SEC-271: Revert Ordered and ApplicationContextAware usage at this time, due to release of 1.0..

core/src/main/java/org/acegisecurity/adapters/AuthByAdapterProvider.java

@@ -27,7 +27,6 @@ import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.core.Ordered;
 
 import org.springframework.util.Assert;
 
@@ -39,23 +38,14 @@ import org.springframework.util.Assert;
  * <code>AuthByAdapterProvider</code>-configured key.</p>
  *  <P>If the key does not match, a <code>BadCredentialsException</code> is thrown.</p>
  */
-public class AuthByAdapterProvider implements InitializingBean, AuthenticationProvider, MessageSourceAware, Ordered {
+public class AuthByAdapterProvider implements InitializingBean, AuthenticationProvider, MessageSourceAware {
     //~ Instance fields ================================================================================================
 
     protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
     private String key;
-    private int order = -1; // default: same as non-Ordered
 
     //~ Methods ========================================================================================================
 
-    public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	public void afterPropertiesSet() throws Exception {
         Assert.notNull(key, "A Key is required and should match that configured for the adapters");
         Assert.notNull(messages, "A message source must be set");

core/src/main/java/org/acegisecurity/intercept/AbstractSecurityInterceptor.java

@@ -39,11 +39,8 @@ import org.acegisecurity.runas.NullRunAsManager;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
-import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.InitializingBean;
 
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
 import org.springframework.context.ApplicationEvent;
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.context.ApplicationEventPublisherAware;
@@ -55,7 +52,6 @@ import org.springframework.util.Assert;
 
 import java.util.HashSet;
 import java.util.Iterator;
-import java.util.Map;
 import java.util.Set;
 
 /**
@@ -121,7 +117,7 @@ import java.util.Set;
  * luke_t $
  */
 public abstract class AbstractSecurityInterceptor implements InitializingBean, ApplicationEventPublisherAware,
-		MessageSourceAware, ApplicationContextAware {
+		MessageSourceAware {
 	// ~ Static fields/initializers
 	// =====================================================================================
 
@@ -148,12 +144,6 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
 
 	private boolean validateConfigAttributes = true;
 
-	private boolean isSetAuthenticationManagerInvoked = false;
-
-	private boolean isSetAccessDecisionManagerInvoked = false;
-
-	private ApplicationContext applicationContext;
-
 	// ~ Methods
 	// ========================================================================================================
 
@@ -206,14 +196,8 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
 
 		Assert.notNull(this.messages, "A message source must be set");
 
-		if (!isSetAuthenticationManagerInvoked) {
-			autoDetectAuthenticationManager();
-		}
 		Assert.notNull(this.authenticationManager, "An AuthenticationManager is required");
 
-		if (!isSetAccessDecisionManagerInvoked) {
-			autoDetectAccessDecisionManager();
-		}
 		Assert.notNull(this.accessDecisionManager, "An AccessDecisionManager is required");
 
 		Assert.notNull(this.runAsManager, "A RunAsManager is required");
@@ -267,47 +251,6 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
 		}
 	}
 
-	/**
-	 * Introspects the <code>Applicationcontext</code> for the single instance
-	 * of <code>AccessDecisionManager</code>. If more than one instance of
-	 * <code>AccessDecisionManager</code> is found, the method uses the first
-	 * one detected.
-	 * 
-	 * @param applicationContext to locate the instance
-	 */
-	private void autoDetectAccessDecisionManager() {
-		if (applicationContext != null) {
-			Map map = applicationContext.getBeansOfType(AccessDecisionManager.class);
-			if (map.size() > 0)
-				setAccessDecisionManager((AccessDecisionManager) map.values().iterator().next());
-		}
-	}
-
-	/**
-	 * Introspects the <code>Applicationcontext</code> for the single instance
-	 * of <code>AuthenticationManager</code>. If found invoke
-	 * setAuthenticationManager method by providing the found instance of
-	 * authenticationManager as a method parameter. If more than one instance of
-	 * <code>AuthenticationManager</code> is found, the method throws
-	 * <code>IllegalStateException</code>.
-	 * 
-	 * @param applicationContext to locate the instance
-	 */
-	private void autoDetectAuthenticationManager() {
-		if (applicationContext != null) {
-			Map map = applicationContext.getBeansOfType(AuthenticationManager.class);
-			if (map.size() > 1) {
-				throw new IllegalArgumentException(
-						"More than one AuthenticationManager beans detected please refer to the one using "
-								+ " [ authenticationManager  ] " + "property");
-			}
-			else if (map.size() == 1) {
-				setAuthenticationManager((AuthenticationManager) map.values().iterator().next());
-			}
-		}
-
-	}
-
 	protected InterceptorStatusToken beforeInvocation(Object object) {
 		Assert.notNull(object, "Object was null");
 
@@ -479,7 +422,6 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
 	public abstract ObjectDefinitionSource obtainObjectDefinitionSource();
 
 	public void setAccessDecisionManager(AccessDecisionManager accessDecisionManager) {
-		isSetAccessDecisionManagerInvoked = true;
 		this.accessDecisionManager = accessDecisionManager;
 	}
 
@@ -509,7 +451,6 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
 	}
 
 	public void setAuthenticationManager(AuthenticationManager newManager) {
-		isSetAuthenticationManagerInvoked = true;
 		this.authenticationManager = newManager;
 	}
 
@@ -551,8 +492,4 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
 			this.eventPublisher.publishEvent(event);
 		}
 	}
-
-	public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
-		this.applicationContext = applicationContext;
-	}
 }

core/src/main/java/org/acegisecurity/providers/anonymous/AnonymousAuthenticationProvider.java

@@ -26,7 +26,6 @@ import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.core.Ordered;
 import org.springframework.util.Assert;
 
