diff --git a/sandbox/itest/pom.xml b/sandbox/itest/pom.xml
new file mode 100644
index 0000000000..89b8f18321
--- /dev/null
+++ b/sandbox/itest/pom.xml
@@ -0,0 +1,172 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+<!--        
+    <parent>
+        <groupId>org.springframework.security</groupId>
+        <artifactId>spring-security-parent</artifactId>
+        <version>2.0.3-SNAPSHOT</version>
+    </parent>
+-->    
+    <groupId>org.springframework.security</groupId>
+    <artifactId>spring-security-itest</artifactId>
+    <name>Spring Security - Integration Tests</name>
+    <packaging>pom</packaging>
+    <version>2.0.3-SNAPSHOT</version>
+    <modules>
+        <module>web</module>
+        <!--module>context</module-->
+    </modules>
+    <dependencies>
+        <dependency>
+          <groupId>org.testng</groupId>
+          <artifactId>testng</artifactId>
+          <version>5.8</version>
+          <scope>test</scope>
+          <classifier>jdk15</classifier>
+        </dependency>
+<!--                
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>4.4</version>
+            <scope>test</scope>
+        </dependency>
+-->        
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring</artifactId>
+            <version>2.5.4</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>commons-logging</groupId>
+                    <artifactId>commons-logging</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>        
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-core</artifactId>
+            <version>${project.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-core</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-context</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-aop</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-support</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>commons-logging</groupId>
+                    <artifactId>commons-logging</artifactId>
+                </exclusion>
+            </exclusions>            
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-core-tiger</artifactId>
+            <version>${project.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>commons-logging</groupId>
+                    <artifactId>commons-logging</artifactId>
+                </exclusion>
+            </exclusions>            
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>1.4.3</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-core</artifactId>
+            <version>1.0.2</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.directory.server</groupId>
+            <artifactId>apacheds-server-jndi</artifactId>
+            <version>1.0.2</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.ldap</groupId>
+            <artifactId>spring-ldap</artifactId>
+            <version>1.2.1</version>
+            <scope>runtime</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-core</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-beans</artifactId>
+                </exclusion>                
+            </exclusions>            
+        </dependency>               
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-log4j12</artifactId>
+            <version>1.4.3</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>jcl104-over-slf4j</artifactId>
+            <version>1.4.3</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>log4j</groupId>
+            <artifactId>log4j</artifactId>
+            <version>1.2.13</version>
+            <scope>runtime</scope>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>1.5</source>
+                    <target>1.5</target>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>2.4.2</version>
+                <configuration>
+                    <includes>
+                        <include>**/*Tests.class</include>
+                    </includes>
+                    <excludes>
+                        <exclude>**/Abstract*</exclude>
+                    </excludes>
+                    <forkMode>once</forkMode>
+                    <systemProperties>
+                        <!-- The working directory for the embedded apache Ldap test server -->
+                        <property>
+                            <name>apacheDSWorkDir</name>
+                            <value>
+                                ${basedir}/target/apacheds-work
+                            </value>
+                        </property>
