SEC-1132: package refactoring of non-core modules

cas/src/main/java/org/springframework/security/cas/ServiceProperties.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.ui.cas;
+package org.springframework.security.cas;
 
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.util.Assert;

cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationProvider.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.cas;
+package org.springframework.security.cas.authentication;
 
 import org.jasig.cas.client.validation.Assertion;
 import org.jasig.cas.client.validation.TicketValidationException;
@@ -26,11 +26,11 @@ import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.BadCredentialsException;
 import org.springframework.security.SpringSecurityMessageSource;
+import org.springframework.security.cas.ServiceProperties;
+import org.springframework.security.cas.authentication.cache.NullStatelessTicketCache;
+import org.springframework.security.cas.web.CasProcessingFilter;
 import org.springframework.security.providers.AuthenticationProvider;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
-import org.springframework.security.providers.cas.cache.NullStatelessTicketCache;
-import org.springframework.security.ui.cas.CasProcessingFilter;
-import org.springframework.security.ui.cas.ServiceProperties;
 import org.springframework.security.userdetails.UserDetails;
 import org.springframework.security.userdetails.UserDetailsChecker;
 import org.springframework.security.userdetails.UserDetailsService;

cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.cas;
+package org.springframework.security.cas.authentication;
 
 import org.jasig.cas.client.validation.Assertion;
 import org.springframework.security.GrantedAuthority;

cas/src/main/java/org/springframework/security/cas/authentication/StatelessTicketCache.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.cas;
+package org.springframework.security.cas.authentication;
 
 /**
  * Caches CAS service tickets and CAS proxy tickets for stateless connections.

cas/src/main/java/org/springframework/security/cas/authentication/cache/EhCacheBasedTicketCache.java

@@ -13,14 +13,14 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.cas.cache;
+package org.springframework.security.cas.authentication.cache;
 
 import net.sf.ehcache.CacheException;
 import net.sf.ehcache.Element;
 import net.sf.ehcache.Ehcache;
 
-import org.springframework.security.providers.cas.CasAuthenticationToken;
-import org.springframework.security.providers.cas.StatelessTicketCache;
+import org.springframework.security.cas.authentication.CasAuthenticationToken;
+import org.springframework.security.cas.authentication.StatelessTicketCache;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;

cas/src/main/java/org/springframework/security/cas/authentication/cache/NullStatelessTicketCache.java

@@ -12,11 +12,11 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.providers.cas.cache;
+package org.springframework.security.cas.authentication.cache;
 
-import org.springframework.security.providers.cas.CasAuthenticationProvider;
-import org.springframework.security.providers.cas.CasAuthenticationToken;
-import org.springframework.security.providers.cas.StatelessTicketCache;
+import org.springframework.security.cas.authentication.CasAuthenticationProvider;
+import org.springframework.security.cas.authentication.CasAuthenticationToken;
+import org.springframework.security.cas.authentication.StatelessTicketCache;
 
 /**
  * Implementation of @link {@link StatelessTicketCache} that has no backing cache.  Useful

cas/src/main/java/org/springframework/security/cas/web/CasProcessingFilter.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.ui.cas;
+package org.springframework.security.cas.web;
 
 import java.io.IOException;
 
@@ -23,10 +23,11 @@ import org.jasig.cas.client.validation.TicketValidator;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 
+import org.springframework.security.cas.ServiceProperties;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.authentication.AbstractProcessingFilter;
+import org.springframework.security.web.util.FilterChainOrder;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

cas/src/main/java/org/springframework/security/cas/web/CasProcessingFilterEntryPoint.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.ui.cas;
+package org.springframework.security.cas.web;
 
 import java.io.IOException;
 
@@ -23,6 +23,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.jasig.cas.client.util.CommonUtils;
 import org.springframework.security.AuthenticationException;
+import org.springframework.security.cas.ServiceProperties;
 import org.springframework.security.web.AuthenticationEntryPoint;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.util.Assert;

cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.cas;
+package org.springframework.security.cas.authentication;
 
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
@@ -21,11 +21,14 @@ import org.springframework.security.BadCredentialsException;
 import org.springframework.security.GrantedAuthority;
 import org.springframework.security.GrantedAuthorityImpl;
 
+import org.springframework.security.cas.ServiceProperties;
+import org.springframework.security.cas.authentication.CasAuthenticationProvider;
+import org.springframework.security.cas.authentication.CasAuthenticationToken;
+import org.springframework.security.cas.authentication.StatelessTicketCache;
+import org.springframework.security.cas.web.CasProcessingFilter;
 import org.springframework.security.providers.TestingAuthenticationToken;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 
-import org.springframework.security.ui.cas.CasProcessingFilter;
-import org.springframework.security.ui.cas.ServiceProperties;
 
 import org.springframework.security.userdetails.User;
 import org.springframework.security.userdetails.UserDetails;

cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.cas;
+package org.springframework.security.cas.authentication;
 
 import java.util.List;
 
@@ -22,6 +22,7 @@ import junit.framework.TestCase;
 import org.jasig.cas.client.validation.Assertion;
 import org.jasig.cas.client.validation.AssertionImpl;
 import org.springframework.security.GrantedAuthority;
+import org.springframework.security.cas.authentication.CasAuthenticationToken;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.security.userdetails.User;
 import org.springframework.security.userdetails.UserDetails;

cas/src/test/java/org/springframework/security/cas/authentication/cache/AbstractStatelessTicketCacheTests.java