 
@@ -36,7 +35,7 @@ import org.springframework.util.Assert;
  * {@link org.acegisecurity.providers.anonymous.AnonymousAuthenticationToken#getKeyHash()} must match this class'
  * {@link #getKey()}.</p>
  */
-public class AnonymousAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware, Ordered {
+public class AnonymousAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {
     //~ Static fields/initializers =====================================================================================
 
     private static final Log logger = LogFactory.getLog(AnonymousAuthenticationProvider.class);
@@ -45,18 +44,9 @@ public class AnonymousAuthenticationProvider implements AuthenticationProvider,
 
     protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
     private String key;
-    private int order = -1; // default: same as non-Ordered
 
     //~ Methods ========================================================================================================
 
-    public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	public void afterPropertiesSet() throws Exception {
         Assert.hasLength(key, "A Key is required");
         Assert.notNull(this.messages, "A message source must be set");

core/src/main/java/org/acegisecurity/providers/cas/CasAuthenticationProvider.java

@@ -35,7 +35,6 @@ import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.core.Ordered;
 
 import org.springframework.util.Assert;
 
@@ -50,7 +49,7 @@ import org.springframework.util.Assert;
  * @author Ben Alex
  * @version $Id$
  */
-public class CasAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware, Ordered {
+public class CasAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {
     //~ Static fields/initializers =====================================================================================
 
     private static final Log logger = LogFactory.getLog(CasAuthenticationProvider.class);
@@ -63,25 +62,15 @@ public class CasAuthenticationProvider implements AuthenticationProvider, Initia
     private StatelessTicketCache statelessTicketCache;
     private String key;
     private TicketValidator ticketValidator;
-    private int order = -1; // default: same as non-Ordered
 
     //~ Methods ========================================================================================================
 
-    public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	public void afterPropertiesSet() throws Exception {
         Assert.notNull(this.casAuthoritiesPopulator, "A casAuthoritiesPopulator must be set");
         Assert.notNull(this.ticketValidator, "A ticketValidator must be set");
         Assert.notNull(this.casProxyDecider, "A casProxyDecider must be set");
         Assert.notNull(this.statelessTicketCache, "A statelessTicketCache must be set");
-        Assert.notNull(key,
+        Assert.notNull(this.key, "A Key is required so CasAuthenticationProvider can identify tokens it previously authenticated");
-            "A Key is required so CasAuthenticationProvider can identify tokens it previously authenticated");
         Assert.notNull(this.messages, "A message source must be set");
     }
 

core/src/main/java/org/acegisecurity/providers/dao/DaoAuthenticationProvider.java

@@ -26,10 +26,7 @@ import org.acegisecurity.providers.encoding.PasswordEncoder;
 import org.acegisecurity.providers.encoding.PlaintextPasswordEncoder;
 import org.acegisecurity.userdetails.UserDetails;
 import org.acegisecurity.userdetails.UserDetailsService;
-import org.springframework.beans.BeansException;
 import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
-import org.springframework.core.Ordered;
 import org.springframework.dao.DataAccessException;
 import org.springframework.util.Assert;
 
@@ -41,8 +38,7 @@ import org.springframework.util.Assert;
  * @version $Id: DaoAuthenticationProvider.java 1857 2007-05-24 00:47:12Z
  * benalex $
  */
-public class DaoAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider implements
+public class DaoAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
-		ApplicationContextAware, Ordered {
 
 	// ~ Instance fields
 	// ================================================================================================
@@ -55,16 +51,6 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
 
 	private boolean includeDetailsObject = true;
 
-	private int DEFAULT_RDER = Integer.MAX_VALUE; // default: same as
-
-	// non-Ordered
-
-	private int order = DEFAULT_RDER;
-
-	private boolean isSetUserDetailsServiceInvoked;
-
-	private ApplicationContext applicationContext;
-
 	// ~ Methods
 	// ========================================================================================================
 
@@ -93,9 +79,6 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
 	}
 
 	protected void doAfterPropertiesSet() throws Exception {
-		if (!isSetUserDetailsServiceInvoked) {
-			autoDetectAnyUserDetailsServiceAndUseIt(this.applicationContext);
-		}
 		Assert.notNull(this.userDetailsService, "A UserDetailsService must be set");
 	}
 
@@ -179,7 +162,6 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
 	}
 
 	public void setUserDetailsService(UserDetailsService userDetailsService) {
-		isSetUserDetailsServiceInvoked = true;
 		this.userDetailsService = userDetailsService;
 	}
 
@@ -191,16 +173,4 @@ public class DaoAuthenticationProvider extends AbstractUserDetailsAuthentication
 		this.includeDetailsObject = includeDetailsObject;
 	}
 
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
-	public int getOrder() {
-		return order;
-	}
-
-	public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
-		this.applicationContext = applicationContext;
-	}
-
 }

core/src/main/java/org/acegisecurity/providers/jaas/JaasAuthenticationProvider.java

@@ -41,7 +41,6 @@ import org.springframework.context.ApplicationContextAware;
 import org.springframework.context.ApplicationEvent;
 import org.springframework.context.ApplicationListener;
 
-import org.springframework.core.Ordered;
 import org.springframework.core.io.Resource;
 
 import org.springframework.util.Assert;
@@ -142,7 +141,7 @@ import javax.security.auth.login.LoginException;
  * @version $Id$
  */
 public class JaasAuthenticationProvider implements AuthenticationProvider, InitializingBean, ApplicationContextAware,
-    ApplicationListener, Ordered {
+    ApplicationListener {
     //~ Static fields/initializers =====================================================================================
 
     protected static final Log log = LogFactory.getLog(JaasAuthenticationProvider.class);
@@ -155,18 +154,9 @@ public class JaasAuthenticationProvider implements AuthenticationProvider, Initi
     private String loginContextName = "ACEGI";
     private AuthorityGranter[] authorityGranters;
     private JaasAuthenticationCallbackHandler[] callbackHandlers;
-    private int order = -1; // default: same as non-Ordered
 
     //~ Methods ========================================================================================================
 
