SEC-181: Remove acegifier application.

samples/acegifier/.cvsignore

@@ -1 +0,0 @@
-target

samples/acegifier/pom.xml

@@ -1,52 +0,0 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <groupId>org.acegisecurity</groupId>
- <artifactId>acegi-security-samples-acegifier</artifactId>
- <packaging>war</packaging>
- <name>acegi-security-samples-acegifier</name>
- <parent>
-   <groupId>org.acegisecurity</groupId>
-   <artifactId>acegi-security-samples</artifactId>
-   <version>1.0.5-SNAPSHOT</version>
- </parent>
- <dependencies>
-   <dependency>
-     <groupId>org.acegisecurity</groupId>
-     <artifactId>acegi-security</artifactId>
-     <version>${pom.version}</version>
-     <type>jar</type>
-   </dependency>
-   <dependency>
-     <groupId>org.springframework</groupId>
-     <artifactId>spring-webmvc</artifactId>
-     <version>2.0.4</version>
-     <type>jar</type>
-   </dependency>
-   <dependency>
-     <groupId>javax.servlet</groupId>
-     <artifactId>servlet-api</artifactId>
-     <version>2.4</version>
-     <scope>provided</scope>
-   </dependency>
-   <dependency>
-     <groupId>dom4j</groupId>
-     <artifactId>dom4j</artifactId>
-     <version>1.6</version>
-     <type>jar</type>
-   </dependency>
-   <dependency>
-     <groupId>jaxen</groupId>
-     <artifactId>jaxen</artifactId>
-     <version>1.1-beta-8</version>
-     <type>jar</type>
-   </dependency>
-   <dependency>
-     <groupId>freemarker</groupId>
-     <artifactId>freemarker</artifactId>
-     <version>2.3.4</version>
-     <type>jar</type>
-   </dependency>
- </dependencies>
-
-</project>

samples/acegifier/project.xml

@@ -1,45 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<project>
-  <extend>${basedir}/../project.xml</extend>
-  <pomVersion>3</pomVersion>
-  <artifactId>acegi-security-sample-acegifier</artifactId>
-  <name>Acegi Security System for Spring - Acegifier sample</name>
-  <siteDirectory>/home/groups/a/ac/acegisecurity/htdocs/multiproject/acegi-security-sample-acegifier</siteDirectory>
-  <repository>
-    <connection>scm:svn:https://acegisecurity.svn.sourceforge.net/svnroot/acegisecurity/trunk/acegisecurity</connection>
-    <developerConnection>scm:svn:https://acegisecurity.svn.sourceforge.net/svnroot/acegisecurity/trunk/acegisecurity</developerConnection>
-    <url>http://acegisecurity.svn.sourceforge.net/viewcvs.cgi/acegisecurity/trunk/acegisecurity/samples/acegifier/</url>
-  </repository>
-  <dependencies>
-    <dependency>
-      <groupId>dom4j</groupId>
-      <artifactId>dom4j</artifactId>
-      <version>1.6</version>
-      <type>jar</type>
-      <url>http://www.dom4j.org</url>
-      <properties>
-        <war.bundle>true</war.bundle>
-      </properties>
-    </dependency>
-    <dependency>
-      <groupId>jaxen</groupId>
-      <artifactId>jaxen</artifactId>
-      <version>1.1-beta-8</version>
-      <type>jar</type>
-      <url>http://www.jaxen.org</url>
-      <properties>
-        <war.bundle>true</war.bundle>
-      </properties>
-    </dependency>
-    <dependency>
-      <groupId>freemarker</groupId>
-      <artifactId>freemarker</artifactId>
-      <version>2.3.4</version>
-      <type>jar</type>
-      <url>http://www.freemarker.org/</url>
-      <properties>
-        <war.bundle>true</war.bundle>
-      </properties>
-    </dependency>
-  </dependencies>
-</project>

