Corrected references to old context class names in Javadoc and logging.

core/src/main/java/org/acegisecurity/AuthenticationCredentialsNotFoundException.java

@@ -17,8 +17,7 @@ package net.sf.acegisecurity;
 
 /**
  * Thrown if an authentication request is rejected because there is no {@link
- * Authentication} object in the  {@link
+ * Authentication} object in the  {@link net.sf.acegisecurity.context.SecurityContext SecurityContext}.
- * net.sf.acegisecurity.context.security.SecureContext}.
  *
  * @author Ben Alex
  * @version $Id$

core/src/main/java/org/acegisecurity/RunAsManager.java

@@ -19,18 +19,18 @@ package net.sf.acegisecurity;
  * Creates a new temporary {@link Authentication} object for the current secure
  * object invocation only.
  * 
- * <P>
+ * <p>
  * This interface permits implementations to replace the
  * <code>Authentication</code> object that applies to the current secure
  * object invocation only. The {@link
  * net.sf.acegisecurity.intercept.AbstractSecurityInterceptor} will replace
- * the <code>Authentication</code> object held in the  {@link
+ * the <code>Authentication</code> object held in the
- * net.sf.acegisecurity.context.security.SecureContext} for the duration of
+ * {@link net.sf.acegisecurity.context.SecurityContext SecurityContext}
- * the secure object callback only, returning it to the original
+ * for the duration of  the secure object callback only, returning it to
- * <code>Authentication</code> object when the callback ends.
+ * the original <code>Authentication</code> object when the callback ends.
  * </p>
  * 
- * <P>
+ * <p>
  * This is provided so that systems with two layers of objects can be
  * established. One layer is public facing and has normal secure methods with
  * the granted authorities expected to be held by external callers. The other

core/src/main/java/org/acegisecurity/context/HttpSessionContextIntegrationFilter.java

@@ -34,7 +34,7 @@ import javax.servlet.http.HttpSession;
 
 /**
  * <p>
- * Populates the <code>SecurityContextHolder</code> with information obtained
+ * Populates the {@link SecurityContextHolder}</code> with information obtained
  * from the <code>HttpSession</code>.
  * </p>
  * 
@@ -60,15 +60,15 @@ import javax.servlet.http.HttpSession;
  * No <code>HttpSession</code> will be created by this filter if one does not
  * already exist. If at the end of the web request the
  * <code>HttpSession</code> does not exist, a <code>HttpSession</code> will
- * <b>only</b> be created if the current contents of
+ * <b>only</b> be created if the current contents of the
- * <code>ContextHolder</code> are not {@link
+ * <code>SecurityContextHolder</code> are not {@link
  * java.lang.Object#equals(java.lang.Object)} to a <code>new</code> instance
  * of {@link #setContext(Class)}. This avoids needless
  * <code>HttpSession</code> creation, but automates the storage of changes
- * made to the <code>ContextHolder</code>.
+ * made to the <code>SecurityContextHolder</code>.
  * </p>
  * 
- * <P>
+ * <p>
  * This filter will only execute once per request, to resolve servlet container
  * (specifically Weblogic) incompatibilities.
  * </p>
@@ -79,16 +79,16 @@ import javax.servlet.http.HttpSession;
  * similar clients that will never present the same <code>jsessionid</code>
  * etc), the  {@link #setAllowSessionCreation(boolean)} should be set to
  * <code>false</code>. Only do this if you really need to conserve server
- * memory and ensure all classes using the <code>ContextHolder</code> are
+ * memory and ensure all classes using the <code>SecurityContextHolder</code> are
- * designed to have no persistence of the <code>Context</code> between web
+ * designed to have no persistence of the <code>SecurityContext</code> between web
  * requests.
  * </p>
  * 
  * <p>
  * This filter MUST be executed BEFORE any authentication procesing mechanisms.
  * Authentication processing mechanisms (eg BASIC, CAS processing filters etc)
- * expect the <code>ContextHolder</code> to contain a valid
+ * expect the <code>SecurityContextHolder</code> to contain a valid
- * <code>SecureContext</code> by the time they execute.
+ * <code>SecurityContext</code> by the time they execute.
  * </p>
  *
  * @author Ben Alex

core/src/main/java/org/acegisecurity/context/SecurityContext.java

@@ -25,7 +25,7 @@ import java.io.Serializable;
  * current thread of execution.
  * 
  * <p>
- * Stored in {@link net.sf.acegisecurity.context.SecurityContextHolder}.
+ * The security context is stored in a {@link SecurityContextHolder}.
  * </p>
  *
  * @author Ben Alex

core/src/main/java/org/acegisecurity/context/SecurityContextHolder.java

@@ -20,10 +20,10 @@ import org.springframework.util.Assert;
 
