Please upgrade Acegi Security to the latest Spring Security release. Acegi Security it's old and deprecated.
ldap authentication problem
JenkinsRule mode to use realistic class loading
Crowd plugin - "remember me" doesn't work
LDAP Plugin should support StartTLS extension
SAML plugin upgrade pac4j to latest possible version
Extend plugin/update center metadata with known incompatibilities
Split most of Spring Framework out of core
Rob Winch actually, you could be of assistance if you have any time to spare: I have been struggling in https://github.com/jenkinsci/ldap-plugin/pull/49 to find the Spring Security equivalents of a number of Acegi Security API calls relating to LDAP, not made any easier by the fact that I know little about LDAP itself.
I have filed a JEP draft for this whole effort.
Rob Winch thanks for the offer! I think I am past the stage where I struggled to find Spring Security 5 equivalents to various Acegi Security idioms that could not be resolved by a simple fix of imports (could not find a clear Rosetta stone except for the 3 → 4 migration). If you can spare any time, by all means skim over the running changes to Jenkins core and comment if you notice any clear abuses of the API. The work going forward will be dealing with compatibility from plugins. There is a draft overview of the effort for background.
Thanks Jesse Glick Please let me know if I can be of any assistance.
I am investigating whether this effort is feasible.
Update for 2020 status.
PR for the usage-in-plugin custom search used: https://github.com/jenkins-infra/usage-in-plugins/pull/15
Report attached to this ticket: usage-by-api_2020-07-11.html
Important missing points: the classes used in XxxSecurityRealm.groovy used for building the beans.