samples/acegifier/src/main/java/acegifier/WebXmlConverter.java

@@ -1,144 +0,0 @@
-package acegifier;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.List;
-
-import javax.xml.transform.Source;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.TransformerConfigurationException;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactory;
-import javax.xml.transform.stream.StreamSource;
-
-import org.dom4j.Document;
-import org.dom4j.DocumentException;
-import org.dom4j.DocumentHelper;
-import org.dom4j.Node;
-import org.dom4j.io.DocumentResult;
-import org.dom4j.io.DocumentSource;
-import org.dom4j.io.SAXReader;
-import org.springframework.core.io.ClassPathResource;
-import org.springframework.util.Assert;
-
-/**
- * A utility to translate a web.xml file into a set of acegi security spring beans.
- *
- * <p>
- * Also produces a new "acegified" web.xml file with the necessary filters installed
- * and the security elements defined by the servlet DTD removed.
- *
- * <p>
- * This class wraps the XSL transform which actually does most of the work.
- * </p>
- *
- * @author Luke Taylor
- * @version $Id$
- */
-public class WebXmlConverter {
-    private static final String WEB_TO_SPRING_XSL_FILE = "web-to-spring.xsl";
-    private static final String NEW_WEB_XSLT_FILE = "acegi-web.xsl";
-
-    private Transformer acegiSecurityTransformer, newWebXmlTransformer;
-
-    /**
-     * The name of the spring-beans file which the beans will be stored in.
-     * This is required when writing the new web.xml content.
-     */
-    private String acegiOutputFileName = "applicationContext-acegi-security.xml";
-
-    /** The web.xml content to be converted */
-    private Source xmlSource;
-    /** The results of the conversion */
-    private Document newWebXml, acegiBeansXml;
-
-    public WebXmlConverter() throws IOException, TransformerConfigurationException {
-        TransformerFactory tf = TransformerFactory.newInstance();
-        Source source = createTransformerSource(WEB_TO_SPRING_XSL_FILE);
-        System.out.println("1");
-        acegiSecurityTransformer = tf.newTransformer(source);
-        System.out.println("2");
-        newWebXmlTransformer = tf.newTransformer(createTransformerSource(NEW_WEB_XSLT_FILE));
-        System.out.println("3");
-    }
-
-    private Source createTransformerSource(String fileName) throws IOException {
-        ClassPathResource resource = new ClassPathResource(fileName);
-        Source source = new StreamSource(resource.getInputStream());
-        return source;
-    }
-
-    /**
-     * Performs the transformations on the input source.
-     * Creates new web.xml content and a set of acegi-security Spring beans which can be
-     * accessed through the appropriate getter methods.
-     */
-    public void doConversion() throws IOException, TransformerException {
-        Assert.notNull(xmlSource, "The XML input must be set");
-
-        // Create the modified web.xml file
-        newWebXmlTransformer.setParameter("acegi-security-context-file", acegiOutputFileName);
-//        newWebXmlTransformer.setParameter("cas-proxy-url", "http://localhost:8433/cas/proxy");
-        DocumentResult result = new DocumentResult();
-        newWebXmlTransformer.transform(xmlSource, result);
-        newWebXml = result.getDocument();
-
-        result = new DocumentResult();
-        acegiSecurityTransformer.transform(xmlSource, result);
-        acegiBeansXml = result.getDocument();
-    }
-
-    /** Set the input as an xml string */
-    public void setInput(String xml) throws DocumentException {
-        setInput(DocumentHelper.parseText(xml));
-    }
-
-    /** Set the input as a stream */
-    public void setInput(InputStream in) throws DocumentException {
-        SAXReader reader = new SAXReader();
-        setInput(reader.read(in));
-    }
-
-    /** set the input as a dom4j document */
-    public void setInput(Document document) throws DocumentException {
-        validateWebXml(document);
-        xmlSource = new DocumentSource(document);
-    }
-
-    /** Checks the web.xml to make sure it contains correct data */
-    private void validateWebXml(Document document) throws DocumentException {
-        Node authMethodNode =
-                document.selectSingleNode("/web-app/login-config/auth-method");
-        if (authMethodNode == null)
-            throw new DocumentException("login-config and auth-method must be present");
-        String authMethod =  authMethodNode.getStringValue().toUpperCase();
-        if (!authMethod.equals("BASIC") && !authMethod.equals("FORM")) {
-            throw new DocumentException("unsupported auth-method: " + authMethod);
-        }
-        List roles = document.selectNodes("/web-app/security-role");
-        if (roles.isEmpty()) {
-            throw new DocumentException("Each role used must be defined in a security-role element");
-        }
-    }
-
-    public String getAcegiOutputFileName() {
-        return acegiOutputFileName;
-    }
-
-    public void setAcegiOutputFileName(String acegiOutputFileName) {
-        this.acegiOutputFileName = acegiOutputFileName;
-    }
-
-    /** Returns the converted web.xml content */
-    public Document getNewWebXml() {
-        return newWebXml;
-    }
-
-    /**
-     * Returns the created spring-beans xml content which should be used in
-     * the application context file.
-     */
-    public Document getAcegiBeans() {
-        return acegiBeansXml;
-    }
-}

