From b196d70f998316df9af681ad97d85bfc613a2f1f Mon Sep 17 00:00:00 2001
From: Rob Winch <rwinch@vmware.com>
Date: Wed, 11 Jul 2012 13:12:57 -0500
Subject: [PATCH] SEC-1905: Added para tag to the digest encoded password
 footnote

---
 docs/manual/src/docbook/basic-and-digest-auth.xml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/manual/src/docbook/basic-and-digest-auth.xml b/docs/manual/src/docbook/basic-and-digest-auth.xml
index 9186d7c4a8..0bf9b5633b 100644
--- a/docs/manual/src/docbook/basic-and-digest-auth.xml
+++ b/docs/manual/src/docbook/basic-and-digest-auth.xml
@@ -138,11 +138,11 @@
             <para>The configured <interfacename>UserDetailsService</interfacename> is needed because
                 <literal>DigestAuthenticationFilter</literal> must have direct access to the clear
                 text password of a user. Digest Authentication will NOT work if you are using
-                encoded passwords in your DAO <footnote>It is possible to encode the password in the
+                encoded passwords in your DAO <footnote><para>It is possible to encode the password in the
                 format HEX( MD5(username:realm:password) ) provided the
                 <code>DigestAuthenticationFilter.passwordAlreadyEncoded</code> is set to <code>true</code>.
-                However, other password encodings will not work with digest authentication.</footnote>. The DAO
-                collaborator, along with the <literal>UserCache</literal>, are typically shared directly
+                However, other password encodings will not work with digest authentication.</para></footnote>.
+                The DAO collaborator, along with the <literal>UserCache</literal>, are typically shared directly
                 with a <classname>DaoAuthenticationProvider</classname>. The
                 <literal>authenticationEntryPoint</literal> property must be
                 <classname>DigestAuthenticationEntryPoint</classname>, so that