 /**
  * Associates a given {@link SecurityContext} with the current execution
- * thread, along with new threads the current execution thread may spawn.
+ * thread and any new threads the current execution thread may spawn.
  * 
  * <p>
- * To guarantee the {@link #getContext()} never returns <code>null</code>, this
+ * To guarantee that {@link #getContext()} never returns <code>null</code>, this
  * class defaults to returning <code>SecurityContextImpl</code> if no
  * <code>SecurityContext</code> has ever been associated with the current
  * thread of execution. Despite this behaviour, in general another class will

core/src/main/java/org/acegisecurity/context/SecurityContextImpl.java

@@ -21,9 +21,7 @@ import net.sf.acegisecurity.Authentication;
  * Base implementation of {@link SecurityContext}.
  *
  * <p>
- * Used by default by {@link
+ * Used by default by {@link SecurityContextHolder} and {@link HttpSessionContextIntegrationFilter}.
- * net.sf.acegisecurity.context.SecurityContextHolder} and {@link
- * net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter}.
  * </p>
  *
  * @author Ben Alex

core/src/main/java/org/acegisecurity/context/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java

@@ -61,14 +61,14 @@ public class AuthenticationSimpleHttpInvokerRequestExecutor
     /**
      * Called every time a HTTP invocation is made.
      * 
-     * <P>
+     * <p>
      * Simply allows the parent to setup the connection, and then adds an
      * <code>Authorization</code> HTTP header property that will be used for
      * BASIC authentication.
      * </p>
      * 
-     * <P>
+     * <p>
-     * The <code>ContextHolder</code> is used to obtain the relevant principal
+     * The <code>SecurityContextHolder</code> is used to obtain the relevant principal
      * and credentials.
      * </p>
      *
@@ -77,7 +77,7 @@ public class AuthenticationSimpleHttpInvokerRequestExecutor
      *
      * @throws IOException if thrown by HttpURLConnection methods
      * @throws AuthenticationCredentialsNotFoundException if the
-     *         <code>ContextHolder</code> does not contain a valid
+     *         <code>SecurityContextHolder</code> does not contain a valid
      *         <code>Authentication</code> with both its
      *         <code>principal</code> and <code>credentials</code> not
      *         <code>null</code>

core/src/main/java/org/acegisecurity/context/rmi/ContextPropagatingRemoteInvocation.java

@@ -32,7 +32,7 @@ import java.lang.reflect.InvocationTargetException;
 /**
  * The actual <code>RemoteInvocation</code> that is passed from the client to
  * the server, which contains the contents of {@link SecurityContextHolder},
- * being a {@link SecureContext} object.
+ * being a {@link SecurityContext} object.
  * 
  * <p>
  * When constructed on the client via {@link

core/src/main/java/org/acegisecurity/event/authorization/AuthenticationCredentialsNotFoundEvent.java

@@ -22,7 +22,7 @@ import net.sf.acegisecurity.ConfigAttributeDefinition;
 /**
  * Indicates a secure object invocation failed because the
  * <code>Authentication</code> could not be obtained from the
- * <code>ContextHolder</code>.
+ * <code>SecurityContextHolder</code>.
  *
  * @author Ben Alex
  * @version $Id$

core/src/main/java/org/acegisecurity/event/authorization/AuthorizationFailureEvent.java

@@ -41,11 +41,11 @@ public class AuthorizationFailureEvent extends AbstractAuthorizationEvent {
      *
      * @param secureObject the secure object
      * @param configAttribs that apply to the secure object
-     * @param authentication that was found on the <code>ContextHolder</code>
+     * @param authentication that was found in the <code>SecurityContextHolder</code>
      * @param accessDeniedException that was returned by the
      *        <code>AccessDecisionManager</code>
      *
-     * @throws IllegalArgumentException DOCUMENT ME!
+     * @throws IllegalArgumentException if any null arguments are presented.
      */
     public AuthorizationFailureEvent(Object secureObject,
         ConfigAttributeDefinition configAttribs, Authentication authentication,

core/src/main/java/org/acegisecurity/event/authorization/PublicInvocationEvent.java