samples/acegifier/src/main/java/acegifier/web/AcegifierController.java

@@ -1,158 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package acegifier.web;
-
-import acegifier.WebXmlConverter;
-
-import org.acegisecurity.util.FilterChainProxy;
-import org.acegisecurity.util.InMemoryResource;
-
-import org.dom4j.Document;
-import org.dom4j.DocumentException;
-
-import org.dom4j.io.OutputFormat;
-import org.dom4j.io.XMLWriter;
-
-import org.springframework.beans.BeansException;
-import org.springframework.beans.factory.support.DefaultListableBeanFactory;
-import org.springframework.beans.factory.xml.XmlBeanDefinitionReader;
-
-import org.springframework.validation.BindException;
-import org.springframework.validation.Errors;
-
-import org.springframework.web.servlet.ModelAndView;
-import org.springframework.web.servlet.mvc.SimpleFormController;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import javax.xml.transform.TransformerException;
-
-
-/**
- * Takes a submitted web.xml, applies the transformer to it and returns the resulting modified web.xml and
- * acegi-app-context.xml file contents.
- *
- * @author Luke Taylor
- * @version $Id$
- */
-public class AcegifierController extends SimpleFormController {
-    //~ Constructors ===================================================================================================
-
-    public AcegifierController() {}
-
-    //~ Methods ========================================================================================================
-
-    /**
-     * Creates a BeanFactory from the spring beans XML document
-     *
-     * @param beans DOCUMENT ME!
-     *
-     * @return DOCUMENT ME!
-     */
-    private DefaultListableBeanFactory createBeanFactory(Document beans) {
-        DefaultListableBeanFactory bf = new DefaultListableBeanFactory();
-        XmlBeanDefinitionReader beanReader = new XmlBeanDefinitionReader(bf);
-        beanReader.loadBeanDefinitions(new InMemoryResource(beans.asXML().getBytes()));
-
-        return bf;
-    }
-
-    public ModelAndView onSubmit(HttpServletRequest request, HttpServletResponse response, Object command,
-        BindException errors) throws Exception {
-        AcegifierForm conversion = (AcegifierForm) command;
-        WebXmlConverter converter = new WebXmlConverter();
-        int nBeans = 0;
-        Document newWebXml = null;
-        Document acegiBeans = null;
-
-        try {
-            converter.setInput(conversion.getWebXml());
-            converter.doConversion();
-            newWebXml = converter.getNewWebXml();
-            acegiBeans = converter.getAcegiBeans();
-            nBeans = validateAcegiBeans(conversion, acegiBeans, errors);
-        } catch (DocumentException de) {
-            errors.rejectValue("webXml", "webXmlDocError", "There was a problem with your web.xml: " + de.getMessage());
-        } catch (TransformerException te) {
-            errors.rejectValue("webXml", "transFailure",
-                "There was an error during the XSL transformation: " + te.getMessage());
-        }
-
-        if (errors.hasErrors()) {
-            return showForm(request, response, errors);
-        }
-
-        Map model = new HashMap();
-        model.put("webXml", prettyPrint(newWebXml));
-        model.put("acegiBeansXml", prettyPrint(acegiBeans));
-        model.put("nBeans", new Integer(nBeans));
-
-        return new ModelAndView("acegificationResults", model);
-    }
-
-    /**
-     * Creates a formatted XML string from the supplied document
-     *
-     * @param document DOCUMENT ME!
-     *
-     * @return DOCUMENT ME!
-     *
-     * @throws IOException DOCUMENT ME!
-     */
-    private String prettyPrint(Document document) throws IOException {
-        ByteArrayOutputStream output = new ByteArrayOutputStream();
-        OutputFormat format = OutputFormat.createPrettyPrint();
-        format.setTrimText(false);
-
-        XMLWriter writer = new XMLWriter(output, format);
-        writer.write(document);
-        writer.flush();
-        writer.close();
-
-        return output.toString();
-    }
-
-    /**
-     * Validates the acegi beans, based on the input form data, and returns the number of spring beans defined
-     * in the document.
-     *
-     * @param conversion DOCUMENT ME!
-     * @param beans DOCUMENT ME!
-     * @param errors DOCUMENT ME!
-     *
-     * @return DOCUMENT ME!
-     */
-    private int validateAcegiBeans(AcegifierForm conversion, Document beans, Errors errors) {
-        DefaultListableBeanFactory bf = createBeanFactory(beans);
-
-        //TODO: actually do some proper validation!
-        try {
-            bf.getBean("filterChainProxy", FilterChainProxy.class);
-        } catch (BeansException be) {
-            errors.rejectValue("webXml", "beansInvalid",
-                "There was an error creating or accessing the bean factory " + be.getMessage());
-        }
-
-        return bf.getBeanDefinitionCount();
-    }
-}

samples/acegifier/src/main/java/acegifier/web/AcegifierForm.java

@@ -1,38 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package acegifier.web;
-
-/**
- * Form backing object for the Acegifier controller.
- *
- * @author Luke Taylor
- * @version $Id$
- */
-public class AcegifierForm {
-    //~ Instance fields ================================================================================================
-
-    private String webXml;
-
-    //~ Methods ========================================================================================================
-
-    public String getWebXml() {
-        return webXml;
-    }
-
-    public void setWebXml(String webXml) {
-        this.webXml = webXml;
-    }
-}

