Index: /trunk/grails-app/controllers/LoginController.groovy
===================================================================
--- /trunk/grails-app/controllers/LoginController.groovy	(revision 166)
+++ /trunk/grails-app/controllers/LoginController.groovy	(revision 167)
@@ -13,29 +13,29 @@
 class LoginController {
 
-	/**
-	 * Dependency injection for the authentication service.
-	 */
-	def authenticateService
+    /**
+    * Dependency injection for the authentication service.
+    */
+    def authenticateService
 
-	/**
-	 * Dependency injection for OpenIDConsumer.
-	 */
-	def openIDConsumer
+    /**
+        * Dependency injection for OpenIDConsumer.
+        */
+    def openIDConsumer
 
-	/**
-	 * Dependency injection for OpenIDAuthenticationProcessingFilter.
-	 */
-	def openIDAuthenticationProcessingFilter
+    /**
+    * Dependency injection for OpenIDAuthenticationProcessingFilter.
+    */
+    def openIDAuthenticationProcessingFilter
 
-	private final authenticationTrustResolver = new AuthenticationTrustResolverImpl()
+    private final authenticationTrustResolver = new AuthenticationTrustResolverImpl()
 
-	def index = {
-		if (isLoggedIn()) {
-			redirect uri: '/'
-		}
-		else {
-			redirect action: auth, params: params
-		}
-	}
+    def index = {
+        if (isLoggedIn()) {
+            redirect uri: '/'
+        }
+        else {
+            redirect action: auth, params: params
+        }
+    }
 
     def loggedOut = {
@@ -44,145 +44,145 @@
     }
 
-	/**
-	 * Show the login page.
-	 */
-	def auth = {
+    /**
+    * Show the login page.
+    */
+    def auth = {
 
-		nocache(response)
+        nocache(response)
 
-		if (isLoggedIn()) {
-			redirect uri: '/'
-			return
-		}
+        if (isLoggedIn()) {
+            redirect uri: '/'
+            return
+        }
 
-		String view
-		String postUrl
-		def config = authenticateService.securityConfig.security
-		if (config.useOpenId) {
-			view = 'openIdAuth'
-			postUrl = "${request.contextPath}/login/openIdAuthenticate"
-		}
-		else if (config.useFacebook) {
-			view = 'facebookAuth'
-			postUrl = "${request.contextPath}${config.facebook.filterProcessesUrl}"
-		}
-		else {
-			view = 'auth'
-			postUrl = "${request.contextPath}${config.filterProcessesUrl}"
-		}
+        String view
+        String postUrl
+        def config = authenticateService.securityConfig.security
+        if (config.useOpenId) {
+            view = 'openIdAuth'
+            postUrl = "${request.contextPath}/login/openIdAuthenticate"
+        }
+        else if (config.useFacebook) {
+            view = 'facebookAuth'
+            postUrl = "${request.contextPath}${config.facebook.filterProcessesUrl}"
+        }
+        else {
+            view = 'auth'
+            postUrl = "${request.contextPath}${config.filterProcessesUrl}"
+        }
 
-		render view: view, model: [postUrl: postUrl]
-	}
+        render view: view, model: [postUrl: postUrl]
+    }
 
-	/**
-	 * Form submit action to start an OpenID authentication.
-	 */
-	def openIdAuthenticate = {
-		String openID = params['j_username']
-		try {
-			String returnToURL = RedirectUtils.buildRedirectUrl(
-					request, response, openIDAuthenticationProcessingFilter.filterProcessesUrl)
-			String redirectUrl = openIDConsumer.beginConsumption(request, openID, returnToURL)
-			redirect url: redirectUrl
-		}
-		catch (org.springframework.security.ui.openid.OpenIDConsumerException e) {
-			log.error "Consumer error: $e.message", e
-			redirect url: openIDAuthenticationProcessingFilter.authenticationFailureUrl
-		}
-	}
+    /**
+    * Form submit action to start an OpenID authentication.
+    */
+    def openIdAuthenticate = {
+        String openID = params['j_username']
+        try {
+            String returnToURL = RedirectUtils.buildRedirectUrl(
+                    request, response, openIDAuthenticationProcessingFilter.filterProcessesUrl)
+            String redirectUrl = openIDConsumer.beginConsumption(request, openID, returnToURL)
+            redirect url: redirectUrl
+        }
+        catch (org.springframework.security.ui.openid.OpenIDConsumerException e) {
+            log.error "Consumer error: $e.message", e
+            redirect url: openIDAuthenticationProcessingFilter.authenticationFailureUrl
+        }
+    }
 
-	// Login page (function|json) for Ajax access.
-	def authAjax = {
-		nocache(response)
-		//this is example:
-		render """
-		<script type='text/javascript'>
-		(function() {
-			loginForm();
-		})();
-		</script>
-		"""
-	}
+    // Login page (function|json) for Ajax access.
+    def authAjax = {
+        nocache(response)
+        //this is example:
+        render """
+        <script type='text/javascript'>
+        (function() {
+            loginForm();
+        })();
+        </script>
+        """
+    }
 