-    public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	public void afterPropertiesSet() throws Exception {
         Assert.notNull(loginConfig, "loginConfig must be set on " + getClass());
         Assert.hasLength(loginContextName, "loginContextName must be set on " + getClass());

core/src/main/java/org/acegisecurity/providers/ldap/LdapAuthenticationProvider.java

@@ -32,7 +32,6 @@ import org.apache.commons.logging.LogFactory;
 
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
-import org.springframework.core.Ordered;
 import org.springframework.dao.DataAccessException;
 
 
@@ -114,7 +113,7 @@ import org.springframework.dao.DataAccessException;
  * @see org.acegisecurity.providers.ldap.authenticator.BindAuthenticator
  * @see org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
  */
-public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider implements Ordered {
+public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
     //~ Static fields/initializers =====================================================================================
 
     private static final Log logger = LogFactory.getLog(LdapAuthenticationProvider.class);
@@ -124,18 +123,9 @@ public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticatio
     private LdapAuthenticator authenticator;
     private LdapAuthoritiesPopulator authoritiesPopulator;
     private boolean includeDetailsObject = true;
-    private int order = -1; // default: same as non-Ordered
 
     //~ Constructors ===================================================================================================
 
-    public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	/**
      * Create an initialized instance to the values passed as arguments
      *

core/src/main/java/org/acegisecurity/providers/rcp/RemoteAuthenticationProvider.java

@@ -23,7 +23,6 @@ import org.acegisecurity.providers.AuthenticationProvider;
 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
 
 import org.springframework.beans.factory.InitializingBean;
-import org.springframework.core.Ordered;
 
 import org.springframework.util.Assert;
 
@@ -44,22 +43,13 @@ import org.springframework.util.Assert;
  * @author Ben Alex
  * @version $Id$
  */
-public class RemoteAuthenticationProvider implements AuthenticationProvider, InitializingBean, Ordered {
+public class RemoteAuthenticationProvider implements AuthenticationProvider, InitializingBean {
     //~ Instance fields ================================================================================================
 
     private RemoteAuthenticationManager remoteAuthenticationManager;
-    private int order = -1; // default: same as non-Ordered
 
     //~ Methods ========================================================================================================
 
-    public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	public void afterPropertiesSet() throws Exception {
         Assert.notNull(this.remoteAuthenticationManager, "remoteAuthenticationManager is mandatory");
     }

core/src/main/java/org/acegisecurity/providers/rememberme/RememberMeAuthenticationProvider.java

@@ -30,7 +30,6 @@ import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.core.Ordered;
 
 import org.springframework.util.Assert;
 
@@ -41,7 +40,7 @@ import org.springframework.util.Assert;
  * {@link org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken#getKeyHash()} must match this class'
  * {@link #getKey()}.</p>
  */
-public class RememberMeAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware, Ordered {
+public class RememberMeAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {
     //~ Static fields/initializers =====================================================================================
 
     private static final Log logger = LogFactory.getLog(RememberMeAuthenticationProvider.class);
@@ -50,18 +49,9 @@ public class RememberMeAuthenticationProvider implements AuthenticationProvider,
 
     protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
     private String key;
-    private int order = -1; // default: same as non-Ordered
 
     //~ Methods ========================================================================================================
 
-    public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	public void afterPropertiesSet() throws Exception {
         Assert.hasLength(key);
         Assert.notNull(this.messages, "A message source must be set");

core/src/main/java/org/acegisecurity/providers/siteminder/SiteminderAuthenticationProvider.java

@@ -28,7 +28,6 @@ import org.acegisecurity.userdetails.UserDetails;
 import org.acegisecurity.userdetails.UserDetailsService;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.springframework.core.Ordered;
 import org.springframework.dao.DataAccessException;
 import org.springframework.util.Assert;
 
@@ -38,7 +37,7 @@ import org.springframework.util.Assert;
  * @author Scott McCrory
  * @version $Id: SiteminderAuthenticationProvider.java 1582 2006-07-15 15:18:51Z smccrory $
  */
-public class SiteminderAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider implements Ordered {
+public class SiteminderAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
 	
 
     /**
@@ -53,8 +52,6 @@ public class SiteminderAuthenticationProvider extends AbstractUserDetailsAuthent
      */
     private UserDetailsService userDetailsService;
     
-    private int order = -1; // default: same as non-Ordered
-
     //~ Methods ========================================================================================================
 
     /**
@@ -133,12 +130,4 @@ public class SiteminderAuthenticationProvider extends AbstractUserDetailsAuthent
         this.userDetailsService = userDetailsService;
     }
 
-	public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 }

core/src/main/java/org/acegisecurity/providers/x509/X509AuthenticationProvider.java

@@ -33,7 +33,6 @@ import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.core.Ordered;
 
 import org.springframework.util.Assert;
 
@@ -47,7 +46,7 @@ import java.security.cert.X509Certificate;
  * @author Luke Taylor
  * @version $Id$
  */
-public class X509AuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware, Ordered {
+public class X509AuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {
     //~ Static fields/initializers =====================================================================================
 
     private static final Log logger = LogFactory.getLog(X509AuthenticationProvider.class);
@@ -57,18 +56,9 @@ public class X509AuthenticationProvider implements AuthenticationProvider, Initi
     protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
     private X509AuthoritiesPopulator x509AuthoritiesPopulator;
     private X509UserCache userCache = new NullX509UserCache();
-    private int order = -1; // default: same as non-Ordered
 
     //~ Methods ========================================================================================================
 
-    public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	public void afterPropertiesSet() throws Exception {
         Assert.notNull(userCache, "An x509UserCache must be set");
         Assert.notNull(x509AuthoritiesPopulator, "An X509AuthoritiesPopulator must be set");

core/src/main/java/org/acegisecurity/runas/RunAsImplAuthenticationProvider.java

@@ -27,7 +27,6 @@ import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.core.Ordered;
 
 import org.springframework.util.Assert;
 
