From fdc9c5fd0806b7d0789a7984814a2fdefa6752f4 Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Sat, 12 Dec 2009 21:21:59 +0000
Subject: [PATCH] Ref manual content and docbook improvements

---
 .../manual/src/docbook/anon-auth-provider.xml |  23 +-
 .../manual/src/docbook/appendix-namespace.xml |  88 +++--
 .../src/docbook/authorization-common.xml      | 202 +++++------
 .../manual/src/docbook/images/ACLSecurity.gif | Bin 4041 -> 0 bytes
 .../src/docbook/images/BasicAclProvider.gif   | Bin 9921 -> 0 bytes
 docs/manual/src/docbook/images/Context.gif    | Bin 4269 -> 0 bytes
 .../manual/src/docbook/images/Permissions.gif | Bin 14168 -> 0 bytes
 .../docbook/images/SecurityInterception.gif   | Bin 5532 -> 0 bytes
 docs/manual/src/docbook/images/logo.gif       | Bin 8919 -> 0 bytes
 .../src/docbook/images/xdev-spring_logo.jpg   | Bin 37376 -> 0 bytes
 docs/manual/src/docbook/namespace-config.xml  | 320 ++++++++++++------
 .../docbook/remember-me-authentication.xml    |  29 +-
 docs/manual/src/docbook/springsecurity.xml    |  16 +-
 .../manual/src/docbook/technical-overview.xml | 115 +++++--
 docs/manual/src/xsl/html-custom.xsl           |   4 +-
 docs/manual/src/xsl/pdf-custom.xsl            |   4 +-
 16 files changed, 497 insertions(+), 304 deletions(-)
 delete mode 100644 docs/manual/src/docbook/images/ACLSecurity.gif
 delete mode 100644 docs/manual/src/docbook/images/BasicAclProvider.gif
 delete mode 100644 docs/manual/src/docbook/images/Context.gif
 delete mode 100644 docs/manual/src/docbook/images/Permissions.gif
 delete mode 100644 docs/manual/src/docbook/images/SecurityInterception.gif
 delete mode 100644 docs/manual/src/docbook/images/logo.gif
 delete mode 100644 docs/manual/src/docbook/images/xdev-spring_logo.jpg

diff --git a/docs/manual/src/docbook/anon-auth-provider.xml b/docs/manual/src/docbook/anon-auth-provider.xml
index 4eae5b058c..190322a4b5 100644
--- a/docs/manual/src/docbook/anon-auth-provider.xml
+++ b/docs/manual/src/docbook/anon-auth-provider.xml
@@ -1,4 +1,4 @@
-<chapter xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="anonymous">
+<chapter xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="anonymous" xmlns:xlink="http://www.w3.org/1999/xlink">
     <info>
         <title>Anonymous Authentication</title>
     </info>
@@ -37,7 +37,7 @@
             <title>Configuration</title>
         </info>
         <para>Anonymous authentication support is provided automatically when using the HTTP
-            configurain Spring Security 3.0 and can be customized (or disabled) using the
+            configuration Spring Security 3.0 and can be customized (or disabled) using the
                 <literal>&lt;anonymous></literal> element. You don't need to configure the beans
             described here unless you are using traditional bean configuration.</para>
         <para>Three classes that together provide the anonymous authentication feature.
@@ -69,10 +69,10 @@
     </programlisting>
         </para>
         <para>The <literal>key</literal> is shared between the filter and authentication provider,
-            so that tokens created by the former are accepted by the latter<footnote><para>The use
-                    of the <literal>key</literal> property should not be regarded as providing any
-                    real security here. It is merely a book-keeping exercise. If you are sharing a
-                        <classname>ProviderManager</classname> which contains an
+            so that tokens created by the former are accepted by the latter<footnote>
+                <para>The use of the <literal>key</literal> property should not be regarded as
+                    providing any real security here. It is merely a book-keeping exercise. If you
+                    are sharing a <classname>ProviderManager</classname> which contains an
                         <classname>AnonymousAuthenticationProvider</classname> in a scenario where
                     it is possible for an authenticating client to construct the
                         <interfacename>Authentication</interfacename> object (such as with RMI
@@ -83,8 +83,8 @@
                     anonymous provider. This isn't a problem with normal usage but if you are using
                     RMI you would be best to use a customized <classname>ProviderManager</classname>
                     which omits the anonymous provider rather than sharing the one you use for your
-                    HTTP authentication mechanisms.</para></footnote>. The
-                <literal>userAttribute</literal> is expressed in the form of
+                    HTTP authentication mechanisms.</para>
+            </footnote>. The <literal>userAttribute</literal> is expressed in the form of
                 <literal>usernameInTheAuthenticationToken,grantedAuthority[,grantedAuthority]</literal>.
             This is the same syntax as used after the equals sign for
                 <literal>InMemoryDaoImpl</literal>'s <literal>userMap</literal> property.</para>
@@ -128,8 +128,9 @@
         <para> You will often see the <literal>ROLE_ANONYMOUS</literal> attribute in the above
             interceptor configuration replaced with <literal>IS_AUTHENTICATED_ANONYMOUSLY</literal>.
             This is an example of the use of the <classname>AuthenticatedVoter</classname> which
-            will see in ???. It uses an <interfacename>AuthenticationTrustResolver</interfacename>
-            to process this particular configuration attribute and grant access to aonymous users.
-        </para>
+            will see in the <link xlink:href="#authz-authenticated-voter">authorization
+                chapter</link>. It uses an
+                <interfacename>AuthenticationTrustResolver</interfacename> to process this
+            particular configuration attribute and grant access to aonymous users. </para>
     </section>
 </chapter>
diff --git a/docs/manual/src/docbook/appendix-namespace.xml b/docs/manual/src/docbook/appendix-namespace.xml
index 09aee996e7..02f4825312 100644
--- a/docs/manual/src/docbook/appendix-namespace.xml
+++ b/docs/manual/src/docbook/appendix-namespace.xml
@@ -22,15 +22,16 @@
     <para> The <literal>&lt;http&gt;</literal> element encapsulates the security configuration for
       the web layer of your application. It creates a <classname>FilterChainProxy</classname> bean
       named "springSecurityFilterChain" which maintains the stack of security filters which make up
-      the web security configuration <footnote><para>See the <link xlink:href="#ns-web-xml">
-            introductory chapter</link> for how to set up the mapping from your
-            <literal>web.xml</literal></para></footnote>. Some core filters are always created and
-      others will be added to the stack depending on the attributes child elements which are
-      present. The positions of the standard filters are fixed (see <link xlink:href="#filter-stack"
-        >the filter order table</link> in the namespace introduction), removing a common source of
-      errors with previous versions of the framework when users had to configure the filter chain
-      explicitly in the<classname>FilterChainProxy</classname> bean. You can, of course, still do
-      this if you need full control of the configuration. </para>
+      the web security configuration <footnote>
+        <para>See the <link xlink:href="#ns-web-xml"> introductory chapter</link> for how to set up
+          the mapping from your <literal>web.xml</literal></para>
+      </footnote>. Some core filters are always created and others will be added to the stack
+      depending on the attributes child elements which are present. The positions of the standard
+      filters are fixed (see <link xlink:href="#filter-stack">the filter order table</link> in the
+      namespace introduction), removing a common source of errors with previous versions of the
+      framework when users had to configure the filter chain explicitly in
+        the<classname>FilterChainProxy</classname> bean. You can, of course, still do this if you
+      need full control of the configuration. </para>
     <para> All filters which require a reference to the
         <interfacename>AuthenticationManager</interfacename> will be automatically injected with the
       internal instance created by the namespace configuration (see the <link
@@ -112,7 +113,7 @@
       </section>
     </section>
     <section xml:id="nsa-access-denied-handler">
-      <title><literal>access-denied-handler</literal></title>
+      <title><literal>&lt;access-denied-handler></literal></title>
       <para> This element allows you to set the <literal>errorPage</literal> property for the
         default <interfacename>AccessDeniedHandler</interfacename> used by the
           <classname>ExceptionTranslationFilter</classname>, (using the
@@ -129,7 +130,10 @@
           <classname>FilterSecurityInterceptor</classname> and to exclude particular patterns from
         the filter chain entirely (by setting the attribute <literal>filters="none"</literal>). It
         is also responsible for configuring a <classname>ChannelAuthenticationFilter</classname> if
-        particular URLs need to be accessed by HTTPS, for example. </para>
+        particular URLs need to be accessed by HTTPS, for example. When matching the specified
+        patterns against an incoming request, the matching is done in the order in which the
+        elements are declared. So the most specific matches patterns should come first and the most
+        general should come last.</para>
       <section xml:id="nsa-pattern">
         <title><literal>pattern</literal></title>
         <para> The pattern which defines the URL path. The content will depend on the
@@ -139,24 +143,25 @@
       <section xml:id="nsa-method">
         <title><literal>method</literal></title>
         <para> The HTTP Method which will be used in combination with the pattern to match an
-          incoming request. If omitted, any method will match. </para>
+          incoming request. If omitted, any method will match. If an identical pattern is specified
+          with and without a method, the method-specific match will take precedence.</para>
       </section>
       <section xml:id="nsa-access">
         <title><literal>access</literal></title>
         <para> Lists the access attributes which will be stored in the
             <interfacename>FilterInvocationDefinitionSource</interfacename> for the defined URL
-          pattern/method combination. This should be a comma-separated list of the attributes (such
-          as role names). </para>
+          pattern/method combination. This should be a comma-separated list of the security
+          configuration attributes (such as role names). </para>
       </section>
       <section xml:id="nsa-requires-channel">
         <title><literal>requires-channel</literal></title>
-        <para> Can be "http" or "https" depending on whether a particular URL pattern should be
-          accessed over HTTP or HTTPS respectively. Alternatively the value "any" can be used when
-          there is no preference. If this attribute is present on any
-            <literal>&lt;intercept-url&gt;</literal> element, then a
+        <para> Can be <quote>http</quote> or <quote>https</quote> depending on whether a particular
+          URL pattern should be accessed over HTTP or HTTPS respectively. Alternatively the value
+            <quote>any</quote> can be used when there is no preference. If this attribute is present
+          on any <literal>&lt;intercept-url&gt;</literal> element, then a
             <classname>ChannelAuthenticationFilter</classname> will be added to the filter stack and
-          its additional dependencies added to the application context.
-          <!--See the chapter on <link
+          its additional dependencies added to the application
+          context.<!--See the chapter on <link
             xlink:href="#channel-security-config">channel security</link> for an example
           configuration using traditional beans. --></para>
         <para> If a <literal>&lt;port-mappings&gt;</literal> configuration is added, this will be
@@ -164,6 +169,14 @@
             <classname>InsecureChannelProcessor</classname> beans to determine the ports used for
           redirecting to HTTP/HTTPS. </para>
       </section>
+      <section>
+        <title><literal>filters</literal></title>
+        <para>Can only take the value <quote>none</quote>. This will cause any matching request to
+          bypass the Spring Security filter chain entirely. None of the rest of the
+            <literal>&lt;http></literal> configuration will have any effect on the request and there
+          will be no security context available for its duration. Access to secured methods during
+          the request will fail.</para>
+      </section>
     </section>
     <section>
       <title>The <literal>&lt;port-mappings&gt;</literal> Element</title>
@@ -180,13 +193,14 @@
         filter stack and an <classname>LoginUrlAuthenticationEntryPoint</classname> to the
         application context to provide authentication on demand. This will always take precedence
         over other namespace-created entry points. If no attributes are supplied, a login page will
-        be generated automatically at the URL "/spring-security-login" <footnote><para>This feature
-            is really just provided for convenience and is not intended for production (where a view
-            technology will have been chosen and can be used to render a customized login page). The
-            class <classname>DefaultLoginPageGeneratingFilter</classname> is responsible for
-            rendering the login page and will provide login forms for both normal form login and/or
-            OpenID if required.</para></footnote> The behaviour can be customized using the
-        following attributes. </para>
+        be generated automatically at the URL "/spring-security-login" <footnote>
+          <para>This feature is really just provided for convenience and is not intended for
+            production (where a view technology will have been chosen and can be used to render a
+            customized login page). The class
+              <classname>DefaultLoginPageGeneratingFilter</classname> is responsible for rendering
+            the login page and will provide login forms for both normal form login and/or OpenID if
+            required.</para>
+        </footnote> The behaviour can be customized using the following attributes. </para>
       <section>
         <title><literal>login-page</literal></title>
         <para> The URL that should be used to render the login page. Maps to the
@@ -279,9 +293,11 @@
         <title>The <literal>key</literal> Attribute</title>
         <para>Maps to the "key" property of <classname>AbstractRememberMeServices</classname>.
           Should be set to a unique value to ensure that remember-me cookies are only valid within
-          the one application <footnote><para>This doesn't affect the use of
+          the one application <footnote>
+            <para>This doesn't affect the use of
                 <classname>PersistentTokenBasedRememberMeServices</classname>, where the tokens are
-              stored on the server side.</para></footnote>. </para>
+              stored on the server side.</para>
+          </footnote>. </para>
       </section>
       <section>
         <title><literal>token-validity-seconds</literal></title>
@@ -507,11 +523,15 @@
         <para> Rather than defining security attributes on an individual method or class basis using
           the <literal>@Secured</literal> annotation, you can define cross-cutting security
           constraints across whole sets of methods and interfaces in your service layer using the
-            <literal>&lt;protect-pointcut&gt;</literal> element. This has two attributes:
-                  <itemizedlist><listitem><para><literal>expression</literal> - the pointcut
-                expression</para></listitem><listitem><para><literal>access</literal> - the security
-                attributes which apply</para></listitem></itemizedlist> You can find an example in
-          the <link xlink:href="#ns-protect-pointcut">namespace introduction</link>. </para>
+            <literal>&lt;protect-pointcut&gt;</literal> element. This has two attributes: <itemizedlist>
+            <listitem>
+              <para><literal>expression</literal> - the pointcut expression</para>
+            </listitem>
+            <listitem>
+              <para><literal>access</literal> - the security attributes which apply</para>
+            </listitem>
+          </itemizedlist> You can find an example in the <link xlink:href="#ns-protect-pointcut"
+            >namespace introduction</link>. </para>
       </section>
       <section xml:id="nsa-custom-after-invocation">
         <title>The <literal>&lt;after-invocation-provider&gt;</literal> Element</title>
diff --git a/docs/manual/src/docbook/authorization-common.xml b/docs/manual/src/docbook/authorization-common.xml
index 3d84559975..1f1fbb7c8c 100644
--- a/docs/manual/src/docbook/authorization-common.xml
+++ b/docs/manual/src/docbook/authorization-common.xml
@@ -1,9 +1,9 @@
-<chapter xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="authorization-common"
+<chapter xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="authz-arch"
   xmlns:xlink="http://www.w3.org/1999/xlink">
   <info>
-    <title>Common Authorization Concepts</title>
+    <title>Authorization Architecture</title>
   </info>
-  <section xml:id="authorities">
+  <section xml:id="authz-authorities">
     <info>
       <title>Authorities</title>
     </info>
@@ -45,7 +45,7 @@
         <literal>GrantedAuthorityImpl</literal> to populate the
         <interfacename>Authentication</interfacename> object.</para>
   </section>
-  <section xml:id="pre-invocation">
+  <section xml:id="authz-pre-invocation">
     <info>
       <title>Pre-Invocation Handling</title>
     </info>
@@ -53,7 +53,7 @@
       chapter, Spring Security provides interceptors which control access to secure objects such as
       method invocations or web requests. A pre-invocation decision on whether the invocation is
       allowed to proceed is made by the <interfacename>AccessDecisionManager</interfacename>. </para>
-    <section>
+    <section xml:id="authz-access-decision-manager">
       <title>The AccessDecisionManager</title>
       <para>The <interfacename>AccessDecisionManager</interfacename> is called by the
           <classname>AbstractSecurityInterceptor</classname> and is responsible for making final
@@ -82,102 +82,110 @@
         called by a security interceptor implementation to ensure the configured
           <interfacename>AccessDecisionManager</interfacename> supports the type of secure object
         that the security interceptor will present.</para>
-      <section>
-        <title>Voting-Based AccessDecisionManager Implementations</title>
-        <para>Whilst users can implement their own
-            <interfacename>AccessDecisionManager</interfacename> to control all aspects of
-          authorization, Spring Security includes several
-            <interfacename>AccessDecisionManager</interfacename> implementations that are based on
-          voting. <xref linkend="authz-access-voting"/> illustrates the relevant classes.</para>
-        <figure xml:id="authz-access-voting">
-          <title>Voting Decision Manager</title>
-          <mediaobject>
-            <!--        
-        <imageobject role="fo">
-          <imagedata align="center" fileref="resources/images/AccessDecisionVoting.gif" format="GIF"/>
-        </imageobject>
+    </section>
+    <section xml:id="authz-voting-based">
+      <title>Voting-Based AccessDecisionManager Implementations</title>
+      <para>Whilst users can implement their own
+          <interfacename>AccessDecisionManager</interfacename> to control all aspects of
+        authorization, Spring Security includes several
+          <interfacename>AccessDecisionManager</interfacename> implementations that are based on
+        voting. <xref linkend="authz-access-voting"/> illustrates the relevant classes.</para>
+      <figure xml:id="authz-access-voting">
+        <title>Voting Decision Manager</title>
+        <mediaobject>
+          <!--        
+      <imageobject role="fo">
+        <imagedata align="center" fileref="resources/images/AccessDecisionVoting.gif" format="GIF"/>
+      </imageobject>
 -->
-            <imageobject>
-              <imagedata align="center" scalefit="1" fileref="images/AccessDecisionVoting.gif"
-                format="GIF"/>
-            </imageobject>
-          </mediaobject>
-        </figure>
-        <para>Using this approach, a series of <interfacename>AccessDecisionVoter</interfacename>
-          implementations are polled on an authorization decision. The
-            <interfacename>AccessDecisionManager</interfacename> then decides whether or not to
-          throw an <literal>AccessDeniedException</literal> based on its assessment of the
-          votes.</para>
-        <para>The <interfacename>AccessDecisionVoter</interfacename> interface has three methods:
-          <programlisting>
+          <imageobject>
+            <imagedata align="center" scalefit="1" fileref="images/AccessDecisionVoting.gif"
+              format="GIF" />
+          </imageobject>
+        </mediaobject>
+      </figure>
+      <para>Using this approach, a series of <interfacename>AccessDecisionVoter</interfacename>
+        implementations are polled on an authorization decision. The
+          <interfacename>AccessDecisionManager</interfacename> then decides whether or not to throw
+        an <literal>AccessDeniedException</literal> based on its assessment of the votes.</para>
+      <para>The <interfacename>AccessDecisionVoter</interfacename> interface has three methods:
+        <programlisting>
 int vote(Authentication authentication, Object object, List&lt;ConfigAttribute&gt; config);
 boolean supports(ConfigAttribute attribute);
 boolean supports(Class clazz);
 </programlisting>
-          Concrete implementations return an <literal>int</literal>, with possible values being
-          reflected in the <interfacename>AccessDecisionVoter</interfacename> static fields
-            <literal>ACCESS_ABSTAIN</literal>, <literal>ACCESS_DENIED</literal> and
-            <literal>ACCESS_GRANTED</literal>. A voting implementation will return
-            <literal>ACCESS_ABSTAIN</literal> if it has no opinion on an authorization decision. If
-          it does have an opinion, it must return either <literal>ACCESS_DENIED</literal> or
-            <literal>ACCESS_GRANTED</literal>.</para>
-        <para>There are three concrete <interfacename>AccessDecisionManager</interfacename>s
-          provided with Spring Security that tally the votes. The <literal>ConsensusBased</literal>
-          implementation will grant or deny access based on the consensus of non-abstain votes.
-          Properties are provided to control behavior in the event of an equality of votes or if all
-          votes are abstain. The <literal>AffirmativeBased</literal> implementation will grant
-          access if one or more <literal>ACCESS_GRANTED</literal> votes were received (i.e. a deny
-          vote will be ignored, provided there was at least one grant vote). Like the
-            <literal>ConsensusBased</literal> implementation, there is a parameter that controls the
-          behavior if all voters abstain. The <literal>UnanimousBased</literal> provider expects
-          unanimous <literal>ACCESS_GRANTED</literal> votes in order to grant access, ignoring
-          abstains. It will deny access if there is any <literal>ACCESS_DENIED</literal> vote. Like
-          the other implementations, there is a parameter that controls the behaviour if all voters
+        Concrete implementations return an <literal>int</literal>, with possible values being
+        reflected in the <interfacename>AccessDecisionVoter</interfacename> static fields
+          <literal>ACCESS_ABSTAIN</literal>, <literal>ACCESS_DENIED</literal> and
+          <literal>ACCESS_GRANTED</literal>. A voting implementation will return
+          <literal>ACCESS_ABSTAIN</literal> if it has no opinion on an authorization decision. If it
+        does have an opinion, it must return either <literal>ACCESS_DENIED</literal> or
+          <literal>ACCESS_GRANTED</literal>.</para>
+      <para>There are three concrete <interfacename>AccessDecisionManager</interfacename>s provided
+        with Spring Security that tally the votes. The <literal>ConsensusBased</literal>
+        implementation will grant or deny access based on the consensus of non-abstain votes.
+        Properties are provided to control behavior in the event of an equality of votes or if all
+        votes are abstain. The <literal>AffirmativeBased</literal> implementation will grant access
+        if one or more <literal>ACCESS_GRANTED</literal> votes were received (i.e. a deny vote will
+        be ignored, provided there was at least one grant vote). Like the
+          <literal>ConsensusBased</literal> implementation, there is a parameter that controls the
+        behavior if all voters abstain. The <literal>UnanimousBased</literal> provider expects
+        unanimous <literal>ACCESS_GRANTED</literal> votes in order to grant access, ignoring
+        abstains. It will deny access if there is any <literal>ACCESS_DENIED</literal> vote. Like
+        the other implementations, there is a parameter that controls the behaviour if all voters
+        abstain.</para>
+      <para>It is possible to implement a custom
+          <interfacename>AccessDecisionManager</interfacename> that tallies votes differently. For
+        example, votes from a particular <interfacename>AccessDecisionVoter</interfacename> might
+        receive additional weighting, whilst a deny vote from a particular voter may have a veto
+        effect.</para>
+      <section xml:id="authz-role-voter">
+        <title><classname>RoleVoter</classname></title>
+        <para> The most commonly used <interfacename>AccessDecisionVoter</interfacename> provided
+          with Spring Security is the simple <classname>RoleVoter</classname>, which treats
+          configuration attributes as simple role names and votes to grant access if the user has
+          been assigned that role.</para>
+        <para>It will vote if any <interfacename>ConfigAttribute</interfacename> begins with the
+          prefix <literal>ROLE_</literal>. It will vote to grant access if there is a
+            <interfacename>GrantedAuthority</interfacename> which returns a
+            <literal>String</literal> representation (via the <literal>getAuthority()</literal>
+          method) exactly equal to one or more <literal>ConfigAttributes</literal> starting with
+            <literal>ROLE_</literal>. If there is no exact match of any
+            <literal>ConfigAttribute</literal> starting with <literal>ROLE_</literal>, the
+            <literal>RoleVoter</literal> will vote to deny access. If no
+            <literal>ConfigAttribute</literal> begins with <literal>ROLE_</literal>, the voter will
           abstain.</para>
-        <para>It is possible to implement a custom
-            <interfacename>AccessDecisionManager</interfacename> that tallies votes differently. For
-          example, votes from a particular <interfacename>AccessDecisionVoter</interfacename> might
-          receive additional weighting, whilst a deny vote from a particular voter may have a veto
-          effect.</para>
-        <section>
-          <title><classname>RoleVoter</classname></title>
-          <para> The most commonly used <interfacename>AccessDecisionVoter</interfacename> provided
-            with Spring Security is the simple <classname>RoleVoter</classname>, which treats
-            configuration attributes as simple role names and votes to grant access if the user has
-            been assigned that role.</para>
-          <para>It will vote if any ConfigAttribute begins with the prefix <literal>ROLE_</literal>.
-            It will vote to grant access if there is a
-              <interfacename>GrantedAuthority</interfacename> which returns a
-              <literal>String</literal> representation (via the <literal>getAuthority()</literal>
-            method) exactly equal to one or more <literal>ConfigAttributes</literal> starting with
-              <literal>ROLE_</literal>. If there is no exact match of any
-              <literal>ConfigAttribute</literal> starting with <literal>ROLE_</literal>, the
-              <literal>RoleVoter</literal> will vote to deny access. If no
-              <literal>ConfigAttribute</literal> begins with <literal>ROLE_</literal>, the voter
-            will abstain. The comparisons of attributes and</para>
-        </section>
-        <section>
-          <title>Custom Voters</title>
-          <para>It is also possible to implement a custom
-              <interfacename>AccessDecisionVoter</interfacename>. Several examples are provided in
-            Spring Security unit tests, including <literal>ContactSecurityVoter</literal> and
-              <literal>DenyVoter</literal>. The <literal>ContactSecurityVoter</literal> abstains
-            from voting decisions where a <literal>CONTACT_OWNED_BY_CURRENT_USER</literal>
-            <literal>ConfigAttribute</literal> is not found. If voting, it queries the
-              <classname>MethodInvocation</classname> to extract the owner of the
-              <literal>Contact</literal> object that is subject of the method call. It votes to
-            grant access if the <literal>Contact</literal> owner matches the principal presented in
-            the <interfacename>Authentication</interfacename> object. It could have just as easily
-            compared the <literal>Contact</literal> owner with some
-              <interfacename>GrantedAuthority</interfacename> the
-              <interfacename>Authentication</interfacename> object presented. All of this is
-            achieved with relatively few lines of code and demonstrates the flexibility of the
-            authorization model.</para>
-        </section>
+      </section>
+      <section xml:id="authz-authenticated-voter">
+        <title><classname>AuthenticatedVoter</classname></title>
+        <para> Another voter which we've implicitly seen is the
+            <classname>AuthenticatedVoter</classname>, which can be used to differentiate between
+          anonymous, fully-authenticated and remember-me authenticated users. When we've used the
+          attribute <literal>IS_AUTHENTICATED_ANONYMOUSLY</literal> to grant anonymous access, this
+          attribute was being processed by the <classname>AuthenticatedVoter</classname>. See the
+          Javadoc for this class for more information. </para>
+      </section>
+      <section>
+        <title>Custom Voters</title>
+        <para>It is also possible to implement a custom
+            <interfacename>AccessDecisionVoter</interfacename>. Several examples are provided in
+          Spring Security unit tests, including <literal>ContactSecurityVoter</literal> and
+            <literal>DenyVoter</literal>. The <literal>ContactSecurityVoter</literal> abstains from
+          voting decisions where a <literal>CONTACT_OWNED_BY_CURRENT_USER</literal>
+          <literal>ConfigAttribute</literal> is not found. If voting, it queries the
+            <classname>MethodInvocation</classname> to extract the owner of the
+            <literal>Contact</literal> object that is subject of the method call. It votes to grant
+          access if the <literal>Contact</literal> owner matches the principal presented in the
+            <interfacename>Authentication</interfacename> object. It could have just as easily
+          compared the <literal>Contact</literal> owner with some
+            <interfacename>GrantedAuthority</interfacename> the
+            <interfacename>Authentication</interfacename> object presented. All of this is achieved
+          with relatively few lines of code and demonstrates the flexibility of the authorization
+          model.</para>
       </section>
     </section>
   </section>
-  <section xml:id="after-invocation">
+  <section xml:id="authz-after-invocation-handling">
     <info>
       <title>After Invocation Handling</title>
     </info>
@@ -189,11 +197,15 @@ boolean supports(Class clazz);
       that integrate with its ACL capabilities.</para>
     <para><xref linkend="authz-after-invocation"/> illustrates Spring Security's
         <literal>AfterInvocationManager</literal> and its concrete implementations. <figure
-        xml:id="authz-after-invocation"><title>After Invocation
-            Implementation</title><mediaobject><imageobject>
+        xml:id="authz-after-invocation">
+        <title>After Invocation Implementation</title>
+        <mediaobject>
+          <imageobject>
             <imagedata align="center" scalefit="1" fileref="images/AfterInvocation.gif" format="GIF"
             />
-          </imageobject></mediaobject></figure></para>
+          </imageobject>
+        </mediaobject>
+      </figure></para>
     <para>Like many other parts of Spring Security, <literal>AfterInvocationManager</literal> has a
       single concrete implementation, <literal>AfterInvocationProviderManager</literal>, which polls
       a list of <literal>AfterInvocationProvider</literal>s. Each
diff --git a/docs/manual/src/docbook/images/ACLSecurity.gif b/docs/manual/src/docbook/images/ACLSecurity.gif
deleted file mode 100644
index 7a0d0aa82345ef28853939032b357a0934c5940e..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 4041
zcmV;)4>s^eNk%w1Ve$d;0P_F<@9*yb007(D+veux|NsBU$jG#`w9(PgwY9agv$FsI
z00000000000000000000A^8LW00000EC2ui0P+Fy000F35XecZy*TU5yZ>M)j$~<`
zXsWJk>%MR-&vb3yc&_h!@BhG{a7Zi~kI1BQ$!t1zfv9v!ty-_xtah6f3~b!6cuX#v
z&*-#z&2GEjaH`i5AlUEtynfH``~QG^0R;kJfrp5Rii?bmj*pO$l9QB`mUn}N6?K=L
zkpTt=hMuIQrl+W>s;j1;qMNL-m<X>loU*vNy1Tr+rvbEdzQ4gWx5LQE%FE2ewG+q9
zlEBY0(bCx2+S|+2!rYJE#^B`T=I58<6xZl~>ND)^^7HiO?-KEd@%fmm_c8qH2_&!&
zP{4r*1N}Q_CmN@Mei-g?c<3Jti3zb$Bq+#TqmBL<+buMBEJ{CuCQ&}TMWta%lz3jk
z#B|W&3ydL^$$Yu8r%RerT(T@lG$ziR$VNuYv+-fWryQd;h3YgWQ+LH|AuR`zs#mFB
zPgbpZvh3DvN+TBiIyNX+p-_PiHEJ*`ytCwXvScfCEYP@pY0|~ZEv-kZZ~Y=xtk`VS
zy43&@&U-a+SiY7Y1J*n_n_)(beI|B06K*)W);iA%ZMrQ_qDNKhL=7PJIh!tQ%ihiV
zHf`NpX<zJ3ym-RTIdQiDZoIj3UdTf#XTkir_3NpkXPmyGI`;42D``J2{AT#`=wppX
z$X$i^^zh^NSwFCSiudyK=cg~wJ_`K$1^$R0fA#ox0)PT0h#i6SC>KC?3PvcQ9t;|^
zlu9xomQHz5P&Z*I{E)TThZ_Ah4QGp4*vUc<E=S^uD2g@Li`rDU)LL&D<r8Vu-P2-j
zG+I&zjw=b)nqEWASXz*f*w_(fJ*C9hQ{Ji5;c!fz2ql#qO~u)iIc9lUWK~YFnTT6<
z`AINWN+xELW`4=#kbmXqmTPFfxrmb!iG^8;mQ{&Bo2lvP$X=PzNoS&Ic4ep{d{!o-
zjCWGCXpDOXP)il-P|@iWpOW@yB26J0nv|BlmgI<|DrBNY(+v7!p{>G-X{~#{+6;c)
z5NaN-8X?$fr1oUxtB1fQdls?5{#7$8vdTugovvH42&A;w)<-Q;HXUn19N>m4?zrTZ
zYwo$|k`c-`%a(@^gxSWs+PbjdW#G5+=8KLi>{jcpi~0r(4zqa`^X#)79K4Re4A;1A
za<mZIW{VVGDe<fpH>~ll4@)=bCLq@)GBoe51G2Cir@SVagi&)b$s=1V1vD5_tn$sh
z5InHKAyaI!!X`t5^U%4lnC{V3(5u1BGvniJzZbIV7+^g<8Fe~5O6rkBA@&84Afo2`
zj{pT2fWX;kr>*wdY`3j8FmA^!x7-F0GKz|7TJ0FhQfnwApnLY+Pd<54cp={s{xg68
z2Q=>Z<B&%#`Q(rfN%`gem}fr6IHt{1DUpHISy~l3rb?+?Ql^gM=vs^Rm|m^<&83lH
z9yugWwaa_&a0ow<aHDZei72C)`APhxavm>rNx&E1b)#{DxoF|p?tU#nzK3uso@f?n
zYV#^JU*zkk)*h$f#^ZVB)H;@LJfMCxrmyt?W1sy8V7{L}>&o}P|McQJ4EX-^y#B$@
zEAkWDzc`19`*~nhwyO;8f&v@bZ7+a#x?TB{6h0K4FKeB94b@~fKB+{{Qm=d8{1&Jc
zrZ|uT37iDtxB{tNd{1EXbI(LxxB(9StvE-SVMW@<upItpK0M5T5Q)abiLlU3J51sQ
zme|B9Hsp!FLZbc@>t)3*t_X|Q6T}v|=*2S15RB9b!x)8T#x|}@2)$b)KHNyhL!r?c
za>M`?>$ou^QYVj7<f9<<aYujv5^D32oz~1!wLS?DYq(RS-V`D@M{=!_k3?S(F?pFp
zQqq$xaU|HJRLF}Ql8jM9-XfEi4!r%allrLPttRQpkKBrSo{S}_EJQd=KJOu=yvZpS
z7DCY=FOui$;OIgbJ7v0#bR85G?ACX>;H@QWmFkj7qzOR^(k^`7{7DE6_dN<uGn(7{
zra3RAD!*Ohm^UmPI44MzVCH6+Y?NN`_%b|wnh%2{44^3e_a_Mo)Sq7RC;AA=(C!Iz
zmN(=c@ctNM&*k8Aj-%P&2^Yi8hh`I@Wclcs!p2A_WpipGO;k!_xYB~Q522w`Xq{jx
zxKMiOfMB6$WOxuqIquI+1x4mTADTCs284OUOP@g*s?>(2X`x14YE%taK$%XIEfxLa
zMIngJQVlMhq7$kKH@Kw?Vkj&~8qo(M>CCxAX{G>druQspRwc==RC6UCYwTKA3+}U|
z9HkUlVbaff?i30atqm--WSmWk&4%gAYIhRrL-91$i+j9U^d##Z$|CKvpbf2PM@w4K
zD(we7T_f4dW`Ne3ZEmntn`>iBTercjwz$ph*=DQT-um{pzzwc&+s51B;+D6qO+W%%
z{%f}&q;`yp%bawlOWo>9PE(q)u6DP}-R^q#yWkD4c*jd#%54q^&rR$LACzA8y7#@=
zYcG78z}}I~_rCabf_(Ffg!=B6zW@%fF$5gnlKq#!2u|>U6ii<OGx)&}o@|7V@S_S(
z_`(=|V1|c)v7l}E!yi5{h=r-g5u5nJB0h0vm!{$tCpg6}{#FlTOk@7SxW?K`7>;-B
z-W&6n1U~+;kbM{AA>+@;NFHX9lRRT4J9&&te)1HhOy%`f*`im@a)Y&eWc$L5%V0J_
zlp_qZE^FAsVNSCxko+>IxtV4@6Pc%KQ?pK~`ObzMa+w|M<(QR>&wK7Oo(H}DU?aCV
zW=*4WoGt9MiPf3Vkp2&offi?&E&9*C3Us75ErKzRxWY2C*t<BDXil5@KBsPSs#h&(
zR!`a0upWV@uRQBm6S~$^#<i{Qtm|F-8qdA{wXne)>|q<b%EdmmvL`L<WG|c9zjpSs
z+1%`DS3BC)#<sSzZEI-*vb5mV!g&E4?r@L$e%{VwW<}E60I$17?RH?geVQJA3HaTf
zIW4+djPGI{cE0_Vh96PO?|O4qiUH@?zqfqigzs$O?{#=L4$jkp4~XJCl=y5QzJz(N
zQR5EdxOzdJ6pZV@<4~q0M>AB*qplJ}CYN_B2dZ*^#2g1G-y%Cy2{``d9JR7A7dd4Q
zwbX^yyybQjdVei`70{*7b0O6$U6%>h3KsL5S5!JaZF5dzrVe#iSLf;osdX_ky)4oL
zVf==wD5<)=crm%TrePSeEb4M^L&d2>C5e@?7a`{er_e@KSXPsgwe519X{ri0@J&40
z&x(Gt<mqg8eK`Gsc5+|nmc(*b`JD)WPvSe9nkV5s6@f*~yQ8wM)h|1^!+oCnfrzg6
zPEHl?AG!GrLZ9(Pmaz2dM0-1rw^AMrf9EDY^r9=~Xghbhhcj<W;?FA1&QYTAJ>dO%
zJA+FnexB|@tF)Z!{%2YDl;p#}e#KRcepPfnBDz;%hZ0@t<^J@p{W**OfZ1>G?`Is5
z#G!tO#eWy)e;J1{)**l=cXr^RfKQMy&*6YL$8Y6Ufm5Jw_eD|xsDEolfahTap>i>x
z0%xVhDI_R@B{*k|mVzUQf6&2!@W6oIVQ)6}e!L-pyC;JS0)zc!GZDyxdDd|KhhGwt
zfIw(U9vB`tm;?ypf;M!7BqoFf2w&dv9>1i4S2IgZ0)_XKgbm1rJavAba7%w>OP;WV
z`zM7T2!;!|G-G&qlj1pp6IMV+Dr_iWYN&*F2zpIIdYfl@OqFz^r-RplhWZ63Ck0D@
zh<SoyfapbtM(Bts7Y=^tLHu-jTIhL$=!G-5ha5(U{(+^4!Dmg~^hW>3i90BXIv0tX
zn1^4eih=iou(*D%*om{)d$QPyCgy}2M_{~IG@jUMwU~;&$cm>pjD;AC&Si{NhKk8}
zi`$or$GD3_cyG)oZ;&XB?skp)=8W8!U%!Y8h8Tn1sEy=ifun_iM3#-tF^){ITE-QR
zv2|O*RX3W@j17m57O0N*6<y`^kCY<?<aKTZreg3Yj|iENv}KRVR)6=_V*Ut_5;>8V
zLy)`XUkavu+?H(^`C=RSkpn1x?go-1nS+q$izS(octi&XrjaV?Yv+fOFFBJd_G%+Z
zlQ>xd&*hTYmy<sEd}t<U8TgY#sbl0<eneRQlu8K#JPAij`IO+7kx)66CB|S)NtKay
zm5+#(L@APF#+Ab+drHKVM@d;=36qZ}GoSK$E%<np*JEedZAW=&;a7fi>3TwWNLm?}
zD3+Eh2xokTX!PfnTg8_b*)vE<mz9=jWm%Yp*^q##XqQH6PcxK{xs-e91DSc5wDw?|
z$(gz4nV>nEIH!-}Vv(e&l;L=W@s^rTxtc4&kFNQXu(=`7IGY)^nYAe-%7~j($b_ol
zj=tHFz{!2RIh-R`oRcA($a#|#Hik48ozBpl9cP+IgPK5gcZ;Qky0Lojcbn7+EkM+o
zvqutxF;+(cc5QW@oX0iC8J>aE95nuTA4pewNi{&M^quh8U+su-4AFIl*BFUNeeGEh
z@427E)L8zhoq_070Y!EQDrWt8i&erF#<X~1XN3nEp^7D+3u>I;$)P$qq2g&T8yca6
zgM}~0K7u7nEZTP^+Abj~qOz7tK1YU6XNHjSq09L%p9z}1M2c|1LGYwM;^aQ;Btq3k
zAw1eL9P*<;Iv>fDH&2yzV&xRK=Y28iFJuCxqZy=9Cx>4$c%m360a{Z{YNF0UqdaA!