@@ -18,14 +18,14 @@ package net.sf.acegisecurity.event.authorization;
 /**
  * Event that is generated whenever a public secure object is invoked.
  * 
- * <P>
+ * <p>
  * A public secure object is a secure object that has no
  * <code>ConfigAttributeDefinition</code> defined. A public secure object will
- * not cause the <code>ContextHolder</code> to be inspected or authenticated,
+ * not cause the <code>SecurityContextHolder</code> to be inspected or authenticated,
  * and no authorization will take place.
  * </p>
  * 
- * <P>
+ * <p>
  * Published just before the secure object attempts to proceed.
  * </p>
  *

core/src/main/java/org/acegisecurity/providers/anonymous/AnonymousProcessingFilter.java

@@ -39,8 +39,8 @@ import javax.servlet.ServletResponse;
  * Detects if there is no <code>Authentication</code> object in the
  * <code>SecurityContextHolder</code>,  and populates it with one if needed.
  *
- * <P>
+ * <p>
- * <B>Do not use this class directly.</B> Instead configure
+ * <b>Do not use this class directly.</b> Instead configure
  * <code>web.xml</code> to use the {@link
  * net.sf.acegisecurity.util.FilterToBeanProxy}.
  * </p>
@@ -93,14 +93,14 @@ public class AnonymousProcessingFilter implements Filter, InitializingBean {
 
                 if (logger.isDebugEnabled()) {
                     logger.debug(
-                        "Replaced SecurityContextHolder with anonymous token: '" +
+                        "Populated SecurityContextHolder with anonymous token: '" +
                         SecurityContextHolder.getContext().getAuthentication() +
                         "'");
                 }
             } else {
                 if (logger.isDebugEnabled()) {
                     logger.debug(
-                        "SecurityContextHolder not replaced with anonymous token, as ContextHolder already contained: '" +
+                        "SecurityContextHolder not populated with anonymous token, as it already contained: '" +
                         SecurityContextHolder.getContext().getAuthentication() +
                         "'");
                 }
@@ -119,11 +119,10 @@ public class AnonymousProcessingFilter implements Filter, InitializingBean {
     /**
      * Does nothing - we reply on IoC lifecycle services instead.
      *
-     * @param arg0 DOCUMENT ME!
+     * @param ignored not used
      *
-     * @throws ServletException DOCUMENT ME!
      */
-    public void init(FilterConfig arg0) throws ServletException {
+    public void init(FilterConfig ignored) throws ServletException {
     }
 
     /**
@@ -157,8 +156,8 @@ public class AnonymousProcessingFilter implements Filter, InitializingBean {
      * Controls whether the filter will remove the Anonymous token
      * after the request is complete. Generally this is desired to
      * avoid the expense of a session being created by
-     * {@link net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter} simply
+     * {@link net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter HttpSessionContextIntegrationFilter}
-     * to store the Anonymous authentication token.
+     * simply to store the Anonymous authentication token.
      *
      * <p>Defaults to <code>true</code>,
      * being the most optimal and appropriate option (ie <code>AnonymousProcessingFilter</code>

core/src/main/java/org/acegisecurity/providers/jaas/SecureContextLoginModule.java

@@ -30,15 +30,16 @@ import javax.security.auth.spi.LoginModule;
 
 
 /**
- * An implementation of {@link LoginModule} that uses an Acegi Security {@link
+ * An implementation of {@link LoginModule} that uses an Acegi Security
- * SecureContext} to provide authentication. <br>
+ * {@link net.sf.acegisecurity.context.SecurityContext SecurityContext}
+ * to provide authentication. <br />
  * This LoginModule provides opposite functionality to the {@link
  * JaasAuthenticationProvider} API, and should not really be used in
- * conjunction. <br>
+ * conjunction with it. <br />
  * The {@link JaasAuthenticationProvider} allows Acegi to authenticate against
- * Jaas. <br>
+ * Jaas. <br />
  * The SecureContextLoginModule allows a Jaas based application to
- * authenticate against Acegi.  If there is no Authentication in the {@link
+ * authenticate against Acegi. If there is no Authentication in the {@link
  * SecurityContextHolder} the login() method will throw a LoginException by
  * default. This functionality can be changed with the
  * <tt>ignoreMissingAuthentication</tt> option by setting it to "true".
@@ -126,7 +127,7 @@ public class SecureContextLoginModule implements LoginModule {
     /**
      * Authenticate the <code>Subject</code> (phase one) by extracting the
      * Acegi Security <code>Authentication</code> from the current
-     * <code>SecureContext</code>.
+     * <code>SecurityContext</code>.
      *
      * @return true if the authentication succeeded, or false if this
      *         <code>LoginModule</code> should be ignored.