@@ -39,23 +38,14 @@ import org.springframework.util.Assert;
  * <code>RunAsImplAuthenticationProvider</code>-configured key.</p>
  *  <P>If the key does not match, a <code>BadCredentialsException</code> is thrown.</p>
  */
-public class RunAsImplAuthenticationProvider implements InitializingBean, AuthenticationProvider, MessageSourceAware, Ordered {
+public class RunAsImplAuthenticationProvider implements InitializingBean, AuthenticationProvider, MessageSourceAware {
     //~ Instance fields ================================================================================================
 
     protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
     private String key;
-    private int order = -1; // default: same as non-Ordered
 
     //~ Methods ========================================================================================================
 
-    public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	public void afterPropertiesSet() throws Exception {
         Assert.notNull(key, "A Key is required and should match that configured for the RunAsManagerImpl");
     }

core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java

@@ -31,11 +31,8 @@ import org.acegisecurity.ui.savedrequest.SavedRequest;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
-import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.InitializingBean;
 
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.context.ApplicationEventPublisherAware;
 import org.springframework.context.MessageSource;
@@ -46,7 +43,6 @@ import org.springframework.util.Assert;
 
 import java.io.IOException;
 
-import java.util.Map;
 import java.util.Properties;
 
 import javax.servlet.Filter;
@@ -131,7 +127,7 @@ import javax.servlet.http.HttpServletResponse;
  * vishalpuri $
  */
 public abstract class AbstractProcessingFilter implements Filter, InitializingBean, ApplicationEventPublisherAware,
-		MessageSourceAware, ApplicationContextAware {
+		MessageSourceAware {
 	// ~ Static fields/initializers
 	// =====================================================================================
 
@@ -202,12 +198,6 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
 	 */
 	private boolean useRelativeContext = false;
 
-	private ApplicationContext applicationContext;
-
-	private boolean isSetAuthenticationManagerInvoked = false;
-
-	private boolean isSetRememberMeServicesInvoked = false;
-
 	// ~ Methods
 	// ========================================================================================================
 
@@ -215,53 +205,10 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
 		Assert.hasLength(filterProcessesUrl, "filterProcessesUrl must be specified");
 		Assert.hasLength(defaultTargetUrl, "defaultTargetUrl must be specified");
 		Assert.hasLength(authenticationFailureUrl, "authenticationFailureUrl must be specified");
-		if (!isSetAuthenticationManagerInvoked) {
-			autoDetectAuthenticationManager();
-		}
-		if (!isSetRememberMeServicesInvoked) {
-			autoDetectRememberMeServices();
-		}
 		Assert.notNull(authenticationManager, "authenticationManager must be specified");
 		Assert.notNull(this.rememberMeServices);
 	}
 
-	/**
-	 * Use the first autodetected instance of <code>RememberMeServices</code>
-	 */
-	private void autoDetectRememberMeServices() {
-		if (applicationContext != null) {
-			Map map = applicationContext.getBeansOfType(RememberMeServices.class);
-			if (map.size() > 0) {
-				setRememberMeServices((RememberMeServices) map.values().iterator().next());
-			}
-		}
-	}
-
-	/**
-	 * Introspects the <code>Applicationcontext</code> for the single instance
-	 * of <code>AuthenticationManager</code>. If found invoke
-	 * setAuthenticationManager method by providing the found instance of
-	 * authenticationManager as a method parameter. If more than one instance of
-	 * <code>AuthenticationManager</code> is found, the method throws
-	 * <code>IllegalStateException</code>.
-	 * 
-	 * @param applicationContext to locate the instance
-	 */
-	private void autoDetectAuthenticationManager() {
-		if (applicationContext != null) {
-			Map map = applicationContext.getBeansOfType(AuthenticationManager.class);
-			if (map.size() > 1) {
-				throw new IllegalArgumentException(
-						"More than one AuthenticationManager beans detected please refer to the one using "
-								+ " [ authenticationManager  ] " + "property");
-			}
-			else if (map.size() == 1) {
-				setAuthenticationManager((AuthenticationManager) map.values().iterator().next());
-			}
-		}
-
-	}
-
 	/**
 	 * Performs actual authentication.
 	 * 
@@ -604,8 +551,4 @@ public abstract class AbstractProcessingFilter implements Filter, InitializingBe
 		this.useRelativeContext = useRelativeContext;
 	}
 
-	public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
-		this.applicationContext = applicationContext;
-	}
-
 }

core/src/main/java/org/acegisecurity/ui/ExceptionTranslationFilter.java

@@ -32,10 +32,8 @@ import org.acegisecurity.util.PortResolverImpl;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
-import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
 
 import org.springframework.util.Assert;
 
@@ -95,7 +93,7 @@ import javax.servlet.http.HttpServletResponse;
  * @version $Id: ExceptionTranslationFilter.java 1496 2006-05-23 13:38:33Z
  * benalex $
  */
-public class ExceptionTranslationFilter implements Filter, InitializingBean, ApplicationContextAware {
+public class ExceptionTranslationFilter implements Filter, InitializingBean {
 	// ~ Static fields/initializers
 	// =====================================================================================
 
@@ -114,18 +112,6 @@ public class ExceptionTranslationFilter implements Filter, InitializingBean, App
 
 	private boolean createSessionAllowed = true;
 
-	/*
-	 * applicationContext will be inject as a part of the contract of
-	 * ApplicationContextAware interface
-	 */
-	private ApplicationContext applicationContext;
-
-	/*
-	 * boolean field to track if setter for accessDeniedHandler is invoked. If
-	 * invoked the default value changes to true
-	 */
-	private boolean isSetAcessDeniedHandlerInvoked = false;
-
 	// ~ Methods
 	// ========================================================================================================
 