+                    </systemProperties>
+                </configuration>
+            </plugin>            
+        </plugins>
+    </build>    
+</project>
diff --git a/sandbox/itest/web/pom.xml b/sandbox/itest/web/pom.xml
new file mode 100644
index 0000000000..31cb2b130b
--- /dev/null
+++ b/sandbox/itest/web/pom.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.springframework.security</groupId>
+        <artifactId>spring-security-itest</artifactId>
+        <version>2.0.3-SNAPSHOT</version>
+    </parent>
+    <artifactId>spring-security-itest-web</artifactId>
+    <name>Spring Security - Web Integration Tests</name>
+    <packaging>war</packaging>
+
+    <dependencies>
+        <dependency>
+            <groupId>jwebunit</groupId>
+            <artifactId>jwebunit</artifactId>
+            <version>1.2</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.mortbay.jetty</groupId>
+            <artifactId>jetty</artifactId>
+            <version>${jetty.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.mortbay.jetty</groupId>
+            <artifactId>jetty-naming</artifactId>
+            <version>${jetty.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.mortbay.jetty</groupId>
+            <artifactId>jetty-plus</artifactId>
+            <version>${jetty.version}</version>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+    <properties>
+        <jetty.version>6.1.7</jetty.version>
+    </properties>
+</project>
diff --git a/sandbox/itest/web/src/main/resources/log4j.properties b/sandbox/itest/web/src/main/resources/log4j.properties
new file mode 100644
index 0000000000..e5340c70b2
--- /dev/null
+++ b/sandbox/itest/web/src/main/resources/log4j.properties
@@ -0,0 +1,8 @@
+log4j.rootCategory=INFO, stdout
+
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+log4j.appender.stdout.layout.ConversionPattern=%d %p %c - %m%n
+
+log4j.category.org.mortbay.log=INFO
+log4j.category.org.springframework.security=DEBUG
\ No newline at end of file
diff --git a/sandbox/itest/web/src/main/resources/test-server.ldif b/sandbox/itest/web/src/main/resources/test-server.ldif
new file mode 100644
index 0000000000..f2caf17ca8
--- /dev/null
+++ b/sandbox/itest/web/src/main/resources/test-server.ldif
@@ -0,0 +1,56 @@
+dn: ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: groups
+
+dn: ou=subgroups,ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: subgroups
+
+dn: ou=people,dc=springframework,dc=org
+objectclass: top
+objectclass: organizationalUnit
+ou: people
+
+dn: uid=ben,ou=people,dc=springframework,dc=org
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+cn: Ben Alex
+sn: Alex
+uid: ben
+userPassword: {SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ=
+
+dn: uid=bob,ou=people,dc=springframework,dc=org
+objectclass: top
+objectclass: person
+objectclass: organizationalPerson
+objectclass: inetOrgPerson
+cn: Bob Hamilton
+sn: Hamilton
+uid: bob
+userPassword: bobspassword
+
+dn: cn=developers,ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: groupOfNames
+cn: developers
+ou: developer
+member: uid=ben,ou=people,dc=springframework,dc=org
+member: uid=bob,ou=people,dc=springframework,dc=org
+
+dn: cn=managers,ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: groupOfNames
+cn: managers
+ou: manager
+member: uid=ben,ou=people,dc=springframework,dc=org
+
+dn: cn=submanagers,ou=subgroups,ou=groups,dc=springframework,dc=org
+objectclass: top
+objectclass: groupOfNames
+cn: submanagers
+ou: submanager
+member: uid=ben,ou=people,dc=springframework,dc=org
diff --git a/sandbox/itest/web/src/main/webapp/META-INF/MANIFEST.MF b/sandbox/itest/web/src/main/webapp/META-INF/MANIFEST.MF
new file mode 100644
index 0000000000..5e9495128c
--- /dev/null
+++ b/sandbox/itest/web/src/main/webapp/META-INF/MANIFEST.MF
@@ -0,0 +1,3 @@
+Manifest-Version: 1.0
+Class-Path: 
+
diff --git a/sandbox/itest/web/src/main/webapp/WEB-INF/http-security.xml b/sandbox/itest/web/src/main/webapp/WEB-INF/http-security.xml
new file mode 100644
index 0000000000..4e92b39a99
--- /dev/null
+++ b/sandbox/itest/web/src/main/webapp/WEB-INF/http-security.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<beans:beans xmlns="http://www.springframework.org/schema/security"
+    xmlns:beans="http://www.springframework.org/schema/beans"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
+
+    <!-- 
+       Http App Context to test form login, remember-me and concurrent session control.
