diff --git a/doc/xdocs/index.html b/doc/xdocs/index.html
deleted file mode 100644
index b5a2523f6d..0000000000
--- a/doc/xdocs/index.html
+++ /dev/null
@@ -1,173 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<HTML><HEAD><TITLE>Acegi Security System for Spring</TITLE>
-<META http-equiv=Content-Type content="text/html; charset=windows-1252">
-<META content="MSHTML 6.00.2900.2180" name=GENERATOR></HEAD>
-<BODY>
-      <CENTER>
-      </CENTER><BR><BR><FONT 
-      face=Arial size=-1>
-      <CENTER><B>
-      <HR>
-
-      <CENTER>Mission Statement</CENTER></B>
-      <HR>
-      <BR>To provide comprehensive security services for <A 
-      href="http://www.springframework.org/"><I>The Spring Framework</I></A>. 
-      </CENTER><BR><B>
-      <HR>
-
-      <CENTER>Key Features</CENTER></B>
-      <HR>
-      <BR>
-      <UL>
-        <LI><B>It is ready NOW.</B> As explained in the reference guide, the API 
-        is now quite stable. We also use the <A 
-        href="http://apr.apache.org/versioning.html">Apache APR Project 
-        Versioning Guidelines</A> so you can identify backward 
-        compatibility.<BR><BR>
-        <LI><B>Fast results:</B> View our <a href="suggested.html">suggested steps</a>
-        for the fastest way to develop complex, security-compliant applications.<BR><BR>
-        <LI><B>Enterprise-wide single sign on:</B> Using Yale University's open 
-        source <A href="http://www.yale.edu/tp/auth/">Central Authentication 
-        Service</A> (CAS), the Acegi Security System for Spring can participate 
-        in an enterprise-wide single sign on environment. You no longer need 
-        every web application to have its own authentication database. Nor are 
-        you restricted to single sign on across a single web container. Advanced 
-        single sign on features like proxy support and forced refresh of logins 
-        are supported by both CAS and Acegi Security.<BR><BR>
-        <LI><B>Reuses your Spring expertise:</B> We use Spring application 
-        contexts for all configuration, which should help Spring developers get 
-        up-to-speed nice and quickly.<BR><BR>
-        <LI><B>Domain object instance security:</B> In many applications it's 
-        desirable to define Access Control Lists (ACLs) for individual domain 
-        object instances. We provide a comprehensive ACL package with features 
-        including integer bit masking, permission inheritence (including 
-        blocking), a JDBC-backed ACL repository, caching and a pluggable, 
-        interface-driven design.<BR><BR>
-        <LI><B>Non-intrusive setup:</B> The entire security system can operate 
-        within a single web application using the provided filters. There is no 
-        need to make special changes or deploy libraries to your Servlet or EJB 
-        container.<BR><BR>
-        <LI><B>Full (but optional) container integration:</B> The credential 
-        collection and authorization capabilities of your Servlet or EJB 
-        container can be fully utilised via included "container adapters". We 
-        currently support Catalina (Tomcat), Jetty, JBoss and Resin, with 
-        additional containers easily added.<BR><BR>
-        <LI><B>Keeps your objects free of security code:</B> Many applications 
-        need to secure data at the bean level based on any combination of 
-        parameters (user, time of day, authorities held, method being invoked, 
-        parameter on method being invoked....). This package gives you this 
-        flexibility without adding security code to your Spring business 
-        objects.<BR><BR>
-        <LI><B>After invocation security:</B> Acegi Security can not only protect
-		methods from being invoked in the first place, but it can also
-		deal with the Objects returned from the methods. Included implementations 
-		of after invocation security can throw an exception or mutate the returned
-		object based on ACLs.<BR><BR>
-        <LI><B>Secures your HTTP requests as well:</B> In addition to securing 
-        your beans, the project also secures your HTTP requests. No longer is it 
-        necessary to rely on web.xml security constraints. Best of all, your 
-        HTTP requests can now be secured by your choice of regular expressions 
-        or Apache Ant paths, along with pluggable authentication, authorization 
-        and run-as replacement managers.<BR><BR>
-        <LI><B>Channel security:</B> The Acegi Security System for Spring can 
-        automatically redirect requests across an appropriate transport channel. 