zml0P{cb|nPry-K2GD<US+NPtFBpPH*)Ff6KvJ=8rit}NoT>6%I3I!wzFFjhBiON7g
zWT@PNT`DM<D0rzgGlDCKss16DsVw-ZoO*(u8mgN*s;1hhs4A+dTB@sRsi&%{qPnO$
z<PIvzcQxfTM^_h)`lxr|p%jWYHyWfhA&9%mtCiOq0ywNf3QoZXhfJY5&IB2FYOG*j
zokt^^HA<`4q#5~RrGvG0(i)W1iY1MOt(^v}aAkXBnmhXRpTFUyQ7WJ2sy*l$CUE*!
zKczhGdRWCeuG#6UTl%c3(x>F}r>3$|d6kK*H<tcdKau*Y4Pu}(+OYAdpb#q$7{Qzr
zyPK$xtigGr*eI@1iIg$MvD3+@PCBtY=9hvwd52cAvPz#IN@IcMGq6{)HD<D{AgK_e
zvLnZ`74w%a3$IF`g|k5yusyqDlxCN)*O=_sqZga9PsTKkMzqmrv1w$jaWJnGi?SPd
ziwCKYV%u8`*|m`RwJZ>k6uGw6g`H-Lv>)rUZ>zL1JGZB1w4|W1cKftaySJ%^w`T~l
ve*0o|JGhXhwdumOhRbDPJGPD+TxGksk*2n6Te;okwvwB<n!C9m5CH%?GQ#xw

diff --git a/docs/manual/src/docbook/images/BasicAclProvider.gif b/docs/manual/src/docbook/images/BasicAclProvider.gif
deleted file mode 100644
index 4eb4934ff6e731f324a0408e288f9a3fd06ae3fe..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 9921
zcmV;yCO+9mNk%w1VRi$L0rLO=@9*yb007(D+veux|NsBU$jG#`w9(PgwY9YX00000
z00000000000000000000A^8LW00000EC2ui0Coe90RRO45XecZy*TU5yZ>M)j$~<`
zXsWJk>%MR-&vb3yc&_h!@BhG{a7Zi~kI1BQ$!t2G(5Q4uty-_xtai)odcWYXcubZA
z&gisy&2GEj@VI<VuiFEHL3z*b3-5q|f`fE<eup*z1dEJ~j*pO$l9QB`mY0~BnE?d?
zh@YULDvFw=rl+WyoSvesDWs{fva__ci~$A*uDiUwX12h=w79yy#vQQ2%FE2A0SLv%
z($iwe&DYoj&(YM~0M^;z;=$YA=I2%5<Lk2J=+o-#^7EGN@Avpe@$~$a_W8W_^&3d<
zAHahMa|k5JaFM};pcXcqc<mv?ix^i(q{z==Mn3)<*~OC>l4B!}y$GpX8OPAaE+tWo
z^hXip%P}#9StB)bQqEhBegd<(OQ=amt8Q{JiZrOhNDGbbv_(|u7pCo!odK$CYgeAI
z)Hw9o^`zFb^QyMOdh}K<t6JEOHOm#vSg^O!+|5guuitji;P#PwYU;_S+7R<p>@>0C
z#fKxWQ!9$_QObgq$TeJ-@ng@OKRf11Iu+*3S1db2>lw0M(O(hgB}=xfywjglbHt6h
z2;thaTi<m(TlVn3wgGeN4Mw-K#>8O@7Y(`e=-Yw2IiJXz`JY;bqgS6UzOnUK-Mv5A
zKCCrZ@pk7H-<_Qrdxq)N`?w$3^?UcUo&Lq&N%iRmQ(Fi&lOIS4npU8JObpmyDGNe~
zgoG2)x7;yI_2g4F6<T-$h8bQGqKHJ0SR#H8a!6BuP*Eb4d6Jxn;tVRT=u?X~Qjw#M
z9r5UkK){8yS8U0Ng=BI}7P;ewJ*Eg`K|)3e#g9{B2j!48(nuY7#(gQ>bz~B_rIkQn
zndL22qS=I+Yl>rIH9oN>=6lg0xl?>i64|DkJixi;oPa76=b<(J=?Y2EfeGWCVRDw}
znT75kXqJRlnh2tt2Bqj)GP!r8e*v1+;isC`aOsqprix>yuxf*9D63X9tE(~8s$;9T
z!k}xc;N6-Vux9qUAF<5vYHSO?{vwN>u!uCPjIzseAnk<IR{P2@uZ<aFnO%l!s!%^>
z8<(@PQmU=5HS+nPxJ`Xkn`BVU`|c*tuDj_h;EZ>#iQtAg+E3-?>&La^7_2V|`xqH&
z!va4-<ayuXtM0;<wl}U<PR6E)!@yk^oX4aEh}TmfhxMDn3_5Er#uGp+TYPq@e3+g7
z>bVu4A0t)jk@7*sGR!Vmret}LCWbVm0)i~Ea7#aXF{myNO*As?x~ue~)ggT}m^p{$
z^`uvS$FIbS(cI|P@($<k$z9VtHl7hXV>KBF4|R9h8OS^^$9cLPslanbtTxwL7t8k#
zMx#Au;bb~3UC*H14E5mt{O(O>)l)A%g5QBtp6A$W6W6t)feYQa=j`(PTHH3z<?vqN
z8F~2MAOAeCsdZDRc^G+9^*igo)N69?abrI6*N;&y^6`JcPB!rwql@YASE2hd(ZO#r
z&i2$>(7pBbVDCjt6SwU>y@i?Y`S|rr=6?7Zz)${@-jw9L<Fh{}HT~8KfVJ)?yww44
zTLfGY_^hD6=Y^(u^0D1~k`$5!Rw@k`uwPB)cR=waP=OpgSNu@Nv&$tdY^v+v2hdOf
z4RR-hDlFayu?0gcRPc3c;~L7yb31?3P+J&ei4ccKL^Zr6hOe3-4GlP~5uT8Lj3FJx
zQiwzmoS^^)K!E-hx5&jVdhv^345JvwNX9an(TfJ?L=|OF#5TI|jYB+Q%+^3P89_&K
zk_p+&Ox8Pz{cv4q7=Qo{K*&NG@{ov3q#_r|$VNKyk&slROV;=T0bucrn9QUm&G?K>
zdh(NCGyof1#5qa^@EfKClprI?%2v7(l4y9PEN8jM0O&zG+WVuX&LF;2`qEOUOh^85
z$wb!ivX{S1W+GxH%x?&gl*qCmnvRJ~Wm=Ps%xtDJjp0I>=u$+~tlu@q>8loM(+op`
zqdMmxNBV_RoaBrr3!X_&22#V4Sp?-6JE>1krjZryT%kM%`ig7@a|+Lt#wuyq$N(I`
zp$whnB>wsKP7frMpcu6x1ulBgD0Fm=nGxVeGg`lqB7>wT1p!AldQS0~6e0<IX-c;_
z)0)1Zqd0A8H9sQKgU+;~HVx`L&B;<98K|B<%_vZX%2X7{)Syy$>P?U;Rb?)<saS<+
zRkdT#tyb}>Sq&>jz{*vqdbNXO6{}h;iq3TAW2I2_Wm?zzQ=$qqgF8*?HJ^Icvayh^
zfDI=#k11HfqLYq=-DqFYx`D+m?5}_gtX<oR)NEE3m4+>9T(9ETgPjyEISoN*BTL%P
zaWtl8fb3r@OHT}@R<R)IY-ul$SjwihwXg+g2Io54u!i=s!K7+iX&P7A+7lhdeaC2R
z{tMUT>Xo;>?QKj6yV}F5!I{ZTW_FQ#TFbr`yVK2WbjM3xY^vwC!^P}mgA3jAx;LcT
z1>Q7ysoJGN)<^5iuYOx{%lD!+zUT9AW0g29H40dT0A30p+v|jGCWsgZj%tKabl(FJ
zIAO({@P0Hb-3w!w!wp6VgAZKc&3QOj83wTq5}X?rtF^><J8=P39HFt|ExkDAu!9jK
z%?s}L$3PD9Iw!gZ=US_8d3A9>Mw~r4RSaGmOtCR#Ol64~xX9i8ZefLs*eri{tV{;p
zv~uVr$5E)v!}#U}tITGHw3As%E`f7}Thz;n6u3r?>~=cVy#G*8Zm|nmpFV8<)i$%)
zTw%Vcms>m7%%T>&;nnS16J6w?c!_kWlOpC&Y|R}TdKufJG_#0`XWIr>(m0ND8ARPO
zs^E-=9NXjDcxER~7y8pOHb|ZuyWS*Bm(g5yEsXEM>L!w-bkh-=qpWkE9v8~fxF$4l
ziAz=Lig(&6Ep|k{Cn`OqO?OKIk(!?!?Gw9W&WEk@dU1<UZPTjUzLWC%>f}ForLTg9
z>lO;hY)2@oPZj_BGPNlSY*fF~-P}|4w&88DPKS$N{bpOda-xoY^^tuv@mtBx?4aeK
z*QY(zY>qdZ8s#ed-3-TsvjOFyz5seu0s@NDYR2cC{d<4%0-Vcjo-+Q+MUQqRQ`yNR
zK6HCIWL7M!@5$eE4uo?v<tiUH%fHpbCnnA6nBHN|Q3tkUm#1l+(TWLEr#Kr+!|C>c
zx{0Ljrj|?ZPKU!&*0Js_QoSvT$Ju)1A}DLPjlJq+Pt($I#G%2bMD691_u^zGIZca+
z?sU&trn|oPWfR?SOxv^{6<;*N-_)%~MZ6C=?^k-)CGHXAW9{&gylx9U*0_tF^I~2*
znZrKzwBGo98pd{bN|;ujPrK;xcWdnpf92Fe`$3>>668<Qdd#O1>8%=kb3{MN4j(@G
zoR5s^=g<4Z*8cRgD}Lzreud!YX8OY)uZrm#%@c<|6az+oZ~ji7d*vtQde+ZY`7W#C
z^fw;+)^C#XF9Cyd%8`BfM=ab26HCE=BGweI_B2ZpXtq%^6U0X(^L}gtA8=D~=NBc{
zw}3Jdf(n)e%I6&x$92jEd2<Ij64Wzd_jqh_e=swGBshK^1%b3>Lp<1jB*$wa$3PN;
zLytm2w}*r;*k?S~fw0#tHK>3&*eMNY0x8HaJNSd5wP*y#ZUT3OBVuNn=6Fk}Ltk<_
zGT4EY<0&?XF*rDdo9BZ<HitxHR6|%#&9!c+acM#GdKs93HY0Sqmo^aeIJ=`hg2;wa
z2#1GKg(vWalW}EH#f9v3TahMk7cyW9(hnHoh!n<%{#0m!k0^c+c3j>Ca!Ivo`tVW`
zqAMigiQoi^oC1psLyDrPXm|E&aWPVmI1sc5A#@mw!Z?g_@MZ{Qi){!_9t4NKXdw91
zPtX{R(m0LOSdC~Ti9Uji@551y*o^wIP!Sc5;y8}vSdQk1NJMsw+UJeSM^D{&i!_#e
z+L(MsSAOgmk5@x+iPL`k$UpmNfT}S{bL3i<xMlZ6M+13~*Oib4*^sA2kdXF}3JH-2
zS&$OxkTLU)$%v181#lN<M~pW`0F!1L*(3irj~uCI9vOQiBWU}xJg3KZT33M<n0UlP
zSQ?p<q@|Bq^O9Z%YmKLMbJuW-$BoPgk2+cYdh5fIPZ$(N_&_ZvIsh_&RODAKMT}TU
z2*#L{Sw(RzD3qY#c$s%~9~p=FI8x7OjcU1;`t(m+Nmo4Shqsf2g;;mUF*~$Il}Le<
z#P(9)c#eP>m<*MUZ`oA6C?|Z0T!p!q&?I{I$e566Q->K2j~SVkNm7$3ZY6n{oEcr2
zi4B$6nWEW|>zJ6Md79(&nYOZ-sM(rWrJ4$2nyxvUlmwf}BAc|Cn+S%Iy4jl{RTRAG
zo5IOcS{MYj32L}GoXUA6#c4Ljmz>KPotn{@h{r3ch-5=3o!V(B%_$|N*@m@sYS{IK
zUbda)sVd#+8^QUAdZ=EfSX}2BpSk{$o<?w-(=t5aS#6eRaP%pk6qc0$8V8C+kqc>&
z13HliijfR?kqmmE^~iA6Nowg8a_}i<{uw^@ITQr|h9dNwtVvt+)o5|Xp%<zj8A=sz
zL83(Xor6)Li|3)JmJ$IvqiwL2)zF_Vid-<7ovx6UZ26-=+C`#Npb<HsrkJDpa-z0&
zZLaW_g88ISdPsz6Q3`6HjDw>{3J*K#QnXo-MLLk|nWfdDq$KHkC7PfOs-j{FQx)-K
zZpw+!>6$b;r*vAUcDfQ%suTgqZz5Ti{TPsOdYbeli-g)1Nx>YyF@Z1lXMkgYe8wd9
zw@f@Lgh3dOgH@=QS`#*^r~d80hc1Y0hKO<TMg#fTh2+VkG<I;Ax~c>bnjLByiaM2H
zNtgOoYmsVR6-uGvS)r-Qi>&&q(x-yp0jiS+dCaz?^C@2X310kZsjLXB&?-M4dU%^i
z9e!qacln^mimRr!Qs~yJni#F(x|+i3m?4;SA}Xijx~{i5tpTy6@NlPfnx~ZptS$GZ
z?7Elk3Y_M;uPbVg*mwwJ3YvU+aWf*SB<QLr2(M?ifTg%_Q&@8_S9GrfZjY+1EQ+WM
zOPw2gFwE$wWf+y3SAQLA6$6`qxRiei+d2^&tJd0-qvDhnd$R3XuGJZ+$D*=0%d#J9
zhQ&IRBO9?hyNCTc{!BXSuXv?b`|_*s5wlE~tu(78Hmi0k8z>GtG}qaKcU7q?l&@Yp
zV;WnuDN7Xv%R4H!l9?lA`RRq@d1?z8p4cW@Upu!b+Z$1PtHMXNM@V&NyOe2*g?DIb
zr<jMS*lS%&w}@*uNLv|Mfw6sbZ%~M^b*rV8HnDwih%|Y6wc0<EyM@ZSpSLBrzjldn
zJE<9&xTqU-i;Hrm(We>ra4#Zll&iNP8y+l3b{!X{gDaup30J&YQhk%U!aI6XTNpw2
zACBrkYp65G<GRE<w!><5y60`5O0ufpKDx-PZYyl822^)Dyt^{A|0)xa>ywY?HAeV#
zoy)PIQoX1C<G#zAyCAWQ;9I|e7gC)nYcjbfRVR6rC%<{yxMu4v8kl!U0&C7ol(Dr@
z_S?Wmx4ID9zBDM6upyR^1HiM(fHf<y?&!ewTeag`7<t*ef1^ApgL-Abx$OhN9%X#U
z$->6zxE}1aAe;^av@$Tf9uDiJJWQlLOrSuFrVg5>GhDwloQ>O8rqG+Q(IUf+d6JS_
ze||QuN34!Fo5KxuwOAY|9o&rx+$AAty@XoDQB|_kYLDXkh(_tf`rDFCqP!Ihh+~|_
zNPNXci^f}w10VIhI#Iq9I6BK_yJ9T1b}O#{x~cDav{*)4vWS;D_c%`(mV-FRcFY_;
z8l?Vb#7~%9MsB&pX1oPg#mC2%Y-$+C(i=5Go5y?Lq*3}vvDC_uM6djc$2bwL%s9f-
zdx3YPx#NNyN2$vHiKPL|#Ku;{sY}Ke(Nn_Qu!_vO#*Dhi3{&n2NLtLe&wR{uY<9q9
zETW9T(Q?h$49vi2xVX~Icw5ZiJh#!jd|ErE)$Gja{I%=+R@nJ}hCHW;ylU}`xbut;
ztf(!Qyvbgq$pZaJogBgYoUi??T<vKrtPIPB^f3?}j<OtM2`$grEMg5Unc9$~7md;4
z{F~2}S11)0)cny3ozb3Ux=Gv4zdKMS4MZrN(jk3zi^jIqg<01Hw`zLQw*W-<9RAco
zJ=9p4&m!2KrM9a&ooeJvenH{RGrg`4>nf$Hy=}`{3E8ajRB=!p)#5tU<;=SuM`ujU
z(!bO&|L4_ItkR1DrrL{#+`G(eS0iby*3r7qYZ`_=!OeDk*KD24hAAU_-PiW|*U~Ih
zbkHm2OxUqm)8qVNkHy$bYuE`P*NPq4P9(+s=zb*>#d|x*xQnmH%enYgc`xF>G6KbY
z3c3GCB&r>Sowin%%_UBRfag)#GkCBC2xa&d#_>BsyX~d`crRFC+rJ&fdilUANYunw
z(MRpkK+~u*dBFdcxs@};j*7f;Y`MrIK~CYa-xhQ`H+#DCa@`G;oRNqa{^*i$EP2vh
zLdl&j#ao>LdqJ2zl<G@3mRE-S&2=6!hPNBwpQ^$e^W8oxvU&%Deu~$cVUI@r+$W8#
zOn7%GJiugzzO)LI0X`CuJUJR(c^<fg1U|iTvxdwAmHvI)iWs)UoGP<Ttv`$4eaM0|
zF5rTk-(tAmmRG$9z8E7uGuM4}7EF2Z&EUR9%a;w^G&#kDh%z>3z$0^WQJ#CU1BgxQ
zcg9hBefNja9f(#gDp;Q7GAoz2m*LdSJgldC6-3z)g5+Th-SLgK(OVFd$%$XgV<@hJ
z_`9C=t>jKzZyH1AAY$i!is!Sj=8oMQZcf#hE!mlB<QMWU8W+3%kt^DD<A<BA=Q7IN
z&D~$<?C6cm=1TxEKaM_m4sgRwvic+H^W?DgJs6<==&XL^G2-LMyEAJ*J5T<!)Jwp9
zw!C^lb95=+%<SNauGg_X$H#s?d|Tn4ad#m;e`$D#6fAcsZkFs@$q1e7zdYXw4&)WQ
z-r&ybG`Mv$2;!0qg3Hc0@4W5Yo`aCC5AByb&R*?f=X0j>lRmEB6I_)~*Uawz?(L2m
zE4V|dCpuJ)>wqSRv6I_&_vC3lMe*)b1K-4)e(@Ne@hkD*V+C)#x9&N+=!g)|1zqwc
z|3w6S@+!ab(Rk1VUv3XN@uO&FDz10(XX)YHw>l5opz!|C6aDi*e@GG?^h96u=IGoV
z&*!tuK2#YMaxU#VpV`VCVIPy%1ElneGVjv;b9q$aKx5rb%aUiVBo&D5{uR?!pFtvj
z#s>~}YSZ7ROsoQazwU+hX-~hOY|U~Xs^&pACxpU|4EK^Z>s0;JcaQgk{O>jn?Bz~|
zKMB8eNBAx-F^AtmYoEwpzo>l}?6&8$iMZsMPvw8F!ZJT~lwbL$+v03*Xe1%|<OUU}
zFGG0`&u!NFAU|)gANz}ay|-_*08d^~q5GG=^s3)sdyV?LufU3r^?Ei3$UppxqVaUd
z@ul_Ry(;}cM*RZou-dO@v2Ot+&+=N7^5VZmF8)v3#;#%3uVOxL^h0m-lH}>=&-~-H
z{)b=njZXib`TcM5(@L)Y5CG())n1(S=G}iV6i3nvN;Fkhwsl`Pmgg)W?vvJcp0saZ
zP&gzOjYnisxl9HShh9`VrS5W7Y*xGFc6C4C)jK9zz)W;ny=EJo&~jWp4~gk_d|sbF
z<Mw~6Ho-x{LYybSM8zq)MaM_TNQ^!|Ny`sPL(NT2g11Z1(2YjXQqxnO%t};I)y`K~
zv`<!ANYYx|T-`~xT}jv2VBw)zUt_u3W98*vq-5qf;Nj`uV(4qCXY6fmGHLB@E@^6V
zPU~>=7w~lU_Lu<pc=>sE@A-TDeEog?{(k>|fcXr-saJ5sI)e!n9$Z*PKmh{?Bu=DQ
z(c(pn88vR?*wLd#0|5jyBw3^6Nt7m1ZW$opz)P4hWzM8o)8<W_Id$&LDF7ad90*s2
z5<1kVyP`*xsyOizK+>Xik}efT)vCg&SG8(zDxs^>u1~>w6&ug1n6P2D#>u+YEvvR~
z*GipW_9<BkLGj|%o3}z-xiSC;CLC#S;iYM>{FGOB?A^VM&*nXhm_=pFnfYku?ALQs
zx{&*#{ad=T7R;wrcS*ha=wh&T_0lWr+M8|Mi(2RA-5bkp-@#n~7miY`$>LR$FIUd|
z^zjSCop+Ev-8%B?oS}Qp-lKZ{cktiA4;4QivU&6?%BOF)eSP=$?1jgdkM1~q>-g*E
z*1w;d+WwXc&_C4%B+$MCQ!p^W%ob!28wY!f@WH?)q|legF2qDb3N7SN7sfuMPQ(N~
zBoUYGPTWhyh5~Z&MHpk0@g4yNU~NVmbJTH18Ed?QM<9a~a!4YJH1bF!lT>oaA$=@k
zoN}TRB!B`&5=Tlbvvj7)X0-J3OEAL}b4)VJ#DU8v%~X?^fmmDfO-%x5(=a&ewDV3p
z^VBm9ISCpA$~~t!=eIx$C1OxT05x<`MjLhX(L)hQ6Vh@J&4$uFEd@kTOgr`TQ&7p#
zGz(5cRb$jBN;Ne~RQ3K)byZknm33B6B=v^YIBi7@*D+h=gI8dK71mQ<85y>XV!t?6
z%Vg<zby;Yml~$N$y_*uAF!($Im>=dT;@NF=B~?sS#sSyMYLS_CT~EGkf?ar*NH-8R
zz<Aab8}P;9U30`Gv{E6ub$8o(17_9VMB~M^4}lMLrr;pXRXEUjm4!HB9K6lg-Z0L{
zH)4+44H#Qbu#G3%dJ(>q8j>?c`Q(zjwO5{vI|lh?n^{(Q(}`nkx#X8ghPh>pVFo&9
zmyzx{)QV|1*XV|$-dAL)r>?qatFwN3XDK9Rf?<QH&RT4dUmhE5j0NR-53iSo6K%7}
zzB=r=(?;3tPyU;pq3yc+9-8K|$4-0ht^KUaG!R1Lg=LRJzIy1XV~%{|nQ>OzaNY1`
zy79Q9hP>?0J0_ZQ&GTNn3UD1id-cFUXPuJ1Tjx_;#SRxOHp+63j#au}?_F-eCzqYt
z(|;`;RJ3Cs-1pYuKE6}E1-n*txrr9N`J|}^+;i8b)Kzi5&Jzvs73(7RY?&V)9pttP
ziQdiUXMMcp>es(Mep%m#p?!JJ_ulZ@g-<MJ`O0i=!N23_Zwm;-UjrSOsp1(+RAKTO
zqC(RbvVd=Zi+kW26u7GnhERmai(uE{S1q&Hr8YGn1p_tr!EudHhBIsw3@>xS61Jcb
zF2tJ+{!vFmAO<l{K4c0GF_#Lo2+<iijD`}O_{3f@5s6HqqLJo=x}ZQYQb$Y#54HG3
zFn&vl^h)3rfAcdi5>bL-WMdmQp+=yb@E(+r3;|VGmOIYTF>Zuos@(WTKq7057E9nD
zb%@3<_R(5_WMm_k$VCtq5|UQPVjC5i3P)yAlVLFA-i(OFyzsG;Uhv{3O({vXe3B7n
zcm=ma7qYuO40}qbS}ZO}##73|XasWuFEtjnugP+kxqRa&-=RwHw6GH&8<@w07tC4m
zE0(P^=9P#ki)m_0U&FIo|9tt(YYyU;bwK79lHo#TX0KsZvtIU&cCwjOj(+fr87vL{
zF;1t26PlnCn#q)w&ZCj-Zrh6|`~E4kf!a@>w5+B&%DJ~un4@#SQ(i@x7dvz|G?EM5
z7T~hwOyFH~dm*(bNvBy$j=DjkI(+EA;xy9bO;mdbjj88oiqU1R)TJpM7(Zneyn3z^
zsF6!wML)OBf(n$UTTJEi@W~a4UbLn_Eot(6m(fYGZK=Iv-M;E(QrR(6s9?3KK)<@x
zfaz2{E&XAf=mtxVLhXJ5^(Xx#S3T{4lMqjp9$JY3HF(nWoo@{qJ-wPf!2vd@yNqio
z*~nMwuyti`a;!J|l~q^yRkM=a=nK_)khg)!i;&&lW=-o^%x0sCs~wUVWBC5q&#v*b
zvyB&NH}H^%d_=dq<!x_$dl3VmX@R0lEgmXMTjUzbwi;*&Pn`Q)=tft%H*wN%Eg4%A
zCRe-BT5gG0`(5zf!?l^)Zh42*-2>tFx9eqZZ=KLy_(~+WR<eb8?F%gQ5~#V;<!^tX
z8xQ{m7$((y#BuL?;3yWCMMx3fYY_b4RpocVwy>R23=ClmOG&~LcEn<+a^Vbz_;MUB
zi3V2!ViBhp78@q<rUd9<6~~xj*ln>XJY2q%pjgH`7AK8sOcd@k*f=~Ua-CTG;~xdt
zL<KH#lht%&BqM`-LN2kBt(@Q}GdRdpCW(%({AFVJILied(TTx)X8tTedCVdTZ=2ox
zW;n-L&U3Efc-MSqhoV`}EVDD7{anO72f7-4{xgKG;$=ZQS<Qte<)IV(=*u!X9ZR+Z
zq9M)WMN4{tj=prK|EK9=V6ei8@pP#@C}vRaZ^|4vrx{jV5KEg{#F<WYbkG8u$v9>-
zcnr#|b(au{=}S?r<mxYhNy}mO)M3T;=&_xBs%OhukP5CfYNovF&#VaBqvrCY#o0{v
zaZ{<vmgdvMJ=SHD``glXAF8X(6kqd2g|dl^u5s;{g~;=rjmuX*iTbm@r4!(RYbWgb
z*>8@)ZLxI?XuC)^?z;w-dXsY;ToK9cQ&aoh*3Nc=u`Oy1{!-ewQk|;9<Mz>#Q_rS1
zU0u1FZE~5aoSjE)c{VXtQjC9k<76hF9m6-rJDPcxja_;77EV=|o;>DW?dj3SjkTDj
zoauU<y7F>9?VU42<a7e-(g)gAnAg(kUI(b%P%75MGEeF-7kAjze)WuJeHmM?uR8BX
z(3&N+o)OPk@+wYqpuu%yqcfRc1<TIDvOMsy1Zg+hc~`i{UGAag^fHH7Lz_ol!|tB^
zlPYg{JH`5*nb-WmG~W42f4=n6rZwuPBl^{AxAm@P4(wx(+}YDUIkvz3Y;&*s`ShOk
zoCiL~KP-G%|GxMNQa$n^t^DPefbL9ozNeudeTG>6h4<A*>-Di;hvsuX(B2mioy~6~
z0`pA#&nLcywtrsXb}`!A+@>t|E<8YuHUC59YSZP~&2Iw0Vtb}wn?EokzujY`KIyRe
zD;ISGH>Ja-XtF=5Gnj1xse8dc%K|3^dcTE2z~b=0U;#nBd%S~78h%3>p+c;G!x_VZ
zJi^Pn`(rzlQ$dQeD}CEHfm5h}bGZL&JfpKX5ez2~48A}jL6XC%-#NP^Y(lcqnx=cZ
zs&c|9v?pSC!nV7zA`Ffp<P{{WpQ4*7fC?RodL1$(E5IY1Z%Mi`B&jp>8^u$@3PiiE
z8^89ukS<)9JG`Ngiog{lyBn-SEYv@#azOr)J47m6!kU}IL433=^o=~El`n)r!}B-E
zi6?!-#JMWL%HhQM`Kj*FK)QORP29vzG{sLuLC3p78?-AsJUu_FzxF9ALqs>qIVo>)
zo&e0hJzT3+`o%8+G264k>U%^9aRXcQpb8YlV@pPU(Z&8-Moxl7_yI<@3dRY-Mrn*a
zW8@8dL8^metP~8Z6GXU#8ypiPofibGyYr{G5+iD~ru9p-Zsd<%D!VBZ!zv8KeC)@o
zQmJ^fu6Y!+dc=(jTrBj7LsnEm3`|HubVG#%9(?IVKpV(cbiIRgLYZ1Sf%!v0%tt_^
z!L$m<&a%ieD@far#arw{#iE>49R4g)#6eTE8Bau?ylT5iG)Xi=N!N(PXrv|43Kx=m
zEuB0`iY$>#(H3n4NCqs*ojl3|@yYywO6haTryR;ClS-eVN*}OFqr^%i(@I#$Nv~8i
zuG|l?jIgs5fwU~kFyhJ8XiKJ9OL7uGy{bQ6nn7rUK+;ph4P-^VG{E2K%aU6+z@)&z
zv%>u=K)ZAxxGWF_q|3x<zz57irE^AM5=;PG%mIu*Xxhtk+s0uqME(Ox%ap(odd%mD
zOt73Rc5K0jTR|S=$8>Z-hI`G}{Frxy9fF&<nMx?z+`&vN$H45nhhss0YDauTM~e&2
zKqM-=bHxx+&CZZZ5^7Be{_;n$;mtbKPVZbqz#O~pY{VxltMNpsRU}WOA{d+#A?nl)
z)@;f!EUK9s!^2Z5IDAO;*~dd+L;N(u`^?WK^t%8B(6dU<{bWX0YR~DE%=EBM)4|T{
zLQnlPJ475i_4G@rAx-goyA0*Xsq;gP1Um#JQL$rBL~KwAB{2vk76&x}RQxwkTu0p0
zM480FQ^e7iG`!7>PQ6UW;q<AyL%bP1xf;DuzRN3vi$NJxL63AiA)KN2)QlE|o)?WQ
zYkZ@iWSK2J&CtxoeLAHnZIJjRuPhC>r5w#Joe~XGN@5yQ%cxRJAxpO;GB`yHIi(aj
zt<xR5)56G8NZC{VK8-OyC5-bs)Ye+jMH*B)z0&beulR~oNu5+mMS%HgN=C&rM+J}l
z5-?BwR8S4omq@=q0Mtx%&rSV4Z#-2^Ra8}tN>=UDRDIQyj8z#cR9YP}TU9Y!&DAQ~
z)fDShUu}`fL>A2iO<;P*##~6v+(>CkH)SPE5j9QB4AW&bz-SfC3Od%jY}Rg7#%nzU
zR~=UNAkBNq!O+}4f)h<<4Od(Q$_tD-r9@U|<2`e&)}QnsbUjRdl~%+wOr|8)F&oZt
z6vrS{r*L$qBVAV*JSZ8&QRVbO>*3Agq|N3uPT_P?#4<<51I6h4Ke{4L1g%YsHK@MR
z8iHNP<;?y~h2_B~4Z?&nmsu59D)mr*)J+RSIqp2G^GrmEjKc2p*`D1_4HeqbY{(B?