@@ -133,14 +119,6 @@ public class ExceptionTranslationFilter implements Filter, InitializingBean, App
 		Assert.notNull(authenticationEntryPoint, "authenticationEntryPoint must be specified");
 		Assert.notNull(portResolver, "portResolver must be specified");
 		Assert.notNull(authenticationTrustResolver, "authenticationTrustResolver must be specified");
-
-		// autodetect AccessDeniedHandler instance in the applicationcontext if
-		// it wasn't injected.
-		if (!isSetAcessDeniedHandlerInvoked) {
-			if (applicationContext != null) {
-				autoDetectAnyAccessDeniedHandlerAndUseIt(applicationContext);
-			}
-		}
 	}
 
 	/**
@@ -301,7 +279,6 @@ public class ExceptionTranslationFilter implements Filter, InitializingBean, App
 	public void setAccessDeniedHandler(AccessDeniedHandler accessDeniedHandler) {
 		Assert.notNull(accessDeniedHandler, "AccessDeniedHandler required");
 		this.accessDeniedHandler = accessDeniedHandler;
-		this.isSetAcessDeniedHandlerInvoked = true;
 	}
 
 	public void setAuthenticationEntryPoint(AuthenticationEntryPoint authenticationEntryPoint) {
@@ -319,9 +296,4 @@ public class ExceptionTranslationFilter implements Filter, InitializingBean, App
 	public void setPortResolver(PortResolver portResolver) {
 		this.portResolver = portResolver;
 	}
-
-	public void setApplicationContext(ApplicationContext applicationContext) {
-		this.applicationContext = applicationContext;
-	}
-
 }

core/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilter.java

@@ -39,7 +39,6 @@ import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.beans.factory.InitializingBean;
-import org.springframework.core.Ordered;
 import org.springframework.util.Assert;
 
 
@@ -73,7 +72,7 @@ import org.springframework.util.Assert;
  * @author Ben Alex
  * @version $Id$
  */
-public class BasicProcessingFilter implements Filter, InitializingBean, Ordered {
+public class BasicProcessingFilter implements Filter, InitializingBean {
     //~ Static fields/initializers =====================================================================================
 
 	private static final Log logger = LogFactory.getLog(BasicProcessingFilter.class);
@@ -85,7 +84,6 @@ public class BasicProcessingFilter implements Filter, InitializingBean, Ordered
     private AuthenticationManager authenticationManager;
     private RememberMeServices rememberMeServices;
     private boolean ignoreFailure = false;
-    private int order;
 
     //~ Methods ========================================================================================================
 
@@ -229,11 +227,4 @@ public class BasicProcessingFilter implements Filter, InitializingBean, Ordered
         this.rememberMeServices = rememberMeServices;
     }
 
-	public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
 }

core/src/main/java/org/acegisecurity/ui/basicauth/BasicProcessingFilterEntryPoint.java

@@ -24,11 +24,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ui.AuthenticationEntryPoint;
-import org.acegisecurity.util.OrderedUtils;
 import org.springframework.beans.factory.InitializingBean;
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
-import org.springframework.core.Ordered;
 import org.springframework.util.Assert;
 
 
@@ -42,29 +38,15 @@ import org.springframework.util.Assert;
  * @author Ben Alex
  * @version $Id$
  */
-public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered, ApplicationContextAware {
+public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
     //~ Instance fields ================================================================================================
 
-	private static final int DEFAULT_ORDER = Integer.MAX_VALUE;
     private String realmName;
-    private int order = DEFAULT_ORDER;
-    private ApplicationContext applicationContext;
 
     //~ Methods ========================================================================================================
 
-    public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	public void afterPropertiesSet() throws Exception {
 		Assert.hasText(realmName, "realmName must be specified");
-		if (order == DEFAULT_ORDER) {
-			OrderedUtils.copyOrderFromOtherClass(BasicProcessingFilter.class, applicationContext, this, true);
-		}
     }
 
     public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException)
@@ -82,7 +64,4 @@ public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint
         this.realmName = realmName;
     }
 
-	public void setApplicationContext(ApplicationContext applicationContext) {
-		this.applicationContext = applicationContext;
-	}
 }

core/src/main/java/org/acegisecurity/ui/cas/CasProcessingFilterEntryPoint.java

@@ -27,7 +27,6 @@ import javax.servlet.http.HttpServletResponse;
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ui.AuthenticationEntryPoint;
 import org.springframework.beans.factory.InitializingBean;
-import org.springframework.core.Ordered;
 import org.springframework.util.Assert;
 
 
@@ -42,23 +41,14 @@ import org.springframework.util.Assert;
  * @author Ben Alex
  * @version $Id$
  */
-public class CasProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered{
+public class CasProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
     //~ Instance fields ================================================================================================
 
     private ServiceProperties serviceProperties;
     private String loginUrl;
-    private int order = Integer.MAX_VALUE; // ~ default
 
     //~ Methods ========================================================================================================
 
-    public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	public void afterPropertiesSet() throws Exception {
         Assert.hasLength(this.loginUrl, "loginUrl must be specified");
         Assert.notNull(this.serviceProperties, "serviceProperties must be specified");

core/src/main/java/org/acegisecurity/ui/logout/LogoutFilter.java

@@ -30,9 +30,6 @@ import org.acegisecurity.Authentication;
 import org.acegisecurity.context.SecurityContextHolder;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.BeansException;
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
 import org.springframework.util.Assert;
 
 /**
@@ -55,7 +52,7 @@ import org.springframework.util.Assert;
  * @author Ben Alex
  * @version $Id$
  */
-public class LogoutFilter implements Filter, ApplicationContextAware {
+public class LogoutFilter implements Filter {
 	// ~ Static fields/initializers
 	// =====================================================================================
 
@@ -70,8 +67,6 @@ public class LogoutFilter implements Filter, ApplicationContextAware {
 
 	private LogoutHandler[] handlers;
 
-	private ApplicationContext applicationContext;
-
 	// ~ Constructors
 	// ===================================================================================================
 
@@ -181,8 +176,4 @@ public class LogoutFilter implements Filter, ApplicationContextAware {
 		this.filterProcessesUrl = filterProcessesUrl;
 	}
 