samples/acegifier/src/main/resources/acegi-web.xsl

@@ -1,118 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!-- 
- | XSL Sheet used by the web.xml to acegi-security beans converter
- | to create the new acegified web.xml.
- | $Id$
- -->
-
-<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
-
-<!-- The CAS proxy url (left empty if not to be used) -->
-<xsl:param name="cas-proxy-url"/>
-<!-- The acegi context file name - used in the -->
-<xsl:param name="acegi-security-context-file" select="'applicationContext-acegi-security.xml'"/>
-
-<xsl:output doctype-public="-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
-        doctype-system="http://java.sun.com/dtd/web-app_2_3.dtd"
-        indent="yes"/>
-
-<!-- Identity template which we override for specific cases -->
-<xsl:template match="@*|node()">
-    <xsl:copy>
-        <xsl:apply-templates select="@*|node()"/>
-    </xsl:copy>
-</xsl:template>
-    
-<xsl:template match="web-app">
-<web-app>
-    <xsl:apply-templates select="icon|display-name|description|distributable"/>  
-    <xsl:apply-templates select="context-param"/>
-    <xsl:call-template name="insert-spring-context-param"/>
-    <xsl:if test="$cas-proxy-url">
-	<!-- Required for CAS ProxyTicketReceptor servlet. This is the
-	     URL to CAS' "proxy" actuator, where a PGT and TargetService can
-	     be presented to obtain a new proxy ticket. THIS CAN BE
-	     REMOVED IF THE APPLICATION DOESN'T NEED TO ACT AS A PROXY -->
-    <context-param>
-        <param-name>edu.yale.its.tp.cas.proxyUrl</param-name>
-        <param-value><xsl:value-of select="$cas-proxy-url"/></param-value>
-    </context-param>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-    </xsl:if>
-
-    <filter>
-        <filter-name>Acegi Filter Chain Proxy</filter-name>
-        <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>org.acegisecurity.util.FilterChainProxy</param-value>
-        </init-param>
-    </filter>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-
-    <xsl:apply-templates select="filter"/>   
-    
-  <filter-mapping>
-    <filter-name>Acegi Filter Chain Proxy</filter-name>
-    <url-pattern>/*</url-pattern>
-  </filter-mapping>
-  <xsl:text>&#xA;&#xA;</xsl:text>
-    
-  <xsl:apply-templates select="filter-mapping"/>
-
-  <!-- Only add a spring context loader listener if there isn't one there already -->
-  <xsl:if test="not(./listener/listener-class[string()='org.springframework.web.context.ContextLoaderListener'])">
-	<listener>
-		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-	</listener>
-  <xsl:text>&#xA;&#xA;</xsl:text>
-  </xsl:if>
-
-  <xsl:apply-templates select="listener"/>
-    
-  <!-- Run any remaining non-security elements through the identity template -->
-  <xsl:apply-templates select="servlet|servlet-mapping|session-config|mime-mapping|welcome-file-list|error-page|taglib|resource-env-ref|resource-ref|env-entry|ejb-ref|ejb-local-ref"/>
-    
-</web-app>
-</xsl:template>
-
-<!-- 
- | Looks for the case where we have an existing Spring context and appends
- | the acegi file to the list of app. context files. Otherwise just copies the contents.
- -->
-<xsl:template match="context-param">
-    <context-param>
-    <xsl:choose>
-        <xsl:when test="./param-name = 'contextConfigLocation'">
-            <param-name>contextConfigLocation</param-name>
-            <param-value>
-                <xsl:value-of select="./param-value"/>
-                <xsl:value-of select="concat('    /WEB-INF/',$acegi-security-context-file)"/><xsl:text>&#xA;      </xsl:text>                
-            </param-value>
-        </xsl:when>
-        <xsl:otherwise>
-            <xsl:apply-templates />
-        </xsl:otherwise>
-    </xsl:choose>
-    </context-param>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-</xsl:template>
-
-<!-- 
- | Inserts a Spring config location context-param if one doesn't already exist.
- | If there is one, do nothing as it will be handled by the context-param template above.
- --> 
-<xsl:template name="insert-spring-context-param">
-    <xsl:if test="not(./context-param/param-name[string() = 'contextConfigLocation'])">
-    <context-param>
-        <param-name>contextConfigLocation</param-name>
-        <param-value>
-            <xsl:value-of select="concat('/WEB-INF/',$acegi-security-context-file)"/><xsl:text>&#xA;</xsl:text>
-        </param-value>
-    </context-param>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-    </xsl:if>
-</xsl:template>
-    
-</xsl:stylesheet>