@@ -1,11 +1,11 @@
-package org.springframework.security.providers.cas.cache;
+package org.springframework.security.cas.authentication.cache;
 
 import java.util.ArrayList;
 import java.util.List;
 
 import org.jasig.cas.client.validation.Assertion;
 import org.jasig.cas.client.validation.AssertionImpl;
-import org.springframework.security.providers.cas.CasAuthenticationToken;
+import org.springframework.security.cas.authentication.CasAuthenticationToken;
 import org.springframework.security.userdetails.User;
 import org.springframework.security.util.AuthorityUtils;
 

cas/src/test/java/org/springframework/security/cas/authentication/cache/EhCacheBasedTicketCacheTests.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.cas.cache;
+package org.springframework.security.cas.authentication.cache;
 
 import net.sf.ehcache.Ehcache;
 import net.sf.ehcache.CacheManager;
@@ -22,7 +22,8 @@ import net.sf.ehcache.Cache;
 import org.junit.Test;
 import org.junit.BeforeClass;
 import org.junit.AfterClass;
-import org.springframework.security.providers.cas.CasAuthenticationToken;
+import org.springframework.security.cas.authentication.CasAuthenticationToken;
+import org.springframework.security.cas.authentication.cache.EhCacheBasedTicketCache;
 
 import static org.junit.Assert.*;
 

cas/src/test/java/org/springframework/security/cas/authentication/cache/NullStatelessTicketCacheTests.java

@@ -12,12 +12,13 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.providers.cas.cache;
+package org.springframework.security.cas.authentication.cache;
 
 
 import org.junit.Test;
-import org.springframework.security.providers.cas.CasAuthenticationToken;
-import org.springframework.security.providers.cas.StatelessTicketCache;
+import org.springframework.security.cas.authentication.CasAuthenticationToken;
+import org.springframework.security.cas.authentication.StatelessTicketCache;
+import org.springframework.security.cas.authentication.cache.NullStatelessTicketCache;
 
 import static org.junit.Assert.*;
 

cas/src/test/java/org/springframework/security/cas/web/CasProcessingFilterEntryPointTests.java

@@ -13,12 +13,14 @@
  * limitations under the License.
  */
 
-package org.springframework.security.ui.cas;
+package org.springframework.security.cas.web;
 
 import junit.framework.TestCase;
 
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.security.cas.ServiceProperties;
+import org.springframework.security.cas.web.CasProcessingFilterEntryPoint;
 
 import java.net.URLEncoder;
 
@@ -30,26 +32,8 @@ import java.net.URLEncoder;
  * @version $Id$
  */
 public class CasProcessingFilterEntryPointTests extends TestCase {
-    //~ Constructors ===================================================================================================
-
-    public CasProcessingFilterEntryPointTests() {
-        super();
-    }
-
-    public CasProcessingFilterEntryPointTests(String arg0) {
-        super(arg0);
-    }
-
     //~ Methods ========================================================================================================
 
-    public static void main(String[] args) {
-        junit.textui.TestRunner.run(CasProcessingFilterEntryPointTests.class);
-    }
-
-    public final void setUp() throws Exception {
-        super.setUp();
-    }
-
     public void testDetectsMissingLoginFormUrl() throws Exception {
         CasProcessingFilterEntryPoint ep = new CasProcessingFilterEntryPoint();
         ep.setServiceProperties(new ServiceProperties());

cas/src/test/java/org/springframework/security/cas/web/CasProcessingFilterTests.java

@@ -13,13 +13,14 @@
  * limitations under the License.
  */
 
-package org.springframework.security.ui.cas;
+package org.springframework.security.cas.web;
 
 import junit.framework.TestCase;
 
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.MockAuthenticationManager;
+import org.springframework.security.cas.web.CasProcessingFilter;
 
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;

cas/src/test/java/org/springframework/security/cas/web/ServicePropertiesTests.java

@@ -13,7 +13,9 @@
  * limitations under the License.
  */
 
-package org.springframework.security.ui.cas;
+package org.springframework.security.cas.web;
+
+import org.springframework.security.cas.ServiceProperties;
 
 import junit.framework.TestCase;
 
@@ -25,26 +27,8 @@ import junit.framework.TestCase;
  * @version $Id$
  */
 public class ServicePropertiesTests extends TestCase {
-    //~ Constructors ===================================================================================================
-
-    public ServicePropertiesTests() {
-        super();
-    }
-
-    public ServicePropertiesTests(String arg0) {
-        super(arg0);
-    }
-
     //~ Methods ========================================================================================================
 
-    public static void main(String[] args) {
-        junit.textui.TestRunner.run(ServicePropertiesTests.class);
-    }
-
-    public final void setUp() throws Exception {
-        super.setUp();
-    }
-
     public void testDetectsMissingLoginFormUrl() throws Exception {
         ServiceProperties sp = new ServiceProperties();
 

config/src/main/java/org/springframework/security/config/LdapProviderBeanDefinitionParser.java

@@ -27,9 +27,9 @@ public class LdapProviderBeanDefinitionParser implements BeanDefinitionParser {
 
     private static final String DEF_USER_SEARCH_FILTER = "uid={0}";
 
-    private static final String PROVIDER_CLASS = "org.springframework.security.providers.ldap.LdapAuthenticationProvider";
-    private static final String BIND_AUTH_CLASS = "org.springframework.security.providers.ldap.authenticator.BindAuthenticator";
-    private static final String PASSWD_AUTH_CLASS = "org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator";
+    static final String PROVIDER_CLASS = "org.springframework.security.ldap.authentication.LdapAuthenticationProvider";
+    static final String BIND_AUTH_CLASS = "org.springframework.security.ldap.authentication.BindAuthenticator";
+    static final String PASSWD_AUTH_CLASS = "org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator";
 
     public BeanDefinition parse(Element elt, ParserContext parserContext) {
         RuntimeBeanReference contextSource = LdapUserServiceBeanDefinitionParser.parseServerReference(elt, parserContext);

config/src/main/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParser.java

@@ -33,13 +33,13 @@ public class LdapUserServiceBeanDefinitionParser extends AbstractUserDetailsServ
     static final String OPT_INETORGPERSON = "inetOrgPerson";
 