zI-Ffv>^a9}8(N$sPobpQEUVCYGEk<=*uZ1BB)v?m9Xf{`&^3HRehgc%1w*lAPOF{I
zqvc4ltton9TAZCHgo8k~6+`H}#}s8Mstrq{?Zd1ETz3pfq@~aiZA1>0LYqBYiz+L^
z6~$yMT&kMf|CC#|>rMJw+^6eHIy_Lm?b{m5#QIDuCQVSoB0SMu$%chkm#Im-D$?gf
zJQ*#)nQYw{eO*-~-P8ryG%ULxjZ%bVNgjpBy6s2}Mb4HC#jvs*y$e{-ZLwKoSJc$f
zG?b;5F3rF;onAeuRvi=8=Vb@}xwz4zUUUIdW<gVck)Lnaym9^B`~cQqomuyN3sZ$(
zr;^|KoeTR7G4IXa|JdIQ>tFwc5JW9t13q8`PGAM*2SOWQ3W3y0jbI6$U<$5a3%+0s
z&R`ARVEKwa2mX*w6;%-)VG=H36Fy-SPGJ>ZVHO@R8~I=uj$s*|VH$?v2mk;({rH$0

diff --git a/docs/manual/src/docbook/images/Context.gif b/docs/manual/src/docbook/images/Context.gif
deleted file mode 100644
index 9d63b197ffdb0c80e3f1d275bae0f7757bd1b748..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 4269
zcmV;e5K`|)Nk%w1VaEaT0P_F<@9*yb007(D+veux|NsBU$jG#`w9(PgwY9agv$MUu
zy`rL`tgNg60000000000A^8LW00000EC2ui0LKCH000F35XecZy*TU5yZ>M)j$~<`
zXsWJk>%MR-&vb3yc&_h!@BhG{a7Zi~kI1BQX$&}@(5Q4uty-_xtai)oVg-YscT6UO
zndn=9z;3(W@VI<VuiNkVynas)6a->?f`fd1fN6*_YlMuAj*pOp0R{(wk(Yv#m5H1#
zi<qFHqN8vD2%A5jq^oVFsGYDVs;soNwsWqQx1+hSz9zG~!o#Aysl=hizsn%O$j{K3
zr@GOO%FNgs&eh!ArPDy$-g(#A<`&|+Pvm!tpWCzP(d9exrE>Q6jr7@N{#|F9ReOg=
zpSxE0-snTdF9$q@Y##O*6b~1;a}yR4GZaE2DQEspT7@LAj^x3J>j<Jmi1MAwc^7>I
z8@V!K%bO-emMoc5q#K$&6~@HqQJAKV1MiWvxwPrYHBX^1eLA%&%vU`s{)Fh%D%GuB
z!?GOPYG{Q3zly3et1T(lukLuNoa=S!&Vg)o%v41aZp*JGPwIT>^BdNTXw!}pdbsU8
zmVU+B1RNPKQ)mrwNQ7LsDd(`3JzqAAF7Yz8w=!QqoeXGSyEh4jR2kHz?a>VLI@|*{
zZtuQ)ffgKUni=a_s?jZ8zBqY}<IOKRIR~AUa|+d&Yman&M)q#GrW3{4uDodT-6eeA
z&R&vk&F#q{5RVZ6RI(H82rd}${p$DtrvB!i4eJf`1a?s%2!(<NBDSD|4XT$Qg!I`b
z#d$RahSNy4-4~c#uaPw1Spk-4-H0?42vddBVOUvRFM>7|iWL51<Bd4xsN)orP-7x#
zEMns!Se423S&Z(`sNRoEf^t+iO~zqNkc!bIqhw1V*;#t_Md_tAJwo|qSy&Z!8hN$B
zrlD*e{sx(nU5+UyZ*an(B4%b$*~y(0;R7e1bF#;!oq_VBCnA6r;%8$TBpN7lgTCOX
zQSX__$)wi&`RJy7uw|yD9DLfSB*Nua$8nLSf$2V)a_TB$XB9_ZVzi1^;jN&?sVHu^
zm?sURcB=Q>c3iIdDxR;1ik+~s{tCP7vm|CB<!u`F)FDMmD*HjM7-;Lkj^IAIZJ+vG
zwi&MlNrfSA=;~46HMnNvtgR8+YGJqJ61inn`_Tz(tOz0|p@Q>T*kHT@dmumo1|Z<@
z!w^R-am1!fZ1Keq8}J8G(w6Jlx$Cln->%iY>*-kq%j@mE_;#%CmFj-%-oNrfo3gUB
zKAW@6_IWUX00#su^w2~XO*B+SC#^Km0gansZ5&2zZc1Z?SS{3GaYdfgI(6-0a6fU#
z-JjFddnn7%?h12f2=(hOiU{{?uxST7EBD+953CnSVrsc|RCld?<*6@+7TJ-wxjnO9
z%2DK+l~E4~6>I6?Z1>InDPMlK=4!NZ%y~!}X_erBE3VX*ARf-P*Cx|!r>uq6xtfC#
z+S~Jl5eo6n=YIFwrn&oKX;9&b2amYmkEEJ{t+BgaAIF|&Rak~m#n!gu(^FfmR$33f
zQ|f=k74~55{+dduQ7ZrZe+o%|?6FfYi0gy3=Pm_;&9AQlNYaPv|Nj7-Lh@wC0-lUX
zefnDxK6nto20HM8V+d0{Y6ZatN-%*W5C^xs^FH`pPz|t~lejP_0(opO2FB{(Fh)qA
z#>t6=By<`s>Y+kcA+RH$N+B(7_`EIbt%jT8VFwPS!xK3#hN1Ei5D!SejyUFpO+;eN
zKDR^>MsWp2T!sD+Nq9m6RWW~Jg5nXSn1L=1>x*JkV*0KqMKh+zV^@QtsZcXKe4sBO
z<to`**tk6ObT4bA&?Axf7(+L5kZ>~dRemU^$gC}-jw(vh7!}dTk+sWo<k}(z4N1xE
z`DR_f`J}Z51Gel%t|r&w-uO1ewQGrnFOZ?lP6&Ad>}_vqxB1>^U|BWlv5uCT3<NJj
zLpm5u=6Jos(#VpTCE)d{cfc&cLA0W}zX9?d(3~V0(P4?m5i@jFvn4X^5>7l44>Y1n
zWJ0pp&5w!Ad+(GAFV`77Np4e`)ELs}nAx^t)^l~u3>oB%=TF*5shCcQW(EuTPvpIF
zBJ8~92>v*U!mH^rjv*4?nyyz$UpnQJZ2DS9tGCg~>}Mvcbf-PT=t{wSua&a_BucaQ
zOKnP&b2Q{e7Lk(-g-$dz<zs{<6G%})Rq&`tt>6b4sE$MpRewd56dGT+)Cnfle^tGy
zHq<y(6Txr?3u_q0#!9iV8sMyAC97H=rm;h4bz5BRYJi?Pf}btzu0=x{UiZpZriJ0H
za1EnenMBuPL=~|0i0fe6Q&{)$4Y5l&Yzua}SV%OMsS$x}WEERk?OgVU(bMb^BwN7F
z{^+y2X`g7Dz}c$Z@t|;gZP+wYM?v`%v#MP!5lD+g{-_g?h{U8b<=896-WIf_(Cuz@
z{sAKE1(J2GB&AIMNWD{z@-N1<DH1fO+#&FGe+`{!GN*Y>>N4|p*%i{Mx+{iuel(s+
zDN;G-3EOj)u9xXG&U)FK3itZXnSSeMK!Z9^hX$0gg*Yw<v%p`OFgKK_eB6;h%F*d6
zM8aO7uu1bvlm;)iZ$aH*h!>06#ClkF!n~@AvtV28GU2-?-k%s&Oye5=Bde#0aeILf
zRs$s9$3PCUkcUj<A{+V0Nd9pElFVcxpLMNJjxt%>+Cv?OBM5fwtCqLS<)A&G%U}+(
zn3dKv>R7qIXI{<O(!66fGtSK_+Z>#|J7<T~`F3)?Gn)0BqB`#k#(b7Vp!+=j=RXg6
z&xe*&p=Xz96F1ruaOM`EA01dq7ckOgw6q#DeQ7qIaMGO4bf}l-=9PhZ)Z9dMEj^uT
zo~c^Kug0gIPaSJU*Sds!ruD5|z3U{-y4S%1cBTC+Y)BV-h{sMgua&)QX5U)ZkA}9h
zSv_rASG(8JPIR{0cx_pCdy2&VHm=WX;|G?xAL1Ujl@Y9tjdeKP%}6u5Q-fn)Y`fO?
z9*+u3Y-e~6JI3?21;72hU3u4V-~?waxeu=3gexK6E!ua(9bRy9%a&BM^&>g_@K<v{
zT-6^Jl5k!2NR6jU0d7S%#T#Yu=hF0}9=$MhHJZxsQOgMlaB&hsK5G7+FGB#LJ1?(<
zPV^<~yy7eG)|m%zU(jXvo%SWCEW>M(oWDEi);=+Oqb|I04vwJ+ot)LpjP<O0nCXur
z%!a&%QOIdHOXvk0O2%IHU|N~!uj0!BP+oT~8r+6IVL$;o-uLzS{7e!*dg0M<c*P{X
zK8?3@<YN(V<V^g{i_f!%%k98=V;-m4Xja`P4~wu$`ScR280uF~<rxR;X7qZ!-jYuG
zPGot^TMhv3xqNO0qD*I-+Zmplo$lHL{H<~OGX?1;E8{P^_=vS!@a4R+l{<g)4L*?B
zuHR_x^Vj>CH%|D+e|++PfBfJ#Kb^y$e)YF`@$J`b{4a%mc>d2n5%;IIxbv^7`a|FS
z;kJJO7=Yi#e*=hg2bh5OWPl1tXqm@=4X6nI7lFt(fdwdP5SSGf_-wz|fvtvY#8+kP
zhi%Q5F!NI|xKo08<98#-fjpBlEMjOiBYc{ZffUGcyOw<QLpyRqHxROdYj%V9Cv4J(
z7CzX6nL~XZD1_oyZOpfPDEJ_`!-R%Mg%V|h*k^^?goW9sg<H6R*T#hk_kh!8DP~w|
zV0dh%hG{M6Y-{L+kR^t8cR6whhn-f2HdBXo2y0Ggc6)e*7Z`$Cmxjt#eey<#g$QnJ
zNQM_^gum8?-8O}b2!F*Fg!aaH4%B;+f{C2iiJth0{#>AmQUydD@kXX~ic3_Arg(6k
z2VSW7iXHS-qsVZI_bsq^i+Oi>y7G9dh>O0MMrTBe!T5{BxJI>Ti==pYl~;_+h%LuB
zM5(BZ%{YxE!f&EfNw5Vn*3c=>_(arLU(|Iv-<T=g*cJw5DvM-Jmc@<3$c)saj^OAn
z;Yf_u2ue2>UDzc`7iBFYWnH1vihb0K81`PQBwZHOQ9+TA#aNHxMRh_KcK;-clO>RU
z^pIYsN+ENL3>jajQ%<B4IPn0I`y!F0C6FW4k(2>-*!46Q_lg@ybxy}m1O<^Lwv5&I
z7BeZ6PWO%V*me`<TyO_7`ZztFL>RA8ljDf~M<gYZA3~G{l$1ZAi#C}r?I4X%d6nQH
zm0sczNQsqRi7Z}}jOAEHUs;wLp_O9Uj%K-*T7;Iu*o$l#m&G8JpcpOyDGPF$mvcFm
zWJ!v5Sxb5un3vF#tjL$_BbbOORBp+Ohm@F(nP7%_n2gy;k6D?+5t%MDnH6Q3oOvpX
z8H-j)k1d%Aqd8(3iHd}&nS?@*mLycIDUQWOkDvKIUHOY3ags2XCN5W$s6;-piJ8%o
zLhM$XwwX~d={7`Xnw8a)!kHVunGw|J8~=q)Dj8nsG?m1HmTGs9YUdi}6&!p*oVaKu
z7g;>V2@xY_TFiN#%2bg6H9*g)K%)K$o=ypM;PY}c7gHPdn_+ogffJiE37=}&nFQJ&
z@u@%-8Dj6)o~&}9*jb=*wVo^qVQY6yQ81z58JZ9Zp{bdTqk{?Q37G@Bp_a*zpg5Qs
zN}`=<jdckwe+djN8ly5gqgVB!z>tbIx=<=wpd?w6g*l=-nwUM>TWJZGLHd{-N}DNq
zq>h=S@Ux^$ikMECiw+v4B|4i=TBTNsq*zL&K)R)IDWUS%2L_Q&%9#%0365y0oS)$_
z87B$pIHo0cn#6^Za_U>PMU@G4pu5N}#brV-qc&0krCOs;b}BN6>RWxHL2TNnbXp#a
z`l#~=px6kfBEqL~mq=TulK%AdP!?66XaXyycu{vj7b!82FXc|NRZ>vnQW)kJraBv_
zdP>`Qs*<BUC>5)d(~obLcC1RFyW~hQH%pj0lKdhgo!UJQiKfyxO#8&10d}4Rb|2KL
zsnD8}FnK!5+EC>w7Hb+&qiRfD@lyJ<rWg621ZI`qBz3*Rl;5<e;!2&>O0DVwPSIMS
zF%n4b`gHetO9*wEaknMfDX!#oQsre~)kI8DsipqZraHN;#Z+L&RITjUtq`lN*?O%I
zNnjf*p)R#baz|f#0j#*XoubM?_xY6ih+h6GKHaHH-Py3N`mxj`H8Y!Gs=AW;shb8%
zBsPmnIQz0c>rn<Z{!_!sAziwSl3J(cW2ArwrizN9#aayCu^wrfcTmf;0{R>@dLudd
zQ&}sR{APNqhcRfCR;>4AW$Q4l*O+0Om;82nyEnIVTQs6Lk#DP)2-kgitGBvHX%E`B
zR>Y@(E4XsGx7ud7Vfwexrnqd0xQ8~U9J{n_8eAI}wH$e;Cil3E%eTH_sDX;PTKlJY
zM7m>|sE6CRiMusJsjEK8O1HYIR8w6&J9O4+t0|SLwJNKz8>-U?xr4?}5Sy>kda(F4
zya1(>0;#%@%dhNeo$#tm`--f_8$Qt6uhXlr3(35}o4f$Vts1K($ttWHYq1*3liV9<
zC3}tJv=TRJi%vP)lsOTz1Lmpb39~>8ze4M>_?eWztG*u^M2_mX@<F(b`!qHbxEz|k
zxz@D~{J;=wBVVg*rgye$d%+kyWoVVb9NfVk{J|jX!EL*8a$C11e8MQ4!YaJNENsGe
P`-d<b!!n#^5dZ)?)~{gv

diff --git a/docs/manual/src/docbook/images/Permissions.gif b/docs/manual/src/docbook/images/Permissions.gif
deleted file mode 100644
index 9e784bf18851733033a7feaf6d549d21db0c526b..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 14168
zcmeIWRZ|?$)&!aa37+6ig1ZHGcXxO9;O_1Ohr!(mGUyBvTxM{0ceh}Zd(Qa*_x;}b
zx@z@WyY|!S>VDW;MoyZS&x{w2;p5YX|03jn74p9p@}E;kNZ)_3-d8bx{hyl;AN~yw
z4FCK0?|<|E(f=v%|1kyry<Qg;m4$?a{MW(%KK#$f|Dpd*{{i_k{Qvf0`Y-=C6Vd<a
zA^)rYOT>R<_&@yrPl5mUL?FRF5F?Su{x0edM?xo)9sONA5Qh3qK2Mg7VkjPi*?iqc
zm2xEclTg?`og39~Dh+*!BE2j1L;|ba@cOYE&7WLu+(XSycM52MXgCU~d~4NAscag9
z(Rge1T%~I1W1Sq(Oe;zU+Zt>KWYlid?{|Bb=XP9avYsn3T2pgeYjIf^wyMQ;HtO^~
z5%&OiH*EEUJgwp;Wc}WZ3qb#;MM7|6Iuc3#jjY47$+D0#SeT`T?}v3oK5e@r(dz9{
zc{y>Rc5d#?&?38;22?SZTXu!Xm1i29*6uV96#M*{1;l%^R~Jpo(?ilZe>7dHP^b*<
zdN^BdaoA#UcOM<h(t-s)^$@=~-ewGC$+!f8Y@SM%db7TXfX}X<rl#7HdwXFo7c(|Q
z0dOc)WWoP%W4?!eM(ijGeP$;hkATVPl1G00;{kBvd|x#5{`TCq6GQIilNv2|Qc)7y
zSR6ASM-{Y8?m>|`Y8b~vq(vF?qbHlvMg$AEmjHeCq4buesoqaj<UZL?Q<Z*R|A?tZ
zsGgx~Tz%lI=hj)CVH|~gm~E8$Y?WhMP+gI2*W6i=<2;Ofl;<@2Y@P43SzVdud)rx=
zAB2c<Toj1)VpAMLR#R0J`=hI>I7u4iq%2YW#kM@#xTd-+Cu&S1LGp2#qDp$zwx+7E
zAda%S6mNwg8CF~4xBIIxiiojJ6`ilPmLHKXy#bgR$B@$csL#{{q7bM{pX5F}Z<&^6
zyl9<YUH$IAe0j9pw(@DYK5X6o^#Zt?c~;-Kog}amejeq2*?m%?zyi7(R=Da~M67LW
zYQC&>?5SpX{hBbAG|bT3@xoXZkMeK)XJ7lLx0z3HY6+M_sCogvhKV#HT;WI+;6<H#
zP!N~~|48TEj?3hOa>tpoNYW<|M<iWG$-)Jjpd=e0%ny`0jQ7)$_)hmT^NW(~(~3M7
z_j8o2=nwPCXNnICq6Uc%^XQiKmys7i`KDmYJ;t_33jlND>QmT71Ndjw#p4P=iIew+
zPc--uw(egE@ecU>yv{L2jBL!igM&co(MvZHa6Q4q!}8qQO_T6@kPEerd@r2`)Okqg
zyw0_Y?HbS_$}3{|A{Eb?)HyK10-8HTz>*Y@{Z<*|I+P+{%y!-jVB%2a{F0Y;Cf=PS
zI6Fyf*&#QTj3abe#^dt-une%Dd4ywDVZQzF^Qz$Q?Jt*}prhnu*vo0ViSX-HcVW=m
z{gjKy8=f5a0j7V|>-i7XP4oedPV{-_Dg;r{^!;mxD8lAcC|ZCi94%cxiu85Z*U9e)
z>>Xn0`qP229ILmWr_LqhE7zQG!YdDNUc5_aWJx&rnYaun`r*<ogJWmXG5gQx#!o63
zReI)A7;hmqqDyoOaXy;Xh`=$Inx6_MGNy()2<t`FOQz23JOn?DUN}C&cyhD#58ZHB
zN>hTZqD88`n>0PbjHjOiVC&GQop(6V3BjI{sM1!ZbB5i;<<5c>E>=eDQ>t?yQyB$o
z#8)A4y9lLMvoC=*d~$9#-;;1CzeVdv5-CSU53iNr3PnpoL#fh~?ej%{=t-$OMx~L6
zQ9oMp$&sk5N9MPbv$!KmVm7F|+Dj5K*Yix865VC@Fj%KbXL6ac+$P7qt&x`7jee%r
z$c`vG<oFyr>L@-3SU)%5J>Z4f1*Hil<{|$DwJBGW-}y|E<O|a3C>Sr^6=cCUN4b*Q
z<kY&Fy~^vTgcIqeRjr%S2v&}cH9N<Bxm(FmsAD+t?c~D5F+Fk7j}<eug)H4XViADH
zxOcu2zv5cUR1;QZ(rKqKb1~CY42}iup4H;;ocv@4=zn-3&gQ?|S7I2%s7`Rq#~k0=
zFfUXRQa(>N&?l7)7>X|B$@kUhKh)?#a$(Km3k`l54x-GXBXRQc&8ZJ{)=G@}OErsa
z%@6g?iHwFv3`<?J4-H-rM&qZNrJmb|#vpVi6Ymi$tuD=y?DGPpy_3P{wqK^-_!&fJ
zs@0mjTKy^JXa&s1RVVoeE0nB|*w*M)wACM5k>06L&{6p3KQ%O$CBV$gD1CLOdhWA|
zt(YD-4}l5x?9}bAl}d(>GtyCN?Hr!A8e#yw1Ad;SHcweslar~fHf`YNa%Zocs##--
z#oz7dSJs$-*@-Bio{Q$?*EHhI>2VK`rWTVE?wYz+*Imz3VuSkB#1<^cBfBWDCIm1x
zpTpe(u7p1#AL=x9<6h1?Sa%UmnlQdS&B`e?Y6vBbH@N2J9KelY2`}}9VlrkAVs0LW
z*ZS__&0XZLcOJ5l$4`W!c+)sW9NP#P7(AV3HfdSdsf!41eIb4x#qM!+6y+N?T3rV6
z6}w_6)mV}i-qspDG|<bPTC((7#u?|?CocfjKcwN;SPI|5k_#QoE{vBTT#rBSwnz^4
z*jY<p85r61lNOVUkJa{%9D&gRrc`h%#b(f!5_}_@na!0Un#+nZN})obc0R~WxxLGV
z-2Q=cZXYq;@2D@J6H=Acemdi(I1PxsZ0YL4S8ZVR^VmK^nj=uDjTTTGc0_pl3|w3w
zPmeY@Gu!J}u8zD**O+y<m?X$d+;oO^b!##iysm1a=V3J|*qG~Nt+@)@Wm!DiO7kc*
z4@<UpE<v0zxCI2_Urj$BF<<$)Pj8Ze+Iu$U<~Z%qw(d8*`|gykLy1YYk??)~p!Qsc
zGrsL0Ge2dz3)z^_3aqYPwi76zIz6ZwLhFDX%`gjpR~HqM>g7Q$#}TmGwzELp+>lR)
zfw3#Y=e5IaFA88J-klfE$;Q@Q=XA92cTbV{y~-rd+BB%S%ximLdJxx~4*FSzjM0f!
zWmgjyl&L}GcyIU7X)O8T9wrW6Gim3-{e^y>mj=3^tUTHV!Kg};1IM<KUbF7dJV24)
zLprNx2wdaY#sx@Uh?YO~g++2m!1&m4kgbhY#JAGg2$0R%G~d`jHY{^?u3PALs3GX5
z=OBEax8!%KuthYbakRql4Yb~`d}nlpbI%+7YPlio4+Kb#yJS5#m($&(EW)n7S8ncj
z=lXyY0OwQQ!mH&XcQKW3H?qwFL_k>b`(+lUdPAY|Uv4XU<zKxT2Pz^jOTE-x7FS#6
zJiTuV!LXMp5!iii@B7_U@Y`#!8o5W{u#Mw9Pk?!)x8Q<_EPi0Hq<^z_NOyDyxlKsO
zlK-NNL(_<Vq<4ToO90t}+aDPp+>X#MykRui0d%w`C7A|!G-`Xmu+|I{dux;WxiG7v
zK<KbHZ%6oBhK0?ru{e!cG>t}#wXLMBFNwAPi<Ku}DWd8qBEK@c#M@8tZ-lmPq;8d;
zYE`7p->(;~)-l%Mve^-$Q6>N`{d_J{<54e6f-pQEZ`Pe~>mz^1V^@#t&@P*3YTnR(
z8#lOPhcLv5EN!O<L=zd_2w3i-jU~K4nvX+bN0iD)sDDgAI$bQ0PgsUeD9Ny@7@cv%
zqBVAgCfBl!{IRj1F6qt@Q?*ZAT?Z8-raSh7oxN;K$52>gW>jx$m_+7Rh)kqmc4VEm
zZx3&bXrzCyPeMO$WEoGwWJdzj)^DoAgL))TT|CiFCd5@YddVlY+*Waz&gZ8OPYyv+
zkWH*_M<Uj7NXdYsxh?4>ZPMX!6qOGznXK+%1_!}{?h{hX2|;p@Zs0m^(mQV~Yr4kk
za-6bRBFHDDd>{p@I7Kch1uItQX)a#D$8MX0bZFrx39>83$WOABUns3wCgpZ|G`_}G
zsk(TnOvtG$&%fB{VX5pZsT|L#KYY{32tzuN!nr%F;TH`oj&TzHM#IS^Rd9I&`ngEM
ziPayHh{RGwtE2b-`mc`4!eWw~{wCv$MsNEhwLBUDbgjE|Z8vmrB#=|2ax%|sjVWf*
zzz<2d1Dro|l5;X+bgMHcV#44%vp)J}AdEUj5X1>1n|tYHN;bt|`{G!xNU7=RisfXd
zoS3-L#hKaZh9KGwcHnF+CrmHr%yvWupL`Q-`6|}>{UY0!()~l?SWe+e<XDGa9eu(K
z9iTuCP=6H0X=|C86VKrDD_1WA{Wz;XHc_BhhHgerkKVR<A8XVuW3bc9Cp)hgIaIwm
zbAdj8g&-dSiwvb5$y!7XOp5&>y5e{vS->L8>n@k!OPiccmzTsFxKgb=grCDf70*!>
zRZ0JYP%lr$7Ml?H*F9m8+?|6|OHNC50x-6yOfH*%+dkAsIgu~O1UpXtNC+>@{uCMT
zxuzI-ytp1Yp((bA?NDLWH*1^TZQ0K3Z*`dPGg0lc<?E0ko4o)(T!2wd$-!|xuV1<`
zU!DeX-gQ+h0!rERbByMRS@dzNUqrU0E>8agPVHzZZ*KARbAjzx0V7x8r_;#q(wVYx
zhF^!uaA_)7b8*bO%2VhywZ*CJ`8DxYzN(B%dc-DU#L7ANRXUAR`;J%mtyTuSRQjA&
zhN4u#{Q0Y*^s8bRs$%7<;#R8?UaC;J;zoz;y5%%O`E!%}s&cxjvTCZ6PpgYoD@w<z
z{fVk?JqrbL?8>^T>t3pBPiyLlYMNeZno(-o^lLlhYrFVsL4LK}r?p_e%I3)Q!Buf&
z?Gorp*3=2{&gXP)eoPxZKC5wDn`0Z>s4|YOQc|0ev6uV}{&GnaCRIXFI7!h1`G!6F
zhEbwItuC*ErEGNuGoc^#6m2B}D<wQ}S<ikYozdl=o>M$e1wT6IU4AaIB_g$vFH)P4
zHX$;%^7{R?TcLB05L<u{*MSHhwS*WYm;AJtL!;s*&Xg#gJo^QA!QQtcrk-@XiTDhb
zOFGfac-GA9AS*;vCeqcwZO|empS~R@eoxe#BbSf;qrQwUsw@gn`l!3pRlntz|H9C!
zG|?DXl{Kyp+#GMvL8&)`Z|&&}oy+|#DPOL~2z=$wzaVU~RcMqpvs=0;F^zBg=^*zl
zE`gP?g<YW8ol$A@?)#v3xR(K;zk$E6LA#FwAgZ<~TEJ^6w_atUV?7RNP@S||-j+C1
z1bQ~+r1K3T?)<Z0U<hbg?J7`y?a&_YoT6{50A&4J?a=fGmcMdTdE}wRHGe^=xaDt4
z9&4%V?y?j}Zs>05Aa1Xe?Zmfj6niY9B(iW}1Wo$m^V+3xK7+XUz_SM68CbV4wE*}F
zu`R=kAs(j75-NBvjcbvyXP&s{$f4%|&~x71Gy59F|JuoCpRRaT$`2^N^CzJ7j|bL9
z%<uz~$SdL}GJ1%+l6m_;#6V=U&YH7=zO}~A3EoVFZZ4mCN%%G{aS+O6pVdS^0;n4!
zp$o$Ji>S^@tO=CB_lMz4AY7ou<Lpl(a!a^C(<Zi3!czrvoxO3|fM8z7kMn_G)Im;%
zzOJ?Ir0)Jk)Lx<Zuc*3%tY*KF9LcE92Oql!HPO0C9opan2FWIe_)-3tI1bjwm!J4{
z;aioVD0F>U?=!0#Ld_fe2KsYo{d+-dWRZQyEpNn)aga5jJ#c*h7E`N9_&Tx~F%Tfg
zQ;R%GMm!q7J}NRfdPFc}ozU{^FhrL-r1hpJuQ1ki(<^V7?^EZM>Ijr10qNEaQ@o8?
zpbeKzj`sqJi%HsO9LJmBdrBCGT|mR6Xd^bYBX5y^WIs;EolFd#WB;oR9$gQ9^`0Eh
zoBR*<UneI7Ax4xCs3Ju3N6oS$1hNiUe}k-%K$iren|WO~2ECODgI#FAoPdHn#j=7)
z=!u}Mj^SAL<b*-qRHxv0FJtc$<3xJixa(xnW5NV&0`!uh4~cmi{5Jk!BY&t)x+%f9
zg=!LW!#VD4G>K#|1&t?kZHCgJD2QYr=w^o4sN=g5Y?NMUmae`-!GGeEsrL=!kFC_3
zPBLX|IBmu-#lHb{W*SElnrm<z`<pj`1|CObmZGAXQwr_pQ=bzIoR@x|eqdT45184q
zn3*bGQ2)4~o1aYxnW3$pwP4Q0(qD`aXpPQWG=*z+Kp$`<UHU1sM9I9A?+g9-KKpfJ
z>dT&=c>OSM{gn6L40ff3th!;vcPQJ%oKF5y5_k!gt7?<J+}pV<r8H%fFfXz(oFlZ5
z{Jx;FyC5;J&?vK7lrMA{-&0-RQ?s#JCq!0owtB(1)+V^t=(Kj*G|&uQ?SQQHfY<s0
z*UH&PKLFUHE!H28gM#a!+Tgkpqp67vARml$Ltbe^C~##$zjqKKISS4+Zr|X`cNNh1
z4X03QWw;RK1f_`DEX)tPSY5|NUXc*mlFOIe58T?@*d)l%Iyx13hlrfWHw-weURT&o
z1+JoDZvQLY*1g+8ZAjIM<om$Ca{v|}iCgp#YVQKidO0b%7%hFy9sNeO$P8)5N!l7Z
z-E{g}flMZa&R5B5yi<YHmyo!De^e)iKII45to$*wh`!|m31R9<VZ-<>#ZvjhIh$Xu
z<ko0Q%6FTq2O8ZueNx|_{=RtvNtQS*)MxO3@1ZhjpfW4Sw!pxtOCKKN*tJi>b%yK^
zl6|L8+O@3LbA!&hvn<}I9SV`p!p0OhLzz2&U66_Z_IQ+zdnH=+8pb1?R^*ju3|T^=
zAz0f^`v>_VuCem2apPlP4jHJCT){~=^Y8pi?;^5_)-<AWvdvhsg_iRpFT|5Ivyo=9
zem?h2Zm|)>wRBa>GnKr3ydbNdBsGvQ$fyC^r~K#*S$CX8*J)_`1I7+!QmXF3_F>n#
zt<=RAsMfFXEocwd;^z6ZbHm2w_H2;W^5xc6!R2Jb<vE$|sI$#a>avE0WqRYQ;jXig
zPS5^=vsbe7rnOynzO#?t&N&*6)q)Nfgs*Oq&o~?0dkRi}p6+gLv~$CS0fP7oS#A_q
zPVj<n!Z}W5g|n0)$2e24eIw0t1Tw|L93e*58KmdS<V`lr1!ZAvQ;P0uf+QX`kxA?t
zIgGYDhwekZs~y_p)>ErHG2#M?N>$V4!t!PB;07;ImrQx?hqq^bZ4n%`!i@yzy+xee
zP2dCAI5}k$OfaT*w{U--y?^`K_Dr8{-iU*@ahr>LAeB7)vXNr>FC)gs%(l?P-o*#r
zWz&De&?Gx5dnFHn{!oc|BZKtLn*Yhwr6P&-sor)Zl-F7VXeL|rcYwkBsJ_|M#URSI
zo1k&Vx97Lqw|gO%=hx@I42YBYqd2ZC_f?Hf@-E$tjV195$BImb*)FM2;A`2|>k#}9
zKhy!q;GviPSr_)DybS!ny%EzN3_@x%29Bzai2Mb$JgwP93|`p@A6}1xaU>cZrd?rk
z!|xxFCQlom&VzSUZ(yOD;}$B{gw@T<ThBbK{F|&-A7(_iMZ*vfKJn^)HG}(r{)O8E
zX~yhNG!i}r$X0bvI*vpr2%hlAei$N^RDt9Q`@whyl~VKmG1lQ^9Jbvi6&<#XSiXRZ
z^?huMjcSQh;w5~S8~JoOHno0w45o!-q;Q&>ARAk4Up;!4v5-AZoqD}hXYNB>+nGMl
zX{tvF^~q{E#p0wSU<|Kevm;PpvmUjBTC68>1BQEkQ?fBgd`HF&!oRf~%XpRUQRHi}
znlvGfhXHE{sV!1elnSNu^*uFn%S5~)k^QgNr!>g1JeYl|#8xQ0m#lSheUu03{jn>B
z-ncJ!h=NN6G2X53r{<*&4?FZ<A1_3b&0PuzK+<O+aukYW#^Al}6Pp6o9%Govz2r`J
zA?v@Mm)o#cI5O7Wl22%geb-2wY`o9ffG_>C^A^{Aze&&-{yfkrvJK2|!YB3JvhA}`
z506vcaAD)3&h%lba3T%jn0>01#4&M98A`Mq9GAZJ*iRe@`?)?UMI@sCtB(BY&$UQ$
z`sC#(Y9Q0J+>JS<x;(O-`R(w@{)9Ruc|DG^D4W=TTR*!%-nAmtoMuZCYqepc!jH8<
z*ojj0aUHhGQg-u6%>fRmMP3xnNxlEW1y!q5<jZ}k+94T<X8CveKNxCqv_p^?DSTA-
z;WAl+Q+3&!vN?4|A)NI2oVZC>Il7rYI8w^=TIt%9BBWaLnm~_*2^t%&)<shn+_q^+
zoAV|ei(quldA5Aq8+BCy@TFFVj}w=HWBZ1ho^zU!wiYE&XiSqnZM_-zxj2whEuO&b
zacb=_pP}QRq$JDODES>z+L|&Wo!)=%f`g)ljHrV?d}{%JJFwofgTZSfgTPoGHR{wT
zf};W1IO<DMw#msjRgTEj;KNeSqw27O6>qX1J@_5=kfvXSHM?wFy<2Z<Qy2|HSS-p3
zB+BiKh0Elf&&xvWvdIfRe4Z_dbn~4prNmvP&o4a8HC66y<FYNNAybByOg=h&&l$6R
zF0FR)Yq-eXonX7{y@umF^7@7NN?+&n&|#KXys*aC<?V-YZvO9**klLk$-wmwW!o!w
zV2zo?t~4;|?IuZaqT8<FXxPAc`@CV@V_%Zrw05!6EwFZ0Ybsq}&1ES`cp=6k;HHkR
zo$x0>7(dV<`8JN!>i{fY;0p{t7y1h+#QUo@TF5MXcLWID@V)B(Y~r;^ya{mKo=9Fb
zpKSTE!o9u~EfVy6WOFSz&r-Q@eK4Rx|M2$ygr`s!&i|J4<tIcu8w$f|=W2XU2xTBw
zI+%O}Y>}q;oLXeVefDlbaQ>-k@$q{HT67@_hC?6$C)r#HP2+TVW8f#`o%Vz@mb72c
zsAmD=k9xP<B!5zzD8pCoA|53mWAR*MYkF|`h(Bu98Dpcc*1n!$r&nuD#pnc3;Nb72
zmj^n!eV&_Nu8`%VfT727t?VwP`$*IH{qiwQC?W7fB4|Y@Px>C4vopLbv3rh5PgrX5
z9l=-N0XSyZX%8(})&xjMkLhfMrsRAb8$n}sOvxJDw?jc5)KznHr8vjy6y=k*cVbAZ
z#Gz`ol+9M|`jXL@uth01Ca=|ol-V9(!fb<FtJ;v7)eX{Sjf5d9_Kwb`m7gzlB<b~J
ztT$zk8(ITD={DG2#-$C{9a7ooHfKeS<Rp@$miNg~dI-@2X7lFwe#PQ=@;CEA2ayF;
zyp&zr-18jlE4dicr#ug13wK^<DKF?n16k6vdeCUtMR2CI8Cr|sNUeW-9G}MjL|@X1
zQ!a`5qL^rWpY>k0FIHU*b%X8$aNaFtWQbJZnQ_V|*DK`gjv>C*Ed@Xgg5o4wz;D-?
