Use FilterChainProxy to tidy web.xml.

samples/contacts/src/main/resources/log4j.properties

@@ -7,14 +7,18 @@ log4j.rootLogger=WARN, stdout, fileout
 #log4j.logger.org.springframework.transaction.interceptor=DEBUG, stdout, fileout
 #log4j.logger.net.sf.acegisecurity.intercept=DEBUG, stdout, fileout
 #log4j.logger.net.sf.acegisecurity.intercept.method=DEBUG, stdout, fileout
+#log4j.logger.net.sf.acegisecurity.intercept.web=DEBUG, stdout, fileout
 #log4j.logger.net.sf.acegisecurity.afterinvocation=DEBUG, stdout, fileout
 #log4j.logger.net.sf.acegisecurity.acl=DEBUG, stdout, fileout
 #log4j.logger.net.sf.acegisecurity.acl.basic=DEBUG, stdout, fileout
 #log4j.logger.net.sf.acegisecurity.taglibs.authz=DEBUG, stdout, fileout
 #log4j.logger.net.sf.acegisecurity.ui.basicauth=DEBUG, stdout, fileout
+#log4j.logger.net.sf.acegisecurity.ui=DEBUG, stdout, fileout
 #log4j.logger.net.sf.acegisecurity.afterinvocation=DEBUG, stdout, fileout
 #log4j.logger.net.sf.acegisecurity.ui.rmi=DEBUG, stdout, fileout
 #log4j.logger.net.sf.acegisecurity.ui.httpinvoker=DEBUG, stdout, fileout
+#log4j.logger.net.sf.acegisecurity.util=DEBUG, stdout, fileout
+#log4j.logger.net.sf.acegisecurity.providers.dao=DEBUG, stdout, fileout
 
 # Console output...
 log4j.appender.stdout=org.apache.log4j.ConsoleAppender
@@ -23,9 +27,9 @@ log4j.appender.stdout.layout.conversionPattern=[%p,%c{1},%t] %m%n
 
 # Rolling log file output...
 log4j.appender.fileout=org.apache.log4j.RollingFileAppender
-log4j.appender.fileout.File=log4j.log
+log4j.appender.fileout.File=contacts.log
 #log4j.appender.fileout.File=${webapp.root}/WEB-INF/log4j.log
-log4j.appender.fileout.MaxFileSize=100KB
+log4j.appender.fileout.MaxFileSize=1024KB
 log4j.appender.fileout.MaxBackupIndex=1
 log4j.appender.fileout.layout=org.apache.log4j.PatternLayout
 log4j.appender.fileout.layout.conversionPattern=%d{ABSOLUTE} %5p %c{1},%t:%L - %m%n

samples/contacts/src/main/webapp/ca/WEB-INF/applicationContext-acegi-security.xml

@@ -12,6 +12,20 @@
 
 <beans>
 
+   <!-- ======================== FILTER CHAIN ======================= -->
+
+	<!--  if you wish to use channel security, add "channelProcessingFilter," in front
+	      of "authenticationProcessingFilter" in the list below -->
+	<bean id="filterChainProxy" class="net.sf.acegisecurity.util.FilterChainProxy">
+      <property name="filterInvocationDefinitionSource">
+         <value>
+		    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
+		    PATTERN_TYPE_APACHE_ANT
+            /**=httpRequestIntegrationFilter
+         </value>
+      </property>
+    </bean>
+
    <!-- ======================== AUTHENTICATION ======================= -->
 
 	<!-- We could also have a daoAuthenticationProvider in order to

samples/contacts/src/main/webapp/ca/WEB-INF/web.xml

@@ -30,23 +30,22 @@
 		<param-name>log4jConfigLocation</param-name>
 		<param-value>/WEB-INF/classes/log4j.properties</param-value>
 	</context-param>
-
-	<!-- Obtains Authentication from HttpServletRequest.getPrincipal(),
-		 and puts it into ContextHolder for request duration -->
+    
     <filter>
-        <filter-name>Acegi Security System for Spring HttpRequest Integration Filter</filter-name>
+        <filter-name>Acegi Filter Chain Proxy</filter-name>
         <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
         <init-param>
             <param-name>targetClass</param-name>
-            <param-value>net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter</param-value>
+            <param-value>net.sf.acegisecurity.util.FilterChainProxy</param-value>
         </init-param>
     </filter>
 