+       Needs to be supplemented with authentication provider(s) 
+    -->
+
+    <http>
+        <intercept-url pattern="/secure/**" access="ROLE_DEVELOPER,ROLE_USER" />
+        <intercept-url pattern="/**" access="ROLE_DEVELOPER,ROLE_USER" />
+
+        <form-login />
+        <http-basic/>
+
+        <!-- Default logout configuration -->
+        <logout />
+
+        <concurrent-session-control max-sessions="1" />
+
+        <remember-me key="doesntmatter" token-repository-ref="tokenRepo"/>
+    </http>
+
+    <beans:bean name="tokenRepo" class="org.springframework.security.ui.rememberme.InMemoryTokenRepositoryImpl"/>
+
+    <!-- bean name="rememberMeServices" class="org.springframework.security.ui.rememberme.NullRememberMeServices"/ -->
+
+</beans:beans>
\ No newline at end of file
diff --git a/sandbox/itest/web/src/main/webapp/WEB-INF/ldap-provider.xml b/sandbox/itest/web/src/main/webapp/WEB-INF/ldap-provider.xml
new file mode 100644
index 0000000000..0156db26b8
--- /dev/null
+++ b/sandbox/itest/web/src/main/webapp/WEB-INF/ldap-provider.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+  - Sample namespace-based configuration
+  -
+  - $Id: applicationContext-security-ns.xml 2371 2007-12-14 02:26:27Z benalex $
+  -->
+
+<beans:beans xmlns="http://www.springframework.org/schema/security"
+    xmlns:beans="http://www.springframework.org/schema/beans"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
+
+    <ldap-server ldif="classpath*:test-server.ldif"/>
+    
+    <ldap-authentication-provider user-search-filter="(uid={0})" group-search-filter='member={0}' group-role-attribute="ou"/>
+    
+    <ldap-user-service user-search-filter="(uid={0})" group-search-filter='member={0}' group-role-attribute="ou"/>
+
+</beans:beans>
\ No newline at end of file
diff --git a/sandbox/itest/web/src/main/webapp/WEB-INF/web.xml b/sandbox/itest/web/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 0000000000..1aa6ef9011
--- /dev/null
+++ b/sandbox/itest/web/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,20 @@
+<!DOCTYPE web-app PUBLIC
+        "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+        "http://java.sun.com/dtd/web-app_2_3.dtd" >
+
+<web-app>
+    <display-name>Integration Tests Webapp</display-name>
+
+    <filter>
+        <filter-name>springSecurityFilterChain</filter-name>
+        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+    </filter>
+
+    <filter-mapping>
+        <filter-name>springSecurityFilterChain</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+
+    <!-- Don't add a context loader listener or config location. These are set programmatically -->
+
+</web-app>
diff --git a/sandbox/itest/web/src/main/webapp/secure/index.html b/sandbox/itest/web/src/main/webapp/secure/index.html
new file mode 100644
index 0000000000..a74431b097
--- /dev/null
+++ b/sandbox/itest/web/src/main/webapp/secure/index.html
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html
+     PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <title>A secure page</title>
+  </head>
+  <body>
+    A Secure Page.
+  </body>
+</html>
\ No newline at end of file
diff --git a/sandbox/itest/web/src/test/java/org/springframework/security/integration/AbstractWebLoginTests.java b/sandbox/itest/web/src/test/java/org/springframework/security/integration/AbstractWebLoginTests.java
new file mode 100644
index 0000000000..ebb31bdcbe
--- /dev/null
+++ b/sandbox/itest/web/src/test/java/org/springframework/security/integration/AbstractWebLoginTests.java
@@ -0,0 +1,31 @@
+package org.springframework.security.integration;
+
+import org.testng.annotations.Test;
+
+/**
+ * 
+ * @author Luke Taylor
+ * @version $Id$
+ */
+public abstract class AbstractWebLoginTests extends AbstractWebServerIntegrationTests {
+
+    @Test
+    public void loginFailsWithinvalidPassword() {
+        beginAt("secure/index.html");
+        assertFormPresent();
+        setFormElement("j_username", "bob");
+        setFormElement("j_password", "wrongpassword");
+        submit();
+        assertTextPresent("Your login attempt was not successful");
+    }
+
+    @Test
+    public void loginSucceedsWithCorrectPassword() {
+        beginAt("secure/index.html");
+        assertFormPresent();