core/src/main/java/org/acegisecurity/taglibs/authz/AclTag.java

@@ -54,7 +54,7 @@ import javax.servlet.jsp.tagext.TagSupport;
  * One or more comma separate integer permissions are specified via the
  * <code>hasPermission</code> attribute. The tag will include its body if
  * <b>any</b> of the integer permissions have been granted to the current
- * <code>Authentication</code> (obtained from the <code>ContextHolder</code>).
+ * <code>Authentication</code> (obtained from the <code>SecurityContextHolder</code>).
  * </p>
  * 
  * <p>

core/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilter.java

@@ -172,7 +172,7 @@ public class BasicProcessingFilter implements Filter, InitializingBean {
                 password = token.substring(delim + 1);
             }
 
-            // Only reauthenticate if username doesn't match ContextHolder and user isn't authenticated (see SEC-53)
+            // Only reauthenticate if username doesn't match SecurityContextHolder and user isn't authenticated (see SEC-53)
             Authentication existingAuth = SecurityContextHolder.getContext()
                                                                .getAuthentication();
 

core/src/main/java/org/acegisecurity/ui/digestauth/DigestProcessingFilter.java

@@ -54,11 +54,11 @@ import javax.servlet.http.HttpServletResponse;
 
 /**
  * Processes a HTTP request's Digest authorization headers, putting the result
- * into the <code>ContextHolder</code>.
+ * into the <code>SecurityContextHolder</code>.
  * 
- * <P>
+ * <p>
  * For a detailed background on what this filter is designed to process, refer
- * to <A HREF="http://www.ietf.org/rfc/rfc2617.txt">RFC 2617</A> (which
+ * to <a href="http://www.ietf.org/rfc/rfc2617.txt">RFC 2617</a> (which
  * superseded RFC 2069, although this filter support clients that implement
  * either RFC 2617 or RFC 2069).
  * </p>
@@ -72,18 +72,18 @@ import javax.servlet.http.HttpServletResponse;
  * <p>
  * This Digest implementation has been designed to avoid needing to store
  * session state between invocations. All session management information is
- * stored in the "nonce" that is sent to the client by the {@link
+ * stored in the "nonce" that is sent to the client by the {@link DigestProcessingFilterEntryPoint}.
- * net.sf.acegisecurity.ui.digestauth.DigestProcessingFilterEntryPoint}.
  * </p>
  * 
  * <P>
- * If authentication is successful, the resulting {@link Authentication} object
+ * If authentication is successful, the resulting {@link net.sf.acegisecurity.Authentication Authentication}
- * will be placed into the <code>ContextHolder</code>.
+ * object will be placed into the <code>SecurityContextHolder</code>.
  * </p>
  * 
  * <p>
- * If authentication fails, an {@link AuthenticationEntryPoint} implementation
+ * If authentication fails, an
- * is called. This must always be {@link DigestProcessingFilterEntryPoint},
+ * {@link net.sf.acegisecurity.intercept.web.AuthenticationEntryPoint AuthenticationEntryPoint}
+ * implementation is called. This must always be {@link DigestProcessingFilterEntryPoint},
  * which will prompt the user to authenticate again via Digest authentication.
  * </p>
  * 
@@ -432,7 +432,7 @@ public class DigestProcessingFilter implements Filter, InitializingBean {
         return userCache;
     }
 
-    public void init(FilterConfig arg0) throws ServletException {}
+    public void init(FilterConfig ignored) throws ServletException {}
 
     private void fail(ServletRequest request, ServletResponse response,
         AuthenticationException failed) throws IOException, ServletException {

core/src/main/java/org/acegisecurity/ui/rememberme/RememberMeProcessingFilter.java