-        Whilst flexible enough to support any of your "channel" requirements (eg 
-        the remote user is a human, not a robot), a common channel security 
-        feature is to ensure your secure pages will only be available over 
-        HTTPS, and your public pages only over HTTP. Acegi Security also 
-        supports unusual port combinations and pluggable transport decision 
-        managers.<BR><BR>
-        <LI><B>Supports HTTP BASIC authentication:</B> Perfect for remoting 
-        protocols or those web applications that prefer a simple browser pop-up 
-        (rather than a form login), Acegi Security can directly process HTTP 
-        BASIC authentication requests as per RFC 1945.<BR><BR>
-        <LI><B>Supports HTTP Digest authentication:</B> For greater security than
-        offered by BASIC authentcation, Acegi Security also supports Digest Authentication
-        (which never sends the user's password across the wire). Digest Authentication
-        is widely supported by modern browsers. Acegi Security's implementation complies
-        with both RFC 2617 and RFC 2069.<BR><BR>
-        <LI><B>Convenient security taglib:</B> Your JSP files can use our taglib 
-        to ensure that protected content like links and messages are only 
-        displayed to users holding the appropriate granted authorities. The taglib
-		also fully integrates with Acegi Security's ACL services.<BR><BR>
-        <LI><B>Application context or attribute-based configuration:</B> You 
-        select the method used to configure your security environment. The 
-        project supports configuration via Spring application contexts as well 
-        as Jakarta Commons Attributes.<BR><BR>
-        <LI><B>Various authentication backends:</B> We include the ability to 
-        retrieve your user and granted authority definitions from either an XML 
-        file or JDBC datasource. Alternatively, you can implement the 
-        single-method DAO interface and obtain authentication details from 
-        anywhere you like.<BR><BR>
-        <LI><B>Event support:</B> Building upon Spring's 
-        <CODE>ApplicationEvent</CODE> services, you can write your own listeners 
-        for authentication-related events, along with authorisation-related events.
-		This enables you to implement account lockout and audit log systems, with
-		complete decoupling from Acegi Security code.<BR><BR>
-        <LI><B>Easy integration with existing databases:</B> Our implementations 
-        have been designed to make it very easy to use your existing 
-        authentication schema and data (without modification). Of course,
-		you can also provide your own Data Access Object if you wish.<BR><BR>
-        <LI><B>Caching:</B> Acegi Security integrates with Spring's <A 
-        href="http://ehcache.sourceforge.net/">EHCACHE</A> factory. 
-        This flexibility means your database (or other authentication 
-        repository) is not repeatedly queried for authentication 
-        information.<BR><BR>
-        <LI><B>Pluggable architecture:</B> Every critical aspect of the package 
-        has been modelled using high cohesion, loose coupling, interface-driven 
-        design principles. You can easily replace, customise or extend parts of 
-        the package.<BR><BR>
-        <LI><B>Startup-time validation:</B> Every critical object dependency and 
-        configuration parameter is validated at application context startup 
-        time. Security configuration errors are therefore detected early and 
-        corrected quickly.<BR><BR>
-        <LI><B>Remoting support:</B> Does your project use a rich client? Not a 
-        problem. Acegi Security integrates with standard Spring remoting 
-        protocols, because it automatically processes the HTTP BASIC 
-        authentication headers they present. Add our BASIC authentication filter 
-        to your web.xml and you're done.<BR><BR>
-        <LI><B>Advanced password encoding:</B> Of course, passwords in your 
-        authentication repository need not be in plain text. We support both SHA 
-        and MD5 encoding, and also pluggable "salt" providers to maximise 
-        password security.<BR><BR>
-        <LI><B>Run-as replacement:</B> The security system fully supports 
-        temporarily replacing the authenticated user for the duration of the web 
-        request or bean invocation. This enables you to build public-facing 
-        object tiers with different security configurations than your backend 
-        objects.<BR><BR>
-        <LI><B>Transparent security propagation:</B> Acegi Security can automatically
-		transfer its core authentication information from one machine to another,
-		using a variety of protocols including RMI and Spring's HttpInvoker.<BR><BR>
-        <LI><B>Compatible with HttpServletRequest.getRemoteUser():</B> Even though
-		Acegi Security can deliver authentication using a range of pluggable mechanisms
-		(most of which require no web container configuration), we allow you to access
-		the resulting Authentication object via the getRemoteUser() method.<BR><BR>
-        <LI><B>Unit tests:</B> A must-have of any quality security project, unit 
-        tests are included. Our unit test coverage is very high, as shown in the
-		<a href="multiproject/acegi-security/clover/index.html">coverage report</a>.<BR><BR>
-        <LI><B>Built by Maven:</B> This assists you in effectively reusing the Acegi
-		Security artifacts in your own Maven-based projects.<BR><BR>
-        <LI><B>Supports your own unit tests:</B> We provide a number of classes 
-        that assist with your own unit testing of secured business objects. For 
-        example, you can change the authentication identity and its associated 
-        granted authorities directly within your test methods.<BR><BR>
-        <LI><B>Peer reviewed:</B> Whilst nothing is ever completely secure, 
-        using an open source security package leverages the continuous design 
-        and code quality improvements that emerge from peer review.<BR><BR>
-        <LI><B>Thorough documentation:</B> All APIs are fully documented using 
-        <a href="http://acegisecurity.sourceforge.net/multiproject/acegi-security/apidocs/index.html">JavaDoc</a>, with a 40+ page 
-		<a href="reference.html">Reference Guide</a> providing an easy-to-follow 
-        introduction. More documentation is provided on this web site, as
-		shown in the left hand navigation sidebar.<BR><BR>
-        <LI><B>Apache license.</B><BR><BR></LI></UL><BR><B>
-      <HR>
-
-      <CENTER>Project Resources</CENTER></B>
-      <HR>
-      <BR>
-      <CENTER><A href="http://forum.springframework.org/"><B>Support 
-      Forums</B></A><BR><BR><A 
-      href="http://sourceforge.net/project/showfiles.php?group_id=104215"><B>Downloads</B></A>
-      </CENTER></FONT>
-</BODY></HTML>