     public static final String LDAP_SEARCH_CLASS = "org.springframework.security.ldap.search.FilterBasedLdapUserSearch";
-    public static final String PERSON_MAPPER_CLASS = "org.springframework.security.userdetails.ldap.PersonContextMapper";
-    public static final String INET_ORG_PERSON_MAPPER_CLASS = "org.springframework.security.userdetails.ldap.InetOrgPersonContextMapper";
-    public static final String LDAP_USER_MAPPER_CLASS = "org.springframework.security.userdetails.ldap.LdapUserDetailsMapper";
+    public static final String PERSON_MAPPER_CLASS = "org.springframework.security.ldap.userdetails.PersonContextMapper";
+    public static final String INET_ORG_PERSON_MAPPER_CLASS = "org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper";
+    public static final String LDAP_USER_MAPPER_CLASS = "org.springframework.security.ldap.userdetails.LdapUserDetailsMapper";
     public static final String LDAP_AUTHORITIES_POPULATOR_CLASS = "org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator";
 
     protected String getBeanClassName(Element element) {
-        return "org.springframework.security.userdetails.ldap.LdapUserDetailsService";
+        return "org.springframework.security.ldap.userdetails.LdapUserDetailsService";
     }
 
     protected void doParse(Element elt, ParserContext parserContext, BeanDefinitionBuilder builder) {

config/src/main/java/org/springframework/security/config/OrderedFilterBeanDefinitionDecorator.java

@@ -15,7 +15,7 @@ import org.springframework.beans.factory.support.BeanDefinitionBuilder;
 import org.springframework.beans.factory.xml.BeanDefinitionDecorator;
 import org.springframework.beans.factory.xml.ParserContext;
 import org.springframework.core.Ordered;
-import org.springframework.security.web.FilterChainOrder;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
 import org.w3c.dom.Element;

config/src/test/java/org/springframework/security/config/LdapProviderBeanDefinitionParserTests.java

@@ -1,7 +1,7 @@
 package org.springframework.security.config;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.*;
+import static org.springframework.security.config.LdapProviderBeanDefinitionParser.*;
 
 import org.junit.After;
 import org.junit.Test;
@@ -9,11 +9,13 @@ import org.springframework.security.Authentication;
 import org.springframework.security.config.BeanIds;
 import org.springframework.security.config.SecurityConfigurationException;
 import org.springframework.security.config.util.InMemoryXmlApplicationContext;
+import org.springframework.security.ldap.authentication.BindAuthenticator;
+import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
+import org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator;
+import org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper;
+import org.springframework.security.ldap.userdetails.LdapUserDetailsImpl;
 import org.springframework.security.providers.ProviderManager;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
-import org.springframework.security.providers.ldap.LdapAuthenticationProvider;
-import org.springframework.security.userdetails.ldap.InetOrgPersonContextMapper;
-import org.springframework.security.userdetails.ldap.LdapUserDetailsImpl;
 import org.springframework.security.util.FieldUtils;
 
 
@@ -32,6 +34,13 @@ public class LdapProviderBeanDefinitionParserTests {
         }
     }
 
+    @Test
+    public void beanClassNamesAreCorrect() throws Exception {
+        assertEquals(PROVIDER_CLASS, LdapAuthenticationProvider.class.getName());
+        assertEquals(BIND_AUTH_CLASS, BindAuthenticator.class.getName());
+        assertEquals(PASSWD_AUTH_CLASS, PasswordComparisonAuthenticator.class.getName());
+    }
+
     @Test
     public void simpleProviderAuthenticatesCorrectly() {
         setContext("<ldap-server /> <ldap-authentication-provider group-search-filter='member={0}' />");

config/src/test/java/org/springframework/security/config/LdapUserServiceBeanDefinitionParserTests.java

@@ -1,18 +1,27 @@
 package org.springframework.security.config;
 
+import static org.junit.Assert.*;
+import static org.mockito.Mockito.mock;
+import static org.springframework.security.config.LdapUserServiceBeanDefinitionParser.*;
+
 import java.util.Set;
 
+import org.junit.After;
+import org.junit.Test;
 import org.springframework.security.GrantedAuthorityImpl;
 import org.springframework.security.config.util.InMemoryXmlApplicationContext;
-import org.springframework.security.util.AuthorityUtils;
-import org.springframework.security.userdetails.UserDetailsService;
+import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator;
+import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
+import org.springframework.security.ldap.userdetails.InetOrgPerson;
+import org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper;
+import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;
+import org.springframework.security.ldap.userdetails.LdapUserDetailsService;
+import org.springframework.security.ldap.userdetails.Person;
+import org.springframework.security.ldap.userdetails.PersonContextMapper;
 import org.springframework.security.userdetails.UserDetails;
-import org.springframework.security.userdetails.ldap.InetOrgPerson;
-import org.springframework.security.userdetails.ldap.Person;
-
-import org.junit.Test;
-import org.junit.After;
-import static org.junit.Assert.*;
+import org.springframework.security.userdetails.UserDetailsService;
+import org.springframework.security.util.AuthorityUtils;
+import org.w3c.dom.Element;
 
 /**
  * @author Luke Taylor
@@ -29,6 +38,16 @@ public class LdapUserServiceBeanDefinitionParserTests {
         }
     }
 
+    @Test
+    public void beanClassNamesAreCorrect() throws Exception {
+        assertEquals(LDAP_SEARCH_CLASS, FilterBasedLdapUserSearch.class.getName());
+        assertEquals(PERSON_MAPPER_CLASS, PersonContextMapper.class.getName());
+        assertEquals(INET_ORG_PERSON_MAPPER_CLASS, InetOrgPersonContextMapper.class.getName());
+        assertEquals(LDAP_USER_MAPPER_CLASS, LdapUserDetailsMapper.class.getName());
+        assertEquals(LDAP_AUTHORITIES_POPULATOR_CLASS, DefaultLdapAuthoritiesPopulator.class.getName());
+        assertEquals(LdapUserDetailsService.class.getName(), new LdapUserServiceBeanDefinitionParser().getBeanClassName(mock(Element.class)));
+    }
+
     @Test
     public void minimalConfigurationIsParsedOk() throws Exception {
         setContext("<ldap-user-service user-search-filter='(uid={0})' /><ldap-server url='ldap://127.0.0.1:343/dc=springframework,dc=org' />");

ldap/src/main/java/org/springframework/security/ldap/LdapAuthenticator.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.ldap;
+package org.springframework.security.ldap;
 
 import org.springframework.security.Authentication;
 import org.springframework.ldap.core.DirContextOperations;

ldap/src/main/java/org/springframework/security/ldap/NamingExceptionTranslator.java