samples/acegifier/src/main/resources/web-to-spring.xsl

@@ -1,302 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!-- 
- | XSL Sheet used by the web.xml to acegi-security beans converter
- | $Id$
- -->
-
-<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
-
-<xsl:output doctype-public="-//SPRING//DTD BEAN//EN"
-            doctype-system="http://www.springframework.org/dtd/spring-beans.dtd"
-            indent="no"/>
-
-<!-- Variables for case conversions -->
-<xsl:variable name="lowercase" select="'abcdefghijklmnopqrstuvwxyz'"/>
-<xsl:variable name="uppercase" select="'ABCDEFGHIJKLMNOPQRSTUVWXYZ'"/>    
-
-<xsl:variable name="welcome-files" select="web-app/welcome-file-list/welcome-file"/>
-
-<!-- Convert the auth-method content to upper case -->
-<xsl:variable name="auth-method" select="translate(string(web-app/login-config/auth-method), $lowercase, $uppercase)"/>
-
-<!-- 
- | Find the security-role elements in the file and uses them to build a list of 
- | all defined roles.
- -->
-<xsl:variable name="all-roles">
-    <xsl:for-each select="web-app/security-role/role-name">
-        <xsl:text>ROLE_</xsl:text>
-        <xsl:value-of select="translate(string(), $lowercase, $uppercase)"/>           
-        <xsl:if test="position() != last()">,</xsl:if>
-    </xsl:for-each>    
-</xsl:variable>
-
-<!-- 
- | The list of filters for use in filterToBeanProxy 
- -->
-<xsl:variable name="filter-list">
-<xsl:text>/**=httpSessionContextIntegrationFilter</xsl:text>
-<xsl:choose>
-    <xsl:when test="$auth-method = 'FORM'">
-        <xsl:text>,authenticationProcessingFilter</xsl:text>
-    </xsl:when>
-    <xsl:when test="$auth-method = 'BASIC'">
-        <xsl:text>,basicProcessingFilter</xsl:text>
-    </xsl:when>
-    <xsl:otherwise>
-        <xsl:message terminate="yes">Unsupported auth-method in web.xml, must be FORM or BASIC</xsl:message>
-    </xsl:otherwise>
-</xsl:choose>
-<xsl:text>,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor</xsl:text>
-</xsl:variable>
-    
-<!-- 
- | The main template (where the processing work starts)
- -->    
-<xsl:template match = "web-app">
-
-<beans>
-    <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
-      <property name="basename"><value>messages</value></property>
-    </bean>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-    <xsl:call-template name="filter-to-bean-proxy"/>
-    <xsl:call-template name="authentication-beans"/>
-    <xsl:apply-templates select="./login-config"/>
-    <xsl:call-template name="filter-invocation-interceptor"/>
-</beans>
-</xsl:template>
-
-<!--
- | Mainly static set of beans. The InMemoryDaoImpl instance is created with a single user
- | called "superuser" who has all the defined roles in the web.xml file.
- -->   
-<xsl:template name="authentication-beans">
-    <xsl:comment>======================== AUTHENTICATION =======================</xsl:comment>
-    
-    <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
-      <property name="messageSource"><ref local="messageSource"/></property>
-      <property name="providers">
-         <list>
-            <ref local="daoAuthenticationProvider"/>
-            <ref local="anonymousAuthenticationProvider"/>
-             <ref local="rememberMeAuthenticationProvider"/>
-         </list>
-      </property>
-    </bean>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-    <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
-      <property name="messageSource"><ref local="messageSource"/></property>
-      <property name="userDetailsService"><ref local="inMemoryDaoImpl"/></property>
-      <!-- property name="userCache"><ref local="userCache"/></property-->
-    </bean>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-
-    <bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
-        <property name="userMap">
-            <value>    
-        superuser=password,<xsl:value-of select="$all-roles"/>
-            <xsl:text>&#xA;      </xsl:text>
-            </value>
-        </property>
-    </bean>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-
-    <bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
-      <property name="key"><value>foobar</value></property>
-      <property name="userAttribute"><value>anonymousUser,ROLE_ANONYMOUS</value></property>
-    </bean>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-
-    <bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
-      <property name="messageSource"><ref local="messageSource"/></property>
-      <property name="key"><value>foobar</value></property>
-    </bean>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-
-    <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-
-    <bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
-      <property name="rememberMeServices"><ref local="rememberMeServices"/></property>
-    </bean>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-
-    <bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
-      <property name="userDetailsService"><ref local="inMemoryDaoImpl"/></property>
-      <property name="key"><value>springRocks</value></property>
-    </bean>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-
-    <bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
-      <property name="messageSource"><ref local="messageSource"/></property>
-      <property name="key"><value>springRocks</value></property>
-    </bean>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-</xsl:template>
-
-<!-- 
- | Processes the login-config definition and inserts the ExceptionTranslationFilter with 
- | the appropriate beans for either form or basic authentication.
- -->
-<xsl:template match="login-config">
-
-   <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
-      <property name="authenticationEntryPoint">
-    <xsl:choose>
-        <xsl:when test="$auth-method = 'FORM'">
-      <ref local="authenticationProcessingFilterEntryPoint"/>
-        </xsl:when>
-        <xsl:when test="$auth-method = 'BASIC'">
-      <ref local="basicProcessingFilterEntryPoint"/>              
-        </xsl:when>
-    </xsl:choose>
-      </property>
-   </bean>
-   <xsl:text>&#xA;&#xA;</xsl:text>
-
-    <xsl:choose>
-        <xsl:when test="$auth-method = 'FORM'">
-            <xsl:call-template name="form-login"/>
-        </xsl:when>
-        <xsl:when test="$auth-method = 'BASIC'">
-   <bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
-      <property name="authenticationManager"><ref local="authenticationManager"/></property>
-      <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
-   </bean>
-   <xsl:text>&#xA;&#xA;</xsl:text>
-
-   <bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
-      <property name="realmName"><value>Your Realm</value></property>
-   </bean>
-   <xsl:text>&#xA;&#xA;</xsl:text>
-        </xsl:when>
-    </xsl:choose>
-            
-</xsl:template>
-
-<!-- 
- |   Converts a form login configuration to an Acegi AuthenticationProcessingFilter and its entry point.
- |   The content of the form-login-page element is used for the loginFormUrl property of the entry point 
- |   and the form-error-page is used for the authenticationFailureUrl property of the filter.
- |   
- |   The user must manually change the form Url to "j_acegi_security_check" in their login page.
- -->
-<xsl:template name="form-login">
-  <xsl:comment>Make sure that these properties match your setup. In particular, remember to switch your login
-  form action from "j_security_check" to "j_acegi_security_check"
-  </xsl:comment>
-  <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
-    <property name="authenticationManager"><ref bean="authenticationManager"/></property>
-    <property name="authenticationFailureUrl"><value><xsl:value-of select="form-login-config/form-error-page"/></value></property>
-    <property name="defaultTargetUrl"><value>/</value></property>
-    <property name="filterProcessesUrl"><value>/j_acegi_security_check</value></property>
-    <property name="rememberMeServices"><ref local="rememberMeServices"/></property>
-  </bean>
-  <xsl:text>&#xA;&#xA;</xsl:text>
-
-  <bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
-    <property name="loginFormUrl"><value><xsl:value-of select="form-login-config/form-login-page"/></value></property>
-    <property name="forceHttps"><value>false</value></property>
-  </bean>
-  <xsl:text>&#xA;&#xA;</xsl:text>
-</xsl:template>
-
-<!--
- | Outputs a standard filterToBeanProxy bean.
- -->
-<xsl:template name="filter-to-bean-proxy">
-  <xsl:comment>======================== FILTER CHAIN =======================</xsl:comment>
-
-	<xsl:comment>if you wish to use channel security, add "channelProcessingFilter," in front
-	      of "httpSessionContextIntegrationFilter" in the list below</xsl:comment>
-	<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
-    <property name="filterInvocationDefinitionSource">
-       <value>
-        CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-        PATTERN_TYPE_APACHE_ANT
-        <xsl:value-of select="$filter-list"/>
-        <xsl:text>&#xA;      </xsl:text>
-       </value>
-    </property>
-	</bean>
-  <xsl:text>&#xA;&#xA;</xsl:text>
-
-</xsl:template>
-    
-<xsl:template name="filter-invocation-interceptor">
-  <bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
-    <property name="messageSource"><ref local="messageSource"/></property>
-    <property name="allowIfAllAbstainDecisions"><value>false</value></property>
-    <property name="decisionVoters">
-      <list>
-        <ref bean="roleVoter"/>
-      </list>
-    </property>
-  </bean>
-  <xsl:text>&#xA;&#xA;</xsl:text>
-  <xsl:comment>An access decision voter that reads ROLE_* configuration settings</xsl:comment>
-  <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>            
-  <xsl:text>&#xA;&#xA;</xsl:text>
-    
-    <xsl:comment> 
-       Note the order that entries are placed against the objectDefinitionSource is critical.
-       The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
-       Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last.
-       We also include ROLE_ANONYMOUS (the anonymous role) for web.xml role-names of "*". This is obviously different from the
-       original intention but there isn't a direct mapping to the acegi way of doing things. You should modify the permissions as required,
-       removing anonymous access where necessary.
-    </xsl:comment>
-  <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
-    <property name="messageSource"><ref local="messageSource"/></property>
-    <property name="authenticationManager"><ref bean="authenticationManager"/></property>
-    <property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
-    <property name="objectDefinitionSource">
-      <value>
-          <xsl:text>&#xA;        CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON</xsl:text>
-          <xsl:text>&#xA;        PATTERN_TYPE_APACHE_ANT</xsl:text>
-          <xsl:apply-templates select="security-constraint"/>
-          <xsl:text>&#xA;        /*=ROLE_ANONYMOUS</xsl:text> <!-- by default allow anonymous access to top level urls --> 
-          <xsl:text>&#xA;      </xsl:text>
-        </value>
-      </property>
-    </bean>
-    <xsl:text>&#xA;&#xA;</xsl:text>
-</xsl:template>
-    
-<!--
- | Converts a security-constraint (a url-pattern and the associated role-name elements)
- | to the form
- |     antUrlPattern=list of allowed roles
- | Roles are converted to upper case and have the "ROLE_" prefix appended.
- |
- | In the case of role-name='*', signifying "any authenticated role", the complete list of roles
- | defined in the web.xml file is used along with the anonymous role - so *unauthenticated* users can
- | access the url.
- |
- | URLs which end in a wild card, will be converted to end in the recursive path version '**',
- | e.g. /private/* becomes /private/**
- -->
-<xsl:template match="security-constraint">
-    <xsl:variable name="url" select="web-resource-collection/url-pattern"/>
-    <xsl:text>&#xA;        </xsl:text>
-    <xsl:value-of select="$url"/>
-    <xsl:if test="substring($url, string-length($url)) = '*'">*</xsl:if>
-    <xsl:text>=</xsl:text>
-    <xsl:for-each select="./auth-constraint/role-name">
-        <xsl:choose>
-            <xsl:when test="string() = '*'">
-                <xsl:text>ROLE_ANONYMOUS,</xsl:text>
-                <xsl:value-of select="$all-roles"/>
-            </xsl:when>
-            <xsl:otherwise>
-                <xsl:text>ROLE_</xsl:text>
-                <xsl:value-of select="translate(string(), $lowercase, $uppercase)"/>
-            </xsl:otherwise>
-        </xsl:choose>
-        <xsl:if test="position() != last()">,</xsl:if>
-    </xsl:for-each>
-</xsl:template>
-
-</xsl:stylesheet>