-	/**
-	 * The Ajax success redirect url.
-	 */
-	def ajaxSuccess = {
-		nocache(response)
-		render '{success: true}'
-	}
+    /**
+    * The Ajax success redirect url.
+    */
+    def ajaxSuccess = {
+        nocache(response)
+        render '{success: true}'
+    }
 
-	/**
-	 * Show denied page.
-	 */
-	def denied = {
-		if (isLoggedIn() && authenticationTrustResolver.isRememberMe(SCH.context?.authentication)) {
-			// have cookie but the page is guarded with IS_AUTHENTICATED_FULLY
-			redirect action: full, params: params
-		}
-	}
+    /**
+    * Show denied page.
+    */
+    def denied = {
+        if (isLoggedIn() && authenticationTrustResolver.isRememberMe(SCH.context?.authentication)) {
+            // have cookie but the page is guarded with IS_AUTHENTICATED_FULLY
+            redirect action: full, params: params
+        }
+    }
 
-	/**
-	 * Login page for users with a remember-me cookie but accessing a IS_AUTHENTICATED_FULLY page.
-	 */
-	def full = {
-		render view: 'auth', params: params,
-			model: [hasCookie: authenticationTrustResolver.isRememberMe(SCH.context?.authentication)]
-	}
+    /**
+    * Login page for users with a remember-me cookie but accessing a IS_AUTHENTICATED_FULLY page.
+    */
+    def full = {
+        render view: 'auth', params: params,
+            model: [hasCookie: authenticationTrustResolver.isRememberMe(SCH.context?.authentication)]
+    }
 
-	// Denial page (data|view|json) for Ajax access.
-	def deniedAjax = {
-		//this is example:
-		render "{error: 'access denied'}"
-	}
+    // Denial page (data|view|json) for Ajax access.
+    def deniedAjax = {
+        //this is example:
+        render "{error: 'access denied'}"
+    }
 
-	/**
-	 * login failed
-	 */
-	def authfail = {
+    /**
+    * login failed
+    */
+    def authfail = {
 
-		def username = session[AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY]
-		def msg = ''
+        def username = session[AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY]
+        def msg = ''
         def person = Person.findByLoginName(username)
-		def exception = session[AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY]
-		if (exception) {
-			if (exception instanceof DisabledException) {
-				msg = "[$username] is disabled."
-			}
+        def exception = session[AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY]
+        if (exception) {
+            if (exception instanceof DisabledException) {
+                msg = "[$username] is disabled."
+            }
             else if (person.authorities.isEmpty()) {
                 msg = "[$username] has no GrantedAuthority."
             }
-			else {
-				msg = "[$username] wrong username/password."
-			}
-		}
+            else {
+                msg = "[$username] wrong username/password."
+            }
+        }
 
-		if (isAjax()) {
-			render "{error: '${msg}'}"
-		}
-		else {
-			flash.message = msg
-			redirect action: auth, params: params
-		}
-	}
+        if (isAjax()) {
+            render "{error: '${msg}'}"
+        }
+        else {
+            flash.message = msg
+            redirect action: auth, params: params
+        }
+    }
 
-	/**
-	 * Check if logged in.
-	 */
-	private boolean isLoggedIn() {
-		return authenticateService.isLoggedIn()
-	}
+    /**
+    * Check if logged in.
+    */
+    private boolean isLoggedIn() {
+        return authenticateService.isLoggedIn()
+    }
 
-	private boolean isAjax() {
-		return authenticateService.isAjax(request)
-	}
+    private boolean isAjax() {
+        return authenticateService.isAjax(request)
+    }
 
-	/** cache controls */
-	private void nocache(response) {
-		response.setHeader('Cache-Control', 'no-cache') // HTTP 1.1
-		response.addDateHeader('Expires', 0)
-		response.setDateHeader('max-age', 0)
-		response.setIntHeader ('Expires', -1) //prevents caching at the proxy server
-		response.addHeader('cache-Control', 'private') //IE5.x only
-	}
+    /** cache controls */
+    private void nocache(response) {
+        response.setHeader('Cache-Control', 'no-cache') // HTTP 1.1
+        response.addDateHeader('Expires', 0)
+        response.setDateHeader('max-age', 0)
+        response.setIntHeader ('Expires', -1) //prevents caching at the proxy server
+        response.addHeader('cache-Control', 'private') //IE5.x only
+    }
 }
Index: /trunk/grails-app/domain/Authority.groovy
===================================================================
--- /trunk/grails-app/domain/Authority.groovy	(revision 166)
+++ /trunk/grails-app/domain/Authority.groovy	(revision 167)
@@ -1,15 +1,15 @@
 class Authority {
 
-	static hasMany = [persons: Person]
+    static hasMany = [persons: Person]
 
-	/** description */
-	String description
-	/** ROLE String */
-	String authority
+    /** description */
+    String description
+    /** ROLE String */
+    String authority
 
-	static constraints = {
-		authority(blank: false, unique: true)
-		description()
-	}
+    static constraints = {
+        authority(blank: false, unique: true)
+        description()
+    }
 
     String toString() {