-	public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
-		this.applicationContext = applicationContext;
-	}
-
 }

core/src/main/java/org/acegisecurity/ui/logout/SecurityContextLogoutHandler.java

@@ -18,7 +18,6 @@ package org.acegisecurity.ui.logout;
 import org.acegisecurity.Authentication;
 
 import org.acegisecurity.context.SecurityContextHolder;
-import org.springframework.core.Ordered;
 import org.springframework.util.Assert;
 
 import javax.servlet.http.HttpServletRequest;
@@ -38,16 +37,12 @@ import javax.servlet.http.HttpSession;
  * @version $Id: SecurityContextLogoutHandler.java 1784 2007-02-24 21:00:24Z
  * luke_t $
  */
-public class SecurityContextLogoutHandler implements LogoutHandler, Ordered {
+public class SecurityContextLogoutHandler implements LogoutHandler {
 	// ~ Methods
 	// ========================================================================================================
 
 	private boolean invalidateHttpSession = true;
 
-	private int DEFAULT_ORDER = Integer.MAX_VALUE; // ~ default
-
-	private int order = DEFAULT_ORDER;
-
 	/**
 	 * Requires the request to be passed in.
 	 * 
@@ -82,12 +77,4 @@ public class SecurityContextLogoutHandler implements LogoutHandler, Ordered {
 		this.invalidateHttpSession = invalidateHttpSession;
 	}
 
-	public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 }

core/src/main/java/org/acegisecurity/ui/rememberme/RememberMeProcessingFilter.java

@@ -26,18 +26,14 @@ import org.acegisecurity.event.authentication.InteractiveAuthenticationSuccessEv
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
-import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.InitializingBean;
 
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.context.ApplicationEventPublisherAware;
 
 import org.springframework.util.Assert;
 
 import java.io.IOException;
-import java.util.Map;
 
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
@@ -68,7 +64,7 @@ import javax.servlet.http.HttpServletResponse;
  * @author Ben Alex
  * @version $Id$
  */
-public class RememberMeProcessingFilter implements Filter, InitializingBean, ApplicationEventPublisherAware, ApplicationContextAware {
+public class RememberMeProcessingFilter implements Filter, InitializingBean, ApplicationEventPublisherAware {
     //~ Static fields/initializers =====================================================================================
 
     private static final Log logger = LogFactory.getLog(RememberMeProcessingFilter.class);
@@ -79,60 +75,13 @@ public class RememberMeProcessingFilter implements Filter, InitializingBean, App
     private AuthenticationManager authenticationManager;
     private RememberMeServices rememberMeServices = new NullRememberMeServices();
 
-	private ApplicationContext applicationContext;
-
-	private boolean isSetAuthenticationManagerInvoked = false;
-
-	private boolean isSetRememberMeServicesInvoked = false;
-
     //~ Methods ========================================================================================================
 
     public void afterPropertiesSet() throws Exception {
-    	if (!isSetAuthenticationManagerInvoked) {
-			autoDetectAuthenticationManager();
-		}
-		if (!isSetRememberMeServicesInvoked ) {
-			autoDetectRememberMeServices();
-		}
 		Assert.notNull(authenticationManager, "authenticationManager must be specified");
 		Assert.notNull(this.rememberMeServices);
 	}
 
-	private void autoDetectRememberMeServices() {
-		if (applicationContext != null) {
-			Map map = applicationContext.getBeansOfType(RememberMeServices.class);
-			if (map.size() > 0) {
-				setRememberMeServices((RememberMeServices) map.values().iterator().next());
-			}      
-		}
-	}
-
-	/**
-	 * Introspects the <code>Applicationcontext</code> for the single instance
-	 * of <code>AuthenticationManager</code>. If found invoke
-	 * setAuthenticationManager method by providing the found instance of
-	 * authenticationManager as a method parameter. If more than one instance of
-	 * <code>AuthenticationManager</code> is found, the method throws
-	 * <code>IllegalStateException</code>.
-	 * 
-	 * @param applicationContext to locate the instance
-	 */
-	private void autoDetectAuthenticationManager() {
-		if (applicationContext != null) {
-			Map map = applicationContext.getBeansOfType(AuthenticationManager.class);
-			if (map.size() > 1) {
-				throw new IllegalArgumentException(
-						"More than one AuthenticationManager beans detected please refer to the one using "
-								+ " [ authenticationManager  ] " + "property");
-			}
-			else if (map.size() == 1) {
-				setAuthenticationManager((AuthenticationManager) map.values().iterator().next());
-			}
-		}
-
-	}
-    
-
     /**
      * Does nothing - we rely on IoC lifecycle services instead.
      */
@@ -219,8 +168,4 @@ public class RememberMeProcessingFilter implements Filter, InitializingBean, App
         this.rememberMeServices = rememberMeServices;
     }
 
-	public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
-		this.applicationContext=applicationContext;
-	}
-    
 }

core/src/main/java/org/acegisecurity/ui/rememberme/TokenBasedRememberMeServices.java

@@ -25,7 +25,6 @@ import javax.servlet.http.HttpServletResponse;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.providers.rememberme.RememberMeAuthenticationToken;
 import org.acegisecurity.ui.AccessDeniedHandler;
-import org.acegisecurity.ui.AccessDeniedHandlerImpl;
 import org.acegisecurity.ui.AuthenticationDetailsSource;
 import org.acegisecurity.ui.AuthenticationDetailsSourceImpl;
 import org.acegisecurity.ui.logout.LogoutHandler;
@@ -36,11 +35,8 @@ import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
-import org.springframework.core.Ordered;
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
 import org.springframework.web.bind.RequestUtils;
@@ -105,8 +101,7 @@ import org.springframework.web.bind.RequestUtils;
  * @version $Id: TokenBasedRememberMeServices.java 1871 2007-05-25 03:12:49Z
  * benalex $
  */
-public class TokenBasedRememberMeServices implements RememberMeServices, InitializingBean, LogoutHandler, Ordered,
+public class TokenBasedRememberMeServices implements RememberMeServices, InitializingBean, LogoutHandler {
-		ApplicationContextAware {
 	// ~ Static fields/initializers
 	// =====================================================================================
 
