plugin-core/plugin/src/main/groovy/grails/plugin/springsecurity/SpringSecurityCoreGrailsPlugin.groovy (4 lines):
	- line 379: // TODO doc new
	- line 534: // TODO doc new
	- line 719: // TODO            if (passwordEncoder instanceof DigestAuthPasswordEncoder) {
	- line 982: // TODO create plugin version that overrides extractAttributes


plugin-ui/plugin/grails-app/taglib/grails/plugin/springsecurity/ui/SecurityUiTagLib.groovy (2 lines):
	- line 377: // TODO encodeAsHTML
	- line 498: // TODO use this


plugin-rest/spring-security-rest-gorm/src/main/groovy/grails/plugin/springsecurity/rest/token/storage/GormTokenStorageService.groovy (2 lines):
	- line 67: //TODO check at startup, not here
	- line 101: //TODO check at startup, not here


plugin-oauth2/plugin/src/main/groovy/grails/plugin/springsecurity/oauth2/SpringSecurityOauth2GrailsPlugin.groovy (1 line):
	- line 15: // TODO Fill in these fields


plugin-cas/plugin/src/main/groovy/grails/plugin/springsecurity/cas/SpringSecurityCasGrailsPlugin.groovy (1 line):
	- line 97: // TODO  document NullProxyGrantingTicketStorage


plugin-core/plugin/src/main/groovy/grails/plugin/springsecurity/authentication/GrailsAnonymousAuthenticationToken.groovy (1 line):
	- line 32: // TODO use this


plugin-core/plugin/grails-app/taglib/grails/plugin/springsecurity/SecurityTagLib.groovy (1 line):
	- line 108: // TODO support 'var' and 'scope' and set the result instead of writing it


plugin-core/plugin/grails-app/controllers/grails/plugin/springsecurity/LogoutController.groovy (1 line):
	- line 38: // TODO put any pre-logout code here


plugin-core/plugin/src/main/groovy/grails/plugin/springsecurity/web/filter/IpAddressFilter.groovy (1 line):
	- line 54: /** Dependency injection for whether to allow localhost calls (useful for testing). TODO document. */


plugin-core/plugin/src/main/groovy/grails/plugin/springsecurity/SpringSecurityUtils.groovy (1 line):
	- line 83: public static final String SAVED_REQUEST = 'SPRING_SECURITY_SAVED_REQUEST' // TODO use requestCache