zRAxhpVVp6@Tt-vAU~AsDmRQYfHm!W+a>^{K&SHO*!wPTn)z20OVqa!!TpmyW0{u7x
zwy9iBEq7&lGCxKtn;*(wCpA9>@(W57lyO{Qk-+~;hxPqtKua-V+^_Spuj_V`=7`)-
zG^wen7$I0}61F@x{2EW#+V;?tCgf<%TDvl6?$zQ4&ej?7#GG`r^$UxnSINl6#0^S{
z9A-S`0#rAQYiooFcra2gjL#e`wAFQP(8=b}tCWblyY=fc2@hF<r|q;d4L69V(h(PT
zPkvO4v)dbF$YWQXa(9QXI16_x;O~yl=gp^`9p7uF7uVky`+Mq}y4s8Pzu?q5zp_L(
z46ABT^W?<`)CR-xw}jnz{<a`um6q{=t|@Djf6-?9wDrQa8FU{xlYlu0AHWc!H(!jA
zbREq>w7bBp6^-4B5)i#_kldU^?Yhr8NFzTBb2i5=r>?(o+=Fi~C9-PYeQ_19&(+WT
zlwJ6q&ldSksr3M#qp6%p@w1q|d6kM+WC6gIYJoOJ<&s^ft=;Tb%4PK!;XQ~`dg%bi
z1A5v;)AcBimz4skEpOLMkOt8u8W`@dojp&A)3_Ef3)+fe=T1d?*@54POzs;9p`q@~
z4(@T%xJN6~_4E33+}UEC&g`wp+|5Z4#zj<#`>Dl;J5MJ?H4^OBjy}GVLtTeI1xomq
zz)yRDE<(T6O}N0hi$s+NuV;!XCkuv`rRmW~D-|eBE0e|<$#()gw(WJRi`v|>0H;Hs
zG4UD`8K8Z{P{PfGK9(;(y9abk%L1GA?g2J<$iE{m;@WF16FQDpDnOwBSh7d9$te0p
zXns2J0Jen%dDDv>>FKr-?LW)#_NJi~#l_+|boQ)J-UY5F_yg6+$K=n%Vf?>1SQ!K4
z-9vG++XK4wX0#AKj9Cf0<pS0ZsYjkCT^ii4h60ZCnzr6NXzz<AT#oPOe4!2v9)NE`
zSyI7;bEO!bf7v%q<(BvsDld<95mV1@2VQ0eVD8N(M&~xHugj1Euhz!=6YV!fESn8p
znWo{M`{8ZSZv9u_#L1qU1F$NV@-k+^qy0DenJW>7+j?qQlCri>8|uX_vD=f|`whU-
zwfkup&AZ~N?xbVP(YfRe26hUirQ9T8^|cA_X7p_(*<odNTG?xVbcgdhr#9KN!v8Ju
zyEjP#?{~_u{+elN#YxhXgN7xCh~(EopL;odQ^^gZ7lt1|N7N(<K8fY&nVZ6Bu!yhZ
z9^v2?&%f#+R@>XgZ|_Gg!7uC?W`9Qv5B5!dyiGI)KaG4_C^#2(;-{IP6W&Heof2p}
z{VUiH2Zk>LxeWj{!f{v)M70<J(*wT`YiT}diXMdbq2BlH!wC`yw5k=0?mP6!%5x3o
zv~9xi!U-Z1aMr`~^`EtfapiFR=eLBY44chCXuV75-3%N^-20v554lJ4hX4_`k8!Xy
zk%zQiA@@J@34i#~V1F1$da>&IkSsWuEUBAzgnTV}Y0EfR4aI{U1SiNlsM6Vm;;8HQ
zFsfTf`KYKqTM9BzHZr#|(nyFQ!uJceit0*y+gVLbND<32pkOZH#0U_@TyNuf>$(h)
zkV_ckwPd9l9ONSTlTXL0iQJFlA*qTp#OTkilE)JrUNAG(f$`}V+x-B;gd|tGlxQpH
zyNB5KbdUrIHW{ej7>8~K`zxrrksFJ|*pkWSmD?~t%yM#I>XZq3TW8}jY+EL6%ZXYD
zkan0Hc1j<1u9J3tlXjVxc7-2tm8{c3Yb(;v9?*~Z=`pe?Ux#7eU_BP&%{1aqH4@M&
z6UaFdG$?ZcgBulk8`Me1V3iQnKNpQ~98^P-{BF-9nLZ+KHYh+M_$DV4@5_-HPb+jT
zm{c~ZN+l}{FDEwG7jixtN;URHam@F%meaf>Wo9TPg0b|56YNSM?aq}^hpyu|8gV~_
z&pup;BX41b)1>#E(*ui%c)WaHlH*>4ZeOI5Y5=eJPgSdY)!_IKkbM2*IODo}<79WD
zSW)RYI^<QJQ8AN5F`?#MzI9T(ZGXH2UZK-aHs?(?igS!%XADFoDKIG#37Qa@Y|0jw
zS?-cEwn*M3R_qy+$j6Z#shcPel<OlI%f}fbydUkYQ!E@*fNJ93nM#i{38Ak{jI2+N
z2`a%V23Zy?A@Xr8MQ@Xf=}O%Z6P>L}?IaR6l+4w2O6!6HYXJ(IIM5a}<@b2n?qkR<
z4mCg)x=sRZ(^T$CP~P@X-aS{C;e=M*PMFg}MlC1LLGj^+ic{&6eTFQ^juO{61GgaP
zjU*(`V+uGq2@O!`rvhG}O--~;y&H}};kinVmBI7>d3vc#NRF*=a>Hv)&+Jkz8>(jR
z6khEVAa8s_$(TkNnnqoiMmkVMy_iOOpDwtY#zauV+EB$tpTUuu!DXJo6H>$1QX{aM
z!7ra7sGlJOs=@4#NDkBpAJmA3hDk1Fh~L%7nP<tl)G4%PsjSqgGO%wVR9-k?Q(AL>
z-Ue0fTh-48XRYUFw?7R(Ca8CVRIWH7Y}BfciYhFLQ}gqR^cNf)T&kn#Q*hK%yzeSp
z2twf`)4Wz17XhjVFLR<oS?AcAi;mE(dq`zElwDI?s$5wzA1awIFDIlaQ$Bw*pW0M4
zFPEqp8`h$Pprsh7sc<oW8Uba$SAS5{5(G|2=g+Zhv~c6jaSHW4Yc5E4&T1_zuy1IY
zf13NmJf{bl<?_@J5mNezGHoKHA<VpJrj=w_zEFCcI25*Mz!hh|F{{r!KeN8*ypSS5
zt?2^nR|P7|axF+X$*6(n-KZDbNwt(cmpp~E+~2D<EOmU!m%Nmg{9)8fzD`R4LrcN9
z%OQ|O-NZ$QdeQT~MPrD#m6f&`vu*@LD?E`=pm`z2h~B|zIa~-3Z>9U;VcB_Ns8v_m
zfCR7(CuhGg$8WXrVz{Vkpc`kUMbV<m@3|5kxT2>h5k9A<j<Zw<{`y%6s~AE5qgb8X
zBxzZFp}e8~%Z*IqvQE(8NMPA&W&LV3aJ6n|wH{X{qC>wLVXg53E&8iLJ-R^)vq6K>
zTFXVD?*2-<QjQwOknn=8CYLrZ`eI)GENDYm_dzQuuqino+*Pl)F22$xv~Ed~Feo*b
zxx;Nwtd~|V8^%cgF@B}jQ`;20l39<flc5DJ*XzAlrg2|`<#QQ<5|xewhDxlA;v`f{
zF2pJ}NXzq$R+P~B^9Hohm$v6MJ(;yaE|#PajJFb(wx}0kkv6@Rj8*N$cS((dAmmEv
zn+2rc{tJUuIV_aU^+amJw{C+NT*JZ;brH>#*dasbht13S*&HRnh}D;|_x}Ent?5LA
zh59XPD--CuVcvlW0b%k5aBcEnVHje<v$C-O>9cj%K)?WsMjEmCZo@++kjR?v?(~mH
zmk+p%!xpx8AGVJo<zMb}FosP7HfFFcO+(5}mxh*c5jE$COr{YG&la?2(6>Kr8Z3U)
z`3O@^kTNmX+DcU1K%eh}C*%20VP<Ev0<qftIRKOVmYS9=mXaNy^&Duv*p0Mg!F_zT
zgGkm#!Clp7Wm=p7idZXKi7|??kl@-J<Z#{LwE(3kpz>8%P-y0(HtY#T=?fk1@jdPd
zBkqgf?Tgavi*fIZOYci)?@L<mOL^@}NA1fDZ}66FY<w)MY%xNN-B)_tlW#C8?%uDz
z<5#A!lFQuVQBD(W*nAaI<ZN!8?wfo-->Tp=xg0W!K3MxrXE9-65d)BYJGC-~wWsdy
zBv9{qjHe}Nj_YLdHi_@vgAcAUcFdE0DCKQ2FM`8g4?0~<Msax=+Q3S0Th+}bc;|=8
zrwp7N<pDV(5O+pRvOS#8BNXj^ioM^sFe(jA%gWLnY%YIUEWui1OtT$`DGs;ovD9%x
zo(&$&v4p`fzOvbEOIi>{Hk|+5tI$@QrCf-f^-|b(fvEL=@jEcc5lMsjJeQp%w9*OI
z>$YiP@rYr?(jhILK4id=Bu%5z(jFbpY};Vgm1u1*Z1)l83)Db~*jbTk#f<Z0S3%Im
zLf!_VcSK`vb8Ww88Qz1%keB-mEE}dQ^*i>#z+}Z<#a?F%5k94CI{Dn3Lpgh5KJXPN
z-<lpO(A#C{w{EXn!2Z?wIEH2?;_@u~(Vh*_E@N}M6E^gazTHb^#u7xi<;&tVL&j*m
z9F2$7{XOy5;uhhf9d*M2@!}Z_gZ;Es+O7mKWybmx(f}%qA@dw28DlvQ;W(e^E59T#
zf61_#%ACt`Hs8#o92q{oz80H?U6dY5F-q+2M4gv<WViPiJNKL(ag+W=a%c+bIqq?q
zMR4Zic81eC8=}EG%c<>7;^YwDcI;0$&E%a@HE8v`dW>>u%eVptj$9P<7cmLHU?{=$
z*luKBJ!vzM%%9DMov;NtLoS`5P^Va_Qz+S?WC<gRN3+0-^XjFoZmSEzNXlxP6N2!R
z8<`D&^wbXH6idgslkWy0xS$eNh^Kk;P5AIj^38JF<r(GK202(V>?_IAjeiAgy7pCK
z=29P`;{mQC#W%Bf6qp;~H#dg&n=dTKna-+7Mz_m(YqOb$6;Rs^MDuTt*TLo|V6PJ<
z)@#-Rrw`{>RMtO>V0Ld#?sEmMOj&M}EOvfm?h_WS>7mICjjp~8)LgZsODs47cj-J_
zXChxH3sO(T3++&I-IoUc<B^|?p~+MtZj`LIG)wmbi@%yi8T7lqf7-E;{2@fu-m3D=
zQ-<}c_?IkooAao{yKS0F2kRWRLMw9TYkbyqmfi=}NFv9Ve8qthbH(hWv8*hQTmGw)
zDq{}>w?@x8Iqq2jp0K9<I3TS~4q8?!vdJzct(}XG(@O`5HIGY-B6-oL+>$p>Z$@Wh
zm#4Tr`#8Cg7}z<zpG~3nh*ix^8&2|u;1qeV4sOuZU91AhXQIIqSFhW#0_aC3k1VGh
zGVgHw`$hA=ujZY{p)Bm-Bc@D6a$Aq<&1wp}*T1Inv5nPfg=W)5d^23sGi9DLqMtKO
z)Z-m5Vn5edDHkG{cpo;%=BTJYRs9WL`o8?5^h~cX?+amSrDeqhJAR@Sf0jEd{#MGy
zEm!i3adQ8_jJ;hyg8}giuKH7y&P25LQ>cM+yhyR{zZX9fe|<RebEwUySufh0dtLlJ
z!x2yJBR8I{*WgM(mlw5^%%ohJSK@v)9uWzF!p(>Uai90WUwx@jmv&o`Nq`;Sxa-ZV
zpk%0sG%O_e{;laX^q=-DP2hTv*|qY8<x-=n_RHc(7NgENnVVK`#k<0m2VJnInK{qW
zQQ*SX{KnDy;z-5nzku`dTR5nd75-^}iro*Lpz2<Kwo1Q~%s?!g!&8yFl-!^cT-U9~
zpd+2Ys?S^3JlFd&fgCosA0J(3Os1!452t?qJ4ck?UlNhSW=KF&h$nMcJGxiA3Rd_W
zgZSw)mZ0c$k!Uy)DvRYZ+m1vGCN2j2*BgrA1R@@{1Y6f#sW@~gmbc{_s_}FN<lOYX
zDOBRwpRM=<mffhKd5kW@k}I<m)8S&oALtmS=@jzi*>BHf-S_6o$z7!(x>~2QHTq4)
zj<E3uM%@wvEkASzZ9Bc+I^6|M01oDrGKpBCcitsSwGL;V)BG-;v#m%62nL3M?!_>I
zIqqlYJfEiVfzP-Gmgj%nB*)R2EYc@|jjB!AO<|XRHR?7>OU_D+g<dRAmYQwm8tOIJ
zZPv0~lMm}(fmd7Hk*mx>oGy+#xWyP{#{nGsi$i*IT*gAr&ZARC&MwpM{&&~wL;kd1
zf&^b~Po`>JreNUbzh?*Cm0yB|VK2}9N7|dqw}CInqsGCo_j273<kj{f1(9;;Ec<%G
z(O+`sLfYFA>Il)PHXLJ%W=iy-9rH0Pu>{Legl!om8jMX<=DMszQFBUPx@gD~V2-Yl
zW=ZXdk$SQG2sv{pBF5U;)`E}67FNHi)Av)^rEM}CE72o0?U$b`52Sub=cHzt#PQMO
zlw`>1XV?TSQl@_;dpdNL{k1~ljy_Y3nbo^-LM|KFv%gdr^a+oyIGl)qpeXv0imoJq
zMc=kG<*?dX;-{8pby9lC5N%m9!}y7~nf;4uHtC{|m9c9QznwpA4<1$BHzHs4UpPr!
zC-P#=ehv}A2-Q@LUO`%vNm!Tm#I->F=bE}n{t2DmoKSoHRsrBLvB!crRgFq<x&B6C
zI$14q=YgLk3$QV<n*pGascB~`r_^C%lT#D51P0gG*_HeXA}Z<q=+D3gtAd9UWc!0a
z8}R!NI>#HEZ*)T~eQy#!h@@*;+_9t|)4Pt<%{2-{(&HJ3O56OtOV~K3JKlNKN<x2j
z+ROz<=$;>}#KZz+v^j5SoTZ3hND@`jnKAlvQFk?UyBc8GQVN+gn_uf%`(@Ra%Ac}m
zfI9#1vs2iYOGYnz>|xo&fYCjdNo_=bOpk*3Xx0UN?Y`UR4E(fc`gCF5X7P&7+7=#7
z#4Eq<73<TkP+;w->e_2ZI^6YOHT^NiztZ<G+rhYfFE9R*?*x#w*?Cf3+VgT;(++((
zX`CPvxM*0y=)UOO>v=uzdV;=Q^rC(fys43hCb=DB+}gi|PzJ+5cQYKUf%gNi#)6mW
zYFmQ$YqVS7rzwYTu%|wg;GXA`;LEm&pJ@TDqZyQpf{p<bD!}EbS&+#5vq<1#l;9o!
z<HlMtu7zL?J~|EVF(Q=9)wK2nAOAH+j-lvGt+|G#A8_Il9<Q;sGEXDg8kypn$o?G}
zJ4?K-UX>Ds-C%lNsvm{rAdIhh2hF`|fb{maKCkAl%mVSoguax>@0=ybT#ME5u8wA8
z?&jDz1Y&f`YH``(+t~G0KbXzg<A`f_@f$k^*_?kR7{OcML3oEbn`h#kBuk0+kVg1m
zY!bMP23TC5#KO)ooucBG{xwho3)HH^TPZ9J%nw8`5Me(;!wsomWPD<;3r+$1fK6(4
zU%6{5tY0=ctK{gu;^_Q{>0y>s3_`l&ZE9{ZzEr!6^^Y<lkH0h9K-4Vme1y&Yw=q8V
z2NofAwW?&$?}Aw7zDb>277dtUjW~O~n@Eskh-<E9D-He<os44*d+r)jDQEvPgu{&^
zZy(2oYeo<1YR{2>bZ-7_fm^|s;b-cmqYe0br+i?6dd54IHN!`uu@G2GQK*_FrA4+X
zerjrD4rd(o*vQzml4i*t_Hs&Ozv(Dv&2-X?GHG0*S+FUmO;#+e$6?N_->pg(OCY_X
z1;ZR4P&JwB!iou;sZma6D}qKet>TZOS%~EctCGfLP!F$}FQLh(RuDSX0HA19s(aRG
zXE11&)-2RmXVe;iPj$Lcv>Q`B>#Q%7r9am!2C}rKd^f5UlR{Z)Z3dRRQdiSXWsib(
z@6rOmN5;>5fYcxJrEc}LA|m|i?Ozw`<I&FzFd0|Wh`cH?!A#a1wJQ*FtNcsHN*jq<
z=u8iGYZ;f5-4*@nyt+HEDzM&Oh1g)xSfi~T=;UMvfUNv^Z0mZbFrCSn8r@uIisd>n
z{9>@aBdpy4rJgjYM%L?|&1iPAx^zW-1q_>eH^)I(Ecj~Hul&40heHll1AxsFw>I!)
zAZx%LvBuJETTjo0lk-jY+UqJ$ul4&zWAHQM_6KZ&KE%tzkS~tP?-U(<=-O-o|6aF|
zSv$J$q@8_%3LAGsIz@z+*KY3&x@ZR814M`}-V$gVn1z1_=*jAQW)uu>GYN($3fQAp
b&UT4;yoY!*n*zd__Q|n3M=ep1J_!6jzF*>!

diff --git a/docs/manual/src/docbook/images/SecurityInterception.gif b/docs/manual/src/docbook/images/SecurityInterception.gif
deleted file mode 100644
index a9e27c59cb7ba2168405a30527331e898401f3c1..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 5532
zcmV;N6=Uj0Nk%w1VHW~50kZ%A@9*yb007(D+veux|NsBU$jG#`w9(PgwY9aqy}h%u
zv#YDCs;a7@qN1#<tN;K2A^8LW00000EC2ui02cx^0RRO55XecZy*TU5yZ>M)j$~<`
zXsWJk>%MR-&vb3yc&_h!@BhG{a7Zi~kI1BQ$!t2GP-tLEty-_xtai)odcR=7zz8mz
z&*-#zT^8%u@VI<_c2@#~ynfH``~QG}f`f#GgaHKtWQL55j*pO$l7)zhIe3$qnwy-4
zl@^$tqNAb#1_z6zs;jJ|rl^;#va_qNptQKT1OW)JM4`ID!nM6`!^g;dyuK5_$<L3=
zsnFEbfzq+o+O60W&fDO7-9z8u=ECDP<>%~;=>Y5P)bBv?^7o_kGxqrX;>CCTY18L}
zpTL8T2*xmoP~JO+o7NeG7)&7#ipV4m!g$Z(3y!t_{!B#pFdrXG8m~ce267|7U)EUW
zNeQUsu9Goe-mn=-=1o8RZ2HVqlG7A%p->*(wR9;{Dl?rrWs0<_QJq3~mI5X<s#2wT
ztauH}wXD@=9$jd4XLjb;r%}m5g&UXbS*o~-Y8vYHC(6Eme})B2SRBrXSc9yMczCei
z!hwB8?(4X6#>6xhQ)&#k^JBxG16vj>OYh#cp#jeoz53)_ymb*X%Q_GBWWTKi=a!ok
zb+WWAG*hzexk_QWEMHHZS~{_C(2j45F7A2s^RSqIT+bw#I%w&~DT_y&UB>o}hryFh
z&7SZ2S*E!`{yJZ3+4D8a_rPy5G=2Z}A;n++Df+=MpgZ%u6`6APRTE!B!vKfFfe@Y}
z;R+O1$c=LvUN)Oz9fs&hfggz|(1Rv6_hCILwg?o7YPr}EhcdzkV>UIqc%cdz<~Rw8
zK6bKW4Lt^_%aAA(X=Fk)E}74b6FMm(k|!uBB_&N>Dcdw!HbkWfR(5$!mSRfs<w9k8
z2_=SU{zhh-Os=RMoF}fyBb^bxi6@qF7PKcmXOa-+pFsXOW}o{R>X4l&47z80#*GKj
ze>J^V-A2q^h3G{Yy|x)poK4ASk_c96sY<6RGoGoV<@q63->np0sH}dPs+ptilToXc
zmJ?u$fsTL?9`Q_fNU5Im290U3(xqGfTTmrs7hIGQdz7+oS=tqDvB5S|uIBAp+;Y!a
zJ1ug{*@vySM}k|zu)4VwZMt%ewJx>Sp39)VO{Lr0x|!zpDs=66$C|+iv*)aO4F9v~
z4vz8`U3J77R&jUhHGHdz#@MRy$Cnmd@Wts#nlPWYSjO;f$9)B|$i~7vYoy;k+;N1I
zt-RV_BrBM6Q>p=dOt2zQB$muiy)0nDJm2(h%R;-n>Y*u%r}4xJWBjsuNOSElmla{n
zHLN6W9dg7q-;5s9CU?#DV?CSw8Lt9Y?bXvi18i+_TUQ(#YxLIp?9$lTj3YXg<>t4<
z?J0h@;K+HXHmcF}JGbLh>1{dxzy@PZGlMZx9T2i`5*?hPbLV6@3uqq{dYpD2`>4AH
zqRy^^v<qu{O~Mtr``1OZ{=4W=4o}R$#@8Ku@&n~wH1n?L3BBp8Ly!CFY+5g*b98j?
z{r9#65B~V%m*4#<Z<w$C`ro5pfdB;<fWZ9p*Khy*_~)<x{`~jv|Ns0mz!Z!CKluUh
zfCx;W0{O>_1v+qn21vvk;`hJ`TJVAxRA2-xL4g4X-~b>Dp$JDv!V;SBgeXj*3RlR&
z6<T2k9&DiuXGp^usxSZtz@ZIyXhS=wV+tSSp%8~i#3J@^3{hah03|?$Bs$Rp0f5I7
z%@f5XPVtIZR6-T+V8tx|J~4_+^dgVI7)CLg@r?VCA}Gj+#wKi$jco)09Mu@dI@&Qf
zcbp;^_n1cxbg>zI45T3CI7lg!agKxhqc;l4$VM*Gky->~85xO4G9nU^n2aMEFPX_V
zJaUqqv}7koSw}c>l9WXHBpoxkNmRPhjHZ0$B{pzMLAFwsxcnk0a+yjE)UuDU<fSm3
z@XKMct^>tPq%oJ7gk&=Fna6~tG^a^PYFhJ}X~bruQ0Yu<dUHbG1QR#INzSa4vuLF3
z<~i4?7Is20o$ie1EajO2b!w8H_{^t1F<{Sq`tzRv4X8i|O3;Env!4b{s6v71PlS5W
zp$i2lM5j5?D^@iBqWiokGc}q-j$$;Q9u;OtpD@yonpB!4RpLokD$ta&^rbM3sZ8<d
z(wW-yrrX4+PNl%Up8C{>g4*d3?CH~@8nq2b9G&*WA;Buev!-Nt-ct9{RHaUJ7w&T^
zJE8gu-CgxZS@p(O)3#EslEbTGT?uA{ry=TX)s})vYfsjiR=2LxtQM84T35u@3b_@p
za2;k}yF`z{stJ3@6e>DZ`A)|AQLoXUtFxjpwf9`-bwKfyCwAeyJ17>4n-rxQn+T84
zdc&E6rAe&-MOSJ4NF=H<N<z%US;RK>v-R}sBey6?KCbe&^*mC^Kt(yyZR|;W&6v9C
zvp2XU4PXEN+F5j|m90p9gJ<g6Tlm_E+j^SzkWAboX-OO24=5>cxcN_ZtK}Q?ax7(*
zbK2YdMqhbN2D=Dz?Sfiku91cHqkt8bZhafZ?@H3Vv~Z8yv^FzZsiLqJGfuO{#w`Hl
zi!@@9)@|e)FPvz%zJB>HIfE(3Te@+8<ZWU_&r6)fMNM#gyH~&-yjBgD>}t+cSZ9U;
zVjHJ!FpDcrXI<GvEBbc41}?1_FB&EW>)34>b1*9)47zDqS2Yt`kk9_sug$?YXv+CA
zx9qx0WipnJw-hCbN156LMJ~NEo^eGa>xz)fW5~Hpq=AntULz-&&5(s%?2IxX!;<*|
z0ancafI-RIW|)}Bfp!O-uX<=ia}&jWPP8ZQ6zLHqcdQCo^KC)d-Nkac(}$S!RP|A0
z(e}B#jy`Rv1)M!pyX4bfEv#;PyGjC+TGI&)sbQ}KVNhqM)x1`6Y5nYIV0RRa!nSp)
zaZPFc1k=}z{<X884a*owTM)(0b*@yL={zrU+r<1fxK+K>O4D+q#vHbk!d-3K^61?0
zRyXm)YHWLFbjh{bti`}x=i|0*XzbRWyJwvwG;Kz|1n*C>&gCjZ*A>qUk7kJ;ez*8$
zZp#(!*1Q(CTrR`dUy%FNx~aWtjGH>+2j2MFpbQ=y(_CI07Ta*Ww(n+K+}|39IaDYA
zb!9l`H)L-HS<jL#W~mvxwifTVqH&3CH+t-B)LAgw;x^xduRQAF209*PS#>4K4#;)!
zT+Z&2-MDZLW}d4u$iF^lg}eM+WY4$tFpILf@BQv0*8AQUL+_T0ou+yulD?H^Rm1zT
z?3jc+tuwQDktF=@a#Ex^aEn)YJE`#P#tL~aqF5&X((_9Kz1?9k`hp16qgCK%<zK|t
zquRcGIh4F(VIG3kquxmLC}0MMPyFK3Pk_2FbL2_7Yx6e0*;Tx~^rtUk0L0LU*w4Q9
zMJNExD>V7ul{I*m4eRnN8_|d`pz+tw{`TK*gY*n7_#rue<!5`ez5ey{n{oaB?fd`#
z0BAx$<xX?ddJ=VFmgH)%7JKH$Y^26}mqtt8XCCy&e7nVHzeQq227w}lOcVGKj#Ph^
z=3UX3fTx6P9N2+H^MP7bR%66TBA9|*B`7QyR427!EEt0_ID?H+gNe0+<_3g<6&yae
zg9hkJLby;zI8Lxsgu9o71+|2%v;-%pgHTvbOK61{LWTUKg;#i2isXe2*G%a5g=UC;
zPMCPjB!y?#hR`>CaClU1IERlldnZv<bohPy=SO>pOm=t@)t83>g@X7;e&=_HX~;x>
z2t0yFP@;xr7kFm9w}^$)hz3Q7d=_2~Xns&ciDYGoQMhRN_lR-ji3<n+irz$SCU`og
z2zaQdQ$ay6QU+U)Ls_SCT|y#guSkdXKys@UaUDim#3hTbC25DZi>20!a6=y>XI<AK
zG%5FD&lN2=Ct=SRU0o(IBUg)+h>UYsELe75CbMC90W@0IG|NaB_%$+ELwnx%jUrKW
z5LYfi<||24kKVyy(wJdZBVlM4FTLoB?-)}wVJ;WeV>^~OQKpZVf{x^v8a#G6w{nUD
z$x`-+cFT2;`vMzsSB`O)WmxuR9NA@HA(HM`k!JXN#aM9MA&@9pR=`qdTk?`usFFTH
zku-@>Hkl(hnUhNBiBRX0LKufc=~ICylo>Y#6y$yu)Idz>Ku-DpKk$c?5Ev~%6o5iR
zELgciS}8*VNR^*OGrM4QF-R<6nUVqHg-J0~VR4p8C}(47b~C}2bLo~tc@1*emM|d>
zc6pZ~k(YW&8z<41K<F!g8JH}h41`&jEJ1}e0V037m`2E#TJ)HS2^5kkgH?o>V569R
zf|r@edzKWJ%>-_90-B-8aHgb#V6Y!wkeaHge8j|suvwK4MVqymlmHh=xfz?gNrt_d
zjAvwpVi=t9Hk`O=oUaFM$*G(;Rh-Vpo6h;1_avRuIaAO{NY;6s1X)VW$(<HyN5l!9
z-6@{mNuD~HN8^c}H^@-iiH1cPpXBqEy_ubphXkhwl%L@Loc4L2Lsf^AxLv{7pZ*zD
zw4|RdX^8|{puq#6i`bLASV-&XO9*<5D7l~v%7ekxiWWMM7@DDHb)XztpN%x3pfCUf
z@H%|=9dMa*JC`i{agnnKp=bD^HVB;PmqWKRE2e^3lY%Vg5oDFcc%f;dH;SL$l>q(a
zk<CSMyMZm#xG>bkWv=BKVpEbLhhZ0{k6m^OK$KL3X`~=(PW+^#2ibKJd2>)ErD}RG
z5Q%fq;iVu1rgkZ&V>)$+Rsc~dk8fjiZHjbq!#GDHjunOyURnSJK&NMEr*~Qp^^|)c
zrgLlRWLno@m8y_$ieY}y3p%uzjM}K$@u*6gH*WX;GlZjAYUdw=12ydhjVLD>+u}6p
zBBvdiho1_nu7?2v@IgCSBd@Tl9ORa_`f~q?0VtZH`gsb++LyyhtOiP<BO0bmh@%@C
zpb7exM0TEyXNNSJg3WrQ#rk;iIj*?JtgmFEy1JB4xvmuymFzc_i<)=uX#xGWmG+vI
z_DY{Q`K@?2ulUBE(J8Og3Qhd#n^dQ*#|f}Mc(DGOunLQWyo9a~8%_n=f=D{CSm>}9
zi?QESv12%}9D7Y3Yq8;qQXw02DhRUhcCsV;u^Vf$A=|PpTe2zpfPDCbR4KDF`>YWw
zf8&Q_;>U?#sk0=@vj?kyqqTt<*oXT{Q3!kgX$hEYOT>VPNVIR|v<-W%qS#8LSf|z`
zu@T#aCD?4WX|*|}vbh9<<Y~4$+n@(^U~GGd*aWsJ=xfs%w{5GT|7y3&iMM$hq68~N
ze%n$V`?P5*xZpXsMeDXGm59<>xLF&vipx6WT9k@PgO!`PRiLl$qPd=XxvBU&`$;OG
zhKG%kYo<%FqI;B+2x_d0R_*q>Un{zu)vN4aSGF4t-5N-_TXCl=b=6aETSdDa+Pk`o
zamL#`wF+swV>-#Z4Y(V2!`r;I`*W=5cvzUK*U+M}Bcrn@D<@ICdjTDqWsBZRj4RoV
zje@L|wW5i`y=!y6bkh^zyS!|sqr=7jD!ns|-)oDE2qy45b7{&Q{ENQA_`g-+arql@
zRhqtZvmGpPt%;<kS>|zD%69XZFQ1cM3Ie6Jk&T&y0AC8gPva?p6K2}dVql?N|0rE1
z=Pf0-Gn_TT35=!LXu=JW!e^mnEDWbEJdz@ZH`3*$0l>KgyDe9P!j+1Uf7&&sphKXG
zOgf5>Yg#UnYBo!Zrc)q5bDAWh%EW=H#9G|MOH8X#Ot2I@F3?yxYwR{3gE@jaE&_z8
zXDop-Y++u9i_f)?4fDp*7{`q>$BCLG6ii>K%5#27sp{A{fBZNwbEt!yifJq|?Px6L
zcry9eISSCJ?^4JE_hW?Wri#q}j!1LGFNzzR3_^`E#h{F)t$cGzlgTi{sjA$u_^YZS
ziNkRw9ikkPPnyFUc`aNFbU2j8&X~g^smp`|!~59Fh3cxn{42uD$yJhjr228IT3sj?
z#Js$AxctkfD$QG*L$&NpyZU<>G7$!l0J~ZO9@KrbXd$Js5$oK}C~(dsG0)d<3cwmp
zD2jSLG7$)nsCBFX$EsT35YR3`&?)fGt^*(7rmQH6g~WSm!W+EUdrr?w6yhtr7#(`{
zn@$z|yB=L@AiY(dD}AyHS}C2mD_vqOJ+3b;O~S{n_~WiN9YCo|0yUk}`GeCwjX?0K
z0zIA6KpoT&wA0>HulG9tLORscEo8(Xz|>GpLQh@QJ0#U2K-Kqp)mS}5TD_cu7;Gnt
zvi~NxWer^VG`ZPS)@;2KWS!P>J=b(y*LHo^c%9dfdw^)|)`Z*FEc@4?nAUH-d4L_W
zg6)WMUD&-e*n0igkgb2c$F$jsvq7lVLulFjMA<KiiH9_`N#?k=v}d0!UO{_^B1PIs
zYud5a+DO^8*=Dz*22YZRxXFgHj9uHjmS)eF+Z*Mxg$UZ4h}uL3+?lv+QR~`*W!#^w
ziODUrLV0Z%*tMB0wTndEZySkR+uN|YiYX@AVXKLTINo<fw%_gB6f2uHt4#%{-sQc2
z=pBFDeYLm^QuCevxc9Bm`TbP;eVuB{-<!SGm(893O@IRq;3LSMm4tZiE#D1}-<lnG
z5l-Lh4dHxi;Dz{4N5-*l)KIoP*7v8d9sX}2PU4uY;NU&CDNeB~UbZbxO>78KFaC`&
zeFb4ng_?WgN>t-Wm6Rl*)KXv}Kpq7fy%9qWizG4ArD+ZVnpeQ0<OE3)5*#i}KIOUs
zELILuQXbNiqr6L|BUw&UTb@NWxw`?EB4#d6MV{s#4ZUH0<|e}C1UTkcROW9kb8&v>
z1gO37oQo5w=O!&>5>dVnY<XOsJ_hW*JUYIqBIjU8T(Kx|J?BK=$OsL5cJ=#E_Yy1J
z%aTOOc@u{JE_R__m4m^}r8!Vem&1s}vHEsDoatn)H}>LQisPz5yfjgo%#qw(V*IBz
zr*w!=(2hxqew@Kb_lXvz!DB2lzuq|uP{hJckfEN)SqG^5sEz@^&UN0SnB1qZUgyfb
z$61_X56N`?!2mcEtfe>YmR#**jO_|==sOWxfojS>roPF}b)25X<GvuNEbki5?xdbI
z7%ZqHr(ppQ@7wMgD!k}O9FpIj?3d$Z*=+6&j9$)|%~SC2r3TNg(*WA;<i`u}H{kJT
zUeD?-RP1{q4zTNAWFdgQ0xKWq5j4@sNarG-&@mtAA>!zFh4Xp@^CUm-SU&U`4)iZy
z<wmbbctxL-JYEH<P6nDA^+WaaUqJOMRn$nGKtugRTEF%0cjQm-^<aNNU5{H_{naz1
e<4KVAYCl43uLN%Y_Fx_Dk$v}gpZ5V30RTHSVdl30

diff --git a/docs/manual/src/docbook/images/logo.gif b/docs/manual/src/docbook/images/logo.gif
deleted file mode 100644
index f7765dbbb7628caf5f4293688a077d3a021478c0..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 8919
zcmWlfX;_Sn7sj7$_N8gnZrT(rCaqd{rqZsajY={pX*byl;hEARsfj2lCN0`zDrF1P
zqCJgl3GX{XLYR0_M1TMD;e0zEejo1py07~>ZXT|-t0Tq%0q_F=78e&SEY7sHK0S82
zp1#7=&aSMtul<a$5QIR`Bg$)ox2tPqZ(moz@f~ryV)pL6IraAIwZ6ge@tKB(M{lNv
zL1hcSocyYWsy9=wOG}62<J(?OJvLz}o2F*kc>DdBn}*y%lahkGd~MUyJNNRF)Qptw
zbYAZ1nFRdf;duUyTUUdE>gVR3ZcNyDx-_%rc6q(%qFT(p$B%A6LBY!LaUZ8T?)KCl
zD=M~gH$Q!PaQxYLWqmm@I_~S&dC1CRXz0!EQ&o_WbKA8u|GXS2I(zoZhwjkGjb|@Z
z?mLnR#vXb-(b6*@0fTrMsor>bTyAcU%ARz!kQjqKsj&4%Xw&XVX-`IV&86n@C7NoD
zt=B-`sNsA42C@6=E|qQCbV)6F&)|c{%~vXPjP$;KmAP(?o1b5(uF1Z6tKQDh=J|^*
zw*%=URW(Hof(0iQ3{7}2Q2O9u=l9v68@H;`j~|1g_g^gCYi)gY{^zXqfz-tPhcfbu
zO4_d)TiKX8IDt++sTGaK3$d|>BT*;IfBg7WRd=fO;$AS4cj1C$m8FsO;heUbOvy;Q
z!qzRq>J!Xu3GLUaq|(o&l~*(pvpm+xo2@Y#>#GIBQcq-WPR%}@UEj<-Qbgb#e)gij
zs=fuH$X~zRMcu)NLL+&xYh|Cu78ZU}!*{BL@BH}bZH>6|%+2nZkKfcoLatn|S21*{
zyHrFAOITP~n7Ch$uF<+CIyro=!+b~Dlc(L9?k;Dq)Qj3KL)-T(v3ERQQ%a56_51gH
zdvlI~Q`n6w7wn_A&3t;XC6q;uPs?v=Bt-33@{LTnARK=(a<O^1w#aAusr-q@cNQ1_
zL_~-lPYjU4!x1!mXL;#?vZH_g{H7%)gW8U3*Pi$Fz4+(PVpzD#sHErTpT$3a{y=8F
ze-;-(pG1M6pX47&3yk~yXF+GB`H#8pJ#8uf&Hwqi@B{Mo`~CY5xM2^SoALA4&*9;w
zzo%;Ue#S(coB~a9=ScB+Oeesr@Jh!c=`1z;(9MDO5e0?!@4xN5QLi(P0RJD8|F8dR
z0w68|AW_p@B<#!}Dy|6Y7gcm;GxR*m+?y}lJ*H|A_q@Nkvaf*YoU7^4QZ;bWD4;%U
zprv}Km=!r#=FwU+a@Ka&`{x6#7e~*d8DuTbE4BA4-A}IAJb0z<!9`A`XSruv{iBB9
z*0>jgZ4FN@bGvi3yxJR|w#GcD-#pZQ>Dg7@tHE-wt4%L%I$WB+@wMV}NkHV9#;@O~
zD+70>Wgib6E^#`wLdlx?3mBF8Z&~W<SL^5O(dc>V&@GOCm8-IWXFXNTdg|<(3nfc7
z*8O+Er`&6ODdQE>D^O>&xoo*dtNM!%!pEzY)U~+xn^>52NywJ3l`b979cTQ~qU=$h
zyx66+`1yK1?rpI3pEI${?&oZB5u@nZfA}_q?e}cU)$e@0SF79H!3AI}N7A#ybHU$T
z=MGVRNaN{hKC1XV=p|M2{!HJ$>;F9B46Nl}*@ft8dg~798!0&F8C|zZK5Eor>o>Zi
z%={|RFft)HAX*!r0Rnb8Vh!`>M|ejQDSuXZY0;$1$b|Jh{?77Bysh23&Ve<N-YF$N
zUKUKNR+JyxW3<Z4;9df&2Ol@c(MTE|w|HaZtSXb!R8M+$;&5`{YytUMnS#>}w-qf!
z{A%qh_ZTZJB}W{q{02}xYbrRzQ7Dr+tEtmgbrJs<1%+!`Eo2;75owEhSFC(pC$YO{
zxhST_)-10?6=U_u51GaYLrhZtCPG0-e;b{W+|!&RPvuHc#clU4<ejEDzM>vnXL2!5
z)z)Y>l4CfhE+!(UX1fsx)nzPyOBN2I^+bW0{`>Y<1#3U+eq*=98euMSWL`i`fx^7M
zn_ab^5P~%Og&7<@M92o8zHZ3HPe#LRIn`(KVyMDXxE|OWrHC#0NNqu_?`m7cX}YIk
z`EX9y1$S1H(|=IcIuVLMTWz1yIrUKi7!r=K_^7<I9)GPI`o#rM16ceXz=452%tk~`
z_Ks1JZbR#|h9F93S!EY3!7};lRmGsKzOhSH`G9Vak;Q+$8{-!NlpfrmDVBptH@^{8
z;}dq)u1%%2k4GuCt)x`u2;9uR@gk@2Dz{{=?PWQ93{sk=1x`+sBoOqs<y>k)BX;~2
z!+Nhdy8#72GWR5+ATe;CNgB|<x-h4ct<}0)PkWuLgJnQ5V`3;=4IA*a_QnW*LxC``
z{>QTg0PM{sTK3Cjq%Df&<iFCd`)zL(lT`Mr`i&a2mT<$?b&o5$$yag!sEnJXV+0!o
zd_9W-7mx2P6Gw&zcfLO)ZC3X7)&Okz0}yxBk9nV+$=pt@JSl%Q6GisS5uO|AW(4;{
zDB)`fkcbIyY7`hksZO;B#HU6{H!Gw<mW!4GJ{w@>sAIiE3<tQEiI;A4R$HD{a<k&f
ztArF{hGLSKU@iTOsqozlTCB)7%Xvyy`kw?HLVKvZ%W*$*m+IzW2$JI@|MO-)K1`JW
zbJ<y#5HJnPP(GYz0!;LS7sFJ#>;Z^kBThF_XC2E9snW7e)wZcJ%(67;I<bGnfYGFk
zFVSIR7iu%W(;EwQI&?w~73q+SxEW=c3i?Z@pAzSJM-;=msO@>~_Ti}OuMwX7Dk5UM
zgQT!4?*wjpZJ)e@q#e%!^afK6DB65L&5o;dOrmU&e5TPhM+~mD;4JyRQQrJ?v{H;f
zTV)IdIr(4pJ{Vo3^oSP$^CBif6B({6syM>XM)wn$Af-s>-hsVGaO<WOb@MUAP&7?e
zRqIxL#X`&%3bTS3wazv>vlp9%V9cD0qYICOKIiH3YT3jO{n_u1U(ldgx!WHS@O_VW
zZ-yhDkg_}<Dt7oV1tnrdR~Z7L7}H08h5la8!2kT(YXAJzhcGnIz4k&a_u$sR>>H21
z%D3e@Bu^Eo@bSv35o`20psSDkvDS5!+J}{#mB*N4=_ndM`Q;IG8jp?R9&daNp=!N;
zSa)<~8Z>}%&r9r*m9ae<N=v@C%pSP}p)Hd?-$lq#Xdu!ad|Yu!#J*KjgOV&p2eAii
z;$^WG6WD5llFsE4c7Jw4q`YH;2J{mHmgGV78Hbz|fc?Z4W$RY{`k9BN8knYw^^H^C
z9&KxV_M8xAbET&G(*RTKxFzIj{Dk8QpL5Om0k&C+_owlO37sS#afQYURR)Z|g423!