@@ -133,14 +128,8 @@ public class TokenBasedRememberMeServices implements RememberMeServices, Initial
 
 	private static final int DEFAULT_ORDER = Integer.MAX_VALUE; // ~ default
 
-	private int order = DEFAULT_ORDER;
-
 	private String cookieName = ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE_KEY;
 
-	private boolean isSetUserDetailsServiceInvoked = false;
-
-	private ApplicationContext applicationContext;
-
 	// ~ Methods
 	// ========================================================================================================
 
@@ -148,11 +137,6 @@ public class TokenBasedRememberMeServices implements RememberMeServices, Initial
 		Assert.hasLength(key);
 		Assert.hasLength(parameter);
 		Assert.hasLength(cookieName);
-		if (applicationContext != null) {
-			if (!isSetUserDetailsServiceInvoked) {
-				autoDetectAndUseAnyUserDetailsService(applicationContext);
-			}
-		}
 		Assert.notNull(userDetailsService);
 	}
 
@@ -485,7 +469,6 @@ public class TokenBasedRememberMeServices implements RememberMeServices, Initial
 
 	public void setUserDetailsService(UserDetailsService userDetailsService) {
 		this.userDetailsService = userDetailsService;
-		this.isSetUserDetailsServiceInvoked = true;
 	}
 
 	public boolean isAlwaysRemember() {
@@ -496,18 +479,6 @@ public class TokenBasedRememberMeServices implements RememberMeServices, Initial
 		this.alwaysRemember = alwaysRemember;
 	}
 
-	public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
-	public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
-		this.applicationContext = applicationContext;
-	}
-
 	public String getCookieName() {
 		return cookieName;
 	}

core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterEntryPoint.java

@@ -28,7 +28,6 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 
 import org.springframework.beans.factory.InitializingBean;
-import org.springframework.core.Ordered;
 
 import org.springframework.util.Assert;
 
@@ -64,7 +63,7 @@ import javax.servlet.http.HttpServletResponse;
  * @version $Id: AuthenticationProcessingFilterEntryPoint.java 1873 2007-05-25
  * 03:21:17Z benalex $
  */
-public class AuthenticationProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean, Ordered {
+public class AuthenticationProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
 	// ~ Static fields/initializers
 	// =====================================================================================
 
@@ -83,10 +82,6 @@ public class AuthenticationProcessingFilterEntryPoint implements AuthenticationE
 
 	private boolean serverSideRedirect = false;
 
-	private int DEFAULT_ORDER = Integer.MAX_VALUE;// ~ default
-
-	private int order = DEFAULT_ORDER;
-
 	// ~ Methods
 	// ========================================================================================================
 
@@ -267,12 +262,4 @@ public class AuthenticationProcessingFilterEntryPoint implements AuthenticationE
 		this.serverSideRedirect = serverSideRedirect;
 	}
 
-	public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 }

core/src/main/java/org/acegisecurity/ui/x509/X509ProcessingFilterEntryPoint.java

@@ -26,7 +26,6 @@ import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ui.AuthenticationEntryPoint;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.springframework.core.Ordered;
 
 /**
  * In the X.509 authentication case (unlike CAS, for example) the certificate
@@ -47,28 +46,15 @@ import org.springframework.core.Ordered;
  * 
  * @see org.acegisecurity.ui.ExceptionTranslationFilter
  */
-public class X509ProcessingFilterEntryPoint implements AuthenticationEntryPoint, Ordered {
+public class X509ProcessingFilterEntryPoint implements AuthenticationEntryPoint {
 	// ~ Static fields/initializers
 	// =====================================================================================
 
 	private static final Log logger = LogFactory.getLog(X509ProcessingFilterEntryPoint.class);
 
-	// ~ instance fields
-	// =====================================================================================
-	
-	private int order = Integer.MAX_VALUE; // ~ default
-
 	// ~ Methods
 	// ========================================================================================================
 
-	public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	/**
 	 * Returns a 403 error code to the client.
 	 * 

core/src/main/java/org/acegisecurity/vote/AbstractAccessDecisionManager.java

@@ -15,25 +15,17 @@
 
 package org.acegisecurity.vote;
 
-import java.util.ArrayList;
-import java.util.Collections;
 import java.util.Iterator;
 import java.util.List;
-import java.util.Map;
 
 import org.acegisecurity.AccessDecisionManager;
 import org.acegisecurity.AccessDeniedException;
 import org.acegisecurity.AcegiMessageSource;
 import org.acegisecurity.ConfigAttribute;
-import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.InitializingBean;
-import org.springframework.context.ApplicationContext;
-import org.springframework.context.ApplicationContextAware;
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.core.OrderComparator;
-import org.springframework.core.Ordered;
 import org.springframework.util.Assert;
 
 /**
@@ -45,7 +37,7 @@ import org.springframework.util.Assert;
  * </p>
  */
 public abstract class AbstractAccessDecisionManager implements AccessDecisionManager, InitializingBean,
-        MessageSourceAware, ApplicationContextAware {
+        MessageSourceAware {
     // ~ Instance fields
     // ================================================================================================
 
@@ -55,31 +47,14 @@ public abstract class AbstractAccessDecisionManager implements AccessDecisionMan
 
     private boolean allowIfAllAbstainDecisions = false;
 
-    private ApplicationContext applicationContext;
-
     // ~ Methods
     // ========================================================================================================
 
     public void afterPropertiesSet() throws Exception {
-        if (decisionVoters == null || decisionVoters.isEmpty()) {
-            autoDetectVoters();
-        }
         Assert.notEmpty(this.decisionVoters, "A list of AccessDecisionVoters is required");
         Assert.notNull(this.messages, "A message source must be set");
     }
 