@@ -1,32 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.ldap;
-
-import org.springframework.dao.DataAccessException;
-
-import javax.naming.NamingException;
-
-
-/**
- * @author Luke Taylor
- * @deprecated Spring ldap is used instead.
- * @version $Id$
- */
-public interface NamingExceptionTranslator {
-    //~ Methods ========================================================================================================
-
-    DataAccessException translate(String task, NamingException e);
-}

ldap/src/main/java/org/springframework/security/ldap/SpringSecurityAuthenticationSource.java

@@ -2,8 +2,8 @@ package org.springframework.security.ldap;
 
 import org.springframework.security.Authentication;
 import org.springframework.security.context.SecurityContextHolder;
+import org.springframework.security.ldap.userdetails.LdapUserDetails;
 import org.springframework.security.providers.AnonymousAuthenticationToken;
-import org.springframework.security.userdetails.ldap.LdapUserDetails;
 import org.springframework.ldap.core.AuthenticationSource;
 
 import org.apache.commons.logging.Log;

ldap/src/main/java/org/springframework/security/ldap/SpringSecurityContextSource.java

@@ -1,28 +0,0 @@
-package org.springframework.security.ldap;
-
-import org.springframework.ldap.core.support.BaseLdapPathContextSource;
-import org.springframework.ldap.core.ContextSource;
-
-import javax.naming.directory.DirContext;
-
-/**
- * Extension of {@link ContextSource} which allows binding explicitly as a particular user.
- *
- * @author Luke Taylor
- * @version $Id$
- * @since 2.0
- *
- * @deprecated As of Spring LDAP 1.3, ContextSource provides this method itself.
- */
-public interface SpringSecurityContextSource extends BaseLdapPathContextSource {
-
-    /**
-     * Obtains a context using the supplied distinguished name and credentials.
-     *
-     * @param userDn the distinguished name of the user to authenticate as
-     * @param credentials the user's password
-     * @return a context authenticated as the supplied user
-     */
-    DirContext getReadWriteContext(String userDn, Object credentials);
-
-}

ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java

@@ -13,11 +13,11 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.ldap.authenticator;
+package org.springframework.security.ldap.authentication;
 
 import org.springframework.security.SpringSecurityMessageSource;
+import org.springframework.security.ldap.LdapAuthenticator;
 import org.springframework.security.ldap.LdapUserSearch;
-import org.springframework.security.providers.ldap.LdapAuthenticator;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;

ldap/src/main/java/org/springframework/security/ldap/authentication/BindAuthenticator.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.ldap.authenticator;
+package org.springframework.security.ldap.authentication;
 
 import javax.naming.directory.Attributes;
 import javax.naming.directory.DirContext;

ldap/src/main/java/org/springframework/security/ldap/authentication/LdapAuthenticationProvider.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.ldap;
+package org.springframework.security.ldap.authentication;
 
 import java.util.List;
 
@@ -23,14 +23,15 @@ import org.springframework.security.AuthenticationServiceException;
 import org.springframework.security.BadCredentialsException;
 import org.springframework.security.GrantedAuthority;
 import org.springframework.security.SpringSecurityMessageSource;
+import org.springframework.security.ldap.LdapAuthenticator;
 import org.springframework.security.ldap.LdapAuthoritiesPopulator;
 import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator;
+import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;
+import org.springframework.security.ldap.userdetails.UserDetailsContextMapper;
 import org.springframework.security.providers.AuthenticationProvider;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.security.userdetails.UserDetails;
 import org.springframework.security.userdetails.UsernameNotFoundException;
-import org.springframework.security.userdetails.ldap.LdapUserDetailsMapper;
-import org.springframework.security.userdetails.ldap.UserDetailsContextMapper;
 import org.springframework.security.util.AuthorityUtils;
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
@@ -55,9 +56,9 @@ import org.apache.commons.logging.LogFactory;
  * <h3>LdapAuthenticator</h3>
  * This interface is responsible for performing the user authentication and retrieving
  * the user's information from the directory. Example implementations are {@link
- * org.springframework.security.providers.ldap.authenticator.BindAuthenticator BindAuthenticator} which authenticates
+ * org.springframework.security.ldap.authentication.BindAuthenticator BindAuthenticator} which authenticates
  * the user by "binding" as that user, and
- * {@link org.springframework.security.providers.ldap.authenticator.PasswordComparisonAuthenticator PasswordComparisonAuthenticator}
+ * {@link org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator PasswordComparisonAuthenticator}
  * which compares the supplied password with the value stored in the directory, using an LDAP "compare"
  * operation.
  * <p>
@@ -124,7 +125,7 @@ import org.apache.commons.logging.LogFactory;
  * @author Luke Taylor
  * @version $Id$
  *
- * @see org.springframework.security.providers.ldap.authenticator.BindAuthenticator
+ * @see org.springframework.security.ldap.authentication.BindAuthenticator
  * @see DefaultLdapAuthoritiesPopulator
  */
 public class LdapAuthenticationProvider implements AuthenticationProvider, MessageSourceAware {

ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.ldap.authenticator;
+package org.springframework.security.ldap.authentication;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -32,7 +32,7 @@ import org.springframework.util.Assert;
 
 
 /**
- * An {@link org.springframework.security.providers.ldap.LdapAuthenticator LdapAuthenticator} which compares the login
+ * An {@link org.springframework.security.ldap.LdapAuthenticator LdapAuthenticator} which compares the login
  * password with the value stored in the directory using a remote LDAP "compare" operation.
  *
  * <p>

ldap/src/main/java/org/springframework/security/ldap/userdetails/InetOrgPerson.java

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import org.springframework.ldap.core.DirContextAdapter;
 import org.springframework.ldap.core.DirContextOperations;

ldap/src/main/java/org/springframework/security/ldap/userdetails/InetOrgPersonContextMapper.java

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import java.util.List;
 

ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetails.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import org.springframework.security.userdetails.UserDetails;
 

ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsImpl.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import java.util.ArrayList;
 import java.util.List;

ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import org.springframework.security.Authentication;
 import org.springframework.security.BadCredentialsException;

ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapper.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import java.util.List;
 

ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsService.java

@@ -1,4 +1,4 @@
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import org.springframework.ldap.core.DirContextOperations;
 import org.springframework.security.ldap.LdapAuthoritiesPopulator;

ldap/src/main/java/org/springframework/security/ldap/userdetails/Person.java

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 
 import org.springframework.util.Assert;

ldap/src/main/java/org/springframework/security/ldap/userdetails/PersonContextMapper.java

@@ -1,4 +1,4 @@
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import java.util.List;
 

ldap/src/main/java/org/springframework/security/ldap/userdetails/UserDetailsContextMapper.java

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import java.util.List;
 

ldap/src/main/java/org/springframework/security/providers/ldap/authenticator/package.html

@@ -1,5 +0,0 @@
-<html>
-<body>
-LDAP authenticator implementations.
-</body>
-</html>

ldap/src/test/java/org/springframework/security/ldap/SpringSecurityAuthenticationSourceTests.java

@@ -1,9 +1,9 @@
 package org.springframework.security.ldap;
 
 import org.springframework.security.context.SecurityContextHolder;
+import org.springframework.security.ldap.userdetails.LdapUserDetailsImpl;
 import org.springframework.security.providers.AnonymousAuthenticationToken;
 import org.springframework.security.providers.TestingAuthenticationToken;
-import org.springframework.security.userdetails.ldap.LdapUserDetailsImpl;
 import org.springframework.security.util.AuthorityUtils;
 import org.springframework.ldap.core.AuthenticationSource;
 import org.springframework.ldap.core.DistinguishedName;

ldap/src/test/java/org/springframework/security/ldap/authentication/BindAuthenticatorTests.java

@@ -13,12 +13,13 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.ldap.authenticator;
+package org.springframework.security.ldap.authentication;
 
 import org.springframework.security.Authentication;
 import org.springframework.security.BadCredentialsException;
 import org.springframework.security.SpringSecurityMessageSource;
 import org.springframework.security.ldap.AbstractLdapIntegrationTests;
+import org.springframework.security.ldap.authentication.BindAuthenticator;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.ldap.core.DirContextAdapter;
 import org.springframework.ldap.core.DirContextOperations;

ldap/src/test/java/org/springframework/security/ldap/authentication/LdapAuthenticationProviderTests.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.ldap;
+package org.springframework.security.ldap.authentication;
 
 import static org.junit.Assert.*;
 
@@ -30,11 +30,13 @@ import org.springframework.ldap.core.DistinguishedName;
 import org.springframework.security.Authentication;
 import org.springframework.security.BadCredentialsException;
 import org.springframework.security.GrantedAuthority;
+import org.springframework.security.ldap.LdapAuthenticator;
 import org.springframework.security.ldap.LdapAuthoritiesPopulator;
+import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
+import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.security.userdetails.UserDetails;
 import org.springframework.security.userdetails.UsernameNotFoundException;
-import org.springframework.security.userdetails.ldap.LdapUserDetailsMapper;
 import org.springframework.security.util.AuthorityUtils;
 
 

ldap/src/test/java/org/springframework/security/ldap/authentication/LdapShaPasswordEncoderTests.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.ldap.authenticator;
+package org.springframework.security.ldap.authentication;
 
 import static org.junit.Assert.*;
 

ldap/src/test/java/org/springframework/security/ldap/authentication/MockUserSearch.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.ldap.authenticator;
+package org.springframework.security.ldap.authentication;
 
 import org.springframework.security.ldap.LdapUserSearch;
 

ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.ldap.authenticator;
+package org.springframework.security.ldap.authentication;
 
 import javax.naming.directory.Attributes;
 import javax.naming.directory.BasicAttribute;
@@ -26,6 +26,7 @@ import org.jmock.Mockery;
 import org.jmock.integration.junit4.JUnit4Mockery;
 import org.junit.Test;
 import org.springframework.ldap.core.support.BaseLdapPathContextSource;
+import org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 
 

ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java

@@ -13,12 +13,13 @@
  * limitations under the License.
  */
 
-package org.springframework.security.providers.ldap.authenticator;
+package org.springframework.security.ldap.authentication;
 
 import org.springframework.security.BadCredentialsException;
 import org.springframework.security.Authentication;
 
 import org.springframework.security.ldap.AbstractLdapIntegrationTests;
+import org.springframework.security.ldap.authentication.PasswordComparisonAuthenticator;
 
 import org.springframework.security.providers.encoding.LdapShaPasswordEncoder;
 import org.springframework.security.providers.encoding.PlaintextPasswordEncoder;

ldap/src/test/java/org/springframework/security/ldap/userdetails/InetOrgPersonTests.java

@@ -1,9 +1,10 @@
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import junit.framework.TestCase;
 
 import org.springframework.ldap.core.DirContextAdapter;
 import org.springframework.ldap.core.DistinguishedName;
+import org.springframework.security.ldap.userdetails.InetOrgPerson;
 
 /**
  * @author Luke Taylor

ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManagerTests.java

@@ -12,7 +12,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
@@ -30,6 +30,11 @@ import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.ldap.AbstractLdapIntegrationTests;
 import org.springframework.security.ldap.DefaultLdapUsernameToDnMapper;
 import org.springframework.security.ldap.SpringSecurityLdapTemplate;
+import org.springframework.security.ldap.userdetails.InetOrgPerson;
+import org.springframework.security.ldap.userdetails.InetOrgPersonContextMapper;
+import org.springframework.security.ldap.userdetails.LdapUserDetails;
+import org.springframework.security.ldap.userdetails.LdapUserDetailsManager;
+import org.springframework.security.ldap.userdetails.PersonContextMapper;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.security.userdetails.UsernameNotFoundException;
 import org.springframework.security.util.AuthorityUtils;

ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsMapperTests.java

@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import javax.naming.directory.BasicAttribute;
 import javax.naming.directory.BasicAttributes;
@@ -22,6 +22,9 @@ import junit.framework.TestCase;
 
 import org.springframework.ldap.core.DirContextAdapter;
 import org.springframework.ldap.core.DistinguishedName;
+import org.springframework.security.ldap.userdetails.LdapUserDetails;
+import org.springframework.security.ldap.userdetails.LdapUserDetailsImpl;
+import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;
 import org.springframework.security.util.AuthorityUtils;
 
 /**

ldap/src/test/java/org/springframework/security/ldap/userdetails/LdapUserDetailsServiceTests.java

@@ -1,4 +1,4 @@
-package org.springframework.security.userdetails.ldap;
+package org.springframework.security.ldap.userdetails;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
@@ -12,7 +12,9 @@ import org.springframework.ldap.core.DirContextOperations;
 import org.springframework.ldap.core.DistinguishedName;
 import org.springframework.security.GrantedAuthority;
 import org.springframework.security.ldap.LdapAuthoritiesPopulator;
-import org.springframework.security.providers.ldap.authenticator.MockUserSearch;
+import org.springframework.security.ldap.authentication.MockUserSearch;
+import org.springframework.security.ldap.userdetails.LdapUserDetailsMapper;
+import org.springframework.security.ldap.userdetails.LdapUserDetailsService;
 import org.springframework.security.userdetails.UserDetails;
 import org.springframework.security.util.AuthorityUtils;
 

ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilter.java

@@ -25,10 +25,10 @@ import org.springframework.security.InsufficientAuthenticationException;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.providers.AnonymousAuthenticationToken;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.SpringSecurityFilter;
 import org.springframework.security.web.WebAuthenticationDetailsSource;
 import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.util.Assert;
 

ntlm/src/main/java/org/springframework/security/ui/ntlm/ldap/authenticator/NtlmAwareLdapAuthenticator.java

@@ -13,7 +13,7 @@ import org.springframework.ldap.core.support.BaseLdapPathContextSource;
 import org.springframework.security.Authentication;
 import org.springframework.security.BadCredentialsException;
 import org.springframework.security.ldap.SpringSecurityLdapTemplate;
-import org.springframework.security.providers.ldap.authenticator.BindAuthenticator;
+import org.springframework.security.ldap.authentication.BindAuthenticator;
 import org.springframework.security.ui.ntlm.NtlmUsernamePasswordAuthenticationToken;
 
 /**

openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProcessingFilter.java

@@ -28,9 +28,9 @@ import javax.servlet.http.HttpSession;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
 import org.springframework.security.AuthenticationServiceException;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.authentication.AbstractProcessingFilter;
 import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.util.StringUtils;
 
 

samples/cas/client/src/main/webapp/WEB-INF/applicationContext-security.xml

@@ -13,16 +13,16 @@
 
     <sec:authentication-manager alias="authenticationManager"/>
 
-    <bean id="casProcessingFilter" class="org.springframework.security.ui.cas.CasProcessingFilter">
+    <bean id="casProcessingFilter" class="org.springframework.security.cas.web.CasProcessingFilter">
         <sec:custom-filter after="CAS_PROCESSING_FILTER"/>
         <property name="authenticationManager" ref="authenticationManager"/>
         <property name="authenticationFailureHandler">
-            <bean class="org.springframework.security.ui.SimpleUrlAuthenticationFailureHandler">
+            <bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
                 <property name="defaultFailureUrl" value="/casfailed.jsp"/>
             </bean>
         </property>
         <property name="authenticationSuccessHandler">
-            <bean class="org.springframework.security.ui.SimpleUrlAuthenticationSuccessHandler">
+            <bean class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
                 <property name="defaultTargetUrl" value="/"/>
             </bean>
         </property>
@@ -30,12 +30,12 @@
         <property name="proxyReceptorUrl" value="/secure/receptor" />
     </bean>
 
-    <bean id="casProcessingFilterEntryPoint" class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint">
+    <bean id="casProcessingFilterEntryPoint" class="org.springframework.security.cas.web.CasProcessingFilterEntryPoint">
         <property name="loginUrl" value="https://localhost:9443/cas/login"/>
         <property name="serviceProperties" ref="serviceProperties"/>
     </bean>
 
-    <bean id="casAuthenticationProvider" class="org.springframework.security.providers.cas.CasAuthenticationProvider">
+    <bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
         <sec:custom-authentication-provider />
         <property name="userDetailsService" ref="userService"/>
         <property name="serviceProperties" ref="serviceProperties" />
@@ -51,7 +51,7 @@
 
     <bean id="proxyGrantingTicketStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
 
-    <bean id="serviceProperties" class="org.springframework.security.ui.cas.ServiceProperties">
+    <bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
         <property name="service" value="https://localhost:8443/cas-sample/j_spring_cas_security_check"/>
         <property name="sendRenew" value="false"/>
     </bean>

samples/cas/server/pom.xml

@@ -30,16 +30,16 @@
                             <needClientAuth>false</needClientAuth>
                         </connector>
                     </connectors>
-			         <systemProperties>
-			            <systemProperty>
-			              <name>javax.net.ssl.trustStore</name>
-			               <value>../../certificates/server.jks</value>
-			            </systemProperty>
-			            <systemProperty>
-			            	<name>javax.net.ssl.trustStorePassword</name>
-			            	<value>password</value>
-			            </systemProperty>
-					</systemProperties>
+                     <systemProperties>
+                        <systemProperty>
+                          <name>javax.net.ssl.trustStore</name>
+                           <value>../../certificates/server.jks</value>
+                        </systemProperty>
+                        <systemProperty>
+                            <name>javax.net.ssl.trustStorePassword</name>
+                            <value>password</value>
+                        </systemProperty>
+                    </systemProperties>
                 </configuration>
             </plugin>
         </plugins>

samples/ldap/src/main/webapp/WEB-INF/applicationContext-security.xml

@@ -3,7 +3,7 @@
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
     http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">
-    
+
     <s:http>
         <s:intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
         <s:intercept-url pattern="/secure/**" access="IS_AUTHENTICATED_REMEMBERED" />
@@ -19,44 +19,44 @@
 
