Converted all namespace attributes which refer to bean IDs to use "-ref" suffix (or "ref").

core/src/main/java/org/springframework/security/config/AnnotationDrivenBeanDefinitionParser.java

@@ -25,8 +25,8 @@ import org.w3c.dom.Element;
 class AnnotationDrivenBeanDefinitionParser implements BeanDefinitionParser {
     public static final String SECURITY_ANNOTATION_ATTRIBUTES_CLASS = "org.springframework.security.annotation.SecurityAnnotationAttributes";
     public static final String JSR_250_SECURITY_ANNOTATION_ATTRIBUTES_CLASS = "org.springframework.security.annotation.Jsr250SecurityAnnotationAttributes";
-    private static final String ATT_ACCESS_MGR = "access-decision-manager";
-    private static final String ATT_USE_JSR250 = "jsr250";    
+    private static final String ATT_ACCESS_MGR = "access-decision-manager-ref";
+    private static final String ATT_USE_JSR250 = "jsr250";
 
     public BeanDefinition parse(Element element, ParserContext parserContext) {
         String className = "true".equals(element.getAttribute(ATT_USE_JSR250)) ?
@@ -55,7 +55,7 @@ class AnnotationDrivenBeanDefinitionParser implements BeanDefinitionParser {
         String accessManagerId = element.getAttribute(ATT_ACCESS_MGR);
 
         if (!StringUtils.hasText(accessManagerId)) {
-            ConfigUtils.registerDefaultAccessManagerIfNecessary(parserContext);            
+            ConfigUtils.registerDefaultAccessManagerIfNecessary(parserContext);
             accessManagerId = BeanIds.ACCESS_MANAGER;
         }
 

core/src/main/java/org/springframework/security/config/HttpSecurityBeanDefinitionParser.java

@@ -79,7 +79,7 @@ public class HttpSecurityBeanDefinitionParser implements BeanDefinitionParser {
     static final String ATT_SERVLET_API_PROVISION = "servlet-api-provision";
     static final String DEF_SERVLET_API_PROVISION = "true";
 
-    static final String ATT_ACCESS_MGR = "access-decision-manager";
+    static final String ATT_ACCESS_MGR = "access-decision-manager-ref";
 
     public BeanDefinition parse(Element element, ParserContext parserContext) {
         BeanDefinitionRegistry registry = parserContext.getRegistry();

core/src/main/java/org/springframework/security/config/JdbcUserServiceBeanDefinitionParser.java

@@ -10,7 +10,7 @@ import org.w3c.dom.Element;
  * @version $Id$
  */
 public class JdbcUserServiceBeanDefinitionParser extends AbstractUserDetailsServiceBeanDefinitionParser {
-	static final String ATT_DATA_SOURCE = "data-source";
+	static final String ATT_DATA_SOURCE = "data-source-ref";
 
     protected Class getBeanClass(Element element) {
         return JdbcUserDetailsManager.class;

core/src/main/java/org/springframework/security/config/RememberMeBeanDefinitionParser.java

@@ -24,9 +24,9 @@ import org.w3c.dom.Element;
 public class RememberMeBeanDefinitionParser implements BeanDefinitionParser {
     static final String ATT_KEY = "key";
     static final String DEF_KEY = "doesNotMatter";
-    
+
 	static final String ATT_DATA_SOURCE = "data-source";
-	static final String ATT_TOKEN_REPOSITORY = "token-repository";
+	static final String ATT_TOKEN_REPOSITORY = "token-repository-ref";
 	protected final Log logger = LogFactory.getLog(getClass());
 
     public BeanDefinition parse(Element element, ParserContext parserContext) {
@@ -70,14 +70,14 @@ public class RememberMeBeanDefinitionParser implements BeanDefinitionParser {
             isPersistent = false;
             services = new RootBeanDefinition(TokenBasedRememberMeServices.class);
         }
-        
+
         if (!StringUtils.hasText(key) && !isPersistent) {
         	key = DEF_KEY;
         }
 
         BeanDefinition authManager = ConfigUtils.registerProviderManagerIfNecessary(parserContext);
         BeanDefinition provider = new RootBeanDefinition(RememberMeAuthenticationProvider.class);
-        
+
         provider.getPropertyValues().addPropertyValue(ATT_KEY, key);
         services.getPropertyValues().addPropertyValue(ATT_KEY, key);
 

core/src/main/resources/org/springframework/security/config/spring-security-2.0.rnc