zspDMxf#A&wGZ988#fIhp>K_^s(C*0FUz#H1yqZ3QsHjt?qyg*?#)Hv&Z%Q&nmuDC&
z=mhl2<YsVr$%hy3@PPV(n<P7*X3(ecDC8^@A9zd2Hr<^8ZX$ju2ok2FNGr1{$IT_1
zk2fcB=r)_9oWh>pay~b6y;Muraxgo*C;H=+^W`Qf?1ZO^F5YbsDo+&0Yx&_v;}^jR
zy(f>--ej&y8||>Y-p$J5Y|*k`))y<vG?lWZ(F8u2L*FS-LtmRNq%fc688IF1r|&ny
zaL1(2o$k#vY`v~lSXCn1Msj*npKJ%bv1raVJr*+L#B94=UwTxLg2{e*@}WW?V+k6b
zET6w@RJEIBEq!}y%`)0OcevoCcm_qB)HVs%*`(#gxG2t7Luwgcb45fGTc(_kFq2t#
zN)T}J18L%cnAolp_wC%oL;k6@lC{s{K01k)&ib?#<F>{(;;dpd%f$G$h@LZz&g<>|
z&|9{N6BfptCgw6TKo>58hOu$m=gb8SBUo6%OMe_cqo`gAn7fRDCW|bfoi?^@%kfHS
zW~B}L9~w~Fuz&a)9R+Wzj|aM?Fn{;9p}iF^2x!S;bG2?pQW$QNqzk~OUV9iDk$!Qg
z6Mw&opiXBI!rgyKj=AnOQx$|!qgwFGq}?=4an@%RrbIJ;9kEdsKfdiT-M1g5?{wRB
zcJ%C{=XdSJ2iIK-fgMFoqtYA;jn&2C$WbNLtd`2z-HO5IR0^&Um|-ZSa7{|4#Q-*D
z5g5vNij0Q;S8=qAqAYrVud0Jcp%RjbC5BrTJkOre47Ps_d<xe7I2N;JL*;vWpuuNl
ziq@|qiJIphvsdQ4gf^L%AZN#WwEydV$%RnWPNKfJZ_#uLlUplbgEyyP`ZYeRX(^@h
zxw{K59*l84eBoQ~Q?ap|JQWwk26I^Cb}?}45kpZBG5H1H*+g(%cM+0z{nwsW`VE-h
zn!1pcith}Q$193h)I-r*<_!pDT!fCvy+&!h5{e1~G?#!}A>If;U@44XI3F>Hv9zuO
z@CycUF6c0ohde3r2)qE8GDt*}SSfT;cqx}*Xcp9sP5PVAV;Br#YRV5_Lp$_&E59v^
zkLx^eyCu{Fr1Wes$cTo_q<||Xm(KuI7;u~fyd?qKWaOg~xe6{=E5;?s2pdq~90ok+
z0-J;oOAHJ$4mYHLtVNXK?~nW{!X3o$-6-XWrTnoy!4r(Q6dQ0Y5At2N%TNHXv7~4I
zNE!SQ!I12@JDGWZBSRpFsC=v-<7G{x0AwDeOConvK#b#1!WghW1HQ!}S2M_=3|O8+
zF_Pkw-EnaY-yD>fy%(f%V;YJnAw0mUi?EM}_;4W&nOxjMM)ddPdNTO8YxFy-UGq~Z
zaap?}zsJqvk8#}@9lB=5z^)Y$SpvRJ(i^Z#c1#PvZDGJC#JGGJ*_;7a%gDdEU_XcQ
zT8dA?AR_^>RzPF}mhE?eC7h^lDTi%Xlw=m+Er3rG)0SVw$%D2WBB1&zzDgDmvlz5%
zHnpI>cGv2Sz<1k|b4F%IF9x4)hx|_~0IQK7d*FjSiaCH20%Q*Jl#odh0)?R*at#A_
zhKoBRART7Fqy0#YjI0sjS0pA=1vobmE-O0G4In!4=q^0?8$-@n2%Y=JScczWy?htU
z-fgijZq3DLo1>Xc`1ltVMOUL4+jvDDM-?=L>Q_X#T~e@td+IFf)CumX<s9mA4w)px
z`3dCW0OWuWABsWVVkAk77{`EXcurIqDPQ&Q<I^}7CKLnUgBegIwqHR9(2d@#J}q~2
z_11mGu-Ai~uVmW-Vyy04MLd<j8RFc$<vS*!gY&kG!hwR5i?IrytdOxR<R&Y7IqTHS
zz`3&mXt@CCW6_kQ@B;w}l@a_nrRwvg=3Fv~0c&%@68FL90sJNra&;fFPe$5>I^PpQ
zucsJmIpH~$^v06%kxcg7GP4P+qOr!FUrp0vZvE6+;_$RQ+pS2j{LBhIJ)cb(WD#y+
z1T6s~I|G%kK6O@hZq|cvSBxlgKq;s24X1QcQhIp+xhx~d3rO)8oalkL0Qe1LyqARJ
z&I7kffJ!m>;9W)rx-I*SjsLXqiYdp*b@5hD!@Tt3*lO{kS1%NVFkT+5d9_+W#3BcA
zfk6R<%mt4!PuZ4M+L6hh&mg-|Lf@hg$L4@v0r~?bog@Gzne?Xl(i$f5o-NIX2Y8`=
z=Y{YlZgq$(F@}SCA%x6T<Q;|lNr>jVrzR)L#r;8;o}`$;+n%jl-s!d~d7@;kA!BQB
zQ3iJ#QmoL;!P%9ZQ{kNA2#~SRTG_kG+&E$=KtF_0*({tlr|xtvRQ$7)gh6dG!a*jq
zi9y=WLpIz%xH3`{i%@`qjlu)8m#7{<GnV4ym;i1gKAW4n=C$)ZQko+Rlw+_xdtBb=
z0+eT$y^wQoLyDRNcHEtN<SYD&E20~N$XWO}0jOeuHK`&aK0SyDKX^=N5D@)=OLtMi
z1J6sdi~BB-06K|9V`H?F<fb<qik27&Luqvka9)BB7L&_SJRP{~B|_w-;66dl8C!q)
zEVY{n7e9sei3q8{r6ZxOS>*E`QaqD^*nfb>rLCvbafgK@6hPX<byXhpcz{?gCA}5k
z{53#%3BeVup37~+nd4&t0$)HtxZns+AR&`;J=@2~=XZ074#xBVjOM6;JYeBUg`{v2
zQZk4H3W(`Ex{d(%O-iz1ww;%e(zuA5kl@9=MvI_nU^;Fhd;|K|eOe`@wME94c5_Lm
z0lJh)mrB~p>~RkmI28a<5hI_l4s!u%UJB|8p<oO!U1YSK7vQ#vX>DG}+nk#ObG+;>
zK$ZfvTxvx8shk@mEBi~w;z&kPdYm!c(Y|Vw(nONd15sRmLm?X@u3*|}Ge9pHsSy2Z
zgourhATPX4u2^>L7*0h%{qhUvsNUrmN-gptByq{-<4Kd^_HjTQz^$9)-ooW|v@uEj
zO#BK?z`<YQ5)s~&2iovpSa4g_gfT6MWHIpw3VSc$o-n$i&m#J1cLHVPeiklJBqwDc
z1$I>~>P?T2b)06vwHUcnXl-SHcVpc)72)X;61$Obp3{R*CVR&s!5F2Ni4z;sZlE2x
z`>8hZ9p)Hy$e83XbQf6ku6p&J{=~SqTKZQ4_(mSxLcgz&B^S@gw_y?Xvw(vkJ)<&e
z90V6h2pc3+@8_Tcla?i_Ek4$9LsZ+xq53m$Ynb#C3^;72BXJWLz`22#^!`F|MgTnr
zfd4%}FJ%Ey91vj<mY~RfA)y4o8#D(vT0v`1t;~=FUEdJIyEw827YJ}yMg#@c1K_)a
zpbFx>XHq$Co3l={k+T#aipUP)9!qIYg|zPmic@_@Pm)lCGF;5rp+1y8Bf4%nd|g@E
zYVI)HKZK++z&Z&&hKFQ~6QWphrq2m3JVYsBBm`ABY!#Y;1Nura{a>+%TEkY{vP@a@
z+-xY>nY%i~B(WmKPQlZSQY1x2P}&yp=o2n+aTtEW#A!($YRPb~r39v|G*k*t{Jb;H
z!fkQ5Uywiw<dC(v;8*F&cqU#Opvrv&S?E}K9s&b9nK}=wFP*$ShF;aXC{hm=e~BI0
z^I+snz6lv5PFv|k^fhvzG>lR|-195#VG;`-lZ>u2rCA7ZNnFxy0kB3&kV@eM%J9gh
zy5be|d~dNgTK7OoqD!DLXM7??JNK832PQZY+=YaS8F|WSbGfOp_6>j|5WklRrjI<+
zwT3>5pHvzEwzqQ2h`=A_R!38XZZ5@4jK3*{e+`dMTzb*BD8&z|l9M=OITATkh^t^A
z=Pv!j7Pcz0>cY6Vd@gud+OJYB_Zy?0!;nM_D00PL;(%gNwHsQ!UpnBctWb>yHca6F
z-ji#Q@y5bbi`Z=vR?P&wIb7)YN3xSw1IhuQ`d|JRJ055$XmBa|7%(T1^XJhl#c&=9
zk1?M5%W(KJL@fa^AAl^Ru!WQ`E`=TAABEhKBMC@xLXxUL&fNP7%Iy_ABoig%Qj8>)
zkfX$ug!LnjHEYz9<IYW0l#SIu%#;0Y<qzg#2jYtMJ2JxO8YXqYt*Mhsb>x=kk1k<=
zEAPSi7^M*-2sXbO;|)3d&G(C+2<Si8<A$!EkX<Sj5qi0}4a~eyZXJmO>H<h0om#>I
z5>b4y^RtwY5qDrpEg}iPl9KT$o2}`?IFsLdlipcF;*AgPecSviI%Vki)Pj-14X?kD
zxGo;8*9YDp#6RMK7Lu76>C7Pp`F_*%+E0WTj3yPdk26W18Qq~`+}Rs-T&y%uFhOSl
zpxISe0+k2}*U_<*cLVO&hz|e3%Iyr5W#-vefK7Kx45tdD15fA;aY#hD_DMK208p`e
zsZ((iF9m#<v{Y$NDi?UfrK*UDqxa~eW*<kjKc4+aU;|L@KdmH@+?he7sjkpSj6(r@
zt%&k%@o%9b!HY%ILX0#+hFKyw;W*O1{xef2g}*KZ*Ib~9MEnyJydkS*&l1^=rVoad
zDLYC-jJd1S1(x*hA9UD*as_}pM&9z*w^7;)9$?P}HAiPh{=8y;BIu6NnF2ufa_c8i
zRqA5tC$z3ch>sTn@)9^(L^WiPU>V6qOkRRM!{sCH0)msA!XBShciiH-Y#1j$9}pWd
zuC0-2ygy3ncbt#}Q^a9ZIfbeOSlNK;FUtOn5gNJFv^8-2N?M+9_K=v^&%`msl5;eu
zs{F^kE#xrK9c9*6M<IDZk_!WP8y;xiKld=<S#6U%!8Vlae(`h8e8%D}tF!;k^Zp4l
zoQPO|*(GeLf|8Wn!NjkT;WmhHsiJgC?4kR}cMEY(9&7g6XF@)}NPRBk`b(s2C3EqD
z`I`YEe#gRGor3i91I-QBxnZ_DU*i?@_XmQ^kg?YuMazRA*;@m#SBaWu{UF`~xU$!9
z(?r_xlTl}st$mAz#b4j#?sbg2JzUW_l_AgC*jN?%?KR$sb*~)G@XW1<*J@JJ{m^?{
z#k3-(aa&J+VG*6PzoLzsEA322{CM--Zo`H^{W7O9n<;!AOMUfzWM5@oP`_X(?^RtQ
z$K#@TfKOAJ8o;S=NsOCI?pg{|n^$%X&$`4#jT>cOCr7$?FRs;gxIMk9=jKev&d~6?
z?tvZ7dHzP4A)S$pTc8e{{rD-Rs(;Fc-ZN_-yfvj1hUKmdV>%(P3&-DioKwAjs7DU8
zrl2d%=vjJ@KK<L5y?SvwrzA_a&ZxwdwY;sE-Yi!`GP3u)^`B2+21B<@_KFf{BH8BL
zLRB+TW0^3s%MeclL`?giRxS-}bYDj~Qo?vE$FeISfO@XF9@;y)?!RQIrfYsC>L!)I
zBxPn^V&^%af5rd=nT){`J|d4ALzuz10<1HZiK`*oD5xUr0B4~8aWg0g>tO;^<Nire
zW2i2}^|)i42ViRY-O>PBYa-fO;KJRVK?>++FM^qCLs1mb;`qPGn&nDzif3~qaFzT0
zBME~*ROs<R@G~s-9C3a0Wo-caAmm*_p9h!O>$5DdI)}^zqJkMusBJ|p>`MQq|3dmv
zqwnL+v_Pj2rOY)yo@b~V|4i1$FC&g^<(SsWK+v-tjm`7PA2)JWwbT7lsnIKWv;v&r
z(lA28&rUCYP=JQlOt%$3GV{tDI7VI7&rV;}<$x$0YJK<eaoE4r@AD66a@SFPV*ouh
z8)`+DiA`<iy6mu04`3qZ{wf1SW6k>z&gNS1LwT(~MCdv3p$-n?xxasjUvf{`fAjjn
zX_v|RL&3nZ#9mS>K$LBM^tO6S+~Uu7wQFJ47EWR*fUzvx$KwFk<EpWzq|)f@)r=UO
zlN_gacTJXEslA&U%}Z8$6XS>1SxQkbGK8!o^#*dhwITSE+gi>lF;r8Zf-kgkOg>lo
z-1mtUY&t$B*5_0r!d>Uq5K7`J!xgw^MWAG=dUWJ*TD7@42LtsOvhL&F2)p5v(ND0`
zEXL1l_9;@!uJ&c?8o5yt7#yLZqk{~iIxZa5FMxMm=Voj5KI0dEF<U#?{50TwMR=uf
zAXJ*>7kS?BhnM>6Z&<arBX)Vy=&;x?R`1}7=1iiKgl5S^Rk^7+avWPXZU#gSOl~?F
zzQLjNod>0slVSM&<st^AiWP$y@Y0_sUJuZvZWcVp>GvJe(-i8JDm(!K#^~SCNL+X-
z1~>$qSejSKRTCC?@N6NiFOuwKI(LzstR7v6nd7WE*$D`R)Vx>WhW&gM-)}vdX(L&N
zvzeNnC<JpZXkR5};&dg3U3`pEV|4$V0;a3f(IqeOysM3GIcAjulJ?nVE0&3}<oAog
z%@})0ug&#YZd{g)?Z2v~`#ik6vbJuo$|N#GS#f-n<~6NIxLARwP)Acpj3Y>!5YKwv
zrRc)}6!OG)XFER4K!_+b@iLdBe}*(j|5D!qS>DS6&I}=9tzizNSArqmWId*ud~)O>
zCYJZgNnaW~MKGIYl9?j(cw95Z{2@%xXYz^TnAhghC`jPqSaQH^Swx(B@lC*?WZoC6
z`3yISJ10^r0K?QSu&ac<R#%qG5$dW{Ok;EfKT3q)rRFz|;otlX(2Jzy1`OChWq|Bv
zw{xe4TD194HXrK^thuq3?En;Zxn09FwxR&kBjs<tQi1CdXA_iAz=SC#X%a!5dlDZy
z4^t>I0ttB{c*7A8Z_lmLyZhtTtd`K-sw_5SgnVW@)fw-^1er&eM_dIc7{h=y-bc9S
zw}A3wCg1pidESH+tuI245ZzJYhKFCt;UCjIGtc-IM0GBn-(H=t&98+{9@o|0naWnS
zm8XR!JXZd}{OH)lg>0$aOGb8sLCF{lTMH=#!4Z*5h8~%veLm2s|1a+Owh$@wgB}}<
zm{PeJ>&Caj-KyPMk7ub{#L$hDIV|*W=kfFtQtgd`ZZ+-M95cp+=HrR_luhI{;WDQz
z7A@(3@h?!VryE!%>P${#$Svrm$j_#Bt{j$avAE_$w-$A(b;(}b&3ajUC&6TmhT57X
z+EU=mt{s^}c6q5LUBGr0AIv}SJY;wh2cLF6`Yt|0p?HqknA)>dZCL7BRopPAxl|r1
z^f24t2N=w{(Y0kq6otMJceqnWUwA?>4_=|TC>#~gPJ>|7$iQl&FNGj*)KER4&u7hX
zrCT}YogJj0+8kRh+7pBhj3e>UU-fJkh^y1C-u&m(SGDOzDa$Ce*?bD8(?wWA`q%bk
z{SA@_g53e4^axo~1LRM8PLKjW8sH~Ky=H{`+Mu6Cn>1;_TqVCu>8{~g9?4sUmvg2`
zj|R8%Ni!YMb~h*P?fRZncJtY!vBY|m{HZI^fN)ziVD5yU-|o)6GjjWmOA$4}lKNMz
z7|C0@M>4KfZ~!__Nc;3uu^(L@-j*2q?-3<N&Tc@PRpfbi{llO2Buhjzli(n1Ov%Y+
zBx${cZ|XjIk@-z+lKR$RW$F`35^IqHj!?cYvskg+cvFSPq&nE!N6~K{CD*T4SoQQJ
za&Ew~$z4G?k-(h<YE#=XS|WW7?Enhru8z|qnR3Y)ea7?`Z{Jx+CvC}-e-mAr?!<53
zd?&T@PGe#uDS5Y(<%I(mxzT|$LR#(N5rbplzQ7Dxc*<AGxLmp4L!W~cN5SgZ*SyoV
zn(>8c_8&IM0gu=jU*__J;d;F5-Zf@-|2BcZhT9@WjG~P7@FZiuPh(SG{3g7{=8og;
zKS5$MZui22cbq4^Ptqq9mxpRWrAfc;@@qj+cap}!%VO*4?s?6?Umx=hLHaFz*bvP8
zUU}k2NFS465ypRV<H^Bu@{4J>jX5?Q2UT{+ND*n(HeG->VY=%8CyV{MD!lE^<lr;;
zrHMptEZ*+ua8NSzJ;G7r<LV>%qRYPl-g$k)?N|6U`X~1vq$?Pvmj4`iPf=U=F?Va(
zPw`DGjbx9xavgeiWxDeCuC^IR;@5=DcFc(~NYh|731~Y@4rE)MECFb?d~GJKc$aFc
z^HD|z3aBEa)N-oo(QCi*{7;esV{fsE<X`p;5hBpy8lm^s+Jhh3D(%HUpdILKSN#g7
zI1U7t)a?%e{##BW@JTe5#VS81fX66`w49$SH41ae+jPB;Cr~U=Hbj6`b&f2}Y>?zw
zl6p#Nhl5p3uPjOJ1|7sUY0e;345MP!bXLF|zBRO+By%`1$JbQl8#1smNilV<dz2%1
z)V$Ozu7E09MRIpR%Usr(z^*+l=>vSzA<Re~SoQS=m3e1X18cWxy0yur)nV&whuf0I
zv4Iv=NZGpa;OxJDD3YC4ij|p3s_Et^VNKP#2+iLAQnR)*U8B5Rw}rVzC%A4;bB)P!
ljV*JHYjln8a7`F?O?>W}G~>Es!IejKOV;f3A`=1o{{gy1tX}{C

diff --git a/docs/manual/src/docbook/images/xdev-spring_logo.jpg b/docs/manual/src/docbook/images/xdev-spring_logo.jpg
deleted file mode 100644
index 622962ee3c89651ded6aea73c854d7ad44f880f5..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 37376
zcmeFZ1yod9+W>rK=<bkm=$0HBq&tRgl^D7iT9lA(q)R}gOS%Q6q@<A)5ReW76@!03
zz1RD_?-%#~*Y~aUuXPXW?6ddN``MelpMB1==KSUPDnO{JsG<mfz#u>w`3Ib@VVo%V
z+S>qth6ca^001U{0U`!akTnqU4**dCXqR;Wumn;6QFj2b{iFdSY4`wS2~Z<%4-o%l
zofKJ*i?9b!fASU~pX10IsqsSUkEe{at0f!)vvWnbdfK_VLF9BHhW0Mju0EasKQFJ4
z7_W#JFBF0-1q8+Tc#&KHfRYdTq4)e80P?}V<b!eZQGV3{l}kzhKnJ1xv=ROHet_uy
z><5VD_kJLK^3z_>HSiy@(c6E@`-|=8|IU{O0Pba<Zpvu@;PXQO|FQ*G2O%YZ&KH4u
z04^pbCKe_x78WiM4mJ)E838UX0U0F;2^k3qB@yoB_4Dzg@gGYN9u5v3J{}=HJ|QVS
zK0fJ1flvB_h3J1G;Jh0k!UV{Hd=wA^044&V5P{B@k=@2V?*&~)T8Rd_ync2W1vybr
z(a<q4v9NKF)8Vg35CBH`g(L((s2~(DDi{p|9TN=&R{)75LP4b`=0lUwwjg0}59UWF
zO)7XS%g98g(_<+h=n*m@hryhzd%SjH<q0J(tP5q4zprPl@bn=<h+<NI9said-m@vM
z*Y6ZrQ;NbGQhTR2-al&Wo7wzeVB;O0R@~G-yLBq8WN7OXkzUd~F!$yo5da1wtwp`G
z2?HGsdT9bZA2BM@0(S-yH2&Zu(hCcEbS91km@L;kLXzcl$*epDPngj!48UN4KAl7w
z@sPq=L0<>~U;o2||J(xBKTSAa0B}(*brJ#BfmETocFH#`(2|99b-Td2nwL|=2u9tj
zo@s$TCNGrr-h?c6n!lXq8W^;hojFr;_jsbeD?)c<#V<+4-hQCJe0LA?(`Wryf3CoW
zoa?h=ir#N{)AVgi67EMuzj^S+=kbT}bD$xxATJMkz2qDJXgt^wQ~W)reeFPFmAfAx
zc!gEN_{jD1$Oj_F!ScCzb0PjCjjC&PC9b#J=O#Z`RC+ajzgzOea<uN_qHaZ?{`9Nb
zrakGd9^1-&!<S#3s{$O}-<hwc8gaa?V)KQ)KG1vL!1)CfCuc&sJj;FG!Z}&(Kv0-1
zV0lL<oPQ+!EI`uXLBg(oUix;T2(xJnMPXT3)nZ`f{_EB!7y;+N(V$RTYv>Xa<(nrF
zY?%qIt%VNYv}I4J@$t9M^le?}gv;M_WeeoIy0QO6>HUpdFaN7+FtM=D;tnNri=&~~
zO_Wc(sA<0TZ&<yGxjr_p`*?oWwDZHAn927})fL324m!l?1ejgtz{m1O74Gn$&sE~t
zyRQ>P&*aw0Z|GOSKW~-qymzPD8ke+v`Q^%PW9%T;2fjs5<AkrTcSm|3(p4BIrNW=A
z@k}JXGS4`8pQ|!7RBE=@)be_I_B#6Ru=%!sCUxGHweeYJY|ZCvUE84zCPJ%%>h^OW
zy4?PW0hrjQt@T)&!nL3Te$%m?EPW=%G|H+<c-}z4=|fHVIWTVFFM8GXi@x{u=?~@K
z@a{y1i5ku77~vsIEuIgQOgG=%N!V$-Vcs--l5naxyA&%iT=va$u43*Sz%L5N`WW99
zr?0|Ay@$~<ft|kpxM-)`|LsZD!vj37hh#Gwi|_=`(A}4`U-*l);n@#tTo!m1U8_!O
zngY{FCcZFO?$omsqBGyD&)bifv8t+VTQb@23LpRCP<W&!9>BN#LGosU{yE?*aw~O$
zAwDfSAfY_7j_aA<`1iD$vux9IK<C2*kN8ff?2v%e<O?mh7C~{F*-gP*Nu@=LS5H`K
z?w0IKY~K~w7MQwmZ=k6kx-Xt}OfxASTB`eYQqVp3<iY2%1ecLy6=n;MWEG~AB4q9Q
z`8e7G>-USNHEP2%i*FZqIWsDYZpyuNvS%_rrP_a=@9?V8Uuwep+xPUT$9^1YELR`B
zbGmc$OU-U2LG^=qi=wObY5sZZ-p(Ib-@W<D^PzJ)_0CXu_!)IECv^YSuGV(0R>_%G
zV<2AMgPo5xbSgZJJmuEfQ+u~3lJ-noJ_<cHvTNghb^7G-oT=1Y{ee{a;&qL0JQGN7
zr{1()ItSDyGrmcUc6|KMbPl|lOD)RHzB_pi5Nyc=3cZ^D9>X~P-seudkkj(lgprk)
zAb-OrZhZ+aSSL@u?tIsIJDsBYS#vkgmi5$NU@z|KT0|Y=JIR{|fq1*wokXr%<OdSH
zPG1l2_SEpJaNX3GdT{n+A+vqz!`&X2#V6kz+n2vv)+G9SFQZWlpUyYm{hoTmEjhjX
zf#LR6g5nElL+Z}{&L?W0?>zYS+2<TEq)qfUcWy0$)^B$VwAEJ-90lBo{``oUmHq4c
z=H1e-uatI+(uc~p(T-+Rcv5v#w0=I$=g$vtJO12s1+MV|BC;wPs25uw0ASD{w{kG@
z?-Is*2_sa*eH+EnVz5w~11hL3N%XnEp&b0c{oK;Qzn+(TESEU^%kr|g9t8Z5h<Dk%
z(B*qcdF78b-KErbmu;-e5?O$LaA9Azk%7Yn4J+Yg3;QyVxTu0JIX_%Nl>r_b8zjaF
zSt7T6<OTW(Dag$F1Hyj^H$j%aXrPx6?mr=yGCv{P0N{oUlm6|6vVDR6x2W^~FSrZc
zsF)YBfs4K(`wf=<asTup9TEy$1}i`OLv_(a(MJ|P`g73)E&?GiF7inT_yX1d9PkFX
z0Z(LaJOF#Z1+WEf0#1M{^684Cxd_Vs<MkWtQqHfy>JPf#2>yWmH29+J;^pLod|bqa
z=$5WtF4mq}mJU|P)=xeiD+C|1bvg0$knx|BtBWnNeR-+FZ4ke=Wf88<KiijP=-Ar*
z#9x|*?&)N21@|;?Qujo%gZ`oi?GlFs6C-bo%Z7^lZ?Z9LJzTxq{sKaG^{}_KcY(Wj
zIU{*+6?8A8YhA*SZ9EGvgsT$V1@2*ifLkL0fS#Wl{3kK?58?~R1xCf$7J_{IZ}%U?
z%fm@e!AK9O>Zfxroc~vdhNmt3FA#JKCxo7b?O$N{R&XRA+!vwZsjR1=Zt3dkbRiJ)
z7x*v4Saz-+{xVMXw!b_@@T2p}zraXN3~RWJg_jcoS;g{(dm#P|xxp{+U&(PSZRK2@
zTs?ksF3}J9vPyp-kSu_vtILJ2u@J6qT3!fG`0o=3+X*?5{soF_>54#3sDFXuAcxrQ
zKayYmH?mzQ0xtfWK-Z5i>p%YUh%W1(pX=1cvFFExM!Dp=pa;<Bki~@)^N}|>vbqWY
z?9xbhJ3xs%7W{LN_~#(8b^6ai;-7=WKL?3_4if)=I!OH30qK#u8UW}bZ{#ir00e*x
zGT3wlERg{x1b_i{$T|XfdtTO%p)@iK`>!b=fZPvpKji<2Xfcp4CXsKTK*$%CSGesE
z2sbev9v9DR78kD&uUWY|^Y~i0@$g;a<pCtF`?^_JIl>VTOE@xylVm+=f5Hl}x0Ylz
zglh0=xXHoo?3MjJ;JW^rdRG39R-)Fd*QKx}e8qg7-JIbF3y80?lZ&UAuO#cGa4}^4
z0?fk-xg<e2O0pVhz#s@@WaMa%fFRFL-25V35E~B*XSk26ha-gVnh+~epog`Mn2x;S
zPjSeWB<oMReSCbb`3PKd^|0mP6BQNZ;pOMy=jTRJaC`c>AS`^jT|60)+AhtoH~NF^
zFWt2_y6i1d5jNyfl|0<j%ER6bVeje!xlnC^jJOe!tX^LB)?y+;!ovJE7NXqzf>1$j
zK0a$pZV@X1L2fIkD4f@l&(d0m*M=1v@>3-o`8xRDE4{${QVW4dTr|ZlBQag1$Kg_f
z{Gx)QLc;u_Pzj#@h(k*MK@YR{g*zF^+dIQuJdw6aLHPxLQvXNHUs;U*WDyqlo#QtI
z(iJ=xegDlD{|o+c`)w%yGA2j_(mMh?$U*tPG33{q^M5~DZokmK4cQ+sF=cyCgsX?2
zlmySe!v1f}N7&o^C-dwA^PABZO)=!@3y%EfxR~Ekd=fnW0=t+kmp~&OxTmX=*CnAa
zKhH1P-@$*-8vlFR-@$*-{z<CuVvmsG|7pX20RP{(4!PL<`!WBu3SLY>hy=1FCg%Z1
zo>JwJx75W)6>eS;ZeFO~ua7Dw5*G{S??k`&G+eFiZT$WlzTb%c;6tvJ))okh|Bmx_
zvR}NHwjvLF$fZ^4^3%z`{W$cS$v<iTZ=CLl(1HIa6ZV(eJul9xJQq{K%fkweBxn3{
zSw+%lX#Cfs=IngAc3cjeh6ZvO^RV}ZTPu3FI$tj7ZWbP%@Cyx+tiM!Tjx$8!(ljx9
z7f*zRixpf&Ug~n$7qEfyT8oMbaPtdT3jbL4MWMn%+%^`1yrLGuP+op3VF{jp;YE(d
zFNxN!R$j=38iADfV>3hoko(D>E5=V1{QnabzX`h-@QaD}*G~SLvlr0+PVvtzP2|7Y
z(*98Kr?CH<nPP4A$2hwoU(8(Y^ww59a3}bMGd+<@8{f}?wzd+parJPvKuFm;TiC*R
z9Ngfx5<GuG|Gm9Gb~$8lfebTv{s>$y-1onK{iEb>`S>4q{o}5`<$=FN{Lk$A$6bHR
z1AmM7pV{?~yZ)93{uc2+v+Eys{VfmtE#iM>*FWz1TORmZ#Q)5$f86!AJn*-O|KH9o
z>_0z!z+I5vJA9BIHh#-OmcIBzbD4$wBgglDRD%D!Q2w}n<GjeZ1^<EgpH_ZkA*+Cq
z3A4zw-9NLCWzTzo5oE>?80A6*(%v5zGN%|74GRT~jf8<vk+@$7<ntm28FZ1Mj7&U2
zLqS2>f{ulS0YYYwfi6%)=okPoCOrusDVB^jgM~XkqX1cO(qq{=PbNWfk9tG{)JupG
z`?yEvDYG|4NP*?EdyRc8O~ORLMK&`EItUvD6%zxg?;=Nm2o;%4j3&c?j?5?KC&36l
zMkX}(Ovo|{kgj=<=~#vcCd+x&Gs%-<p43h1S|J7hH6?hK56mXb%-Qq+qXWP*i35D_
zBwt<YGE^(on@e?2-(s%r3E<Gy3|Ck3br!RlDi{=xgl<z0F@uh$+&X58g6hy{vl=r#
z=$ezu_o}jjThX7Z2(UL{CF$4YA@uOpS&3;UIhiL5rG+)K78&ofSow-HA7}yiwq&BW
zFqeq<9=V~5`;2rQ_?FwyeWocc$+Kq1NN}%DiA5zOEDMsBY>N|+nUx-4-s1-JY6zWz
zM7=FU+N^ELM$6Y^6D7)Hf*Ihnl;H&mjHUV5DW%h${`N%aQ#2t8G|C)g93Om**#<Z$
z4axV29`+9vV_27~94Xx5b6}?oiaf*)6MBywU)0B5hRT@D98y>{(K6yZ7@eF{l91#i
zSN3I}I9vxBIB?8=vUh+D=*c$hmA;5u7v`6cfvQsC>eZQtOujs3m^{FV@$<1F-rra`
zetaZf$JY%3qwgn46TgQBHs()hm`^KF5B9ZASd6WbaIBc)yrAq)94xAPJ2DsL1|PFx
z;O8Evz*Pl+TMG)$Zvp_H+@iUqErlYpMIYLRg}Ol@w%%l-TY_1GdNrB!VCCajy)k1W
zA8>+8!_qAxX*HR>n|%cX(~(v^Rx|-qS1KmNrtr{Oic?|(sH4h23>p2mr@u9$G!!h7
zrIor6*f~h-&$(=c8lrCc$*J_X7-{qQFO`vEpJb~vg<+GT=|(0!*8|GpJxCjP3F-%`
zD{ff_J<w);+R7H&`n7dhj61e4PW66o8><dkOo3TQs@!&wZj`))yp*%~yoduJ7B8m=
zY1pWE!Z=@)x-himGVFfs6S-!(2eWd&%zOJ}yL_5;G~(#(V8tLwY-i<rv>uDQVp#`z
z2Qy|}^nBuOOplz@@>Pu^(*$)j^z`YI!OV@WcqKc>ku0}P2&a6UX0V`x#ra<Nxgu2!
zPvyxIMmO$U+YP~XRy)0Q!iO!c7?jH?{c+EXZ~Hz0N3vqhY#kqrF)flxL`9l+AIzfd
zE|2Lj84Lr_E(d0ry_hO)rEe%0pyFOwM^{vScy(PaMIJLT#+}1b5Jb2$?SuY`R%%i(
z1RsYCT0@$b=OkM}$4Jf~J_uMaTyKmlmee@*I@EbWUc4v~8mv<NP$ozlHK@x$3nBD2
z+Adfd452fU0TrAcfHB-&QD}KrdEJ_vV+I^JHs8wyXAHO`EGyydwy-1|Kv-bnlB%rb
zGeG`(Dn|@_k;=9pZ0-@+M~cQb&!p4hrYdeMfNFj8$k<i2nej~YB$U*LDO2NJo}~M$
z)};x2n{bZVRENS+O`;C;#GmQt?x3MO!kDkN=<K%2oVFp;3{g2Wz$?$MEq3K>-rZ$~
zg;l>kSYc)Z2V#^wF=;pet*zvd4x=`vc?4&Q&?i%|VX$SWs-~cJ>k<ODQKjwQ*%PUh
zsC^Sl^fc!7&ehXP{vL@bKB3qb3(kK$wuu@o-z4^`s~DWpu5L+iBmX)}+u^X=HD^j0
z1{hn$BRuTmNWBny209V7j(b8A92T3xOc3$%8+qUJP%6r-=A5=DEM(JzQNd3VBDFYr
z3%li?766($%wLQ^^3%MLdff&7A3lDVZ6q0H<|+n?J;lt3&y<6*KZX#IvENq)(JfGC
zX8`8_8ER);NRY|<U9p8qCO5mSLTNXGsXq8qG1SEYg5`C{H4@$yKr>#I6(&wUE-(L-
zH2?ihRcdO*_V+8^%!2Ofp;rW24ZmlbG(ke0qhK8VAwe4Ls^|m}o0EkEp6+SY<!)dP
zY%Hz}qC_ks(rGgiid#AWC2no-pzc0jH$F;(<bzPv01)fdh#rOr4e+!OA1sScmQt<p
zaSEfhMoT2X4f9|=qgE=Adla}3vTA<y0clpE?iGR1NULjHxZ)#^_06zzwRzb{)%(Fd
zIJJs-2bNMwetS#F>wFTV<bhG@+hJcad<qp(INdq#E?~O>hiQ)hkwo+cqEZKTKtyCX
zQ$yL#R4!Ua5?q)Q8qyo4F!?1NbzC@^inK(U1I8x~ry6f~<nOS)+_zTAZ;6gV6EJJ#
z$4V6P8CI6G;lUJstq-QH`LcNF_AwbaO8u&#oYR^9^#*^hsi5@7V~CW3NA5jbE$O<N
zIHHV2Fz<JVp;zIiqCCz7F99OL{IB4vRCg(!9Zvf>d>Xm&h*q`XwT>?&=uo#$obP^N
zqdL7zgcCK6pYjL!$nPuhPowX#2NhZzL7;?GacU2})6Y^<o7Sr9M97uJX?U+|GPYE?
