Rossen Stoyanchev (Migrated from SEC-1552) said:
The tag is built for JSP pages. It extends from javax.servlet.jsp.tagext.TagSupport, has dependencies on javax.servlet.jsp.*, relies on the presence of javax.servlet.jsp.PageContext, etc.
The ability to use the tag in JSF applications has been a long standing and popular request [SWF-1333]. With Facelets being the standard rendering technology in JSF 2, the need to make the tag usable in Facelets has only increased. Furthermore Facelets in JSF 1.2 uses different packages than Facelets in JSF 2 when Facelets became standard. Hence the re-usable parts of the code for AuthorizeTag need to be factored out and made independent of tag specific dependencies.
Rossen Stoyanchev said:
The existing AuthorizeTag and its parent LegacyAuthorizeTag have been re-factored into a single base class AbstractAuthorizeTag with no JSP-related dependencies. A new JspAuthorizeTag class extending from AbstractAuthorizeTag implements the JSP Tag interface.