@@ -93,7 +93,9 @@ annotation-driven =
 annotation-driven.attlist &=
     ## Specifies that JSR-250 style attributes are to be used (for example "RolesAllowed" instead of "Secured"). This will require the javax.annotation.security classes on the classpath. Defaults to false.
     attribute jsr250 {"true" | "false" }?
-
+annotation-driven.attlist &=
+    ## Optional AccessDecisionManager bean ID to override the default.
+    attribute access-decision-manager-ref {xsd:string}?
 
 http =
     ## Container element for HTTP security configuration
@@ -115,7 +117,7 @@ http.attlist &=
     attribute servlet-api-provision {"true" | "false"}?
 http.attlist &=
     ## Optional attribute specifying the ID of the AccessDecisionManager implementation which should be used for authorizing HTTP requests.
-    attribute access-decision-manager {xsd:string}?
+    attribute access-decision-manager-ref {xsd:string}?
 http.attlist &=
     ## Optional attribute specifying the realm name that will be used for all authentication features that require a realm name (eg BASIC and Digest authentication). If unspecified, defaults to "Spring Security Application".
     attribute realm {xsd:string}?
@@ -198,7 +200,7 @@ concurrent-sessions.attlist &=
 remember-me =
     element remember-me {remember-me.attlist}
 remember-me.attlist &=
-    (attribute key {xsd:string} | (attribute token-repository {xsd:string} | attribute data-source {xsd:string}))
+    (attribute key {xsd:string} | (attribute token-repository-ref {xsd:string} | attribute data-source-ref {xsd:string}))
 
 anonymous =
 	## Adds support for automatically granting all anonymous web requests a particular principal identity and a corresponding granted authority.
@@ -257,7 +259,7 @@ jdbc-user-service =
     element jdbc-user-service {id? & jdbc-user-service.attlist} 
 jdbc-user-service.attlist &=
 	## The bean ID of the DataSource which provides the required tables.
-    attribute data-source {xsd:string}
+    attribute data-source-ref {xsd:string}
     
     
 user-filter =

core/src/main/resources/org/springframework/security/config/spring-security-2.0.xsd

@@ -244,6 +244,11 @@
         </xs:restriction>
       </xs:simpleType>
     </xs:attribute>
+    <xs:attribute name="access-decision-manager-ref" type="xs:string">
+      <xs:annotation>
+        <xs:documentation>Optional AccessDecisionManager bean ID to override the default.</xs:documentation>
+      </xs:annotation>
+    </xs:attribute>
   </xs:attributeGroup>
   <xs:element name="http">
     <xs:annotation>
@@ -320,7 +325,7 @@
         </xs:restriction>
       </xs:simpleType>
     </xs:attribute>
-    <xs:attribute name="access-decision-manager" type="xs:string">
+    <xs:attribute name="access-decision-manager-ref" type="xs:string">
       <xs:annotation>
         <xs:documentation>Optional attribute specifying the ID of the AccessDecisionManager implementation which should be used for authorizing HTTP requests.</xs:documentation>
       </xs:annotation>
@@ -493,8 +498,8 @@
   </xs:element>
   <xs:attributeGroup name="remember-me.attlist">
     <xs:attribute name="key" type="xs:string"/>
-    <xs:attribute name="token-repository" type="xs:string"/>
-    <xs:attribute name="data-source" type="xs:string"/>
+    <xs:attribute name="token-repository-ref" type="xs:string"/>
+    <xs:attribute name="data-source-ref" type="xs:string"/>
   </xs:attributeGroup>
   <xs:element name="anonymous">
     <xs:annotation>
@@ -623,7 +628,7 @@
     </xs:complexType>
   </xs:element>
   <xs:attributeGroup name="jdbc-user-service.attlist">
-    <xs:attribute name="data-source" use="required" type="xs:string">
+    <xs:attribute name="data-source-ref" use="required" type="xs:string">
       <xs:annotation>
         <xs:documentation>The bean ID of the DataSource which provides the required tables.</xs:documentation>
       </xs:annotation>

core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java

@@ -9,6 +9,7 @@ import org.springframework.security.ui.ExceptionTranslationFilter;
 import org.springframework.security.ui.basicauth.BasicProcessingFilter;
 import org.springframework.security.ui.logout.LogoutFilter;
 import org.springframework.security.ui.rememberme.RememberMeProcessingFilter;
+import org.springframework.security.ui.rememberme.PersistentTokenBasedRememberMeServices;
 import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
 import org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter;
 import org.springframework.security.util.FilterChainProxy;
@@ -191,6 +192,19 @@ public class HttpSecurityBeanDefinitionParserTests {
         assertEquals("userFilter", ((OrderedFilterBeanDefinitionDecorator.OrderedFilterDecorator)filters.get(10)).getBeanName());
     }
 