     <s:ldap-server ldif="classpath:users.ldif" port="33389"/>
 
-    <s:ldap-authentication-provider 
-        group-search-filter="member={0}" 
+    <s:ldap-authentication-provider
+        group-search-filter="member={0}"
         group-search-base="ou=groups"
         user-search-base="ou=people"
         user-search-filter="uid={0}"
     />
 
     <!-- Traditional Bean version of the same configuration -->
-    
+
     <!-- This bean points at the embedded directory server created by the ldap-server element above  -->
     <bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
         <constructor-arg value="ldap://localhost:33389/dc=springframework,dc=org"/>
     </bean>
 
-    <bean id="secondLdapProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
+    <bean id="secondLdapProvider" class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
         <s:custom-authentication-provider />
-		<constructor-arg>
-			<bean class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator">
-				<constructor-arg ref="contextSource" />
-				<property name="userSearch">
-					<bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
-					  <constructor-arg index="0" value="ou=people"/>
-					  <constructor-arg index="1" value="(uid={0})"/>
-					  <constructor-arg index="2" ref="contextSource" />
-					</bean>				
-				</property>
-			</bean>
-		</constructor-arg>
-		<constructor-arg>
-			<bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
-				<constructor-arg ref="contextSource" />
-				<constructor-arg value="ou=groups" />
-				<property name="groupSearchFilter" value="(member={0})"/>
-				<property name="rolePrefix" value="ROLE_"/>
-				<property name="searchSubtree" value="true"/>
-				<property name="convertToUpperCase" value="true"/>
-			</bean>
-		</constructor-arg>
+        <constructor-arg>
+            <bean class="org.springframework.security.ldap.authentication.BindAuthenticator">
+                <constructor-arg ref="contextSource" />
+                <property name="userSearch">
+                    <bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
+                      <constructor-arg index="0" value="ou=people"/>
+                      <constructor-arg index="1" value="(uid={0})"/>
+                      <constructor-arg index="2" ref="contextSource" />
+                    </bean>
+                </property>
+            </bean>
+        </constructor-arg>
+        <constructor-arg>
+            <bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
+                <constructor-arg ref="contextSource" />
+                <constructor-arg value="ou=groups" />
+                <property name="groupSearchFilter" value="(member={0})"/>
+                <property name="rolePrefix" value="ROLE_"/>
+                <property name="searchSubtree" value="true"/>
+                <property name="convertToUpperCase" value="true"/>
+            </bean>
+        </constructor-arg>
     </bean>
 
-</beans>
+</beans>

web/src/main/java/org/springframework/security/web/ExceptionTranslationFilter.java

@@ -25,6 +25,7 @@ import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.util.ThrowableAnalyzer;
 import org.springframework.security.util.ThrowableCauseExtractor;
 import org.springframework.security.web.savedrequest.SavedRequest;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.beans.factory.InitializingBean;
 
 import org.springframework.util.Assert;

web/src/main/java/org/springframework/security/web/SessionFixationProtectionFilter.java

@@ -15,6 +15,7 @@ import org.springframework.security.concurrent.SessionRegistry;
 import org.springframework.security.context.SecurityContext;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.security.web.util.SessionUtils;
 
 /**

web/src/main/java/org/springframework/security/web/authentication/AnonymousProcessingFilter.java

@@ -22,9 +22,9 @@ import org.springframework.security.context.SecurityContextHolder;
 
 import org.springframework.security.providers.AnonymousAuthenticationToken;
 import org.springframework.security.userdetails.memory.UserAttribute;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.SpringSecurityFilter;
 import org.springframework.security.web.WebAuthenticationDetailsSource;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.util.Assert;
 

web/src/main/java/org/springframework/security/web/authentication/AuthenticationProcessingFilter.java

@@ -22,7 +22,7 @@ import org.springframework.security.AuthenticationServiceException;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 
 import org.springframework.security.util.TextUtils;
-import org.springframework.security.web.FilterChainOrder;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.util.Assert;
 
 import javax.servlet.http.HttpServletRequest;

web/src/main/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilter.java

@@ -10,9 +10,9 @@ import javax.servlet.http.HttpSession;
 
 import org.springframework.beans.BeanWrapperImpl;
 import org.springframework.security.AuthenticationException;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.SpringSecurityFilter;
 import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
+import org.springframework.security.web.util.FilterChainOrder;
 
 /**
  * For internal use with namespace configuration in the case where a user doesn't configure a login page.

web/src/main/java/org/springframework/security/web/authentication/preauth/RequestHeaderPreAuthenticatedProcessingFilter.java

@@ -2,7 +2,7 @@ package org.springframework.security.web.authentication.preauth;
 
 import javax.servlet.http.HttpServletRequest;
 
-import org.springframework.security.web.FilterChainOrder;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.util.Assert;
 
 /**

web/src/main/java/org/springframework/security/web/authentication/preauth/x509/X509PreAuthenticatedProcessingFilter.java

@@ -1,7 +1,7 @@
 package org.springframework.security.web.authentication.preauth.x509;
 
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter;
+import org.springframework.security.web.util.FilterChainOrder;
 
 import javax.servlet.http.HttpServletRequest;
 import java.security.cert.X509Certificate;

web/src/main/java/org/springframework/security/web/authentication/rememberme/RememberMeProcessingFilter.java

@@ -20,8 +20,8 @@ import org.springframework.security.AuthenticationException;
 import org.springframework.security.AuthenticationManager;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.event.authentication.InteractiveAuthenticationSuccessEvent;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.SpringSecurityFilter;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.context.ApplicationEventPublisherAware;

web/src/main/java/org/springframework/security/web/authentication/switchuser/SwitchUserProcessingFilter.java