+        setFormElement("j_username", "bob");
+        setFormElement("j_password", "bobspassword");
+        submit();
+        assertTextPresent("A Secure Page");
+    }
+}
diff --git a/sandbox/itest/web/src/test/java/org/springframework/security/integration/AbstractWebServerIntegrationTests.java b/sandbox/itest/web/src/test/java/org/springframework/security/integration/AbstractWebServerIntegrationTests.java
new file mode 100644
index 0000000000..ebbc1883af
--- /dev/null
+++ b/sandbox/itest/web/src/test/java/org/springframework/security/integration/AbstractWebServerIntegrationTests.java
@@ -0,0 +1,95 @@
+package org.springframework.security.integration;
+
+import org.springframework.web.context.ContextLoaderListener;
+import org.springframework.web.context.WebApplicationContext;
+import org.springframework.web.context.support.WebApplicationContextUtils;
+
+import net.sourceforge.jwebunit.WebTester;
+
+import org.mortbay.jetty.Server;
+import org.mortbay.jetty.webapp.WebAppContext;
+
+import javax.servlet.ServletContext;
+
+import org.testng.annotations.*;
+
+/**
+ * @author Luke Taylor
+ * @version $Id$
+ */
+public abstract class AbstractWebServerIntegrationTests {
+    private Server server;
+    private final Object SERVER_LOCK = new Object();
+    protected final WebTester tester = new WebTester();;
+
+    /** Override to set the application context files that should be loaded */
+    protected abstract String getContextConfigLocations();
+
+    protected String getContextPath() {
+        return "/testapp";
+    }
+
+    @BeforeClass
+    public void startServer() throws Exception {
+    	synchronized(SERVER_LOCK) {
+		    if (server == null) {
+		        server = new Server(0);
+		        WebAppContext webCtx = new WebAppContext("src/main/webapp", getContextPath());
+	
+		        webCtx.addEventListener(new ContextLoaderListener());
+		        webCtx.getInitParams().put("contextConfigLocation", getContextConfigLocations());
+	
+		        server.addHandler(webCtx);
+		        server.start();
+	
+		        tester.getTestContext().setBaseUrl(getBaseUrl());
+	    	}
+    	}
+    }
+
+    @AfterClass
+    public void stopServer() throws Exception {
+    	synchronized(SERVER_LOCK) {
+	        if (server != null) {
+	            server.stop();
+	        }
+	        server = null;
+    	}
+    }
+
+    protected final String getBaseUrl() {
+        int port = server.getConnectors()[0].getLocalPort();
+        return "http://localhost:" + port + getContextPath() + "/";
+    }
+
+    protected final Object getBean(String beanName) {
+        return getAppContext().getBean(beanName);
+    }
+    
+    private WebApplicationContext getAppContext() {
+        ServletContext servletCtx = ((WebAppContext)server.getHandler()).getServletContext();
+        WebApplicationContext appCtx =
+                WebApplicationContextUtils.getRequiredWebApplicationContext(servletCtx);
+        return appCtx;
+    }
+
+    protected final void submit() {
+        tester.submit();
+    }
+
+    protected final void beginAt(String url) {
+        tester.beginAt(url);
+    }
+
+    protected final void setFormElement(String name, String value) {
+        tester.setFormElement(name, value);
+    }
+
+    protected final void assertFormPresent() {
+        tester.assertFormPresent();
+    }
+
+    protected final void assertTextPresent(String text) {
+        tester.assertTextPresent(text);
+    }
+}
diff --git a/sandbox/itest/web/src/test/java/org/springframework/security/integration/LdapWebLoginTests.java b/sandbox/itest/web/src/test/java/org/springframework/security/integration/LdapWebLoginTests.java
new file mode 100644
index 0000000000..56bce730f2
--- /dev/null
+++ b/sandbox/itest/web/src/test/java/org/springframework/security/integration/LdapWebLoginTests.java
@@ -0,0 +1,20 @@
+package org.springframework.security.integration;
+
+import org.testng.annotations.*;
+
+/**
+ * @author Luke Taylor
+ * @version $Id$
+ */
+public class LdapWebLoginTests extends AbstractWebLoginTests {
+
+    protected String getContextConfigLocations() {
+        return "/WEB-INF/http-security.xml /WEB-INF/ldap-provider.xml";
+    }
+
+    @Test
+    public void doSomething() {
+
+    }
+
+}