     <filter-mapping>
-      <filter-name>Acegi Security System for Spring HttpRequest Integration Filter</filter-name>
+      <filter-name>Acegi Filter Chain Proxy</filter-name>
       <url-pattern>/*</url-pattern>
     </filter-mapping>
-    
+
+
 	<!--
 	  - Loads the root application context of this web app at startup.
 	  - The application context is then available via 
@@ -56,11 +55,9 @@
 		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
 	</listener>
 
-	<!--
     <listener>
 		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
 	</listener>
-	 -->
 	
   <!--
 	- Provides core MVC application controller. See contacts-servlet.xml.

samples/contacts/src/main/webapp/cas/WEB-INF/applicationContext-acegi-security.xml

@@ -12,6 +12,18 @@
 
 <beans>
 
+   <!-- ======================== FILTER CHAIN ======================= -->
+
+	<bean id="filterChainProxy" class="net.sf.acegisecurity.util.FilterChainProxy">
+      <property name="filterInvocationDefinitionSource">
+         <value>
+		    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
+		    PATTERN_TYPE_APACHE_ANT
+            /**=channelProcessingFilter,casProcessingFilter,basicProcessingFilter,httpSessionIntegrationFilter,securityEnforcementFilter
+         </value>
+      </property>
+    </bean>
+
    <!-- ======================== AUTHENTICATION ======================= -->
 
    <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">

samples/contacts/src/main/webapp/cas/WEB-INF/web.xml

@@ -40,81 +40,17 @@
         <param-value>http://localhost:8433/cas/proxy</param-value>
     </context-param>
 
-   <filter>
-        <filter-name>Acegi Channel Processing Filter</filter-name>
-        <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>net.sf.acegisecurity.securechannel.ChannelProcessingFilter</param-value>
-        </init-param>
-    </filter>
-
-	<!-- Responds to HTTP POSTs to j_acegi_cas_security_check URI -->
-    <filter>
-        <filter-name>Acegi CAS Processing Filter</filter-name>
-        <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>net.sf.acegisecurity.ui.cas.CasProcessingFilter</param-value>
-        </init-param>
-    </filter>
-
-	<!-- Responds to HTTP requests with a BASIC (RFC 1945) authentication header -->
-    <filter>
-        <filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
-        <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</param-value>
-        </init-param>
-    </filter>
-
-	<!-- Obtains Authentication from HttpSession attribute, puts it into
-		 ContextHolder for request duration, proceeds with request, then
-		 copies Authentication from ContextHolder back into HttpSession -->
-    <filter>
-        <filter-name>Acegi Security System for Spring HttpSession Integration Filter</filter-name>
-        <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter</param-value>
-        </init-param>
-    </filter>
-
-	<!-- Provides HTTP request URL security, and also catches
-		 AcegiSecurityExceptions and sends 403 errors (if access denied)
-		 or commences an authentication mechanism as appropriate -->
     <filter>
-        <filter-name>Acegi HTTP Request Security Filter</filter-name>
+        <filter-name>Acegi Filter Chain Proxy</filter-name>
         <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
         <init-param>
             <param-name>targetClass</param-name>
-            <param-value>net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter</param-value>
+            <param-value>net.sf.acegisecurity.util.FilterChainProxy</param-value>
         </init-param>
     </filter>
-	
-    <filter-mapping>
-      <filter-name>Acegi Channel Processing Filter</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-	
-    <filter-mapping>
-      <filter-name>Acegi CAS Processing Filter</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
 
     <filter-mapping>
-      <filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-
-    <filter-mapping>
-      <filter-name>Acegi Security System for Spring HttpSession Integration Filter</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-    
-    <filter-mapping>
-      <filter-name>Acegi HTTP Request Security Filter</filter-name>
+      <filter-name>Acegi Filter Chain Proxy</filter-name>
       <url-pattern>/*</url-pattern>
     </filter-mapping>
 
