I spent some time yesterday converting AppFuse's homegrown Remember Me and SSL Switching system to using Acegi Security. Thanks to Justin Spears, who provided the original motivation. It was much easier than I thought it would be, and resulted in the deleting of 7 classes in AppFuse. Not only that, but only one of them had a test for it, so the test coverage has naturally gone up as well. I'll trade 40 lines of XML for 1214 lines of Java any day - especially when I can get the support of an open-source framework.
If you're interested in using this code over 1.8.2, you can checkout the latest code from CVS (or download it from http://appfuse.org/nightly). The only other change currently in CVS is changing from "tomcat" to "user" as the default User role. Below is a list of classes that were removed as part of this move to Acegi:
I should also mention that I owe a big thanks to Virtuas - who pays me to work on AppFuse these days.