SEC-632: Changed user-filter to custom-filter to avoid confusion with system "users".

core/src/main/java/org/springframework/security/config/Elements.java

@@ -29,5 +29,5 @@ abstract class Elements {
 	public static final String SALT_SOURCE = "salt-source";
 	public static final String PORT_MAPPINGS = "port-mappings";
     public static final String PORT_MAPPING = "port-mapping";
-    public static final String USER_FILTER = "user-filter";    
+    public static final String CUSTOM_FILTER = "custom-filter";    
 }

core/src/main/java/org/springframework/security/config/HttpSecurityConfigPostProcessor.java

@@ -188,7 +188,7 @@ public class HttpSecurityConfigPostProcessor implements BeanFactoryPostProcessor
                 continue;
             }
 
-            // Filters must be Spring security filters or wrapped using <user-filter>
+            // Filters must be Spring security filters or wrapped using <custom-filter>
             if (!filter.getClass().getName().startsWith("org.springframework.security")) {
                 continue;
             }

core/src/main/java/org/springframework/security/config/OrderedFilterBeanDefinitionDecorator.java

@@ -95,7 +95,8 @@ public class OrderedFilterBeanDefinitionDecorator implements BeanDefinitionDecor
         public final int getOrder() {
             if(order == null) {
                 Assert.isInstanceOf(Ordered.class, "Filter '"+ beanName +"' must implement the 'Ordered' interface " +
-                        " or you must specify one of the attributes 'after' or 'before' in <user-filter>");
+                        " or you must specify one of the attributes '" + ATT_AFTER + "' or '" +
+                        ATT_BEFORE + "' in <" + Elements.CUSTOM_FILTER +">");
 
                 return ((Ordered)delegate).getOrder();
             }

core/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java

@@ -24,6 +24,6 @@ public class SecurityNamespaceHandler extends NamespaceHandlerSupport {
         // Decorators
         registerBeanDefinitionDecorator(Elements.INTERCEPT_METHODS, new InterceptMethodsBeanDefinitionDecorator());
         registerBeanDefinitionDecorator(Elements.FILTER_CHAIN_MAP, new FilterChainMapBeanDefinitionDecorator());
-        registerBeanDefinitionDecorator(Elements.USER_FILTER, new OrderedFilterBeanDefinitionDecorator());
+        registerBeanDefinitionDecorator(Elements.CUSTOM_FILTER, new OrderedFilterBeanDefinitionDecorator());
     }
 }

core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc

@@ -270,14 +270,14 @@ jdbc-user-service.attlist &=
     attribute data-source-ref {xsd:string}
     
     
-user-filter =
+custom-filter =
     ## Used to indicate that a filter bean declaration should be incorporated into the security filter chain. If neither the 'after' or 'before' options are supplied, then the filter must implement the Ordered interface directly. 
-    element user-filter {after | before}?
+    element custom-filter {after | before}?
 after =
-    ## The filter immediately after which the user-filter should be placed in the chain. This feature will only be needed by advanced users who wish to mix their own filters into the security filter chain and have some knowledge of the standard Spring Security filters. The filter names map to specific Spring Security implementation filters. 
+    ## The filter immediately after which the custom-filter should be placed in the chain. This feature will only be needed by advanced users who wish to mix their own filters into the security filter chain and have some knowledge of the standard Spring Security filters. The filter names map to specific Spring Security implementation filters. 
     attribute after {"FIRST" | "CHANNEL_FILTER" | "CONCURRENT_SESSION_FILTER" | "SESSION_CONTEXT_INTEGRATION_FILTER" | "LOGOUT_FILTER" | "X509_FILTER" | "PRE_AUTH_FILTER" | "CAS_PROCESSING_FILTER" | "AUTHENTICATION_PROCESSING_FILTER" | "BASIC_PROCESSING_FILTER" | "SERVLET_API_SUPPORT_FILTER" | "REMEMBER_ME_FILTER" | "ANONYMOUS_FILTER" | "EXCEPTION_TRANSLATION_FILTER" | "NTLM_FILTER" | "FILTER_SECURITY_INTERCEPTOR" | "SWITCH_USER_FILTER"}
 before =
-    ## The filter immediately before which the user-filter should be placed in the chain
+    ## The filter immediately before which the custom-filter should be placed in the chain
     attribute before {"FIRST" | "CHANNEL_FILTER" | "CONCURRENT_SESSION_FILTER" | "SESSION_CONTEXT_INTEGRATION_FILTER" | "LOGOUT_FILTER" | "X509_FILTER" | "PRE_AUTH_FILTER" | "CAS_PROCESSING_FILTER" | "AUTHENTICATION_PROCESSING_FILTER" | "BASIC_PROCESSING_FILTER" | "SERVLET_API_SUPPORT_FILTER" | "REMEMBER_ME_FILTER" | "ANONYMOUS_FILTER" | "EXCEPTION_TRANSLATION_FILTER" | "NTLM_FILTER" | "FILTER_SECURITY_INTERCEPTOR" | "SWITCH_USER_FILTER"}
 