zsCkkeC1|mU_#~uZFPpl87Fpqp79eXZNf{E5Fhlesz^n`)&lmqL^+04#vBkovyXAAM
z*2`Fq_1T#oAIB*}-eia6ygm=L4D-H}W-g%Io$iZ503P$WyrxSwDfu30Se1f8g7jVu
z>>OD1(Gxvg98fkN{+uN80+ThEzOKOsrC^odK;pEjxy0qe0CRo3*|XOV=3Zx-YtEI;
zj>KUq-eZ&{D!?4SXD2I2Peu4IfX5Uz6GK%7Zp&n;mbI;Rg=HykoLZB#TPh<nP<8cS
zMjK0{w8ez8I%-twlUt#3+DjhB{!ev&7lm^^KHa#GRS2Uk7~ceaiq(9O1Ca3^lys%e
z4SjqkIAg!Rd55y9@ZJi<q7)MWm2CihT|iUXabU9L&E<!N<;PAr;*6D1^K(Z&Rz(<S
zH7=>SE1;=g!$l_!%C_T5jFA3%a_R_Q+?b;-l(0V@6`Mp0&^;lYiuAlrIzq~+(<0a_
zXQ^i>s2&EN;KM{KP!9eWEP-P8{;Ew;2Y5*n1n+OP)lbYqbqajLRz|mC0S#c`x8YCw
z)|(C=JJwUrFPfh$VGBZV2cFp_vr#Q^F2pfe>j_zeR1>w($Fi!*E*fX|s_KwppGruN
znqfvY=X4vq=f%|PX8w$!@w{}03yU#h-Q9#;eum3I_?`u^ey^HxnIGXkkuDn{equs~
zSrHMj4@r!^Kq&($vDXQnvIV3eDNZM6e0&bWvY5R7v8?%&{4%kO@F-0xKjsV{gKFS<
z513LqzaV<l0;1cE4Vul857o6nH8dPgR1vK@Wc5{U_E|2D3Ck*>`$nBc#6XBE8HSHP
zrGVE<2zC+(i3~zRZI~8`s6Z)T&0rQDDT+kKQuh`;yi;!p^rl$O_rFbvwLu-uS*KRD
zoH?Eif?`JkJ8saf>@dE<K26CzIv?hjr^*8=%fj$hOz*eB#7nGiDCJR7ZYC)KS<;){
zPuHv$>-G9rdm&l2yx)ij@2rdk6n8eA9tH9VqE1n{9Wice4p8TC%ubi#-S_P=$85?D
z$&O8rvJgBI80qhFWLg@fyN2lQ^N*TUnZR5xi##mFl9!P7(t>vOH9V^C-)eDVh}cw!
zzyQl-$(XjviZI1^mxzHwlcih=yE9b_)G_$Hr&S>^;!<7Rr(x4y3>!xQ{_uyS;aPMW
zF{3AAwChF@1Np5D)r3x;`XS&U!Q1(Q3mlkwQ7&M1*w?Ha6pgPgk8oody1)f27G*{0
z97|Ewst0**qB30;LXv|LVMY0%!CMDGu%5N4;yO9ANlfj`U7?^@(lx|#Tda2(1<N>@
zOg9MIio=5xBuA(!vygdq2hUNMdx}#r>vq=+M+-=SLV+FiRX=Dc5#NK2jp|-ufHr%W
z0PF#+j-=RJb*3+s>3S?LsZL?>@$*4vH|>MOu3O$fbUr&~_(Cx$5q5+$-gP3h)>|pN
z4rI@H4%t2vocVnnx}{sH#euFaRrFMP-h{;^3^KJ|>NQ=uT%3<xJW92u3rpv$OX2*?
zU8Bo!Pk})2&V(lR{U$3GX*MPYZH}OEl<KO205udvPEIr?YndD`nnXhVU1mEuLSd%-
zOqlvpccs_tiiH4l>R!YBa6#F5Aw{FQ7#73l#kG*k_}U^EN+Ang5q7b235wS-o@Feq
z2;-ing#XE0vXgErdp7pE&O=p9%HbSri%)<$Bp>tBC;W!4hs`3LajSJ$SI8U+@Y}l4
zv@L0Ga-p*awM#2w5H8B_L{gh=c|R|W5ODxWG{4tZ9EyquXX?@RZIco562wV<^P)|~
z^YZx43CYrF;rN`Df8$!EdL4FRHKAyt*edK3i3lcEJWO2`;z1B6hTj~Y(Sh)!q;tSj
zC-y8<=_C70^MpOO_|7~kEq?de@!Ksvpg~=}fm=2g<IS8xxb&7Fx<$0ENL5Aeji@U#
z9#N!XmLr|D<ru`{;Z!8+gg}1K+}3QXIKoT>e|m9oQ~{i3%VC=g*VrM^7n~F;IY@UX
z0$;UPrhN!gmD!WVGn*G}1kE!AIqEdH-|(dzV8b868`)vV&qzeo(e*E4%a9IXEhv{_
z{N&YO()OsgnJN&=2w!j3npm~m<MUIT5Fxf)T^2BHJ+-|*_8n&4fX=oDBoD{0^Q7d>
zq*5ok98Umu-rg`XD6wrm0b)YYkA-@K7xY#HPwfZn_*<)s%L8M;51};t{Cz2kHN@}i
z8;L)L34R|WCj?XGW>HEjEr|sSSlM}D(6bY~GmInMLOq;`N|ZmuT3`&#>77@=M@+M8
z$)KJkKD|Zwarasi)_jrMC@1k0tYd3l#cx(_EBS~kdQoeUWt?6%0>tAG&YP&1iz=Hk
z$?W9f6rrgqzVL=fJ}o^ik<)JyCD}U}v2m!({=rP{Rw-fxbsGZ`A^iwd@St+kDe0Dj
zw0g+x{3@)4Q5_nIb;~sp5l%S}He?wEqAyj8296FV?Z%ny^m3S@<j13_e$l6F#|@BW
zjW(3^2i8g`W0za{Tn9jATn2A=LAchT%^hLHdh8}&BoMui@}IH9Qr(H|Vh6>Si9ObB
zS6I3aJ;+26rH}1-W*rb%OItb1MjnmfgnQ>XK6A-UqO0lJg}2>@11(s0#wNEuN*1=<
z<vo+e?)n^$N8Fq_+WqP3dNsVVZQq(kd&r?E_`bF$2<O8@LNXO)p<XXWL*_X^*C-ym
z#|tco6TK>X;$Jm>ARiiR@G7pALkoX1K=qAE&vZh3x<dPG?<cfrfzfRV>Go1|fixVp
z46HW7ftq@Q&a2bOh#Fm|PB~2G$HQajE*4@;t}z+Pv|Aly;jj1_^RP^IgA{4|^S|MI
zAne;SW>McTx|Utcv(W56IwaT1if7KGuvne>L=>6?!$mm&%}qM`t+j>VRQRDBY~1oR
z<M%WJ+0*tC%5Dcm09#oh<OX@h|6M@vFA>6%^NC4@+U#|LB5kVVlqClGwVPg27S&xw
zX;VE8QaS`^os#&On!t?|Ug|RcX*P?iL?0cnP{nelHK(x2(p{9x$lR4gmAhfuT3l9`
zL8Pi>(Uv4WQ9!k{l*8_9zYO)f$qtrmD%o?hX6!@)yBC6xObkqs$V7TlHkv8}txigG
zH(ekq$)}TnR361Ha%#R}oa%MaXH6A<*^%2L0ozHWdgM<zySrqIkIEO6JSHll`#^j>
zF&ip6DQwWI546oz{BdW^b>&_*PL3|NYtFYt!Ze<zOQ3ZtP;fArvxdE8YbVuY7K?D$
z2m@zetS`|Qk#NEDgJqMclVG!$oaB$@@NG5KcO}-}HOQt!Ux_IY)aaf^=q)8JiX<47
zV@AjUzKH4~!zd9hA}t|$rCaIl#MZM5aGHKm?Si57agA?H<qn1Aw;&e$9z-le`Ce3p
zrS?Q8_8!WQ+@A}YU00-FUGxDmaQnR?1qoFI$5oywG+mbu=Mx6XlVaPf)~2ciN7P-9
zm~LJ5(1wt=SnGv<aJQ+s&qb~2a_H*RH<ov+S+8Cxb|PD6EF$JESG1eropLT%T2?M6
zCW5w=SlGHFiHtASG6~Ay`cZgMXted_!Rd|0V>~BrNZMXN*0L7fmZzmnnc3|6>Zk}<
zdA`l6q-0leMVw`DunNswu*S_=TT$S4G7TlxLy$<iXqBC3q<v%hO@U8_&ngiQ>qlPO
zwZ{@EGrEmk&299!aii7xv^W&K-f^)`YX*xsx>da+WwHN22a+-11~K>BeYSWGxOEOK
z-@E&`Gxr5kc6<LYUW5AjX%vc#ov0EDRuwOq;5Nm(eQ}y(nWmLK<_=#J%7VmL4l2!j
zaa#H^%GK7S0kedp`nWa!O^J+Aw$JLV+~S@Ov0sv-!`Puo`lc?+3UJhN$?r5lj7G=a
zmP|e&FAe$aGiB%ldD;*wGZSBKyqFRfY&+OLSQu3jZoz&|PXp~}J#&zAEFwlT<XCoj
z5a0tH9@vsNUhBrc0$`wdzFDkwr@G(6t?bd1NIJyfgWW1Wy3B!25Ub>dc9*>TKrOUi
zq<oTq3@<a@*<-;NeO}A~yI$x^Cgn3yd=Kye><FR*90DTMOQ>=?FfUuTkNq!g?A}UT
zEg>zz4oyIl&8nfYs$0lfm64X|k)~KuD60$m)VroHhKKQH`rVbvl*7WvH;+q5pM|*f
z_3HLY<D)y(hX_?4zf1*4R-oHxC_16qJ98$72Unc3+I4HiVcwM7dRctit#-FmZUKBf
z1B;+|mvNAK`i(~<1`Sl`74t>4p{gb9(gbK-4&JOP6Vcd_PITQE2sR)i2s5L<;2tR(
zrpp9Lj;I<8B*HE6T9JccWQ(DgPd;e3^ELK8uwE}RV2sR>z|l~#fUIV_t)~%lTLuqL
zVXK{Xmxj6%@G|Iz*t}|gy#xboQ$JxTUhG_*3N~g*>9NCBesygSKYI0Xx_q@dP(4))
zcGts3<4sg&&L<DP5n8s|Lh`b%E1HibQ4c@syJ>^QJ#fnkHr9Z9EcM4I)P|ECb2bOk
z5>m?&gZstYL(}r4?-Y$da>4rZ4dr=3axTO!VBK!ca>-p1rfbD2(yOw~2JN%a8R2T}
z3;R<J_Y8f@+U@0~9f~J-;{1WVl$)}%DiF74>$&J<K@Y5-Q*R%wFlc`YdUS0UeU&a{
z(d27erAt~v5T4^lu61;JMIOw4or!A7OcKhN!m@~h=v#Va8Pdw0c&fB)f>&wHjFyCO
zTHub6WEyF7S2*<KGogMAQIkf|kb)%X2EES58Umo^;CpOLFbDC9shaS1+LZ1(20WQQ
zi`Fun;9J&4(-pMR+PsMCCgM?AvC`7A4_i9f$Y!M0M}=A9Mp?{ywC(i@1FB;YY5Z_{
z5HZNi1+ov)ZMh}sz&KY^uVvh(9;^Y<RRBp(JSQrUfy%hMCALT!yhOx$Io8T=s;fh>
zVSr;*+oa+8Q$M?$E2v}Pp5)h1iy5|D5ZF4&F<4<TAe6{M5;p4S8@cvnC(r3`0pH;U
z=q@*1CM<0LaeWHvE_x7*1XbOl?6$gA-B(G;v-C0Z8yI`Wux9%{Vh#Dew$&N=Xy-7_
zkPP!A8A1`v3_WnPEXZW)cvrAzOM<<;G+%;z{nhP0Qq6ppn%nVqQQJ*p-IdY{o|I3e
z0o6{7Dld%5$#us;9qD3bjYo+w6ikJVp`H+q@Krr|bvGjVDBZcz3~74}QpDrghlZ#j
z(q*eDQyPp4^_xA+Up9>O7RU8p%0I6qCi!YAObIx!mQD?5H%PIDugQ`M1Fxt`!KKgg
zze~0hwFn`y%AT-=29X5HXfACB$FmS8S=2m*0NNiN)>n+-_d2pfOK`h5bZ<ZGu`D8D
z#-c~f0ap=pT`yc`7FBk~-==(~$^|>q|D>dq{M{g#ZB4e$4Rs3g$Q{2RF)^AiNsl;1
zIq1{F6>xS}E;)ynNQwe;_w=G_&~E&<`<SsK*B_8P%esvxYkv^g5Hi&Gn#`%vm<78Y
zfDtUk%##OpS8u}f8QErfqOGu+s7uit0D!8Zv+@u=0`V6RHac{BM?ffp9X3jod8PMu
z`Gd!MOm?42UN7+<jAdhlv*pMu>te@^p|oJ5lXjqry`K>r5xnh33>7|5bx8z4-kjD<
zG^5tF@(WSg;_kQ`+<0bG8;u?Mq5N4nh6$}Uh$@AUUEc|<<f-CD%_Lrc>r2ft@gpU?
z!d-LI@P#!x(F}84qH_T6DkaKs|H@3q{v6m;n+S^Vy)AMVf0whSdZTLMzj)E`FLA{M
zfaiR2qEMAk%Ong{UT%H&CN`dII5>Tyy31Iss7hr$<5(*O<%)?`ZNKU!dB70cY8ThK
zN;r9APhey7lKIEnqdO{oL<s{KljC;nx~fa~AsV$@n{dpDBpUD#XhLBkaW@y^!1F9`
z;dQ`rjYiV|&U*^<-DIUzgyKT536UWUnunklt4TN9wp4@hs$@X2E$y2lmHh)x-hs5)
zfGr+Mmz_CyT*KP|R%a(Z;ZU*+J&;J~@~%}T<>vsr*n7dM3N-D$9iCt=47c}XEM6F8
zJqNDRD>}22r)MkstF%0Yr-tGA-IEIsjtIrwbi%6Y;}hQqew?^*sAm-=MPps*HE?CI
z<WrN*=chtrijF=E%c%6ToobQ-v|a<<_iLBuEgx=K;y&bs;nwosS<-_Ixw3n8b)Bwt
zvMmZPs_$65&oW!b$R<2S<1a-uD2^c3b_b$@4AF8)_l|7rxRg+_*eR!@!=L4thW2kT
zHmyf>KjO*8P{ERy_Rc|NBg1o#Ni;HMRKy=XIEH<&hiXsd*1y~dS1n>-!zM2DB*oo`
z6g6ym|46+MjF|6KCfz1mKESh@o>rtpiN~s2<u}1fw}-Y>1*FhKI~PTLB<p@Wgs#y;
z)6C_oQkuDI0iG@<JYz0tK)|p91v1HuoE7lgO!OB@pW3L@R<ii_jaM3CreJ(8!7NG9
z*Cmt&c9i8>Krcy&2r>jCc=-)N+>Ht_$Z9%S=(At9i07@}kcXUnctsfY@=+IN;J2@A
zE9MwlhEWPK1sh~R6bjM=$KX|%P*oE(n@h8K=UnQy%+!MS5(^Gc-LBLUe}5JX^j#5@
z=<1wjog(RjQd-h-#~zxWT8|@+nL8ZIK8&Tw%kp(8=&0HyKXYZi-_yCyP1SR4y5t?!
zXQ8q9y~A&%*GkJ)+S+Y*Xwz&Cmqp2ww!@>-MTDCb+gjU7agaYDBV8q@AVeKE=6#Ul
z43n&^C79i6KtD?uP}`KU#{qFCXfyDd=Yv0{s~=QTzVv?oR!cu2-W)NJkfY#{sE3wh
zu2HR0m&%r^gD1B+N7uRg?Wy#qm?g&Nj_ZD$vekpq1IBpN%%~H@icd$CIu$Gl@97@S
z-%>B9$(I8_)NJ`F{&>=oXA?f`uLKu1{oDo5wE3X!>Jj!q`E&L%8hfpFr73ue=mZla
zMWi4}Tzn$JW9+$CrS9T6B<Ac7gx|3-;e=7DKIVACCZIBOGUlU4dccvN$q-5K)NM)d
ztN%+YYfr_k*A*%yJtAnl*a^$(SD#wrgkL?S9bthhkMd*ZK4Ewq_EgpZ6O&TMs9^!c
z#F3A3*%|d-u3o_jC7WxkkZM@AlL$grjmedZy|iw9Rhe~3n-E-z<x66(3R3+*bTaMS
z6TEMax{-=yhhMA)-W{Zzx~i%;{0408Hc;9>c;#tEaA(8TdyQ2{Vxt(|5%Yp<=@Nj;
zL8?c8PnwN>+Do|bH20y$vO?GUoxWUx?d`b=Y`@R;xxT0DNzgi}gzCJb^~#STR-ICT
zQc2y_{ImLR@Rk<ur*Y-U43zZE+Tf<6a=&bv9U2P!9=GOZRL%I{+RDCz^?l{|&@~a7
zUg99?$>#6F2*qU@5;d=uHsPlH=85iG?iHqsD<#=%SK`bQLe$;Q0r4|c4+4hymyItN
zMRV`5xa@cn8l?1lK6X3kv>VcV&UW9fr9_xJllzX6be7D}BNgaISd27Gy2PkG#;E;n
z<BeB0)gkf7_}J=s{>*mpP4dR+PZJR1#n$QR-LJ$q8R~QTz9wy8&=rsAZ=OKU0jNXL
z)LHSm<&yN%(-#j&r@%yvOG4SRuD$tyj$br}hPzAK_Q&^mJ6?8^<|uS>W}e(tCR%=^
z%raRdI63$-iqjPL;N%Pj3Tj8FAT*8|#4c8vSirLapwNPl2tS{+xDj*EQ`3)y>a7gU
zwPf35qvxsV8RStZGh*wJ_uZo88wv}ZSD-s33L>+q#x-OI*gNamm17JegeuPiY*uP~
zwYE~&@AWRe_emH76<=E?=7-5VM>ACu)7XtqUfv8Sw$prchz(cQr^0jW(BluC>t>%b
ztMO{SE#P2B+9x*DfYK*oQtByWxZe~V!T>->rH;2vrsajF2Ii~GKWy!nYd`mwB2%z#
z&TV$fcktrHn2=h}5vEjHTq{}JC4LG_^UDR}NfehCSsO(pQ7}D?M3EIvQm&3`872>%
z7kN;JM)w3Hc6gN#5Ai*(<6B=n@(WLKRIO$?S%HROMPn3gl{e*fsHY1IRjU@nUm>0E
z%A-vjU)c<ULJx+cdo#J6qL|w2Z0L=H`<T9L@};2;!IZx!&}El1;}=RTE7k?b^tP2n
z6HhAI>m0uroE22H2}}?RVgTT(#V5uvKu<%*`y-`eb4?huX@NXltg(uCFWo=4ry~hV
z0Mr*Lf?mX*&tlrZ#1Ta8gWyfj>Z=fnyk{9SS@K48MsB6Z*7*6lj%Zj-s#p-SNXEC<
zS4SxQgYdf{?64YbV7i;H8fuhZ$^qq4Axz~cLI-bG-jj_mBOx7pB7F|Tw6K&s*APUx
zN|MD{VmMi+!t9V)d0c7E#^QiCw%uK(>ZKrCj#G@maf^XHSbqBC1p7-PVS^F`y|J)Q
zsYg)3aIdJhUx3hKsXQ?sL-$rufhvsTi=15?dvQ=)<(;g=%@7XpX%-C(TU&lqPR*y$
zqGI0+NXYI+v|t7y2y0}6JN$RbsD}FY-SX8%L*;_hM0+1~^s@I-MsKHj2oa%m3w@T2
z%=E`Fj|u~)?v)wDJK|PB)*teAh@d<`!);;SWMn+V5}dM<D=f&H9!A48DCX#OLH-1r
zB}Gjyog~!J5rsL6jYiY=_O32Yj)Nlhfpta~sfxdjji$AG|8=Rc8!r=*D38$30aDu!
z`OZ<8pFbx1wtnkvthav6+2uc_^D?E0-%(GssPO0k(U58s2*Qqk=Pa;uM?5~Iqib=s
zCGa`KF(qhCcG9k2Tme&XYg)<9U~6n?k%E`jyyTFQxf-W!+05<a-EMBdowInme%;q1
zgfXAp1)wB+ZNbs`nAARD{`ei40ay2rn(^{yA4@#H8fJI$4wi7jedD{ZBY|D->YW$q
zAuZ&|!=+1)hjLqzj`mBZ`$<smTd`HZM5WcyNHVhhy{LAZR>9PaGSkm)9_L`+o3xuy
zr;rt)P1lNlM~ZN&NT$d0Ax)bulhH;WZ1F8ud5pLP>(=Y&2vN@1)m@V(#r{BxNU-xS
zTjrb#@Tp=J8b12uC*CP5C~{22JfYhY_A*%CtKLiuC+SLl?CKqngh=<#<xgbW&cMy`
z|H*fxe;eLie0st;pBgWbYtVai7Wgn290FmiFFx{#gax*Jc4R|%yk2P3!5UnB&_W{Q
z7AkyV$nJ09AA0ks<r|UPW(d5J<Uxu@j(!!EcW#B7)52QI)g~_&Q<qysRIOxMLN*gR
z?mCV_@3@wkLIzG*8y5Q~?oL{jxUvup(wPn1l6WNznUla2?5@ZbW#q%GP~yso_?{=x
zMtS@;$9b^jdYU&$e@rauL5(D}t(k!HkZdN2AmhB~FsOf(w*7vqJgx)&IA|yL#iCS6
z$frZ<YX@Y#&{BKm_)i9v*LM=oqPT4^%rwzpT%qZHawyQgI|6SV$+hMw&H>B<o_48M
zEj4NHh+4rX{lfP)P;+x#M~Ti<YSWvY$PMO=x|IdA5j3@ih0$KH(GOB<0q%{aPG4pU
z;@`3)8KUUmu`fv%qmt;Uz8UNuXu5Z8MZV`a&otP$B87a8nP-n`ruTC{`LlNZS=$Ek
zdvW#C395Z<@U@fgtdFmn@f)UW_Mj!249Mr#zh*nsa8pOCvlc53a5=3n66TIqtMGfn
ze-`9l2M7ks9`H3JI^c=sxbGM0Ivp%uWrtSZ?J<l6jlNK+{G7p^gZq{w-S_=x$+zBk
zanJWoHyW)Nb8k?vPb37%t~cJIxZk}0sca{;-N~%g<{J~aKIFDF5q|~4w+GEDOJlDa
zzmKh|@1s^HI?Oyv@xb-il-y&OeVGfPI-RkrANK8HdQ1N1H4j_Ol~3&kQyPsYSCXC7
zG;$6GyscVWT6Ilzn+|GtpxEOz55^QwJ*VS8>DugI+>&eIU^;vkIJbx?lvfn~!mTyY
z*?Mj|F2AKILW9Z-%}cwwY_m6diu|U-YzuTCeP8ptBhSuJpBhetSw_b@It#1V`YnjX
z{ez{O*faOe0hV`Po`3NlZK(=Vp*!$ha*sYxyEE4k)QlTFghydcUWK{V9o@S_AvJ+;
zf*trc3xlVorq^Kblq~Y;Jmqe(nIiZ6vObAD5w>S?T1DmAIerP-D;-UYehGCYY}}Qu
zN$!tkcrq)Mo%|aYeHSRKoklZOrkddix1Y<&^lPg1wYO+~7(s+RqoR|^oKPn=BQ>PB
zvy2dbQ=j})Es|l<3tA+)P`+UKE?8owz^xl*tDkM>C+7gpeaA?=8jtl(Qd4}*4$FHy
z_Bc)INlxr^+q)^9I*)f00arvZ;?p#UNymu8>HAoA@|OjG(<ulZRN+ubU8YG2M~(Qz
zen)s@ecfCKi|KSN2=GSjo7SVRk|2BLMer=(MacZ!lr%&7Yl~Docs9PV#sOO{(*5iX
z-SeZ9LQ<J+#wNZi&ph3SZ`6?(oJ!kFl1rGi_%QQ7CZx|w_gJ%P4$z*YexUW-3og;W
z+Cg9dqb|Z@Ua+!&%oK;}<~a7+qzxOXD~z&qmK^F=pm`2VzUJM;bw~c<qLgLnFo%}u
zr!<VDIhxKI7eVSae|RNxJLK?L*j=uE^qKTb-y|ZB15paxL}LMQ`9~Z>ESn|GQcHuU
z&h^G-U298S^+lkCcrsj?d_#^1-2~!1B3VDX+j`%>w%ojRP1^Q`&{8^<?Z#uAPp73L
zkqq<3c78FI=-=v#XrU?!NwNx~B_0CeDbZFS8mu8&0Q&UoUH<Zv_)?S5*c_(Y<Sr~N
zk%seW1BC8tDq{AGPFe&lX-pzGNK%q-mNI3`!0TIHE5Tq!gkfiMxO4XAZA17=@&Irx
zf1Qv1a|!}skLP1C^Lj}P%E3f#?OxA6Fu7oh?Y9dzQIq#H7@4~^9kng9#)^*2TE#;Y
z?9^mDb2#N9QA2|snM2b~goG%fv)CH2Y3PR~G`a${(VuU;JypcNd)3Z^GwL`Kdq(F5
zI$|=-pToRqRzAndMZ=8TTBFRTXdA}9(3Qw1pWp7;;Fk6Av}@tL{ssmjWXQ^uI`TGH
zoij|?kE&sOHWf9GA-wckZv8;Hm&MbH>`$iL(r~Pb>aB(=TBfs%dv$AGmNH9q$|^4g
zjE|UUIh_Wyo(rke8><xa4k)lX7Rj=-_3}l-KmdW{hpq`*3okFS6nN9-fHJGLqoYBH
zZz3Dky1U-n#>&i|F4dH|4JKT@s*tbdoGV&`H7)WRyo_JiXi|h>1^3v<W`n2Z_<P#B
zDR-?-OJ3g<cQZ%*;JvEE;)j@;0&n+F3at*$cJaQJNYURoB{!K&&_vt+iqGPSK0hQ(
z+k?C2sa$~H8qG$elR`}URGYA-{jA+-Mc6sQHNifz%T=MV07a;|A<U1_Y)iW{CX23!
z?g5v`gT6a-@|$J>t_#K=1*~sRI(9G?6Fu-FbCQ*NiPq>WDt!FbgFHJui50Oqk&+<x
z{O~r@QAI6#zS%x?g6jLzMIV2R54v3O$?-FaZ?`QVX=_mx0iGNJulW=Q#7FxCJ0+?l
z<VIHPP14?o325Hw_zX=WH<)f<;Mx=GYuwL%+V|85%AR4&m2}@S#a62F&GBdyq|c>S
zYXv`cw5~!qR|y+iYyY$zqva#l_g1Dl^H2?LJUdUL9t|y;B}_qJRrIm^o!nV|5`Fr(
z;qP(2oGIxqX#7Mo>oqmgoReLLO&mV<al<EHKe$S2<u)YP%w=Cu2wi)drqBkVV#yY5
zP2(FYq*9@1Ks9DsYUga~dWm3J^pP;V4^P+4RTXIxS=4>hh+!H@NkPNey{@BBRZnBG
zu5l*}wB{|<N7J)$mGz}bYsgk}OTYl8L{i$Lx{+t-qjjiFcnvmmX?O-nlU0<0wr(S)
zqkTiwD}oB`@`>8|rerdVat`D-=A5%@U@Ho=Q<;yYY2NM<z-s9X;;ACP%EMq;25}n5
z-(yW((Aq>Tc>4A5{qB%x_-LO%j?#-+1HM6uY35*}>;(_!krj=`b0DgCzFXm@Fj}M#
zirMYs$QEDx8})XXU&~o|8F(}^$O5w#i^S+u7Mn)v2Kzh0BhEGkIfLA(<Tw}DWnT65
zKXcMdewJ|Ox<^Cn*)`5En%)lIfjh6>z7q;7Z_IR~53G%GI^4YmZ6CMde52RgvF}MS
zCy(nGff-|2J&#ds5<Fy0Vg%%{E@|2CpT<9GZU~&}ANy=<7#?y$9XT!MFxz@SmR}(k
zNg3qkpyo~!+_-6&&UrUcjVJUab(WUj)fB#2#wTwj7f~3+eN6k3N3Uq~RWRO}AAYT_
zAMLzpW=d3_Oktk5iP&JG<ysJf61g2%kuKs)TArdT#>D3=3R62~H}$?rSK)l0X>B*X
zj2nALmtzg~x->Xbl-+WHmfMY4_LF<+C+=Ns?^n0|UVp22UWt<ndED5Sc+&SS<xqq(
zd9EW%dhlr<n_5+@Kot5(g2et8eR8|LItB8;cSYNJ%2DhrQ}cJ7#Nub)I4y9wIQx(*
zs=)>Pvm*1~xNwg|hlj735b8W}#>q0`Ami!uTifA`r{!&MIS1Zxk48~Kv1k+P(W&kX
z&{&qvb#Isq*F;+tZ9=X&ZsxG%=R>w+tRHR+F&m?WF{@(LSey<l=4GTd8LGE-cDX&=
z;CcTV;~a<!ilFjt$$FENZztn=HHUbUd23Ak@u!$UNBn`>qs;bZLYqoChc~y)&bGwv
z_9mWIO@FtDlpQKp9Ep5Ck{XG&*g{GKGilXemL6s*jCQ!O7vN)GD_ZX?mJ8>U%dQ|^
zNXAilt=?0t7(u8K<L7ckcB!;@UUA}Cj?Q{q*zg_go-N!e`aJVixdaJ^-uRq_qw1G7
zmE(!ug`OJ|iKxXLJh2y#LxgOnhBAsANLqVj-sLTKu4<#0Kj@N-e^Kh6%wCeW;SjwX
zAw7|CyQV<UtpLvsJ*>F6NHFAiSH|u9WRI)%s@EhIjBKX^uso<t<9!{4P7G6)JnLSh
zm|Cj!zsnh-91t?bi`>5{*l1JjX!ELV^~gF`kkgWhp<ZuE-0`%?!;^2DIN)ZjOPWBt
zQ*B`JY7cDLMp43B{~7E$mG2xzE}S&ZJ1wmvkiEY9;qmp1oNF6-?qPk#TX&Oag!<_H
zt#cG`a_-0D)~3Ky1tb=BA6rM+h?+1z+CF=c%Cj6y_suSyS>v(#vA&E#rI41ZzrmiP
z=hmXN@NumJUD?AW>MfcU3_`bpsZ>pSZ4=Yh)JZQ;yl9c_BPrPW10g>em+SC-`^<wU
zUne93Mpg~I<JC;yoGj$8!XI?#)Ve+zZ?MW4i{aEHb3F%`IJlJ`rmZd8gg9bH_PlHp
zD0XR9%cdTtcqiH~rtBwOHtt4MdY$}=C7*Kq0!2sTsNh<>YUi6gxpj5;m{VvZwR<)%
zYl0j6$ls#9hNNq(b3gR{;UIO$e)Fo!C(e^JVMJ=-*gE5&;elmRLMB6*Ffq~2&@rhZ
z`QF4LTJc9*?SuGl8O+7kVY_}?pq>TIoW)_e%}4ItfgRe<H88Z``r#X*wa}@tY_+L~
zkWa7J!aZca2RGCyoFwv>3+tERc_Lqtb3&7xw#JDJ-iGU3CoZzZ(HtdvnGyZ8Lxnto
zUiI<D(aQ3EItBTn_ptSrd7CuN$LlakS~(4V7x+vys<x$?auiYjivJ1cR7ywc>I<BA
zu}9>LCoHC0dD4AHSkAV$tImO}+%<6<mbWe;EO`x&M{68S(pAejU8-xFJt`j#NZn9C
zgPpw%D%H6WvHdMUBX#ut;g;Q-q)Ey?-*9ODIKdHxRXF?2#t^=u+LqJ%TAAvi6mgX}
zH)DP8=6<zrui-3-xl$-&dP8$*(1juGxri<sWY_$D#kE6sT=^@*3V{c%k~a5imBZ;L
zmE7kT`-j=9KDaiMYa8`+?(=vy?eKDY;XD*Mxe|+6#lgl0MN??6yJcHJ&V60h<HQr!