-    private void autoDetectVoters() {
-        Assert.notNull(applicationContext, "Auto-detection of voters requires an application context");
-        Map map = this.applicationContext.getBeansOfType(AccessDecisionVoter.class);
-        List list = new ArrayList();
-
-        for (Iterator it = map.values().iterator(); it.hasNext();) {
-            list.add((it.next()));
-        }
-        Collections.sort(list, new OrderComparator());
-        setDecisionVoters(list);
-    }
-
     protected final void checkAllowIfAllAbstainDecisions() {
         if (!this.isAllowIfAllAbstainDecisions()) {
             throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
@@ -155,8 +130,4 @@ public abstract class AbstractAccessDecisionManager implements AccessDecisionMan
 
         return true;
     }
-
-    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
-        this.applicationContext = applicationContext;
-	}
 }

core/src/main/java/org/acegisecurity/vote/AuthenticatedVoter.java

@@ -21,7 +21,6 @@ import org.acegisecurity.AuthenticationTrustResolverImpl;
 import org.acegisecurity.ConfigAttribute;
 import org.acegisecurity.ConfigAttributeDefinition;
 
-import org.springframework.core.Ordered;
 import org.springframework.util.Assert;
 
 import java.util.Iterator;
@@ -42,20 +41,16 @@ import java.util.Iterator;
  * @author Ben Alex
  * @version $Id$
  */
-public class AuthenticatedVoter implements AccessDecisionVoter, Ordered {
+public class AuthenticatedVoter implements AccessDecisionVoter {
     //~ Static fields/initializers =====================================================================================
 
     public static final String IS_AUTHENTICATED_FULLY = "IS_AUTHENTICATED_FULLY";
     public static final String IS_AUTHENTICATED_REMEMBERED = "IS_AUTHENTICATED_REMEMBERED";
     public static final String IS_AUTHENTICATED_ANONYMOUSLY = "IS_AUTHENTICATED_ANONYMOUSLY";
-    public static int DEFAULT_ORDER = Ordered.LOWEST_PRECEDENCE;
     //~ Instance fields ================================================================================================
 
     private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl();
     
-    private int order = DEFAULT_ORDER;
-    
-
     //~ Methods ========================================================================================================
 
     private boolean isFullyAuthenticated(Authentication authentication) {
@@ -124,13 +119,4 @@ public class AuthenticatedVoter implements AccessDecisionVoter, Ordered {
 
         return result;
     }
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
-	public int getOrder() {
-		return order;
-	}
-
 }

core/src/main/java/org/acegisecurity/vote/RoleVoter.java

@@ -15,12 +15,11 @@
 
 package org.acegisecurity.vote;
 
+import java.util.Iterator;
+
 import org.acegisecurity.Authentication;
 import org.acegisecurity.ConfigAttribute;
 import org.acegisecurity.ConfigAttributeDefinition;
-import org.springframework.core.Ordered;
-
-import java.util.Iterator;
 
 /**
  * <p>
@@ -55,18 +54,12 @@ import java.util.Iterator;
  * @author colin sampaleanu
  * @version $Id$
  */
-public class RoleVoter implements AccessDecisionVoter, Ordered {
+public class RoleVoter implements AccessDecisionVoter {
-	// ~ Static fields/initializers
-	// =====================================================================================
-	public static int DEFAULT_ORDER = Ordered.LOWEST_PRECEDENCE;
-
 	// ~ Instance fields
 	// ================================================================================================
 
 	private String rolePrefix = "ROLE_";
 
-	private int order = DEFAULT_ORDER;
-
 	// ~ Methods
 	// ========================================================================================================
 
@@ -126,13 +119,4 @@ public class RoleVoter implements AccessDecisionVoter, Ordered {
 
 		return result;
 	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
-	public int getOrder() {
-		return order;
-	}
-
 }

core/src/test/java/org/acegisecurity/MockAuthenticationEntryPoint.java

@@ -24,7 +24,6 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.acegisecurity.ui.AuthenticationEntryPoint;
-import org.springframework.core.Ordered;
 
 
 /**
@@ -33,22 +32,13 @@ import org.springframework.core.Ordered;
  * @author Ben Alex
  * @version $Id$
  */
-public class MockAuthenticationEntryPoint implements AuthenticationEntryPoint, Ordered {
+public class MockAuthenticationEntryPoint implements AuthenticationEntryPoint {
     //~ Instance fields ================================================================================================
 
     private String url;
-    private int order = Integer.MAX_VALUE; // ~ default
 
     //~ Constructors ===================================================================================================
 
-    public int getOrder() {
-		return order;
-	}
-
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
 	public MockAuthenticationEntryPoint(String url) {
         this.url = url;
     }

core/src/test/java/org/acegisecurity/vote/DenyAgainVoter.java

@@ -18,7 +18,6 @@ package org.acegisecurity.vote;
 import org.acegisecurity.Authentication;
 import org.acegisecurity.ConfigAttribute;
 import org.acegisecurity.ConfigAttributeDefinition;
-import org.springframework.core.Ordered;
 
 import java.util.Iterator;
 
@@ -35,11 +34,7 @@ import java.util.Iterator;
  * @author Ben Alex
  * @version $Id$
  */
-public class DenyAgainVoter implements AccessDecisionVoter, Ordered {
+public class DenyAgainVoter implements AccessDecisionVoter {
-	public static int DEFAULT_ORDER = Ordered.LOWEST_PRECEDENCE;
-
-	private int order = DEFAULT_ORDER;
-
 	// ~ Methods
 	// ========================================================================================================
 
@@ -70,12 +65,4 @@ public class DenyAgainVoter implements AccessDecisionVoter, Ordered {
 		return ACCESS_ABSTAIN;
 	}
 	
-	public void setOrder(int order) {
-		this.order = order;
-	}
-
-	public int getOrder() {
-		return order;
-	}
-
 }