     

core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd

@@ -650,19 +650,19 @@
       </xs:annotation>
     </xs:attribute>
   </xs:attributeGroup>
-  <xs:group name="user-filter">
+  <xs:group name="custom-filter">
     <xs:sequence>
-      <xs:element minOccurs="0" ref="security:user-filter"/>
+      <xs:element minOccurs="0" ref="security:custom-filter"/>
     </xs:sequence>
   </xs:group>
-  <xs:element name="user-filter">
+  <xs:element name="custom-filter">
     <xs:annotation>
       <xs:documentation>Used to indicate that a filter bean declaration should be incorporated into the security filter chain. If neither the 'after' or 'before' options are supplied, then the filter must implement the Ordered interface directly. </xs:documentation>
     </xs:annotation>
     <xs:complexType>
       <xs:attribute name="after">
         <xs:annotation>
-          <xs:documentation>The filter immediately after which the user-filter should be placed in the chain. This feature will only be needed by advanced users who wish to mix their own filters into the security filter chain and have some knowledge of the standard Spring Security filters. The filter names map to specific Spring Security implementation filters. </xs:documentation>
+          <xs:documentation>The filter immediately after which the custom-filter should be placed in the chain. This feature will only be needed by advanced users who wish to mix their own filters into the security filter chain and have some knowledge of the standard Spring Security filters. The filter names map to specific Spring Security implementation filters. </xs:documentation>
         </xs:annotation>
         <xs:simpleType>
           <xs:restriction base="xs:token">
@@ -688,7 +688,7 @@
       </xs:attribute>
       <xs:attribute name="before">
         <xs:annotation>
-          <xs:documentation>The filter immediately before which the user-filter should be placed in the chain</xs:documentation>
+          <xs:documentation>The filter immediately before which the custom-filter should be placed in the chain</xs:documentation>
         </xs:annotation>
         <xs:simpleType>
           <xs:restriction base="xs:token">
@@ -717,7 +717,7 @@
   <xs:attributeGroup name="after">
     <xs:attribute name="after" use="required">
       <xs:annotation>
-        <xs:documentation>The filter immediately after which the user-filter should be placed in the chain. This feature will only be needed by advanced users who wish to mix their own filters into the security filter chain and have some knowledge of the standard Spring Security filters. The filter names map to specific Spring Security implementation filters. </xs:documentation>
+        <xs:documentation>The filter immediately after which the custom-filter should be placed in the chain. This feature will only be needed by advanced users who wish to mix their own filters into the security filter chain and have some knowledge of the standard Spring Security filters. The filter names map to specific Spring Security implementation filters. </xs:documentation>
       </xs:annotation>
       <xs:simpleType>
         <xs:restriction base="xs:token">
@@ -745,7 +745,7 @@
   <xs:attributeGroup name="before">
     <xs:attribute name="before" use="required">
       <xs:annotation>
-        <xs:documentation>The filter immediately before which the user-filter should be placed in the chain</xs:documentation>
+        <xs:documentation>The filter immediately before which the custom-filter should be placed in the chain</xs:documentation>
       </xs:annotation>
       <xs:simpleType>
         <xs:restriction base="xs:token">

core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java

@@ -199,7 +199,7 @@ public class HttpSecurityBeanDefinitionParserTests {
         setContext(
                 "<http auto-config='true'/>" + AUTH_PROVIDER_XML +
                 "<b:bean id='userFilter' class='org.springframework.security.util.MockFilter'>" +
-                "    <user-filter after='SESSION_CONTEXT_INTEGRATION_FILTER'/>" +
+                "    <custom-filter after='SESSION_CONTEXT_INTEGRATION_FILTER'/>" +
                 "</b:bean>" +
                 "<b:bean id='userFilter2' class='org.springframework.security.util.MockFilter'/>");
         List filters = getFilterChainProxy().getFilters("/someurl");