@@ -65,8 +65,8 @@ import javax.servlet.http.HttpServletResponse;
  * via an <code>AuthenticationManager</code>-specific application event.
  * </p>
  * 
- * <P>
+ * <p>
- * <B>Do not use this class directly.</B> Instead configure
+ * <b>Do not use this class directly.</b> Instead configure
  * <code>web.xml</code> to use the {@link
  * net.sf.acegisecurity.util.FilterToBeanProxy}.
  * </p>
@@ -130,7 +130,7 @@ public class RememberMeProcessingFilter implements Filter, InitializingBean,
 
                 if (logger.isDebugEnabled()) {
                     logger.debug(
-                        "Replaced SecurityContextHolder with remember-me token: '"
+                        "SecurityContextHolder populated with remember-me token: '"
                         + SecurityContextHolder.getContext().getAuthentication()
                         + "'");
                 }
@@ -145,7 +145,7 @@ public class RememberMeProcessingFilter implements Filter, InitializingBean,
         } else {
             if (logger.isDebugEnabled()) {
                 logger.debug(
-                    "SecurityContextHolder not replaced with remember-me token, as SecurityContextHolder already contained: '"
+                    "SecurityContextHolder not populated with remember-me token, as it already contained: '"
                     + SecurityContextHolder.getContext().getAuthentication()
                     + "'");
             }
@@ -157,9 +157,8 @@ public class RememberMeProcessingFilter implements Filter, InitializingBean,
     /**
      * Does nothing - we rely on IoC lifecycle services instead.
      *
-     * @param arg0 not used
+     * @param ignored not used
      *
-     * @throws ServletException not thrown
      */
-    public void init(FilterConfig arg0) throws ServletException {}
+    public void init(FilterConfig ignored) throws ServletException {}
 }

core/src/main/java/org/acegisecurity/ui/rememberme/RememberMeServices.java

@@ -54,7 +54,7 @@ public interface RememberMeServices {
     //~ Methods ================================================================
 
     /**
-     * This method will be called whenever the <code>ContextHolder</code> does
+     * This method will be called whenever the <code>SecurityContextHolder</code> does
      * not contain an <code>Authentication</code> and the Acegi Security
      * system wishes to provide an implementation with an opportunity to
      * authenticate the request using remember-me capabilities. Acegi Security

core/src/main/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServices.java

@@ -238,7 +238,7 @@ public class TokenBasedRememberMeServices implements RememberMeServices,
                         // Must do this after user lookup, as we need the DAO-derived password
                         // If efficiency was a major issue, just add in a UserCache implementation,
                         // but recall this method is usually only called one per HttpSession
-                        // (as if the token is valid, it will cause ContextHolder population, whilst
+                        // (as if the token is valid, it will cause SecurityContextHolder population, whilst
                         // if invalid, will cause the cookie to be cancelled)
                         String expectedTokenSignature = DigestUtils.md5Hex(userDetails
                                 .getUsername() + ":" + tokenExpiryTime + ":"

core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java

@@ -78,7 +78,7 @@ import javax.servlet.http.HttpServletResponse;
  * </p>
  * 
  * <p>
- * On successful switch, the user's  <code>SecureContextHolder</code> will be
+ * On successful switch, the user's  <code>SecurityContextHolder</code> will be
  * updated to reflect the specified user and will also contain an additinal
  * {@link net.sf.acegisecurity.ui.switchuser.SwitchUserGrantedAuthority }
  * which contains the original user.
@@ -224,7 +224,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean,
         chain.doFilter(request, response);
     }
 
-    public void init(FilterConfig filterConfig) throws ServletException {}
+    public void init(FilterConfig ignored) throws ServletException {}
 
     /**
      * Attempt to exit from an already switched user.

core/src/main/java/org/acegisecurity/ui/x509/X509ProcessingFilter.java

@@ -165,7 +165,7 @@ public class X509ProcessingFilter implements Filter, InitializingBean,
         filterChain.doFilter(request, response);
     }
 
-    public void init(FilterConfig filterConfig) throws ServletException {}
+    public void init(FilterConfig ignored) throws ServletException {}
 
     /**
      * Puts the <code>Authentication</code> instance returned by the
@@ -206,7 +206,7 @@ public class X509ProcessingFilter implements Filter, InitializingBean,
         SecurityContextHolder.getContext().setAuthentication(null);
 
         if (logger.isDebugEnabled()) {
-            logger.debug("Updated ContextHolder to contain null Authentication");
+            logger.debug("Updated SecurityContextHolder to contain null Authentication");
         }
 
         request.getSession().setAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY,

core/src/main/java/org/acegisecurity/wrapper/ContextHolderAwareRequestWrapper.java

@@ -53,7 +53,7 @@ public class ContextHolderAwareRequestWrapper extends HttpServletRequestWrapper
 