samples/acegifier/src/main/webapp/WEB-INF/acegifier-servlet.xml

@@ -1,56 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-
-<!--
- | Spring web setup for the acegifier.
- |
- | $Id$
- -->
-
-<beans>
-    <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
-      <property name="basename"><value>messages</value></property>
-    </bean>
-
-    <bean id="conversionController" class="acegifier.web.AcegifierController">
-        <property name="formView" value="acegificationForm" />
-        <property name="commandClass" value="acegifier.web.AcegifierForm"/>
-    </bean>
-
-
-    <bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
-        <property name="mappings">
-            <props>
-                <prop key="/convert.htm">conversionController</prop>
-			</props>
-        </property>
-    </bean>
-<!--
-	<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
-		<property name="prefix"><value>/WEB-INF/jsp/</value></property>
-		<property name="suffix"><value>.jsp</value></property>
-	</bean>
- -->       
-    <bean
-      id="freemarkerConfig"
-      class="org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer">
-      <property name="templateLoaderPath"><value>/WEB-INF/freemarker/</value></property>
-      <property name="freemarkerVariables">
-        <map>
-          <entry key="xml_escape"><ref local="fmXmlEscape"/></entry>
-        </map>
-      </property>
-    </bean>
-
-    <bean id="fmXmlEscape" class="freemarker.template.utility.XmlEscape"/>
-
-    <bean
-      id="viewResolver"
-      class="org.springframework.web.servlet.view.freemarker.FreeMarkerViewResolver">
-      <property name="exposeSpringMacroHelpers"><value>true</value></property>        
-      <property name="cache"><value>true</value></property>
-      <property name="prefix"><value></value></property>
-      <property name="suffix"><value>.ftl</value></property>
-    </bean>
-
-</beans>