z%`{cQVzXZkp7oZAT=#W9S;JvYs4u*C;q^X6m~BnKop;Ha>y`o98{Z~w%bB=xVQCu;
zM@zZ4DW?iC)UE26AxfH-`C6T(hCZ|2*?1YI)@{WY5L}%&X?8q`e~qCqCqJda5y#%j
zbJuHXi*-*ggf*EiLfD6{l?bl1@!jaY=u07*jbg@Oii3uAYzncPcKwyH9OPsX_9ATz
z+>0KHo2bMlVms*kXc4BJZ&X`pt~5P62jt$vJ97@E*t(Fva>bJBgU#y^d;`D#L3B&W
z6MGlNq{6lVvV?ee*7Li?C7HziASWfd!j=<TGF}XOt#*-EjDqlN?=bd?&hn+ci7&Ba
zWh5d5nNize+&9F(Z!Ew67WaClxu5e$*fVdY^Q4*b;C^Z2qrqE4uG|=Y<eN+ZLMJav
z2rT9Ici3Z}xm9qDPRu67-^o^#)V-0Ls;=o;8{qTUCEZZ`mA117`r`rlLY<*CEp>&W
zy&9-_DagcEE_#T4p0#>v=YFpJyTDyMvXLd$tfLCI4)bT9Bd!=#K4JlFte6c}x?+84
zrTgl0{N=T&yZ0BiFSH{L+-A9m`}fl^z{drhQhoXpXXik1o52`My;VIzrpmi;2bvzC
zt4T^_pFm=ATrBt{uCqZ*otwL$zqpIit#CV5z4?AdLZ-r;Qv#7ATXfJZf(2FjWhHku
zfLX5?L_n2Y-SLIfY}TI6H}^e<jf9f8c?H^8)a!7V(zUfc*`s%8o=i5V(RsX-xOclA
zl4wwHa;gUFCCcl1HNTT_Be3a;4zQm=sb~|nUuL?m|ITzrYjL+vu_bTRN<GM1;##nU
z`<HB^q8cdMZKYQag0;9^%PoITTm8>dVt>8Lz&W3eY4%jKH48x}bm0J@w>OjGimNiP
z5D@~WpBy(2hOv_3yuD1?(l-tX`CoKBsO@O$J)Qn`0FC2!QL7WZ?p)mNXGl2v9@eLB
zI@ei-IgzY6aj((241FM5U43&x`O}RcvO=6IJaYTASKL-2YIilFRm@xZcjOPM96%K`
z-9WyheW~7kb7O2AWL8ZxvA_#m{o!_utD7UJ8y>bKt!VdoV|RuK(tP4vTZi?p;Dtd#
zNVHE}7nQX5VEH<^?Y(A@0y+CZ`YG+Ey9giWwhdEr=qiRz%hxVMnt2B?zGFkq!baS;
z97!e-vO#3T6pept=<SW8fm80KSt|b7v|*93dx3{5TV3dL@ecFZ;?5_92S*a#rI7Kr
zaf>1@dZt|*iu>PG1jRop8M&mZPa(_=h}o2TuLkE!L1?0L=^fV`bF<zj*CY4u>r<~s
zl7fRhK1X`qq&0t6Wz?)cU-;UnpbxQWy~LDp<!<}BM#Em23<q8$T#vX&E~9+Mn1z<0
zMT}o<QM}8Uukh-Gmq2;xG0lypIw7`x@;ts6l`Z+s%~kFIbGD*rKlir0PU%}q5X@jr
z&8Htk)0TiJ9c0!^N+EsEz7O}?*Okuu`2;+-d-AbQuER!7arMMnhQ>Lw8tI<2QjHFF
zmCVjcMrvn&;Pav6+7o7waw>P^7}{uYrT+fW)v1$1enp|+z%ffmI^PS`kqLqd3Cj33
zwbY&lJ#EAMkbx0zJ+-+|Z01(%z_<G*;b1SD)}L<CBQk&UAsv>Ipc7o1qlDAulpIC+
zjeLmUp*JR&v@|F}!>W>}+F9(nZ64$2@G<_|2tHzBdfSlF%$RuJswUcy_AFlOYcPfr
zkGn9vF<ab#D%HCGr?Rt(iUNw(@C+?Ev<%%P-5}jPv{KT|5JNX8-QCh%5;CNKbV}!d
zw314L)aB*gmm6!{*YkMRIcuMF_V<6gSc*{h5;G%I8bpobyJU4Zxfr<hr9;t<^UsN1
zeD-P53uKb~ueUv3b}<9BD?63_Jr(D+SG{)>sXJ4LyS;`+OZ{$~+1c3=>?ZWow%9Nj
z@NcZC;{i)A=eUg_5L2WbN+X9waWPLw$yPCQoNZAyI6qeO3As<El_o0D5Vzbze4=7)
zyj?Z1as`3@kLU3Sln)ZVrfxU*_IB$YO#09=(h?E>3I!&CnxP`i#c8dwMG@~@+>Vcw
zhIbi-L<igySfXCOsr$ZDe{3F*z(Za+$n&(U#`6rw>dT(b`c{mW$9{zV<F&_2qqFA8
zG_=zS&eAj{w!Kd*g%QTU8dn@44!{J^nS(v+1isxj66SXem*sp`MMI`$*MUp8ZI*46
zw~HktF1y}?{PKR1N|N1;hP&Ng$Xl&3<F4Oj60F}AyC%uUz}+p=(B?h9sX*vK?#GMO
zH$?n$p&P&@wnX_<&Rk!(di!yPzEMlUM|UfAT$n;pQr~jS=k*t^GZDx*$z|sF#gmwG
z*QJt~a;J?C=I8SlmHiKc!hYv9)z)qgql=^7H(^^?qa!Wgi;?hlzt}-%j0A}ZyS8}s
zm~wqg{0jb<nf%n{A-po>y1(q2OmNNK^rlBApFSdAqj2;q|BLrn^M~$4q7(N)^>FXv
z5j$_cE%@E8(w>|Sk3MAx%M3wAcrnv@i%g*a9<^;kSN^<EB7&<lt)rIVLBEr}rcRXi
zGS~L?==tV4QK;}$j4My-a{c1AOt$)Hs2bz?2N$iyl2$p(jk<7LPUHjaqWbbV#+L~U
zT7zN6Q5UmR%pEL$womp^c{G3;$NB`TG<3iZCFhRofgd`a0m=uD9f8CT5zl}<htBMO
zhUo6aoSbUyo|{wbXF+G?u80|9+tF;B>y{?$$Bk`Yd5*W0Q)4JR7sBX}GD9k+#q?H_
zPI;{q4?T$sUO9OrI+F(%?;C<8pM#!*KSbH#%ZHox(kkXER7_t-SW+gaafIvZ{<#=^
zIT454+S26`L6X#9tb_!iV$lY1ckzr~iB9FkrQA#XdQ>B(>dXeR_-;JZ29IlFHiH8b
zsIJ3@#%4N%E8eyozELeLjzU<$xwz88@8vPGKW(ZtdsFNRW7>d#>pM#gJ^D`vE}aoS
z+b2e-_TgIp#s)7Fomw1zXA*Twy4I^SiujHk&jeemIS$tIZrev2_uHBI(wHZ?AJhA=
zsxCV8iw>$CKLf(`;=f|pMu{o5oLDCn*NvsrL%Oa%um16eBfMkpD_Uo1OCvtprU>9a
z6ao$RmC9IDf=0-|zuI;yrx<?OQa=L{&jNG%8<dXeiazXNX-LevWkI|4M&mj~ncA|-
zsQw9xV^yz*IQj{*27Ff%hzS_1i2)kbqg4GP@+LPDdS}_Xx_vc1h!wl>a0`P_1IirC
zd>r4gbr2uD>E!bpxAt-e$hI1wnVX@ciKrmaJ5|&13rSPkZY@UsNpr!0XV4miNGyOa
zXC~<dzV0v7AT$3iJ8;BkV##^aH9R@2^sz+;sQ(Pu-I@a4l`QBuNcD8UuU%}~?djZC
z9M?Xj2KFgE12SF4W7@yP3!>)QU(_#oLK__xX1hE`M&8)$DG8PPI)e6*odEchqmiTa
zzRv&`qwc4jg|&XpJXO@@kp^fhle4J_d*k=mi@|{a`NZ9}BUiDcc&pB`?Ts{IT|&ar
zps`LAp)@%=bKu=o#nqBFG|4l)_Kp81zwc_Lk@YEl2VMH~;{O5}rh9eh57uIpWJ0Uj
zqKt(^Ftu=c6ha%6?!!h-z3M9Fou%RCci)3Hk-&Hs&7YenLiUagK#weUlzmS!dkEFA
zQ-t9!iamid#u*-a*{1IAGs6{4+tB_#5%sFw_hPNktS`zkpxSi>wq&&zdd;K(wt*9=
z=G>W{Ecx~FwTNpOn1y>RjlM00ag@1&&=^tK&Sky-<DFWCB)*g7sq6Xdeu1fkiksc<
z+EI5QI#3eN(fHJaYPUbzq97Fs6HilYhtG*sE=@MdurR8?L~D<mxAW|_su;=mn@hJc
zcN}6)hG_txiXlX}QoYlEDnqwjvzwB)h6?v07#G3Ind}%1i$Nal>R6u{@ewd<A{=sd
z&aQIjT(^;zLG<Jf37dTX1XK~4EN8=KOt0ODKKvyac*#krv?r?We|{G)LHzD(`@=M4
zvWA3=<<ZX>iig875)|K)xACl>H*a?i9=T6aehKfyc9X-B$s``5bz|U$^7-+xOJR+f
zK4BrqjQm$X5U*+}C2FURm(l&>xCs^lJhiD&L7j#6pi)pW#}!NryYsewM=HrAd~o#A
z?BWg{ioK7pzrf-c>axpiYehu#K{5ntV$Q5bP9(+&e*DZ<xNUMyWGN174yR>IJi|v-
z%Zs0L4%@%};Xn0yr8WU|lA`doQ%M5V`~-C}qYbF{qd-P=RRV8;nRKtV_mO^GWc|t1
z!vDK*6tUu+EKBdy7)|j}j5P`abY)P_BB?@JZ$6X&fK(~E;0N<`9@bH$nA1%<d!my-
zbg3j_rxy@LE31x^l8pZPC3bS$2&VTg8Z*A*ym}w*pJ4Oe#23x$5MB>4*&=f9^v^-E
zZ%M&qy^5hZju5~$$FcjouihrxZY)oTAg}LH4@!<n4ETk<=~MrCUlFv-{3vR$(CJ0@
zt{tj*KD%y&A}7hl+NCE*2BSu3YlGC5MDk0hzJ86YM-BCulOj^yq+m-;$%lqFHre?5
z%mm@Kvl$s5R6=&vN(&PGQhI}JJZ-cs=MFiN#re9ulsHn=e)wd^s$9ytEQJ_8<Nyex
zK<KV6Lh%8f<b`FymmB57V`Q2+a<MW-M2{u6^)j2aV&)QGUXOHqwCbqgk@GJ<epEL)
z7EY;*${MUc)cr;sX$%WG#2L&jz25c)P`KV!S3!-JQcc<6S%SBHK3LPtIiy3DebMLO
zzQ(&h$h4#p3+<l`_1Av|q%3TY>7$=@)k-U~)FqR9u*@9S5J`wI#m7zeuf6+s`iLrA
zQ1(G!a~`L!QgWQ?<%C$t){T168!Quv+GX88%I1Ce;y%R-e{aDBNdT>2*R3^2v_2e^
z{5{nkV3kytxB0@D&c)g6{~m?N?H)gcE3i391y{>}m5NF!gZ!i!zFvIRsnd%niHm3f
zBcY=uP_Exnp^DKEeEApTN~DwUSCHT2OPUx9fgAz?)gW+7TqTPe@EBmLu;;^Pq}uD?
zdflUF9#zdoge$MjqXq#{`e<A~1AL%+!Ek7p!YKJjNhn3>9QYYvy-YP0UV7R%wgTQU
zLD|`s_#o49b}kPCH|p3)@!PC0l>%8q$l63yjtd#p2LF`_=7dnPFX<5&MYPukX@WHq
zk*d12CRnve4FkFPShEmw%hg&V#PMUx44a{{7@$=A(dw#XHEbFg${pOlFVM@dJm{!R
zU?ceCPnE_>&nYDrjDw@WsG8fIP~jE-lh2iIp0XvHwNs!_@ZFzQSVU%=7;+?DR6P}C
z4Ls+XcU|lMhw6QJUic)<!nxDOhkID+F#+6>LI7o=PzB=wLBTiygNTS|&rr4Cm<8}*
z3qi&Y5y>AC0`LBuCE}kOX4QjLMP+S&d81JHnwsEp`ou~vq#Z5=q*c$7<V{Jo?cmPX
z3lBGHbgfmkMw}A!vgC9xt^I+KH#$?#S*Hm~>X`T}X%t|Bk)+8I!<yh7Jlr4C^+$hH
zML<!L+BlzIrdDW<cd`?W*0xF+VQ(bk!%_wa$W$Xvh9P8hyu$^b{WizmbQCWT5gQM3
zm&lw5Zu<Qwb+HkebLw<F?W>2&M~m0nx!Q~GGC#h2wg2N-*sQra6C0g!+(+}BONXbx
zDY~$=UA;`Y#>C5dtaiq&t2*oIa!ICRmAk|{iISs`f>uzy(OD?JS67l>Rd^P(Gd+Hb
z<8$CIEC=BBq5)XujN31v^?J+Xs^WX~!hWFhAM9r2$#tDc9N%E?|Hh^HzIp|dQ6Bsu
z>-HJxu;o<DX2+Zz=w<|$V@S==%oc@KtHNE)3c(S$!zX1sYtt7dUDHo{3p=;;6t1-I
z40EJSp8;Rkvcn%W+hKS%3=NcRf&EVSsrAB3TE8ZQ?}^qiCtl`H`IPPnalY~QI_Rla
zRhahLX>XL%v8lBmKq;KAa#9z)^MhNioK|$e*G_1=i_jFBKj+yg(-_2ai^n4AV;;nz
zGkj(pd{5BVcB&z>$L_VVE2!DFe=4?kkTCg@+8`2?F6cBI6AU^(VQhC>HNg5+Ii?)j
zBHi`TB6$@fDl~<q6bkcP(!W`o*ZDyKlN%;5VpKJO$SXPKxYo&I3}6povgVOB60;8H
zip#Y7kD*<oiH`>eZ0<N}^nFTga^v`AXW;~Y6=dF~tf2J;mtg2z6V_7tmOwrGJ1;GH
z9mQ5O_9!74kSH1+u;F)Ok7!M`WFXn?5a$3^q~U9rI<fY1vv6x$=a=&tveIL9(rl)v
zmwqGbUzzmW*2#`*Z0_!M+aM9;8oOp4j~otft-lu^zd6Z>LIN6iGz*Z6y^EnM-;NgU
zQHC0ME%c1?Uwd8f6oxR`!=&dar~okEaQ+=F8CQYt-;m2?RHc=J)GlhW0u~_fR{QNt
zkn`GO4v%0B#Y(K(ln(p?MZFt}z|?Gk<F|3Xo%4}zAZSj{OFC#zG(ITYb1$}%*C97a
ztm>Gv`uRq_>+HKV4GeNfB+#1@l;m3d`95kFnkx6u9;hmk)=Hb(%VP|>d`jL~IHL<6
z^n2I*I#XywK~tSSEj(GpOWt+Y(iYcdXTxY_T)+#K-EVI8v(-I}6=-wv7}&IW($HvK
zSLzDR$8r3q{8ovJVOMwwxZJcB5rGLTv-^@s1DnF|*uQSMy%@efJ+bv@>EIxTF|G=A
zJ(k2;Yo~fkVswX-zDjn6ACnI#iO9tVTvQy=D8x_6hK+hF%CCyXTE7sgb(0zTFV7>2
z+3VDUBxS063f2Pfu5e7bWsYF?08qDOqAPZ<L4?=CDnomRl!!;edc<I_#9rCPSj5U|
zoawGJzbV1Z(y(>mOw41i^O{Wthbg5_=#34KCdVyqL=mvwM&q37dpOxp19g655rgb=
z07ed>U3gnap!~hm0CST^HAO+`9l5$(P08d3T?xOx1)KwZL93RDBH96Dwo<|SPLUH7
zHf6_ZJzgL5Cwsif%HX6pj20?ihrH6>&J^z;M#a){Q;FBBxBf-@YSYg(h(<mYL}z%X
zkXgkSiu|FnkdojZ3Q1Ak)~y($vqM=J{}oLE-?@=&N40j7Oxs9r;~nheb4WRxSs9ON
zRNd)}SxUDA|8o;rOJMzoG|}}b;T-LK|BViG#`=p|iO{ROU5q4?V{v06d(YO!e@!r7
zV+3F2@Ii%}5}L@J@q$8KXBZV9n@yY!(4F8SWKaagVCh3XNDLAsHRg!-oiNh!rehP}
zO6P@5SQ2_@sR6<;=X-Dj_HkR6>6hU~H9jAzNt8~QTXaK$Xd%XOw8<~;iQI&9iYZAa
z|Ih@Eq4!CzoBfuZj63n&G*<AsX06$v)I+N`diiWyHnucm;tf&x4(P07bS99?$*YW&
zZuwweTa@GB42UtpXQtk~aw}d;T4PmZ_0Sb8wVj@qa3!>_$&)Mn?(R<{1@Zg%Ok#1U
zCHd*{z?~m6t%VmUxzg`D)U)0G;~O4)%!bS;8w<Kx{|uTEIc%GKqG*l#9{<E<=skaH
z(;)QM>k*2IjN)_`K@`^sv)a9O%dEo|qJ^QEFn<Su_X>k#C^@Bi*cKrtt5QJB6Ci?4
zJg|qeE4J;2>H!(@Gk~S7x}qa8ZL`Tzq^H2=gIk&JriPeXCd01J%|*hdyQytc6XTqZ
zVQt0M>$P)kueEViw&moRWJkrX#+@<qrds!<gKqNXN@5jXP4rqX5mw5!PEgh8E8`_H
zDOW%Xr4-th*0^E&^7ORI*ZfACz8ZK;_0)ye``rj_SQ=M?$k{lO389XG{BS_qPFbe^
zN?a51oR5-FdS?3{1%n8M5o?%m$!?l1v4f4ZX#J9wc4cvxYwqa>EoZR@=L{ALr{b?1
zD5QjH>dJLuRoRmkhc+re0MlUnn1tTn;^Qt(1d1x%S<AT-hLNu&)?Tc&>Nv4go9^0(
zpnTaN(uM++T#cYT=NZF-!x>PNQ&-;gJ#s$1-1T?^S})UAPBb#sstS-lUIO!peA!4$
z$=~XAvB@Wmnpd#3x9@i%!NNq2b*aC{BhI#4`GcLTGu^byL>RV8co!C2O)|?eF%P7H
z?EdyXyh-7#Y>dG5d1%LtQ-qE{iTS5I#8AAI8+g(f9cEY7u@yov2B=tZnP*R4+0Y;F
z;(O_kw0%s64OWp`ta05Tv)b)ds!rXt9NS-VqR?_F8A)=jkp$!{k)`UT#isBo^?}d6
zzloX{lGX*U`|Vh4oMhjRtNL0w^Z2+`+M|6!2PP=C<>>G?Ab1rbg^}eh+PgLHVl#Qd
z3x@q0LW4fzeQ}PbSvBo%iH(5Cpfvu{VkjbLKT!mZl%VK+x18$ct?w<@TlvhjFV@@9
z>(|}CE|DK=_ms*}mU)u1DkzSNO|~m=^I3R)iND9B!@kr`dqeW#C?|mX>q_uuy}+5p
zuWv(?#}pY_V<fohZM+P5Sa)XGZwae%9eLhQ%tp(vDiIMl&EOt@i#CYWqOrjSGWUsd
zCM-4yvs04|fwE<@fAo4g^)tmx_&=%uW<rST*pi7R?f8L=99>)4b0bIA3%4c%SRTai
zpFBx@*HdDnZaxHF4l+<1x51x`R$Q4sCzvHX_xb?xwaxE}TO7iqMlkinlHdvO1NPHW
z_(nnN^2mN`4#n{6(JIk#&oEPVX&G`UwA6UTNvc9snU(XO1r&YzRYe>L(r4)5aikHE
z+RI<gC*$LI2S{{>r`g8jl{;d;a=udAbNx=!H!>JzYJzZVeK7)kkFjT|tg4S~yDw_;
zB$@wBwFVQ+K?0)oj2nOh9K*&>!GDdy^?Pv6xw4FfzSKLpSq|<vtq%u$+C0zf0sEp`
zXVP0#u@Vm=zs-oXP@Ez3ny=nQ#9%ZAr0P*J<%X}-R?G2tLUV64$dO@9CVuYk2o$2x
z%6Hb!iHD*i*3nYQh+Ql`SZSD_J8~QH3B$<D5VQl>M&4fFUAu1*hN;tVPNjII-by3*
zH<^xlqvF3Q%~89>g|dR~V>~M8zNnvsa9Vd3b1A#i2fwX2J3AAV<jG7jKK^iH9PC-I
zbaC%LrMFbFl$Ac-E=*Z2)Ez!DI>kow!jT%#=~M5e)Q~0eCK?b%4+)8EHXa%doaw--
zoFuE#BSSEuI^T)sis&8krE$0XU|#&1&)fTY)2%Kqy@t|t7@kGSnJe6Oj<ZTiJm*0r
zOJ`~mZ$(hQibdj>{xN7xPOhBrI`9ag`P2Dti%2nK)qJ=mCpCKKid~sYU<i1@QLZ+E
zD9+m!uQ^y;@ORC#g!3W!`l4eDO@`lge0I<`Zl%wLAu!h}hV9myF{kj0=yd#Vs+0;l
zi9R-QzP~zq`s8FqSKPK^>{jma5<j&vfxl#~NQhdg^zySo8)R$Cs$n<^+K@SXjXZ_%
z!LcEh*pU_CQ4&X*leAC%^Gen1rS5Do;jA%cAm9>z%g_BtkHB#%X}mh=e`zFBvR7XP
zIsa%u<xKDj_e3ZMIGNqyOsk;e)-F!>kwvH+oY(l+SeoLKHkrU8&nSsrPf~6pZ#WY1
zfFClvvul{Q*!>E&=&x|RjC*43EYJ@q`HU09?~1-noYWB`C9V*r_#*dW|C3?-G$I&&
zHgdqCuRp{W{+5%r{~EPpb#%a|8bikpJ@U)(kV9=OlCTTaIx$7t`?)=Qr!Z#Yk-})g
zszYdZ#5+kB!W?>}5Pq#X7c*qqYbH)E<cQGa+Bl)AL{{PcIA{QR#H~@^t1jQ9<KLZF
z+zo--YMri=`*wC~&V$t*?HuD2cUaV-FMo<R749+4MqkkJ5cwp(!+x=>Uj8s~ZZ&cX
zSzF^4DHM(O{2;CJtzLjR9ze_#q9=kg{+^P*1=I4uO%E(;c+#HMQLo2S_Av@SPs{+@
zZILaZjrQ!SR?d>_3%ja?;O}<MyXy%=td@xsjNwF<vpQk}K%;&BREF?cd%VB#I%}+R
z8{pR}4$CG8fKBR6U8~Yhf&J5Cx&lqxWq#rz0(4_G@hVUf!KYOX-JG@d?BN%wBg!jH
zDnqL9Hiiie<-)!BdtVj>N1EGTr0Nrs0Ckx#)=+<irNuQTG1spoi!;M2zb%c)6MRTh
zP5&(z%6s*_hQ92R<e6SW)I;M`9_6UFf^T1**>>svyEbc^eP`vj(N=pRx;$?@duKi4
z21{a%R@+l1^qCfd@g=-0KBc5206Q=MoM@~QWu`wDuf?4ACRXWbrzRrZKlXL4_$&?5
zi4F0bilVXY1%IYexuCl@_qR?EJo6^lz&$0hIh_a%Ic9$v>)^6vq}UgJX-z}p$^v<E
zlui&tL+^}|4<=%ytOxmfb9OfluYxt8+KR$0U#)+8ny|l?t9Qmyf_<fw(xs@;hf}a*
z^>`R0i4@}4Ci)mWt)tRuglR-{_pD6O>kup8jTk}?X`5RrF#?Ki+p%|z6|3J$6IY(z
zFG+B4`2YQ0H5qey_r^JCYk!CId=^AlM<w{dMF!axqjp^uRYgw=p*`Pn8)XjsO<Vp(
zh&;Z*eNCv76^qk6xdFZLgeK-Xj)x3iYf#*tzA#7V%S9y8TLtzjd#iOf_(BPE1D^?5
z5ut@$24Z=QYlS+-$a_M>4G}xebCK6{8=-9|6{Gs&*yD5$y|4-1IyHA3_Eg{yKM`>3
z>@(4SmFtGB(>!(^Cc&mvqkH)OX>*c3FB-04VN_Nl(IC&+VVtm#7lxeNU|jyaKH3l3
z?=PDIIyfPPcM<IxmAX-#qX_3jaBdTAQ-jb>3z^mybCyP7M*3~xNmxphHCu=`+Iy#!
zgYCUVQpF~IA^u)bpuSRBn3%e_>_r(x^md6ip};H56O8$hnC+ZWO?#>GGC&dJ?2!KA
z(7CkaMyms+zZ9b?Tx;-Dyiv$$!Q`sm8FTCO6WN$gY2wGWwQy{V{xIxZ(nnF8p=&UM
zhq~WAMQKF7*_h(Z{1MV*vUX=GO=NvXFygVh^TWvp;u>;IdOAz`s;3<(m+AVQPG=UW
zTU6`Y9}bgp!s)&qYl{e-@#vlV#x5rcStT*(n>mfefPG#x;uutC9CDIdX+h@{q|$W|
zn>9`dc$@M=yS#s(>yd$0y_*|OFJ{grn(P-VBHN@BGi>7IE=#&JhgwZDC0iS<Dica1
z5dQrNcR;UE9$?+5OHRsh$rZx7RmUQJ!VqSE!DKwmDjN#XbN(G2l^HigR>O>i#OIVr
z`$~TnO)aKAJFW7BD@SgVfh9!uCuct2*e^$?1WBUhn!bMG0!fmY9V6%#8mk05U%4{d
zYwYTzqtubfQijUoH~vk9Ux<q7AcQ()p3xN7Z6mV|dvO8X<G5^Vk*?`y&Rn47aCN!;
z?a`H@xS06+Vw*7*@i|?waN*pa>ih@Hml#(jQV{7vVx2dR<T&hhwV^xN!iF58B0NTE
zxG9)f?>S{q(TZis_{h(0?e`ICmM;6$`8XpSsj5M&T{UD(b=vAe&iYY7Av8o6S`J7P
z`j9kC?<Aa$i{H-XfH%P1Xq>nDhJBS@95&FwIOu(lbex)>+Z44>!e^^yi#t!kWHa$h
z6#?Ur?2#&M9ao4qF!t6HbIv>0alNF?qrT7+_CC;XALO7X-qlVxb#3EJoc=~b?0lsz
zYdMJ|er*JS=kTGO6TF6;J`iB>o-)*VZC1TQ#T#Wm;B2-gUnkqL+PU}x#QEv>%ITuu
z-&3tVvDImIcJRf;ubVS{jy61JO4)6K_8_^7Uo?u777xM1F+NpxrgHZ&SDJA?F>?b3
z#QoTR0X2i;yTU^n=PHe-AuL5$+}hO;B&w=V6%wu+q}j1WrDGKCFy82R>i{Ki;?zfX
zFb<Ytn1XrUYhlKTh0-m~xshx|4q~-l#(&9>3YQi&06(86rX=@K^pzw;EFi#}xCWzQ
zK$p6dO}Vrt57(;3-szgi-HKSQ8eg}!Q<nw9z#)WAtI~(`>_`RiZp)>vUbH$DIf}?g
z#OHNsoP0FZJT?=M(Cc4R8haZiEd*()Ul*q>3mHFsL0jEE>V0x9frCj%wwTS|7ZYb0
z+Gk3I&l0`!iss^)4ue4Z6VoZn<!-g1_a&a607W{W3IINL)B_z7rTy{Wg;d7mG!9=>
zK~&+*7D><HVx45P_!)5S4lSm73m!f=D(9mLdXL5rhJ+&6C>Ces2n!Ly&z2=@1hlt-
z3K9l{JJ8WF0)V)oTNNB-Z(uAB)0zTkDhx_KyNTU`@pHr|4ve%?Qi@xvbijE)kVXz%
zh@fYZwOYSAhWLvmIYkjXJJm8;4M{8tI4xdGyI5lS?U7EIk*CeC6qAwEJgi9&%MMn$
zntVKL7m9uuL#M@Zg3~MZ$-yF_JrWYMtIWvg6<EXJHj+o2XiJP;E!`nd6#Io$H_8x@
zCFM=pUy;zV^uzVLX6<1WUXY>jH!5j)CK^^nJ^*#8NjLz6Ulk&H)$lZFWsCp^IaX)W
zBySWg<rfe#JBw<uv<5-n_MRc9w@YnH0Z-92%jPOQj_MLE)|uf5TE~6w@?*Y}Vix<)
ztc*AQif^vj7WgvlrYn%5RV>2MeJ~7){5;PN>SEo}&rFXNrQd2ZgXNJMA@(dRmzdTd
zyD<7qCORp!pBm|v_u@~JYG1q4PfJP}ywmy^LUl`X<#Y_ZzCSR5c-W<uB~TF#8DUh^
zOmKEqfu^tg9Lk&=DB&M5aaKEkY_C94YicwQwlo2>5F+Ye=?A}#1Ot*dhdgH%bfN{h
zcs&{xR?yHY3QH73^$xArWw-`oFMFbIUV*<REy$V%DGSpOeFnf{;AVfO%YqCcSp4=A
zhw1H^aB*9Tf}`^5S%L4J6s__Q?W*X6WDNmAU2Iy75FMX{;tw4PK~^qwvGlxz5&~$y
zX|(B5l(Xq0ziShPA!*^PX=qiVZC~9SH1lL|$Pc76Up0s*MMW}+B=oi451^)sq$0mA
zHY>w|0FgirNTTM6Sv-9W!e+S)$r-Qwg}@Va0HqlMOmrd*R9dg=8tvQ*HHMe4+T~Qm
z(8ZLJH~3M7{I936n~G;q3GRXJ+Zxvk8b+35ppbirM~5deuyyXI*1{zz;cG(&hq+5P
zO&&y1(ejMn7pF-Yx!xJ%SOGw<>5M3;>j}*?04)L&1F!jA8w^1)DTgGHmeYl!SIM?)
z-qVrnaS{rKv+B`^n7OKj%AWiwmf{YLD3&I`@JD$oFxas{9*=MADB4%jxHbGoC4Qe7
zq}TWkb6fo5d8k}jtx*#2Hw_~yh<jf2b)h-tExOcveF`Gq)9lFJs&0TE8Lqi?tCRU4
zpqm?CmEfY6ElHh7-Lu`C{$2+jpI(SLioTwr00NWg_d=kRSt#?Ob)UZ8M6=hd@c&Dd
zR->HwiCi#S>}OV>UDHjK(;mVZi}nGmEP|}GhWXioB2vdKp6En3B~6+)>VdU6`8}iJ
zP=$|+r@-Nld#}S}&sL}jGmQDyn(!os$UjX_2ITf8&>u3Dby2@xy4r@~3oth-3dP<>
z#|qKQ;+6l)F!-N1)qeq3J<m&8Qq)aXY*En~Vvf^gHxMa%Lky3lN!4>o@-?-v+3kz+
zO7xI$^kt^1YM_eF){!)x^IL)17i3A8)s_yUPG2cqTCGnbObZ_qFt4ftfQWjWQ3n<A
z^wn4QZsV%zGFEqbLm~l1c1UypIwlTv!)etIc88t<K*$%$=-GwFkLPM-*&SLaK#4#0
z)<E8y7a68LGly&+Bess`*;*CJ60h8Ki|}lBmD%((g@F|Pdh%c$vTF<m^Ip1oPBoGh
zf|U*FyEJb!TCr|k1p)*rLy>U%#*mF&dY3CtvqO%ff38o#SYq7F79aJ;oxx#uw=iAm
z@f)idGLaA}hQ;lrkS0}5)UEN(*g2BYK&T$JJkvxTS<UX0oK@dXXW2>yUJa9qHnBng
zs#XU<WtI-+Bk`wiy>ok^@#V^HXdx%^3KsZpO64xyV`Bx#u1!jH$kYeu7s6wALrT|M
zCKq{hx$*in`%0B?$Ymk93(+FAzsqoKTf;|w@0ti6u_C+DuM_EL(L?17G4v~{k}xr@
z0K#+9_JuXg%7va7?_1k(pjIMluF=^TqXGz)!9LAKVlqj&Q3k{|6Ocd%naF{59;s-a
zf9*qQdma*w19*WCDRM*GX%QOC?}fvdlk8BoW-4ykoW?5veqHlOiwOl>d)DWhGwAMT
zRFrRQv%T69@&YSkJB4kVaVNiGkSF;rh0h}`u{Ay)*zI>@y1~(JZTY=_G?07Hr#TUN
zMXF{Dhc*{*S|wChf~389esM!2K!p^9n1E?HMb)ouJS`aOF$&e8y=A+le8P9$woWgR
zr*<dYoLV_domaEmfr<}Ob?T7CVQaAsu<5y0Y`WlXoVn$>kw}XYs*AUgmOIw#ZmgSJ
zARl@uH>#9o<BK%o84%M!XYa%(r|~Ax9`R>KcVH9Xs+#33p1xZ3A&Q9R1al6)DR9UH
z#Ekq=VKw&#3NS+&@PMLE=*TE_56Ekjb6}d)p>KgPqWnV~`0oU&#WEDl^=MKy&RgO%
zv}=nkXk|mPP!_<tej&3Z=hKcR^6B3Uv>58fD2tO+kN__uUl;H`l}HOHq*o0DC=P2E
z`@+BuVajFtUoP3oSyhmAUSoCEDRlec$OWk@(M~x#h5;C5e}O}8ByT#?fQNKQ4k7bW
zXx;pk2nPhOa(QaLE^42hN|b@!v=lOealHk(cj)?_y~ZcnOQ7!!HXG(s3uG6fLd>IA
z`C$4J2*z<>0^;^?7H~othiTF<m_dX&gFz?|LVSX(3g9Y#g=uFEqzt`(y^gukd3@Ov
z`~^WNLtOt6wk}V*;egkF+ws8oPZGC1?PQLAnCMCwg#exyB_^c(v1>>`A#_s*V=+WL
z7&pf<+_2FU3qPcsNt6w3H=U)t2<L9ojNpWjd=(&hGN<`<UxbVc6l9$dqCD@aWS<2a
z7#~rL(&9(3RC_+`A`%x)3Nf640?0<)h@Q5luWeAKtOC^RoM|-7S8VfZx-39+yDTN-
z>4lqDQs{LaduczjX5AsbHE>56IR%Tg^VA@i57Z!XyO7y@KZD96-?g%NqeQm8GGK8C
zLxa6VmN!PJEA1f>2*CY{4WLyNxpxR&*}>uW#(cvE!qre`$+R{>3jL($inaq0J^2j*
zQJ2gYRq+VV@n)dgSDL0&-DneffIyUcEFpOPTH<yR&j9LF75kdY1+y?s_lQEv;-i6q
z+lX|~Z&wih3$TL*#G|I<w27t@w$NwUO0gZPY5OGd2~#f$0xH91Lj~$&`Gs5_X=dtW
zScIP8Phe^ZR7`bKi>^*eaVL5<h0$x_R=%NOKBPjz^e77uh=`PDb<F+vZ6K3B&LLw~
z+l*NcIa-QDX%L80&ZECB1Hh98BD4-^r57oNN6W)HRIE?pfDx~3u5>VfV@NvX&c!ZK
zg3)Sd$Pm%UnY+N8Hn?4-Wdf=|VnMfmmOm7u3KNjpGFF-PmMyp(x%Df`JWZt5-&y;r
zgsNZmcTdvdOc5E=%uHfw$My4j2)%3;x#1lihZW0H))4e<e08^qMD@NptZHYqFH;zO
z{fA0dnt+DxTDhNJTnB~-NlY3^q`r%_cF<tfB|>lt>HJdiB~08o3S7O`I^=$V6)4_4
z1CU%Lk=6X!QenvT9M6C*gd*Zwam-fVXZcE0d_Odl)PqI6sH|OP$crj4%tAZg4t$h}
zV-r<T#p(RkqoCb!HF1j=bJ7iut9@X_Z>f!xcOdR!bI6*1#4;v%JgO;Kju3=Y4O0{m
z{d87bl@uUVQkPpS8gdzF;OswV8i+QA^0Adn#8hm=etzb$5Z8>g(|WEBTAUl=Efo4=
zZ?#9ut~NGJ+jU)cN!lazJ!*=GM#@OFl&C|wdsNy%r7R#MQX054qc5J)n4+-x8v#VI
zzz`0@Gsh|o!$6@Rt<PxsZ#DCOU3jtYLKK6p*Y0E=R=!@C{<<vtOKtd4L8(!esGC&x
zx$eK#hza>T#@J7O!=mLvl`J8@oS)ZxbforMC>ZFe)jY>7$BqnhjD2GN=Tcm8A7p-s
z#}_1NsC5w@#G&~N$Y^-v`ST30Tb!f5a}3_UPwVLeTjd`2|HBq~;Ra_dE=tQL*Y9(w
z{}2T?w9G-3z0)dH@lK3l@9Saz#=t5rX8{K7Jx!%Or%XMIplOo#Ihn@KfSp*!`|QjM
zj6;SXUkPJ^A4ekG^@(R|nhVCklZ+MQS!WvK!+p@@XTV2W$u5o`M|KVczCSh-9}5VY
zUltt-?)R4Vn2HR81Ss}(WsdK4B@N-bI8KWa1_9bVG3AKTf5QD&r05s5o{~>CH;<`7
zErUbyv^xR#Pn!4fwTgS*VQ~R}Z$Itgt&;~UO8zD{tbGPl>R#{bI!kW!tUZC|4W5$!
zz9S3oa@h`EOx&fEbjcj=wqB{TOx%$D#r2z1ALo%PtapNgXldqw`aB~0oflM<G+5qc
zH}|sNz||MYVEwuw;)62RV&cKUE=8ElD)nml19ht5)Wtu7GQ6)w<F?1q7cV*S=z3+?
zzm(g@7&%{JZvX4xk57<!{<(*^+d50?R=oTVvz(t(FI6<Rz56)axo)EhrU@T%5XU|L
z^aBVA_PqyL_ueW$0~*c~@><V{`bIZi@p;~|UXVUHyNDTV-FY$PXRGKu*8JR~e^@?x
zv6JYLj>p)4w!JMUqF#9h9JoB4aB|H{U}_mHNO~FEF+G&d?OcWFG_#>p{K1tp)x5D^
zddiiMw2-lsc{+|fpMM6V>a{)t_8DZJlmm000l#-1e%r%>T1;8tHrffAC#g^GgYyJG
zM+z}0?^92ds0J241L}1yuUJ2umApv}+M#>~{0Pc&l#GAEl=~*Vb5l;4{8-y_srA&l
zW|*lRoZ+3gtfO{;I(<Zb<0H9H^k{49^X<{G=NFqJFBP>P;-w@L2|feb$e#fs^&3CW
z8=nD9>=5co36mOshv2B>rw8geBQ>$d59dP1n$1%NhtB|l;D;KrXTUOv_scFRIvz+W
pJ_8;yRi6QOi$71_b?Cug4)m_eJRz15IPiZEWB)HVj`VruKLA_+?e72p

diff --git a/docs/manual/src/docbook/namespace-config.xml b/docs/manual/src/docbook/namespace-config.xml
index f61b3da7ba..175f5f3943 100644
--- a/docs/manual/src/docbook/namespace-config.xml
+++ b/docs/manual/src/docbook/namespace-config.xml
@@ -9,8 +9,8 @@
     <para> Namespace configuration has been available since version 2.0 of the Spring framework. It
       allows you to supplement the traditional Spring beans application context syntax with elements
       from additional XML schema. You can find more information in the Spring <link
-        xlink:href="http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/apc.html">
-        Reference Documentation</link>. A namespace element can be used simply to allow a more
+        xlink:href="http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/apc.html"
+        > Reference Documentation</link>. A namespace element can be used simply to allow a more
       concise way of configuring an individual bean or, more powerfully, to define an alternative
       configuration syntax which more closely matches the problem domain and hides the underlying
       complexity from the user. A simple element may conceal the fact that multiple beans and
@@ -21,13 +21,13 @@
 ]]></programlisting> This is much simpler than wiring up the equivalent Apache Directory Server
       beans. The most common alternative configuration requirements are supported by attributes on
       the <literal>ldap-server</literal> element and the user is isolated from worrying about which
-      beans they need to create and what the bean property names are. <footnote><para>You can find out
-          more about the use of the <literal>ldap-server</literal> element in the chapter on <link
-            xlink:href="#ldap">LDAP</link>.</para></footnote>. Use of a good XML editor while
-      editing the application context file should provide information on the attributes and elements
-      that are available. We would recommend that you try out the <link
-        xlink:href="http://www.springsource.com/products/sts">SpringSource Tool Suite</link> as it
-      has special features for working with standard Spring namespaces. </para>
+      beans they need to create and what the bean property names are. <footnote>
+        <para>You can find out more about the use of the <literal>ldap-server</literal> element in
+          the chapter on <link xlink:href="#ldap">LDAP</link>.</para>
+      </footnote>. Use of a good XML editor while editing the application context file should
+      provide information on the attributes and elements that are available. We would recommend that
+      you try out the <link xlink:href="http://www.springsource.com/products/sts">SpringSource Tool
+        Suite</link> as it has special features for working with standard Spring namespaces. </para>
     <para> To start using the security namespace in your application context, all you need to do is
       add the schema declaration to your application context file: <programlisting language="xml">
   <![CDATA[
@@ -61,28 +61,44 @@
       <para> The namespace is designed to capture the most common uses of the framework and provide
         a simplified and concise syntax for enabling them within an application. The design is based
         around the large-scale dependencies within the framework, and can be divided up into the
-        following areas: <itemizedlist><listitem><para>
+        following areas: <itemizedlist>
+          <listitem>
+            <para>
               <emphasis>Web/HTTP Security</emphasis> - the most complex part. Sets up the filters
               and related service beans used to apply the framework authentication mechanisms, to
-              secure URLs, render login and error pages and much
-              more.</para></listitem><listitem><para>
+              secure URLs, render login and error pages and much more.</para>
+          </listitem>
+          <listitem>
+            <para>
               <emphasis>Business Object (Method) Security</emphasis> - options for securing the
-              service layer.</para></listitem><listitem><para>
+              service layer.</para>
+          </listitem>
+          <listitem>
+            <para>
               <emphasis>AuthenticationManager</emphasis> - handles authentication requests from
-              other parts of the framework.</para></listitem><listitem><para>
+              other parts of the framework.</para>
+          </listitem>
+          <listitem>
+            <para>
               <emphasis>AccessDecisionManager</emphasis> - provides access decisions for web and
               method security. A default one will be registered, but you can also choose to use a
-              custom one, declared using normal Spring bean
-              syntax.</para></listitem><listitem><para>
+              custom one, declared using normal Spring bean syntax.</para>
+          </listitem>
+          <listitem>
+            <para>
               <emphasis>AuthenticationProvider</emphasis>s - mechanisms against which the
               authentication manager authenticates users. The namespace provides supports for
               several standard options and also a means of adding custom beans declared using a
-              traditional syntax. </para></listitem><listitem><para>
+              traditional syntax. </para>
+          </listitem>
+          <listitem>
+            <para>
               <emphasis>UserDetailsService</emphasis> - closely related to authentication providers,
-              but often also required by other beans.</para></listitem>
+              but often also required by other beans.</para>
+          </listitem>
           <!-- todo: diagram and link to other sections which describe the interfaces -->
         </itemizedlist></para>
-      <para>We'll see how these work together in the following sections.</para>
+      <para>We'll see how to configure these in the following sections.</para>
     </section>
   </section>
   <section xml:id="ns-getting-started">
@@ -91,8 +107,8 @@
       of the main features of the framework. Let's assume you initially want to get up and running
       as quickly as possible and add authentication support and access control to an existing web
       application, with a few test logins. Then we'll look at how to change over to authenticating
-      against a database or other security information repository. In later sections we'll introduce
-      more advanced namespace configuration options. </para>
+      against a database or other security repository. In later sections we'll introduce more
+      advanced namespace configuration options. </para>
     <section xml:id="ns-web-xml">
       <title><literal>web.xml</literal> Configuration</title>
       <para> The first thing you need to do is add the following filter declaration to your
@@ -124,12 +140,28 @@
   </http>
   ]]>
 </programlisting> Which says that we want all URLs within our application to be secured,
-        requiring the role <literal>ROLE_USER</literal> to access them.</para>
+        requiring the role <literal>ROLE_USER</literal> to access them. The
+          <literal>&lt;http></literal> element is the parent for all web-related namespace
+        functionality. The <literal>&lt;intercept-url></literal> element defines a
+          <literal>pattern</literal> which is matched against the URLs of incoming requests using an
+        ant path style syntax. The <literal>access</literal> attribute defines the access
+        requirements for requests matching the given pattern. With the default configuration, this
+        is typically a comma-separated list of roles, one of which a user must have to be allowed to
+        make the request. Access-control in Spring Security is not limited to the use of simple
+        roles, however, and we'll see later how the interpretation can vary<footnote>
+          <para>The interpretation of the comma-separated values in the <literal>access</literal>
+            attribute depends on the implementation of the <link xlink:href="#ns-access-manager"
+              >AccessDecisionManager</link> which is used. In Spring Security 3.0, the attribute can
+            also be populated with an <link xlink:href="#el-access">EL expression</link>.</para>
+        </footnote>.</para>
       <note>
         <para>You can use multiple <literal>&lt;intercept-url&gt;</literal> elements to define
           different access requirements for different sets of URLs, but they will be evaluated in
           the order listed and the first match will be used. So you must put the most specific
-          matches at the top.</para>
+          matches at the top. You can also add a <literal>method</literal> attribute to limit the
+          match to a particular HTTP method (<literal>GET</literal>, <literal>POST</literal>,
+            <literal>PUT</literal> etc.). For a pattern defined both with and without a method, the
+          method-specific match will take precedence regardless of ordering. </para>
       </note>
       <para> To add some users, you can define a set of test data directly in the namespace: <programlisting language="xml"><![CDATA[
   <authentication-manager>
@@ -144,10 +176,10 @@
         </programlisting></para>
       <sidebar>
         <para>If you are familiar with pre-namespace versions of the framework, you can probably
-          already guess roughly what's going on here. The &lt;http&gt; element is responsible for
-          creating a <classname>FilterChainProxy</classname> and the filter beans which it uses.