+    @Test
+    public void rememberMeServiceWorksWithTokenRepoRef() {
+        setContext(
+                "<http auto-config='true'>" +
+                "    <remember-me key='doesntmatter' token-repository-ref='tokenRepo'/>" +
+                "</http>" +
+                "<b:bean id='tokenRepo' " +
+                        "class='org.springframework.security.ui.rememberme.InMemoryTokenRepositoryImpl'/> " + AUTH_PROVIDER_XML);
+        Object rememberMeServices = appContext.getBean(BeanIds.REMEMBER_ME_SERVICES);
+
+        assertTrue(rememberMeServices instanceof PersistentTokenBasedRememberMeServices);
+    }
+
     private void setContext(String context) {
         appContext = new InMemoryXmlApplicationContext(context);
     }

core/src/test/resources/org/springframework/security/config/http-security.xml

@@ -7,9 +7,9 @@
 http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
 
     <http>
-        <intercept-url pattern="/unprotected" filters="none" />
-        <intercept-url pattern="/somepath" access="ROLE_SPECIAL,ROLE_USER" requires-channel="http" />
-        <intercept-url pattern="/**" access="ROLE_USER" />
+        <intercept-url pattern='/unprotected' filters='none' />
+        <intercept-url pattern='/somepath' access='ROLE_SPECIAL,ROLE_USER' requires-channel='http' />
+        <intercept-url pattern='/**' access='ROLE_USER' />
 
         <!-- Default form login configuration. Will create filter and entry point -->
         <form-login />
@@ -20,33 +20,32 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
         <!-- Default logout configuration -->
         <logout />
 
-        <concurrent-session-control max-sessions="1"/>
+        <concurrent-session-control max-sessions='1'/>
 
-        <remember-me key="doesntmatter" token-repository="tokenRepo"/>
+        <remember-me key='doesntmatter' token-repository-ref='tokenRepo'/>
 
         <port-mappings>
-            <port-mapping http="9080" https="9443"/>
+            <port-mapping http='9080' https='9443'/>
         </port-mappings>
     </http>
 
     <authentication-provider>
         <user-service>
-            <user name="bob" password="bobspassword" authorities="ROLE_A,ROLE_B" />
-            <user name="bill" password="billspassword" authorities="ROLE_A,ROLE_B,AUTH_OTHER" />
+            <user name='bob' password='bobspassword' authorities='ROLE_A,ROLE_B' />
+            <user name='bill' password='billspassword' authorities='ROLE_A,ROLE_B,AUTH_OTHER' />
         </user-service>
     </authentication-provider>
 
-    <beans:bean id="tokenRepo" class="org.springframework.security.ui.rememberme.InMemoryTokenRepositoryImpl"/>
+    <beans:bean id='tokenRepo' class='org.springframework.security.ui.rememberme.InMemoryTokenRepositoryImpl'/>
 
-    <!-- bean name="rememberMeServices" class="org.springframework.security.ui.rememberme.NullRememberMeServices"/ -->
+    <!-- bean name='rememberMeServices' class='org.springframework.security.ui.rememberme.NullRememberMeServices'/ -->
 
 
-    <beans:bean id="userFilter" class="org.springframework.security.util.MockFilter">
-        <user-filter order="0"/>
+    <beans:bean id='userFilter' class='org.springframework.security.util.MockFilter'>
+        <user-filter order='0'/>
     </beans:bean>
 
-    <!-- Shouldn't be added to filter chain -->
-    <beans:bean id="userFilter2" class="org.springframework.security.util.MockFilter"/>
+    <beans:bean id='userFilter2' class='org.springframework.security.util.MockFilter'/>
 
 
 </beans:beans>

core/src/test/resources/org/springframework/security/config/jdbc-user-details.xml

@@ -17,8 +17,8 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc
 		<beans:property name="password" value=""/>
 	</beans:bean>
 
-    <jdbc-user-service data-source="dataSource"/>
+    <jdbc-user-service data-source-ref="dataSource"/>
 
-    <jdbc-user-service id="customUserService" data-source="dataSource"/>
+    <jdbc-user-service id="customUserService" data-source-ref="dataSource"/>
 
 </beans:beans>

samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml

@@ -128,7 +128,7 @@
 
    <authentication-provider>
        <password-encoder hash="md5"/>
-       <jdbc-user-service data-source="dataSource"/>
+       <jdbc-user-service data-source-ref="dataSource"/>
    </authentication-provider>
 <!--
    <bean id="jdbcDaoImpl" class="org.springframework.security.userdetails.jdbc.JdbcDaoImpl">