     /**
      * Returns the principal's name, as obtained from the
-     * <code>ContextHolder</code>. Properly handles both
+     * <code>SecurityContextHolder</code>. Properly handles both
      * <code>String</code>-based and <code>UserDetails</code>-based
      * principals.
      *
@@ -78,7 +78,7 @@ public class ContextHolderAwareRequestWrapper extends HttpServletRequestWrapper
      * GrantedAuthority#getAuthority()}.
      * 
      * <p>
-     * Will always return <code>false</code> if the <code>ContextHolder</code>
+     * Will always return <code>false</code> if the <code>SecurityContextHolder</code>
      * contains an <code>Authentication</code> with
      * <code>null</code><code>principal</code> and/or
      * <code>GrantedAuthority[]</code> objects.

core/src/test/java/org/acegisecurity/context/rmi/ContextPropagatingRemoteInvocationTests.java

@@ -69,7 +69,7 @@ public class ContextPropagatingRemoteInvocationTests extends TestCase {
         SecurityContextHolder.setContext(new SecurityContextImpl());
 
         // The result from invoking the TargetObject should contain the
-        // Authentication class delivered via the ContextHolder
+        // Authentication class delivered via the SecurityContextHolder
         assertEquals("some_string net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken false",
             remoteInvocation.invoke(new TargetObject()));
     }

core/src/test/java/org/acegisecurity/intercept/web/SecurityEnforcementFilterTests.java

@@ -83,7 +83,7 @@ public class SecurityEnforcementFilterTests extends TestCase {
         MockFilterSecurityInterceptor interceptor = new MockFilterSecurityInterceptor(true,
                 false, false, false);
 
-        // Setup ContextHolder, as filter needs to check if user is anonymous
+        // Setup SecurityContextHolder, as filter needs to check if user is anonymous
         SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken(
                 "ignored", "ignored",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("IGNORED")}));
@@ -113,7 +113,7 @@ public class SecurityEnforcementFilterTests extends TestCase {
         MockFilterSecurityInterceptor interceptor = new MockFilterSecurityInterceptor(true,
                 false, false, false);
 
-        // Setup ContextHolder, as filter needs to check if user is anonymous
+        // Setup SecurityContextHolder, as filter needs to check if user is anonymous
         SecurityContextHolder.getContext().setAuthentication(null);
 
         // Test

core/src/test/java/org/acegisecurity/providers/anonymous/AnonymousProcessingFilterTests.java

@@ -104,7 +104,7 @@ public class AnonymousProcessingFilterTests extends TestCase {
 
     public void testOperationWhenAuthenticationExistsInContextHolder()
         throws Exception {
-        // Put an Authentication object into the ContextHolder
+        // Put an Authentication object into the SecurityContextHolder
         Authentication originalAuth = new TestingAuthenticationToken("user",
                 "password",
                 new GrantedAuthority[] { new GrantedAuthorityImpl("ROLE_A") });

core/src/test/java/org/acegisecurity/providers/jaas/SecureContextLoginModuleTests.java

@@ -30,7 +30,7 @@ import javax.security.auth.login.LoginException;
 
 
 /**
- * DOCUMENT ME!
+ * Testst SecureContextLoginModule
  *
  * @author Ray Krueger
  */
@@ -57,7 +57,7 @@ public class SecureContextLoginModuleTests extends TestCase {
         try {
             module.login();
             fail(
-                "LoginException expected, there is no Authentication in the SecureContext");
+                "LoginException expected, there is no Authentication in the SecurityContext");
         } catch (LoginException e) {}
     }
 
@@ -87,7 +87,7 @@ public class SecureContextLoginModuleTests extends TestCase {
         try {
             SecurityContextHolder.getContext().setAuthentication(null);
             module.login();
-            fail("LoginException expected, the authentication is null in the SecureContext");
+            fail("LoginException expected, the authentication is null in the SecurityContext");
         } catch (Exception e) {
         }
     }

core/src/test/java/org/acegisecurity/ui/rememberme/RememberMeProcessingFilterTests.java

@@ -118,7 +118,7 @@ public class RememberMeProcessingFilterTests extends TestCase {
 
     public void testOperationWhenAuthenticationExistsInContextHolder()
         throws Exception {
-        // Put an Authentication object into the ContextHolder
+        // Put an Authentication object into the SecurityContextHolder
         Authentication originalAuth = new TestingAuthenticationToken("user",
                 "password",
                 new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_A")});