diff --git a/cake/libs/controller/components/auth.php b/cake/libs/controller/components/auth.php
index 2ce617878..40695b2aa 100644
--- a/cake/libs/controller/components/auth.php
+++ b/cake/libs/controller/components/auth.php
@@ -91,6 +91,16 @@ class AuthComponent extends Component {
  */
 	protected $_authorizeObjects = array();
 
+/**
+ * A hash mapping legacy properties => to settings passed into Authorize objects.
+ *
+ * @var string
+ * @deprecated Will be removed in 2.1+
+ */
+	protected $_authorizeLegacyMap = array(
+		'actionPath' => 'actionPath',
+	);
+
 /**
  * The name of an optional view element to render when an Ajax request is made
  * with an invalid or expired session
@@ -499,6 +509,11 @@ class AuthComponent extends Component {
 			if (!method_exists($className, 'authorize')) {
 				throw new CakeException(__('Authorization objects must implement an authorize method.'));
 			}
+			foreach ($this->_authorizeLegacyMap as $old => $new) {
+				if (empty($settings[$new]) && !empty($this->{$old})) {
+					$settings[$new] = $this->{$old};
+				}
+			}
 			$this->_authorizeObjects[] = new $className($this->_Collection->getController(), $settings);
 		}
 		return $this->_authorizeObjects;
diff --git a/cake/libs/controller/components/auth/base_authorize.php b/cake/libs/controller/components/auth/base_authorize.php
index cc19acb26..cf9a2892f 100644
--- a/cake/libs/controller/components/auth/base_authorize.php
+++ b/cake/libs/controller/components/auth/base_authorize.php
@@ -29,26 +29,24 @@ abstract class BaseAuthorize {
 	protected $_controller = null;
 
 /**
- * The path to ACO nodes that contains the nodes for controllers.  Used as a prefix
- * when calling $this->action();
+ * Settings for authorize objects.
  *
- * @var string
- */
-	public $actionPath = null;
-
-/**
- * Action -> crud mappings. Used by authorization objects that want to map actions to CRUD roles.
+ * - `actionPath` - The path to ACO nodes that contains the nodes for controllers.  Used as a prefix
+ * when calling $this->action();
+ * - `actionMap` - Action -> crud mappings. Used by authorization objects that want to map actions to CRUD roles.
  *
  * @var array
- * @see CrudAuthorize
  */
-	protected $_actionMap = array(
-		'index' => 'read',
-		'add' => 'create',
-		'edit' => 'update',
-		'view' => 'read',
-		'delete' => 'delete',
-		'remove' => 'delete'
+	public $settings = array(
+		'actionPath' => null,
+		'actionMap' => array(
+			'index' => 'read',
+			'add' => 'create',
+			'edit' => 'update',
+			'view' => 'read',
+			'delete' => 'delete',
+			'remove' => 'delete'
+		)
 	);
 
 /**
@@ -59,6 +57,7 @@ abstract class BaseAuthorize {
  */
 	public function __construct(Controller $controller, $settings = array()) {
 		$this->controller($controller);
+		$this->settings = Set::merge($this->settings, $settings);
 	}
 
 /**
@@ -99,7 +98,7 @@ abstract class BaseAuthorize {
 		return str_replace(
 			array(':controller', ':action', ':plugin/'),
 			array(Inflector::camelize($request['controller']), $request['action'], $plugin),
-			$this->actionPath . $path
+			$this->settings['actionPath'] . $path
 		);
 	}
 
@@ -111,16 +110,16 @@ abstract class BaseAuthorize {
  */
 	public function mapActions($map = array()) {
 		if (empty($map)) {
-			return $this->_actionMap;
+			return $this->settings['actionMap'];
 		}
 		$crud = array('create', 'read', 'update', 'delete');
 		foreach ($map as $action => $type) {
 			if (in_array($action, $crud) && is_array($type)) {
 				foreach ($type as $typedAction) {
-					$this->_actionMap[$typedAction] = $action;
+					$this->settings['actionMap'][$typedAction] = $action;
 				}
 			} else {
-				$this->_actionMap[$action] = $type;
+				$this->settings['actionMap'][$action] = $type;
 			}
 		}
 	}
diff --git a/cake/tests/cases/libs/controller/components/auth.test.php b/cake/tests/cases/libs/controller/components/auth.test.php
index d22b1ea92..c4dc81e0c 100644
--- a/cake/tests/cases/libs/controller/components/auth.test.php
+++ b/cake/tests/cases/libs/controller/components/auth.test.php
@@ -775,6 +775,20 @@ class AuthTest extends CakeTestCase {
 		$this->Controller->Auth->identify($this->Controller->request);
 	}
 
+/**
+ * test that loadAuthorize merges in legacy authorize settings.
+ *
+ * @return void
+ */
+	function testLoadAuthorizeSettingsPass() {
+		$this->Controller->Auth->actionPath = 'controllers/';
+
+		$this->Controller->Auth->authorize = array('Actions');
+		$objects = $this->Controller->Auth->loadAuthorizeObjects();
+		$result = $objects[0];
+		$this->assertEquals($result->settings['actionPath'], 'controllers/');
+	}
+
 /**
  * test that loadAuthorize resets the loaded objects each time.
  *