diff --git a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDLoginInitiationServlet.java b/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDLoginInitiationServlet.java
deleted file mode 100644
index 5a45fdbfc9..0000000000
--- a/sandbox/openid/src/main/java/org/springframework/security/ui/openid/OpenIDLoginInitiationServlet.java
+++ /dev/null
@@ -1,180 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.ui.openid;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.util.StringUtils;
-import org.springframework.web.context.WebApplicationContext;
-import org.springframework.web.context.support.WebApplicationContextUtils;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-
-/**
- * This servlet starts the OpenID authentication process.
- *
- *
Sample web.xml configuration:
- *
- *
<servlet>
- *
<servlet-name>openid</servlet-name>
- *
<servlet-class>org.springframework.security.ui.openid.OpenIDLoginInitiationServlet</servlet-class>
- *
<load-on-startup>1</load-on-startup>
- *
<init-param>
- *
<description>The error page - will receive error "message"</description>
- *
<param-name>errorPage</param-name>
- *
<param-value>index.jsp</param-value>
- *
</init-param>
- *
</servlet>
- *
<servlet-mapping>
- *
<servlet-name>openid</servlet-name>
- *
<url-pattern>/j_spring_security_openid_start</url-pattern>
- *
</servlet-mapping>
- *
- *
Sample login form:
- *
<form method="POST" action="j_spring_security_openid_start">
- *
<input type="text" name="j_username" />
- *
<input type="password" name="j_password" />
- *
<input type="submit" value="Verify" />
- *
</form>
- *
- *
Usage notes:
- * Requires an openIDConsumer Spring bean implementing the {@link OpenIDConsumer} interface
- * It will pass off to standard form-based authentication if appropriate
- * (note that AuthenticationProcessingFilter requires j_username, j_password)
- *
- *
Outstanding items:
- * TODO: config flag for whether OpenID only or dual mode?
- * TODO: username matching logic
- *
- * @author Robin Bramley, Opsera Ltd
- * @version $Id:$
- */
-public class OpenIDLoginInitiationServlet extends HttpServlet {
- final static long serialVersionUID = -997766L;
- private static final Log logger = LogFactory.getLog(OpenIDLoginInitiationServlet.class);
- private static final String passwordField = "j_password";
-
- /**
- * Servlet config key for looking up the the HttpServletRequest parameter name
- * containing the OpenID Identity URL from the Servlet config.
- *
Only set the identityField servlet init-param if you are not using j_username
- *
- *
<init-param>
- *
<description>The identity form field parameter</description>
- *
<param-name>identityField</param-name>
- *
<param-value>/openid_url</param-value>
- *
</init-param>
- */
- public static final String IDENTITY_FIELD_KEY = "identityField";
-
- /**
- * Servlet config key for the return to URL
- */
- public static final String ERROR_PAGE_KEY = "errorPage";
-
- /**
- * Servlet config key for looking up the form login URL from the Servlet config.
- *
Only set the formLogin servlet init-param if you are not using /j_spring_security_check
- *
- *
<init-param>
- *
<description>The form login URL - for standard authentication</description>
- *
<param-name>formLogin</param-name>
- *
<param-value>/custom_acegi_security_check</param-value>
- *
</init-param>
- */
- public static final String FORM_LOGIN_URL_KEY = "formLogin";
-
- /**
- * Spring context key for the OpenID consumer bean
- */
- public static final String CONSUMER_KEY = "openIDConsumer";
- private String errorPage = "index.jsp";
- private String identityField = "j_username";
- private String formLoginUrl = "/j_spring_security_check";
-
- /**
- * Check for init-params
- *
- * @Override
- */
- public void init() throws ServletException {
- super.init();
-
- String configErrorPage = getServletConfig()
- .getInitParameter(ERROR_PAGE_KEY);
-
- if (StringUtils.hasText(configErrorPage)) {
- errorPage = configErrorPage;
- }
-
- String configIdentityField = getServletConfig()
- .getInitParameter(IDENTITY_FIELD_KEY);
-
- if (StringUtils.hasText(configIdentityField)) {
- identityField = configIdentityField;
- }
-
- String configFormLoginUrl = getServletConfig()
- .getInitParameter(FORM_LOGIN_URL_KEY);
-
- if (StringUtils.hasText(configFormLoginUrl)) {
- formLoginUrl = configFormLoginUrl;
- }
- }
-
- /**
- * Process the form post - all the work is done by the OpenIDConsumer.beginConsumption method
- *
- * @Override
- */
- protected void doPost(HttpServletRequest req, HttpServletResponse res)
- throws ServletException, IOException {
- WebApplicationContext webApplicationContext = WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext());
- OpenIDConsumer consumer = (OpenIDConsumer) webApplicationContext.getBean(CONSUMER_KEY);
-
- // get the submitted id field
- String id = req.getParameter(identityField);
-
- // assume page will validate?
- //TODO: null checking!
-
- //TODO: pattern matching
- String password = req.getParameter(passwordField);
-
- if ((password != null) && (password.length() > 0)) {
- logger.debug("Attempting to authenticate using username/password");
-
- // forward to authenticationProcessingFilter (/j_spring_security_check - depends on param names)
- req.getRequestDispatcher(formLoginUrl).forward(req, res);
-
- } else {
- // send the user the redirect url to proceed with OpenID authentication
- try {
- String redirect = consumer.beginConsumption(req, id, req.getRequestURL().toString());
- logger.debug("Redirecting to: " + redirect);
- res.sendRedirect(redirect);
- } catch (OpenIDConsumerException oice) {
- logger.error("Consumer error!", oice);
- req.setAttribute("message", oice.getMessage());
- req.getRequestDispatcher(errorPage).forward(req, res);
- }
- }
- }
-}