I see that net.sf.acegisecurity.providers.dao.User has an isEnabled method, before I started using acegi I had a role named "LOGIN_ROLE" and this enabled the user to login, so this is what I mapped enabled to when using acegi, I also saw that there was a DisabledException thrown when the account was disabled and I simply display the user a message letting them know that their account has been disabled, anyhow, I also see this LockedException, how does this relate to DisabledException? how should it be used if ever?