@@ -127,11 +63,9 @@
 		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
 	</listener>
 
-	<!--
     <listener>
 		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
 	</listener>
-	 -->
 	
   <!--
 	- Provides core MVC application controller. See contacts-servlet.xml.

samples/contacts/src/main/webapp/filter/WEB-INF/applicationContext-acegi-security.xml

@@ -12,6 +12,20 @@
 
 <beans>
 
+   <!-- ======================== FILTER CHAIN ======================= -->
+
+	<!--  if you wish to use channel security, add "channelProcessingFilter," in front
+	      of "authenticationProcessingFilter" in the list below -->
+	<bean id="filterChainProxy" class="net.sf.acegisecurity.util.FilterChainProxy">
+      <property name="filterInvocationDefinitionSource">
+         <value>
+		    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
+		    PATTERN_TYPE_APACHE_ANT
+            /**=authenticationProcessingFilter,basicProcessingFilter,httpSessionIntegrationFilter,securityEnforcementFilter
+         </value>
+      </property>
+    </bean>
+
    <!-- ======================== AUTHENTICATION ======================= -->
 
    <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">

samples/contacts/src/main/webapp/filter/WEB-INF/web.xml

@@ -31,86 +31,17 @@
 		<param-value>/WEB-INF/classes/log4j.properties</param-value>
 	</context-param>
 
-   <!-- The <filter-mapping> to this filter is disabled by default -->
    <filter>
-        <filter-name>Acegi Channel Processing Filter</filter-name>
+        <filter-name>Acegi Filter Chain Proxy</filter-name>
         <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
         <init-param>
             <param-name>targetClass</param-name>
-            <param-value>net.sf.acegisecurity.securechannel.ChannelProcessingFilter</param-value>
+            <param-value>net.sf.acegisecurity.util.FilterChainProxy</param-value>
         </init-param>
-    </filter>
+   </filter>
 
-	<!-- Responds to HTTP POSTs to j_acegi_security_check URI -->
-    <filter>
-        <filter-name>Acegi Authentication Processing Filter</filter-name>
-        <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter</param-value>
-        </init-param>
-    </filter>
-
-	<!-- Responds to HTTP requests with a BASIC (RFC 1945) authentication header -->
-    <filter>
-        <filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
-        <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</param-value>
-        </init-param>
-    </filter>
-
-	<!-- Obtains Authentication from HttpSession attribute, puts it into
-		 ContextHolder for request duration, proceeds with request, then
-		 copies Authentication from ContextHolder back into HttpSession -->
-    <filter>
-        <filter-name>Acegi Security System for Spring HttpSession Integration Filter</filter-name>
-        <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>net.sf.acegisecurity.ui.webapp.HttpSessionIntegrationFilter</param-value>
-        </init-param>
-    </filter>
-
-	<!-- Provides HTTP request URL security, and also catches
-		 AcegiSecurityExceptions and sends 403 errors (if access denied)
-		 or commences an authentication mechanism as appropriate -->
-    <filter>
-        <filter-name>Acegi HTTP Request Security Filter</filter-name>
-        <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter</param-value>
-        </init-param>
-    </filter>
-	
-	<!-- Remove the comments from the following <filter-mapping> if you'd
-	     like to ensure secure URLs are only available over HTTPS -->
-    <!--
     <filter-mapping>
-      <filter-name>Acegi Channel Processing Filter</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-    -->
-	
-    <filter-mapping>
-      <filter-name>Acegi Authentication Processing Filter</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-
-    <filter-mapping>
-      <filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-
-    <filter-mapping>
-      <filter-name>Acegi Security System for Spring HttpSession Integration Filter</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-    
-    <filter-mapping>
-      <filter-name>Acegi HTTP Request Security Filter</filter-name>
+      <filter-name>Acegi Filter Chain Proxy</filter-name>
       <url-pattern>/*</url-pattern>
     </filter-mapping>
 
@@ -123,11 +54,9 @@
 		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
 	</listener>
 
-	<!--
-    <listener>
+	<listener>
 		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
 	</listener>
-	 -->
 	 
   <!--
 	- Provides core MVC application controller. See contacts-servlet.xml.