samples/acegifier/src/main/webapp/WEB-INF/applicationContext.xml

@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-
-<beans>
-
-
-</beans>

samples/acegifier/src/main/webapp/WEB-INF/freemarker/acegificationForm.ftl

@@ -1,20 +0,0 @@
-
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-<#import "spring.ftl" as spring />
-
-<html>
-  <head>
-    <title>Acegi Security Web.xml Converter</title>
-  </head>
-  <body>
-     <form method="POST">
-         <@spring.bind "command.webXml" />
-         <textarea name="webXml" rows="40" cols="80">${spring.status.value?default("Paste your web.xml here.")}</textarea>
-         <br />
-         <@spring.showErrors "<br />"/>
-         <input type="submit" value="Convert"/>
-     </form>
-
-  </body>
-</html>

samples/acegifier/src/main/webapp/WEB-INF/freemarker/acegificationResults.ftl

@@ -1,39 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-<html>
-<head>
-<title>Acegi Security Web.xml Converter</title>
-</head>
-<body>
-
-<p>Congratulations! Your web.xml file has been "Acegified" successfully.</p>
-
-<h2>Web.xml</h2>
-<p>
-This is the converted web.xml file which you should use in your Acegi-Secured
-Spring application. It should contain the mechanism for loading the Spring application
-context file which defines your security configuration as well as the
-necessary filters to apply this configuration.
-</p>
-
-<pre>
-${webXml?xml}
-</pre>
-
-<h2>Acegi Security Beans</h2>
-<p>
-This is the file which defines your security configuration (a standard Spring
-application context file). It should be named "applicationContext-acegi-security.xml"
-and placed in your WEB-INF directory.
-</p>
-
-<pre>
-${acegiBeansXml?xml}
-</pre>
-
-<p>Note that these files may require some manual changes before they work as expected and are
-intended as a guide only :).</p>
-
-
-</body>
-</html>

samples/acegifier/src/main/webapp/WEB-INF/web.xml

@@ -1,51 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<web-app version="2.4"
-         xmlns="http://java.sun.com/xml/ns/j2ee"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" >
-  <display-name>Acegifier Application</display-name>
-
-	<context-param>
-		<param-name>contextConfigLocation</param-name>
-		<param-value>
-			/WEB-INF/applicationContext.xml
-		</param-value>
-	</context-param>
-
-<!--
-	<context-param>
-		<param-name>log4jConfigLocation</param-name>
-		<param-value>/WEB-INF/classes/log4j.properties</param-value>
-	</context-param>
--->
-
-    <welcome-file-list>
-        <welcome-file>/convert.htm</welcome-file>
-    </welcome-file-list>    
-
-	<listener>
-		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-	</listener>
-
-	<listener>
-		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-	</listener>
-<!--
-    <listener>
-		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
-	</listener>
-	-->
-
-	<servlet>
-		<servlet-name>acegifier</servlet-name>
-		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-		<load-on-startup>1</load-on-startup>
-	</servlet>
-
-	<servlet-mapping>
-    	<servlet-name>acegifier</servlet-name>
-    	<url-pattern>*.htm</url-pattern>
- 	</servlet-mapping>
-
-</web-app>

