fishdujour.typepad.com/blog/2005/02/junit_testing_w.html, posted 2008 by peter in development howto java testing
Here's a tip if you are trying to do some unit testing with Acegi Security - particularly if you are doing role based authorization of method calls on your manager objects via interception. Basically, a secure method interceptor will a) need an authentication token to play with, and b) a way to
find out what authorities the user has.
We need to cater for this when running the tests.