuthorizeTag extends TagSupport {
             // Remove the role's whitespace characters without depending on JDK 1.4+
             // Includes space, tab, new line, carriage return and form feed.
             String role = authority.trim(); // trim, don't use spaces, as per SEC-378
-            role = StringUtils.replace(role, "\t", "");
-            role = StringUtils.replace(role, "\r", "");
-            role = StringUtils.replace(role, "\n", "");
-            role = StringUtils.replace(role, "\f", "");
+            role = StringUtils.deleteAny(role, "\t\n\r\f");
 
             requiredAuthorities.add(new GrantedAuthorityImpl(role));
         }