-          Common issues like incorrect filter ordering are no longer an issue as the filter
-          positions are predefined.</para>
+          already guess roughly what's going on here. The <literal>&lt;http&gt;</literal> element is
+          responsible for creating a <classname>FilterChainProxy</classname> and the filter beans
+          which it uses. Common problems like incorrect filter ordering are no longer an issue as
+          the filter positions are predefined.</para>
         <para>The <literal>&lt;authentication-provider&gt;</literal> element creates a
             <classname>DaoAuthenticationProvider</classname> bean and the
             <literal>&lt;user-service&gt;</literal> element creates an
@@ -185,14 +217,15 @@
     <logout />
   </http>
   ]]></programlisting> These other elements are responsible for setting up form-login, basic
-          authentication and logout handling services respectively <footnote><para>In versions prior
-              to 3.0, this list also included remember-me functionality. This could cause some
-              confusing errors with some configurations and was removed in 3.0. In 3.0, the addition
-              of an <classname>AnonymousAuthenticationFilter</classname> is part of the default
-                <literal>&lt;http></literal> configuration, so the <literal>&lt;anonymous
-                /></literal> element is added regardless of whether <literal>auto-config</literal>
-              is enabled.</para></footnote> . They each have attributes which can be used to alter
-          their behaviour. </para>
+          authentication and logout handling services respectively <footnote>
+            <para>In versions prior to 3.0, this list also included remember-me functionality. This
+              could cause some confusing errors with some configurations and was removed in 3.0. In
+              3.0, the addition of an <classname>AnonymousAuthenticationFilter</classname> is part
+              of the default <literal>&lt;http></literal> configuration, so the
+                <literal>&lt;anonymous /></literal> element is added regardless of whether
+                <literal>auto-config</literal> is enabled.</para>
+          </footnote> . They each have attributes which can be used to alter their behaviour.
+        </para>
       </section>
       <section xml:id="ns-form-and-basic">
         <title>Form and Basic Login Options</title>
@@ -213,13 +246,16 @@
         </programlisting> Note that you can still use <literal>auto-config</literal>. The
             <literal>form-login</literal> element just overrides the default settings. Also note
           that we've added an extra <literal>intercept-url</literal> element to say that any
-          requests for the login page should be available to anonymous users <footnote><para>See the
-              chapter on <link xlink:href="#anonymous">anonymous authentication</link> for more
-              details.</para></footnote>. Otherwise the request would be matched by the pattern
-            <literal>/**</literal> and it wouldn't be possible to access the login page itself! This
-          is a common configuration error and will result in an infinite loop in the application.
-          Spring Security will emit a warning in the log if your login page appears to be secured.
-          It is also possible to have all requests matching a particular pattern bypass the security
+          requests for the login page should be available to anonymous users <footnote>
+            <para>See the chapter on <link xlink:href="#anonymous">anonymous authentication</link>
+              and also the <link xlink:href="#authz-authenticated-voter">AuthenticatedVoter</link>
+              class for more details on how the value
+                <literal>IS_AUTHENTICATED_ANONYMOUSLY</literal> is processed.</para>
+          </footnote>. Otherwise the request would be matched by the pattern <literal>/**</literal>
+          and it wouldn't be possible to access the login page itself! This is a common
+          configuration error and will result in an infinite loop in the application. Spring
+          Security will emit a warning in the log if your login page appears to be secured. It is
+          also possible to have all requests matching a particular pattern bypass the security
           filter chain completely: <programlisting language="xml"><![CDATA[
   <http auto-config='true'>
     <intercept-url pattern="/css/**" filters="none"/>  
@@ -228,9 +264,12 @@
     <form-login login-page='/login.jsp'/>
   </http>
   ]]>
-          </programlisting> Note that these requests will be completely oblivious to Spring
-          Security, so you will not be able to access information on the current user or call
-          secured methods during the request. </para>
+          </programlisting>It's important to realise that these requests will be completely
+          oblivious to any further Spring Security web-related configuration or additional
+          attributes such as <literal>requires-channel</literal>, so you will not be able to access
+          information on the current user or call secured methods during the request. Use
+            <literal>access='IS_AUTHENTICATED_ANONYMOUSLY'</literal> as an alternative if you still
+          want the security filter chain to be applied.</para>
         <para>If you want to use basic authentication instead of form login, then change the
           configuration to <programlisting language="xml"><![CDATA[
   <http auto-config='true'>
@@ -282,7 +321,7 @@
     </authentication-provider>
   </authentication-manager>
   ]]>
-        </programlisting> Where "securityDataSource" is the name of a
+        </programlisting> Where <quote>securityDataSource</quote> is the name of a
           <classname>DataSource</classname> bean in the application context, pointing at a database
         containing the standard Spring Security <link xlink:href="#db_schema_users_authorities">user
           data tables</link>. Alternatively, you could configure a Spring Security
@@ -437,14 +476,20 @@
           logs in. If you don't require this protection, or it conflicts with some other
           requirement, you can control the behaviour using the
             <literal>session-fixation-protection</literal> attribute on
-            <literal>&lt;session-management&gt;</literal>, which has three options
-                  <itemizedlist><listitem><para><literal>migrateSession</literal> - creates a new
-                session and copies the existing session attributes to the new session. This is the
-                default.</para></listitem><listitem><para><literal>none</literal> - Don't do
-                anything. The original session will be
-                  retained.</para></listitem><listitem><para><literal>newSession</literal> - Create
-                a new "clean" session, without copying the existing session
-            data.</para></listitem></itemizedlist></para>
+            <literal>&lt;session-management&gt;</literal>, which has three options <itemizedlist>
+            <listitem>
+              <para><literal>migrateSession</literal> - creates a new session and copies the
+                existing session attributes to the new session. This is the default.</para>
+            </listitem>
+            <listitem>
+              <para><literal>none</literal> - Don't do anything. The original session will be
+                retained.</para>
+            </listitem>
+            <listitem>
+              <para><literal>newSession</literal> - Create a new "clean" session, without copying
+                the existing session data.</para>
+            </listitem>
+          </itemizedlist></para>
       </section>
     </section>
     <section xml:id="ns-openid">
@@ -481,48 +526,112 @@
       <para>The order of the filters is always strictly enforced when using the namespace. When the
         application context is being created, the filter beans are sorted by the namespace handling
         code and the standard Spring Security filters each have an alias in the namespace and a
-        well-known position.<note><para>In previous versions, the sorting took place after the
-            filter instances had been created, during post-processing of the application context. In
-            version 3.0+ the sorting is now done at the bean metadata level, before the classes have
-            been instantiated. This has implications for how you add your own filters to the stack
-            as the entire filter list must be known during the parsing of the
-              <literal>&lt;http></literal> element, so the syntax has changed slightly in
-            3.0.</para></note>The filters, aliases and namespace elements/attributes which create
-        the filters are shown in <xref linkend="filter-stack"/>. The filters are listed in the order
-        in which they occur in the filter chain. <table xml:id="filter-stack"><title>Standard Filter
-            Aliases and Ordering</title><tgroup cols="3" align="left"><thead><row><entry
-                  align="center">Alias</entry><entry align="center">Filter Class</entry><entry
-                  align="center">Namespace Element or
-                  Attribute</entry></row></thead><tbody><row><entry>
-                    CHANNEL_FILTER</entry><entry><literal>ChannelProcessingFilter</literal></entry><entry><literal>http/intercept-url@requires-channel</literal></entry></row><row><entry>
-                  CONCURRENT_SESSION_FILTER</entry><entry><literal>ConcurrentSessionFilter</literal>
-                </entry><entry><literal>session-management/concurrency-control</literal></entry></row><row><entry>
-                  SECURITY_CONTEXT_FILTER</entry><entry><classname>SecurityContextPersistenceFilter</classname></entry><entry><literal>http</literal></entry></row><row><entry>
-                  LOGOUT_FILTER
-                    </entry><entry><literal>LogoutFilter</literal></entry><entry><literal>http/logout</literal></entry></row><row><entry>
-                  X509_FILTER
-                    </entry><entry><literal>X509AuthenticationFilter</literal></entry><entry><literal>http/x509</literal></entry></row><row><entry>
-                  PRE_AUTH_FILTER
-                    </entry><entry><literal>AstractPreAuthenticatedProcessingFilter</literal>
-                  Subclasses</entry><entry>N/A</entry></row><row><entry> CAS_FILTER
-                    </entry><entry><literal>CasAuthenticationFilter</literal></entry><entry>N/A</entry></row><row><entry>
-                  FORM_LOGIN_FILTER
-                    </entry><entry><literal>UsernamePasswordAuthenticationFilter</literal></entry><entry><literal>http/form-login</literal></entry></row><row><entry>
-                  BASIC_AUTH_FILTER
-                  </entry><entry><literal>BasicAuthenticationFilter</literal></entry><entry><literal>http/http-basic</literal></entry></row><row><entry>
-                  SERVLET_API_SUPPORT_FILTER</entry><entry><literal>SecurityContextHolderAwareFilter</literal></entry><entry><literal>http/@servlet-api-provision</literal></entry></row><row><entry>
-                  REMEMBER_ME_FILTER
-                    </entry><entry><classname>RememberMeAuthenticationFilter</classname></entry><entry><literal>http/remember-me</literal></entry></row><row><entry>
-                  ANONYMOUS_FILTER
-                  </entry><entry><literal>AnonymousAuthenticationFilter</literal></entry><entry><literal>http/anonymous</literal></entry></row><row><entry>
-                  SESSION_MANAGEMENT_FILTER</entry><entry><literal>SessionManagementFilter</literal></entry><entry><literal>session-management</literal></entry></row><row><entry>EXCEPTION_TRANSLATION_FILTER
-                    </entry><entry><classname>ExceptionTranslationFilter</classname></entry><entry><literal>http</literal></entry></row><row><entry>
-                  FILTER_SECURITY_INTERCEPTOR
-                    </entry><entry><classname>FilterSecurityInterceptor</classname></entry><entry><literal>http</literal></entry></row><row><entry>
-                  SWITCH_USER_FILTER
-                  </entry><entry><literal>SwitchUserFilter</literal></entry><entry>N/A</entry></row></tbody></tgroup></table>
-        You can add your own filter to the stack, using the <literal>custom-filter</literal> element
-        and one of these names to specify the position your filter should appear at: <programlisting language="xml"><![CDATA[
+        well-known position.<note>
+          <para>In previous versions, the sorting took place after the filter instances had been
+            created, during post-processing of the application context. In version 3.0+ the sorting
+            is now done at the bean metadata level, before the classes have been instantiated. This
+            has implications for how you add your own filters to the stack as the entire filter list
+            must be known during the parsing of the <literal>&lt;http></literal> element, so the
+            syntax has changed slightly in 3.0.</para>
+        </note>The filters, aliases and namespace elements/attributes which create the filters are
+        shown in <xref linkend="filter-stack"/>. The filters are listed in the order in which they
+        occur in the filter chain. <table xml:id="filter-stack">
+          <title>Standard Filter Aliases and Ordering</title>
+          <tgroup cols="3" align="left">
+            <thead>
+              <row>
+                <entry align="center">Alias</entry>
+                <entry align="center">Filter Class</entry>
+                <entry align="center">Namespace Element or Attribute</entry>
+              </row>
+            </thead>
+            <tbody>
+              <row>
+                <entry> CHANNEL_FILTER</entry>
+                <entry><literal>ChannelProcessingFilter</literal></entry>
+                <entry><literal>http/intercept-url@requires-channel</literal></entry>
+              </row>
+              <row>
+                <entry> CONCURRENT_SESSION_FILTER</entry>
+                <entry><literal>ConcurrentSessionFilter</literal>
+                </entry>
+                <entry><literal>session-management/concurrency-control</literal></entry>
+              </row>
+              <row>
+                <entry> SECURITY_CONTEXT_FILTER</entry>
+                <entry><classname>SecurityContextPersistenceFilter</classname></entry>
+                <entry><literal>http</literal></entry>
+              </row>
+              <row>
+                <entry> LOGOUT_FILTER </entry>
+                <entry><literal>LogoutFilter</literal></entry>
+                <entry><literal>http/logout</literal></entry>
+              </row>
+              <row>
+                <entry> X509_FILTER </entry>
+                <entry><literal>X509AuthenticationFilter</literal></entry>
+                <entry><literal>http/x509</literal></entry>
+              </row>
+              <row>
+                <entry> PRE_AUTH_FILTER </entry>
+                <entry><literal>AstractPreAuthenticatedProcessingFilter</literal> Subclasses</entry>
+                <entry>N/A</entry>
+              </row>
+              <row>
+                <entry> CAS_FILTER </entry>
+                <entry><literal>CasAuthenticationFilter</literal></entry>
+                <entry>N/A</entry>
+              </row>
+              <row>
+                <entry> FORM_LOGIN_FILTER </entry>
+                <entry><literal>UsernamePasswordAuthenticationFilter</literal></entry>
+                <entry><literal>http/form-login</literal></entry>
+              </row>
+              <row>
+                <entry> BASIC_AUTH_FILTER </entry>
+                <entry><literal>BasicAuthenticationFilter</literal></entry>
+                <entry><literal>http/http-basic</literal></entry>
+              </row>
+              <row>
+                <entry> SERVLET_API_SUPPORT_FILTER</entry>
+                <entry><literal>SecurityContextHolderAwareFilter</literal></entry>
+                <entry><literal>http/@servlet-api-provision</literal></entry>
+              </row>
+              <row>
+                <entry> REMEMBER_ME_FILTER </entry>
+                <entry><classname>RememberMeAuthenticationFilter</classname></entry>
+                <entry><literal>http/remember-me</literal></entry>
+              </row>
+              <row>
+                <entry> ANONYMOUS_FILTER </entry>
+                <entry><literal>AnonymousAuthenticationFilter</literal></entry>
+                <entry><literal>http/anonymous</literal></entry>
+              </row>
+              <row>
+                <entry> SESSION_MANAGEMENT_FILTER</entry>
+                <entry><literal>SessionManagementFilter</literal></entry>
+                <entry><literal>session-management</literal></entry>
+              </row>
+              <row>
+                <entry>EXCEPTION_TRANSLATION_FILTER </entry>
+                <entry><classname>ExceptionTranslationFilter</classname></entry>
+                <entry><literal>http</literal></entry>
+              </row>
+              <row>
+                <entry> FILTER_SECURITY_INTERCEPTOR </entry>
+                <entry><classname>FilterSecurityInterceptor</classname></entry>
+                <entry><literal>http</literal></entry>
+              </row>
+              <row>
+                <entry> SWITCH_USER_FILTER </entry>
+                <entry><literal>SwitchUserFilter</literal></entry>
+                <entry>N/A</entry>
+              </row>
+            </tbody>
+          </tgroup>
+        </table> You can add your own filter to the stack, using the
+          <literal>custom-filter</literal> element and one of these names to specify the position
+        your filter should appear at: <programlisting language="xml"><![CDATA[
   <http>
      <custom-filter position="FORM_LOGIN_FILTER" ref="myFilter" />
   </http>
@@ -569,10 +678,10 @@
     <para>From version 2.0 onwards Spring Security has improved support substantially for adding
       security to your service layer methods. It provides support for JSR-250 security as well as
       the framework's original <literal>@Secured</literal> annotation. From 3.0 you can also make
-      use of new <link xlink:href="el-access">expression-based annotations</link>. 
-      You can apply security to a single bean, using the
-        <literal>intercept-methods</literal> element to decorate the bean declaration, or you can
-      secure multiple beans across the entire service layer using the AspectJ style pointcuts. </para>
+      use of new <link xlink:href="el-access">expression-based annotations</link>. You can apply
+      security to a single bean, using the <literal>intercept-methods</literal> element to decorate
+      the bean declaration, or you can secure multiple beans across the entire service layer using
+      the AspectJ style pointcuts. </para>
     <section xml:id="ns-global-method">
       <title>The <literal>&lt;global-method-security&gt;</literal> Element</title>
       <para> This element is used to enable annotation-based security in your application (by
@@ -639,7 +748,7 @@
     <para> This section assumes you have some knowledge of the underlying architecture for
       access-control within Spring Security. If you don't you can skip it and come back to it later,
       as this section is only really relevant for people who need to do some customization in order
-      to use more than simple role based security. </para>
+      to use more than simple role-based security. </para>
     <para> When you use a namespace configuration, a default instance of
         <interfacename>AccessDecisionManager</interfacename> is automatically registered for you and
       will be used for making access decisions for method invocations and web URL access, based on
@@ -648,7 +757,8 @@
       annotation secured methods). </para>
     <para> The default strategy is to use an <classname>AffirmativeBased</classname>
       <interfacename>AccessDecisionManager</interfacename> with a <classname>RoleVoter</classname>
-      and an <classname>AuthenticatedVoter</classname>. </para>
+      and an <classname>AuthenticatedVoter</classname>. You can find out more about these in the
+      chapter on <link xlink:href="authorization">authorization</link>.</para>
     <section xml:id="ns-custom-access-mgr">
       <title>Customizing the AccessDecisionManager</title>
       <para> If you need to use a more complicated access control strategy then it is easy to set an
@@ -694,9 +804,9 @@
   </bean>
   ]]></programlisting></para>
     <para> Another common requirement is that another bean in the context may require a reference to
-      the <interfacename>AuthenticationManager</interfacename>. You can easily
-      register an alias for the <interfacename>AuthenticationManager</interfacename> and
-      use this name elsewhere in your application context. <programlisting language="xml"><![CDATA[        
+      the <interfacename>AuthenticationManager</interfacename>. You can easily register an alias for
+      the <interfacename>AuthenticationManager</interfacename> and use this name elsewhere in your
+      application context. <programlisting language="xml"><![CDATA[        
   <security:authentication-manager alias="authenticationManager"> 
      ...
   </security:authentication-manager>
diff --git a/docs/manual/src/docbook/remember-me-authentication.xml b/docs/manual/src/docbook/remember-me-authentication.xml
index 494e61f9fe..7de289626e 100644
--- a/docs/manual/src/docbook/remember-me-authentication.xml
+++ b/docs/manual/src/docbook/remember-me-authentication.xml
@@ -46,7 +46,7 @@
             more significant security is needed you should use the approach described in the next
             section. Alternatively remember-me services should simply not be used at all.</para>
         <para>If you are familiar with the topics discussed in the chapter on <link
-                xlink:href="ns-config">namespace configuration</link>, you can enable remember-me
+                xlink:href="#ns-config">namespace configuration</link>, you can enable remember-me
             authentication just by adding the <literal>&lt;remember-me&gt;</literal> element: <programlisting><![CDATA[
   <http>
     ...
@@ -64,11 +64,12 @@
         <para>This approach is based on the article <link
                 xlink:href="http://jaspan.com/improved_persistent_login_cookie_best_practice"
                 >http://jaspan.com/improved_persistent_login_cookie_best_practice</link> with some
-            minor modifications <footnote><para>Essentially, the username is not included in the
-                    cookie, to prevent exposing a valid login name unecessarily. There is a
-                    discussion on this in the comments section of this article.</para></footnote>.
-            To use the this approach with namespace configuration, you would supply a datasource
-            reference: <programlisting><![CDATA[
+            minor modifications <footnote>
+                <para>Essentially, the username is not included in the cookie, to prevent exposing a
+                    valid login name unecessarily. There is a discussion on this in the comments
+                    section of this article.</para>
+            </footnote>. To use the this approach with namespace configuration, you would supply a
+            datasource reference: <programlisting><![CDATA[
   <http>
     ...
     <remember-me data-source-ref="someDataSource"/>
@@ -161,12 +162,16 @@
             <para> This class can be used in the same way as
                     <classname>TokenBasedRememberMeServices</classname>, but it additionally needs
                 to be configured with a <interfacename>PersistentTokenRepository</interfacename> to
-                store the tokens. There are two standard implementations.
-                                <itemizedlist><listitem><para><classname>InMemoryTokenRepositoryImpl</classname>
-                            which is intended for testing
-                                only.</para></listitem><listitem><para><classname>JdbcTokenRepositoryImpl</classname>
-                            which stores the tokens in a database. </para></listitem></itemizedlist>
-                The database schema is described above in <xref
+                store the tokens. There are two standard implementations. <itemizedlist>
+                    <listitem>
+                        <para><classname>InMemoryTokenRepositoryImpl</classname> which is intended
+                            for testing only.</para>
+                    </listitem>
+                    <listitem>
+                        <para><classname>JdbcTokenRepositoryImpl</classname> which stores the tokens
+                            in a database. </para>
+                    </listitem>
+                </itemizedlist> The database schema is described above in <xref
                     linkend="remember-me-persistent-token"/>. </para>
         </section>
     </section>
diff --git a/docs/manual/src/docbook/springsecurity.xml b/docs/manual/src/docbook/springsecurity.xml
index 5c1b665b58..e893bf7751 100644
--- a/docs/manual/src/docbook/springsecurity.xml
+++ b/docs/manual/src/docbook/springsecurity.xml
@@ -1,12 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <book version="5.0" xml:id="spring-security-reference-guide" xmlns="http://docbook.org/ns/docbook"
   xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xi="http://www.w3.org/2001/XInclude">
-  <info><title>Spring Security</title><subtitle>Reference
-        Documentation</subtitle><authorgroup><author>
+  <info><title>Spring Security</title><subtitle>Reference Documentation</subtitle><authorgroup>
+      <author>
         <personname>Ben Alex</personname>
-      </author><author>
+      </author>
+      <author>
         <personname>Luke Taylor</personname>
-      </author></authorgroup>
+      </author>
+    </authorgroup>
     <productname>Spring Security</productname>
     <releaseinfo>3.0.0.RC2</releaseinfo>
   </info>
@@ -77,9 +79,9 @@
       <para> We'll also take a look at the sample applications that are available. It's worth trying
         to run these and experimenting with them a bit even before you read the later sections - you
         can dip back into them as your understanding of the framework increases. Please also check
-        out the <link xlink:href="http://static.springsource.org/spring-security/site/index.html">project website</link> as
-        it has useful information on building the project, plus links to articles, videos and tutorials.
-      </para>
+        out the <link xlink:href="http://static.springsource.org/spring-security/site/index.html"
+          >project website</link> as it has useful information on building the project, plus links
+        to articles, videos and tutorials. </para>
     </partintro>
     <xi:include href="introduction.xml"/>
     <xi:include href="namespace-config.xml"/>
diff --git a/docs/manual/src/docbook/technical-overview.xml b/docs/manual/src/docbook/technical-overview.xml
index fe2daa35a2..86c448a913 100644
--- a/docs/manual/src/docbook/technical-overview.xml
+++ b/docs/manual/src/docbook/technical-overview.xml
@@ -189,31 +189,50 @@ if (principal instanceof UserDetails) {
       own proprietary authentication system. </para>
     <section>
       <title>What is authentication in Spring Security?</title>
-      <para> Let's consider a standard authentication scenario that everyone is familiar with.
-              <orderedlist><listitem><para>A user is prompted to log in with a username and
-              password.</para></listitem><listitem><para>The system (successfully) verifies that the
-              password is correct for the username.</para></listitem><listitem><para>The context
-              information for that user is obtained (their list of roles and so
-            on).</para></listitem><listitem><para>A security context is established for the
-              user</para></listitem><listitem><para>The user proceeds, potentially to perform some
-              operation which is potentially protected by an access control mechanism which checks
-              the required permissions for the operation against the current security context
-              information. </para></listitem></orderedlist> The first three items constitute the
-        authentication process so we'll take a look at how these take place within Spring
-              Security.<orderedlist><listitem><para>The username and password are obtained and
-              combined into an instance of
+      <para> Let's consider a standard authentication scenario that everyone is familiar with. <orderedlist>
+          <listitem>
+            <para>A user is prompted to log in with a username and password.</para>
+          </listitem>
+          <listitem>
+            <para>The system (successfully) verifies that the password is correct for the
+              username.</para>
+          </listitem>
+          <listitem>
+            <para>The context information for that user is obtained (their list of roles and so
+              on).</para>
+          </listitem>
+          <listitem>
+            <para>A security context is established for the user</para>
+          </listitem>
+          <listitem>
+            <para>The user proceeds, potentially to perform some operation which is potentially
+              protected by an access control mechanism which checks the required permissions for the
+              operation against the current security context information. </para>
+          </listitem>
+        </orderedlist> The first three items constitute the authentication process so we'll take a
+        look at how these take place within Spring Security.<orderedlist>
+          <listitem>
+            <para>The username and password are obtained and combined into an instance of
                 <classname>UsernamePasswordAuthenticationToken</classname> (an instance of the
                 <interfacename>Authentication</interfacename> interface, which we saw
-              earlier).</para></listitem><listitem><para>The token is passed to an instance of
-                <interfacename>AuthenticationManager</interfacename> for
-            validation.</para></listitem><listitem><para>The
-                <interfacename>AuthenticationManager</interfacename> returns a fully populated
+              earlier).</para>
+          </listitem>
+          <listitem>
+            <para>The token is passed to an instance of
+                <interfacename>AuthenticationManager</interfacename> for validation.</para>
+          </listitem>
+          <listitem>
+            <para>The <interfacename>AuthenticationManager</interfacename> returns a fully populated
                 <interfacename>Authentication</interfacename> instance on successful
-              authentication.</para></listitem><listitem><para>The security context is established
-              by calling <code>SecurityContextHolder.getContext().setAuthentication(...)</code>,
-              passing in the returned authentication object.</para></listitem></orderedlist>From
-        that point on, the user is considered to be authenticated. Let's look at some code as an
-        example.
+              authentication.</para>
+          </listitem>
+          <listitem>
+            <para>The security context is established by calling
+                <code>SecurityContextHolder.getContext().setAuthentication(...)</code>, passing in
+              the returned authentication object.</para>
+          </listitem>
+        </orderedlist>From that point on, the user is considered to be authenticated. Let's look at
+        some code as an example.
         <programlisting language="java">import org.springframework.security.authentication.*;
 import org.springframework.security.core.*;
 import org.springframework.security.core.authority.GrantedAuthorityImpl;
@@ -484,17 +503,29 @@ Successfully authenticated. Security context contains: \
           <interfacename>Authentication</interfacename> if the principal has been
         authenticated.</para>
       <para><classname>AbstractSecurityInterceptor</classname> provides a consistent workflow for
-        handling secure object requests, typically: <orderedlist><listitem><para>Look up the
-                <quote>configuration attributes</quote> associated with the present
-            request</para></listitem><listitem><para>Submitting the secure object, current
+        handling secure object requests, typically: <orderedlist>
+          <listitem>
+            <para>Look up the <quote>configuration attributes</quote> associated with the present
+              request</para>
+          </listitem>
+          <listitem>
+            <para>Submitting the secure object, current
                 <interfacename>Authentication</interfacename> and configuration attributes to the
                 <interfacename>AccessDecisionManager</interfacename> for an authorization
-              decision</para></listitem><listitem><para>Optionally change the
-                <interfacename>Authentication</interfacename> under which the invocation takes
-              place</para></listitem><listitem><para>Allow the secure object invocation to proceed
-              (assuming access was granted)</para></listitem><listitem><para>Call the
-                <interfacename>AfterInvocationManager</interfacename> if configured, once the
-              invocation has returned.</para></listitem></orderedlist></para>
+              decision</para>
+          </listitem>
+          <listitem>
+            <para>Optionally change the <interfacename>Authentication</interfacename> under which
+              the invocation takes place</para>
+          </listitem>
+          <listitem>
+            <para>Allow the secure object invocation to proceed (assuming access was granted)</para>
+          </listitem>
+          <listitem>
+            <para>Call the <interfacename>AfterInvocationManager</interfacename> if configured, once
+              the invocation has returned.</para>
+          </listitem>
+        </orderedlist></para>
       <section xml:id="tech-intro-config-attributes">
         <title>What are Configuration Attributes?</title>
         <para> A <quote>configuration attribute</quote> can be thought of as a String that has
@@ -507,8 +538,16 @@ Successfully authenticated. Security context contains: \
             <interfacename>SecurityMetadataSource</interfacename> which it uses to look up the
           attributes for a secure object. Usually this configuration will be hidden from the user.
           Configuration attributes will be entered as annotations on secured methods or as access
-          attributes on secured URLs (using the namespace <literal>&lt;intercept-url&gt;</literal>
-          syntax).</para>
+          attributes on secured URLs. For example, when we saw something like
+            <literal>&lt;intercept-url pattern='/secure/**' access='ROLE_A,ROLE_B'/></literal> in
+          the namespace introduction, this is saying that the configuration attributes
+            <literal>ROLE_A</literal> and <literal>ROLE_B</literal> apply to web requests matching
+          the given pattern. In practice, with the default
+            <interfacename>AccessDecisionManager</interfacename> configuration, this means that
+          anyone who has a <interfacename>GrantedAuthority</interfacename> matching either of these
+          two attributes will be allowed access. Strictly speaking though, they are just attributes
+          and the interpretation is dependent on the
+            <interfacename>AccessDecisionManager</interfacename> implementation.</para>
       </section>
       <section>
         <title>RunAsManager</title>
@@ -539,10 +578,14 @@ Successfully authenticated. Security context contains: \
           or not change it in any way as it chooses.</para>
         <para><classname>AbstractSecurityInterceptor</classname> and its related objects are shown
           in <xref linkend="abstract-security-interceptor"/>. <figure
-            xml:id="abstract-security-interceptor"><title>Security interceptors and the
-                <quote>secure object</quote> model</title><mediaobject><imageobject>
+            xml:id="abstract-security-interceptor">
+            <title>Security interceptors and the <quote>secure object</quote> model</title>
+            <mediaobject>
+              <imageobject>
                 <imagedata align="center" fileref="images/security-interception.png" format="PNG"/>
-              </imageobject></mediaobject></figure></para>
+              </imageobject>
+            </mediaobject>
+          </figure></para>
       </section>
       <section>
         <title>Extending the Secure Object Model</title>
diff --git a/docs/manual/src/xsl/html-custom.xsl b/docs/manual/src/xsl/html-custom.xsl
index c23bd8a468..3a6f626890 100644
--- a/docs/manual/src/xsl/html-custom.xsl
+++ b/docs/manual/src/xsl/html-custom.xsl
@@ -41,11 +41,11 @@
 <!-- Activate Graphics -->
 	<xsl:param name="admon.graphics" select="1"/>
 	<xsl:param name="admon.graphics.path">images/</xsl:param>
-	<xsl:param name="admon.graphics.extension">.gif</xsl:param>
+	<xsl:param name="admon.graphics.extension">.png</xsl:param>
 	<xsl:param name="callout.graphics" select="1" />
 	<xsl:param name="callout.defaultcolumn">120</xsl:param>
 	<xsl:param name="callout.graphics.path">images/callouts/</xsl:param>
-	<xsl:param name="callout.graphics.extension">.gif</xsl:param>
+	<xsl:param name="callout.graphics.extension">.png</xsl:param>
 
 	<xsl:param name="table.borders.with.css" select="1"/>
 	<xsl:param name="html.stylesheet">css/manual.css</xsl:param>
diff --git a/docs/manual/src/xsl/pdf-custom.xsl b/docs/manual/src/xsl/pdf-custom.xsl
index c761e4500b..c784b53176 100644
--- a/docs/manual/src/xsl/pdf-custom.xsl
+++ b/docs/manual/src/xsl/pdf-custom.xsl
@@ -28,8 +28,8 @@
 	<xsl:import href="http://docbook.sourceforge.net/release/xsl/current/fo/highlight.xsl"/>
 
 	<xsl:param name="admon.graphics">'1'</xsl:param>
-	<xsl:param name="admon.graphics.path">images/</xsl:param>
-	<xsl:param name="draft.watermark.image" select="'images/draft.png'"/>
+	<xsl:param name="admon.graphics.path">src/docbook/images/</xsl:param>
+	<!-- xsl:param name="draft.watermark.image" select="'images/draft.png'"/ -->
 	<xsl:param name="paper.type" select="'A4'"/>
 
 	<xsl:param name="page.margin.top" select="'1cm'"/>