@@ -49,13 +49,13 @@ import org.springframework.security.userdetails.UserDetailsChecker;
 import org.springframework.security.userdetails.UserDetailsService;
 import org.springframework.security.userdetails.UsernameNotFoundException;
 import org.springframework.security.userdetails.checker.AccountStatusUserDetailsChecker;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.SpringSecurityFilter;
 import org.springframework.security.web.WebAuthenticationDetailsSource;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.security.web.util.UrlUtils;
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;

web/src/main/java/org/springframework/security/web/authentication/www/BasicProcessingFilter.java

@@ -32,11 +32,11 @@ import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.providers.AnonymousAuthenticationToken;
 import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.SpringSecurityFilter;
 import org.springframework.security.web.WebAuthenticationDetailsSource;
 import org.springframework.security.web.authentication.rememberme.NullRememberMeServices;
 import org.springframework.security.web.authentication.rememberme.RememberMeServices;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.util.Assert;
 
 

web/src/main/java/org/springframework/security/web/authentication/www/DigestProcessingFilter.java

@@ -45,9 +45,9 @@ import org.springframework.security.userdetails.UserDetailsService;
 import org.springframework.security.userdetails.UsernameNotFoundException;
 import org.springframework.security.userdetails.cache.NullUserCache;
 import org.springframework.security.util.StringSplitUtils;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.SpringSecurityFilter;
 import org.springframework.security.web.WebAuthenticationDetailsSource;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
 

web/src/main/java/org/springframework/security/web/concurrent/ConcurrentSessionFilter.java

@@ -19,10 +19,10 @@ import org.springframework.security.Authentication;
 import org.springframework.security.concurrent.SessionInformation;
 import org.springframework.security.concurrent.SessionRegistry;
 import org.springframework.security.context.SecurityContextHolder;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.SpringSecurityFilter;
 import org.springframework.security.web.logout.LogoutHandler;
 import org.springframework.security.web.logout.SecurityContextLogoutHandler;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.security.web.util.UrlUtils;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.util.Assert;

web/src/main/java/org/springframework/security/web/context/HttpSessionContextIntegrationFilter.java

@@ -21,7 +21,7 @@ import org.springframework.beans.factory.InitializingBean;
 import org.springframework.security.context.SecurityContext;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.context.SecurityContextImpl;
-import org.springframework.security.web.FilterChainOrder;
+import org.springframework.security.web.util.FilterChainOrder;
 
 /**
  * Populates the {@link SecurityContextHolder} with information obtained from

web/src/main/java/org/springframework/security/web/context/SecurityContextPersistenceFilter.java

@@ -10,8 +10,8 @@ import javax.servlet.http.HttpSession;
 
 import org.springframework.security.context.SecurityContext;
 import org.springframework.security.context.SecurityContextHolder;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.SpringSecurityFilter;
+import org.springframework.security.web.util.FilterChainOrder;
 
 /**
  * Populates the {@link SecurityContextHolder} with information obtained from

web/src/main/java/org/springframework/security/web/intercept/FilterSecurityInterceptor.java

@@ -18,7 +18,7 @@ package org.springframework.security.web.intercept;
 import org.springframework.security.intercept.AbstractSecurityInterceptor;
 import org.springframework.security.intercept.InterceptorStatusToken;
 import org.springframework.security.intercept.SecurityMetadataSource;
-import org.springframework.security.web.FilterChainOrder;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.core.Ordered;
 
 import java.io.IOException;

web/src/main/java/org/springframework/security/web/logout/LogoutFilter.java

@@ -26,8 +26,8 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.springframework.security.Authentication;
 import org.springframework.security.context.SecurityContextHolder;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.SpringSecurityFilter;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.security.web.util.UrlUtils;
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;

web/src/main/java/org/springframework/security/web/securechannel/ChannelProcessingFilter.java

@@ -28,10 +28,10 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.security.ConfigAttribute;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.SpringSecurityFilter;
 import org.springframework.security.web.intercept.FilterInvocation;
 import org.springframework.security.web.intercept.FilterInvocationSecurityMetadataSource;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.util.Assert;
 
 

web/src/main/java/org/springframework/security/web/util/FilterChainOrder.java

@@ -1,4 +1,4 @@
-package org.springframework.security.web;
+package org.springframework.security.web.util;
 
 import org.springframework.util.Assert;
 

web/src/main/java/org/springframework/security/web/wrapper/SecurityContextHolderAwareRequestFilter.java

@@ -23,10 +23,10 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.PortResolver;
 import org.springframework.security.web.PortResolverImpl;
 import org.springframework.security.web.SpringSecurityFilter;
+import org.springframework.security.web.util.FilterChainOrder;
 import org.springframework.util.Assert;
 import org.springframework.util.ReflectionUtils;
 

web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java

@@ -11,10 +11,10 @@ import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;
 import org.springframework.security.Authentication;
 import org.springframework.security.AuthenticationException;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.authentication.AbstractProcessingFilter;
 import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
 import org.springframework.security.web.authentication.DefaultLoginPageGeneratingFilter;
+import org.springframework.security.web.util.FilterChainOrder;
 
 /**
  *

web/src/test/java/org/springframework/security/web/authentication/preauth/PreAuthenticatedProcessingFilterTests.java

@@ -2,8 +2,8 @@ package org.springframework.security.web.authentication.preauth;
 
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.MockAuthenticationManager;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter;
+import org.springframework.security.web.util.FilterChainOrder;
 
 import javax.servlet.http.HttpServletRequest;
 

web/src/test/java/org/springframework/security/web/context/SecurityContextPersistenceFilterTests.java

@@ -22,10 +22,10 @@ import org.springframework.security.context.SecurityContext;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.security.context.SecurityContextImpl;
 import org.springframework.security.providers.TestingAuthenticationToken;
-import org.springframework.security.web.FilterChainOrder;
 import org.springframework.security.web.context.HttpRequestResponseHolder;
 import org.springframework.security.web.context.SecurityContextPersistenceFilter;
 import org.springframework.security.web.context.SecurityContextRepository;
+import org.springframework.security.web.util.FilterChainOrder;
 
 public class SecurityContextPersistenceFilterTests {
     Mockery jmock = new JUnit4Mockery();