samples/acegifier/src/test/java/acegifier/WebXmlConverterTests.java

@@ -1,102 +0,0 @@
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package acegifier;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import junit.framework.TestCase;
-
-import org.dom4j.Document;
-import org.dom4j.io.OutputFormat;
-import org.dom4j.io.XMLWriter;
-
-/**
- * Tests the WebXmlConverter by applying it to a sample web.xml file.
- *
- * @author Luke Taylor
- * @version $Id$
- */
-public class WebXmlConverterTests extends TestCase {
-
-    private static final String XML_TRANSFORMER = "javax.xml.transform.TransformerFactory";
-
-    public void testFileConversion() throws Exception {
-        /*
-
-        THIS TEST HAS BEEN DISABLED AS IT BREAKS THE BUILD (see SEC-181 for details)
-
-        WebXmlConverter converter;
-        try {
-            converter = new WebXmlConverter();
-        } catch (Exception e) {
-            // TODO: Something went wrong, set transforer manually and retry...
-            System.out.println("**** WARNING: NEEDING TO FALLBACK TO A MANUAL SYSTEM PROPERTY ****");
-            System.setProperty(XML_TRANSFORMER, "com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl");
-            System.out.println(XML_TRANSFORMER + ": " + System.getProperty(XML_TRANSFORMER));
-            converter = new WebXmlConverter();
-        }
-
-        Resource r = new ClassPathResource("test-web.xml");
-        converter.setInput(r.getInputStream());
-        converter.doConversion();
-
-        DefaultListableBeanFactory bf = new DefaultListableBeanFactory();
-        XmlBeanDefinitionReader beanReader = new XmlBeanDefinitionReader(bf);
-
-        beanReader.loadBeanDefinitions(
-                new InMemoryResource(converter.getAcegiBeans().asXML().getBytes()));
-        assertNotNull(bf.getBean("filterChainProxy"));
-
-        ProviderManager pm = (ProviderManager) bf.getBean("authenticationManager");
-        assertNotNull(pm);
-        assertEquals(3, pm.getProviders().size());
-
-        DaoAuthenticationProvider dap =
-                (DaoAuthenticationProvider) bf.getBean("daoAuthenticationProvider");
-        assertNotNull(dap);
-
-        InMemoryDaoImpl dao = (InMemoryDaoImpl) dap.getUserDetailsService();
-        UserDetails user = dao.loadUserByUsername("superuser");
-        assertEquals("password",user.getPassword());
-        assertEquals(2, user.getAuthorities().length);
-        assertNotNull(bf.getBean("anonymousProcessingFilter"));
-        assertNotNull(bf.getBean("anonymousAuthenticationProvider"));
-        assertNotNull(bf.getBean("httpSessionContextIntegrationFilter"));
-        assertNotNull(bf.getBean("rememberMeProcessingFilter"));
-        assertNotNull(bf.getBean("rememberMeAuthenticationProvider"));
-
-        ExceptionTranslationFilter etf =
-                (ExceptionTranslationFilter) bf.getBean("exceptionTranslationFilter");
-        assertNotNull(etf);
-        assertNotNull(etf.getAuthenticationEntryPoint());
-        System.out.println(prettyPrint(converter.getNewWebXml()));
-        System.out.println(prettyPrint(converter.getAcegiBeans()));
-        */
-    }
-
-    private String prettyPrint(Document document) throws IOException {
-        ByteArrayOutputStream output = new ByteArrayOutputStream();
-        OutputFormat format = OutputFormat.createPrettyPrint();
-        format.setNewlines(true);
-        format.setTrimText(false);
-        XMLWriter writer = new XMLWriter(output, format);
-        writer.write(document);
-        writer.flush();
-        writer.close();
-        return output.toString();
-    }
-}

samples/acegifier/src/test/resources/test-web.xml

@@ -1,108 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
-
-<web-app>
-  <display-name>Contacts Sample Application</display-name>
-
-  <context-param>
-    <param-name>contextConfigLocation</param-name>
-    <param-value>
-        /WEB-INF/applicationContext-common-business.xml
-        /WEB-INF/applicationContext-common-authorization.xml
-    </param-value>
-  </context-param>
-
-  <context-param>
-    <param-name>log4jConfigLocation</param-name>
-    <param-value>/WEB-INF/classes/log4j.properties</param-value>
-  </context-param>
-
-  <servlet>
-    <servlet-name>contacts</servlet-name>
-    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-    <load-on-startup>1</load-on-startup>
-  </servlet>
-
-  <listener>
-    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-  </listener>
-
-  <listener>
-    <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
-  </listener>
-  <!--
-      The HttpSessionEventPublisher will publish
-      HttpSessionCreatedEvent and HttpSessionDestroyedEvent
-      to the WebApplicationContext
-  -->
-  <listener>
-    <listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
-  </listener>
-  <!--
-  - Provides web services endpoint. See remoting-servlet.xml.
-  -->
-  <servlet>
-    <servlet-name>remoting</servlet-name>
-    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-    <load-on-startup>2</load-on-startup>
-  </servlet>
-
-  <servlet-mapping>
-    <servlet-name>contacts</servlet-name>
-    <url-pattern>*.htm</url-pattern>
-  </servlet-mapping>
-
-  <servlet-mapping>
-    <servlet-name>remoting</servlet-name>
-    <url-pattern>/remoting/*</url-pattern>
-  </servlet-mapping>
-
-  <welcome-file-list>
-    <welcome-file>index.jsp</welcome-file>
-  </welcome-file-list>
-
-  <security-constraint>
-    <web-resource-collection>
-      <url-pattern>/index.jsp</url-pattern>
-    </web-resource-collection>
-    <auth-constraint>
-      <role-name>*</role-name>
-    </auth-constraint>
-  </security-constraint>
-
-  <security-constraint>
-    <web-resource-collection>
-      <url-pattern>/hello.htm</url-pattern>
-    </web-resource-collection>
-    <auth-constraint>
-      <role-name>*</role-name>
-    </auth-constraint>
-  </security-constraint>
-
-  <security-constraint>
-    <web-resource-collection>
-      <url-pattern>/logoff.jsp</url-pattern>
-    </web-resource-collection>
-    <auth-constraint>
-      <role-name>*</role-name>
-    </auth-constraint>
-  </security-constraint>
-
-  <login-config>
-    <auth-method>form</auth-method>
-    <form-login-config>
-      <form-login-page>/acegilogin.jsp</form-login-page>
-      <form-error-page>/acegilogin.jsp?login_error=1</form-error-page>
-    </form-login-config>
-
-  </login-config>
-
-  <security-role>
-    <role-name>user</role-name>
-  </security-role>
-
-  <security-role>
-    <role-name>dummy</role-name>
-  </security-role>
-
-</web-app>