Remove index.xml (again?)

src/site/xdocs/index.xml

@@ -1,239 +0,0 @@
-<?xml version="1.0"?>
-
-<document>
-  <properties>
-    <title>Acegi Security System for Spring</title>
-  </properties>
-
-
-  <body>
-    <hr />
-    <section name="What is Acegi Security?">
-    <hr />
-    <p>Acegi Security is a powerful, flexible security solution for enterprise software,
-	  with a particular emphasis on applications that use
-	  <a href="http://www.springframework.org/">Spring</a>. Using Acegi Security provides your
-	  applications with comprehensive authentication, authorization, instance-based access control,
-	  channel security and human user detection capabilities.
-    </p>
-    </section>
-
-
-    <section name="Key Features">
-      <ul>
-        <li><b>Stable and mature.</b>
-        Acegi Security 1.0.0 was released in May 2006 after
-        more than two and a half years of use in large production software projects, 70,000+ downloads
-        and hundreds of community contributions.
-        In terms of release numbering, we also use the <a
-        href="http://apr.apache.org/versioning.html">Apache APR Project
-        Versioning Guidelines</a> so that you can easily identify release
-        compatibility.
-        </li>
-        <li><b>Well documented:</b> All APIs are fully documented using
-        <a href="http://acegisecurity.org/multiproject/acegi-security/apidocs/index.html">JavaDoc</a>,
-        with almost 100 pages of
-		<a href="reference.html">Reference Guide</a> documentation providing an easy-to-follow
-        introduction. Even more documentation is provided on this web site, as
-		shown in the left hand navigation sidebar.<br /><br />
-        </li>
-        <li><B>Fast results:</B> View our <a href="suggested.html">suggested steps</a>
-        for the fastest way to develop complex, security-compliant applications.<br /><br />
-        </li>
-        <li><B>Enterprise-wide single sign on:</B> Using JA-SIG's open
-        source <A href="http://www.ja-sig.org/products/cas/">Central Authentication
-        Service</A> (CAS), the Acegi Security can participate
-        in an enterprise-wide single sign on environment. You no longer need
-        every web application to have its own authentication database. Nor are
-        you restricted to single sign on across a single web container. Advanced
-        single sign on features like proxy support and forced refresh of logins
-        are supported by both CAS and Acegi Security.<br /><br />
-        </li>
-        <li><B>Reuses your Spring expertise:</B> We use Spring application
-        contexts for all configuration, which should help Spring developers get
-        up-to-speed nice and quickly.<br /><br />
-        </li>
-        <li><B>Domain object instance security:</B> In many applications it's
-        desirable to define Access Control Lists (ACLs) for individual domain
-        object instances. We provide a comprehensive ACL package with features
-        including integer bit masking, permission inheritence (including
-        blocking), a JDBC-backed ACL repository, caching and a pluggable,
-        interface-driven design.<br /><br />
-        </li>
-        <li><B>Non-intrusive setup:</B> The entire security system can operate
-        within a single web application using the provided filters. There is no
-        need to make special changes or deploy libraries to your Servlet or EJB
-        container.<br /><br />
-        </li>
-        <li><B>Full (but optional) container integration:</B> The credential
-        collection and authorization capabilities of your Servlet or EJB
-        container can be fully utilised via included "container adapters". We
-        currently support Catalina (Tomcat), Jetty, JBoss and Resin, with
-        additional containers easily added.<br /><br />
-        </li>
-        <li><B>Keeps your objects free of security code:</B> Many applications
-        need to secure data at the bean level based on any combination of
-        parameters (user, time of day, authorities held, method being invoked,
-        parameter on method being invoked....). This package gives you this
-        flexibility without adding security code to your Spring business
-        objects.<br /><br />
-        </li>
-        <li><B>After invocation security:</B> Acegi Security can not only protect
-		methods from being invoked in the first place, but it can also
-		deal with the objects returned from the methods. Included implementations
-		of after invocation security can throw an exception or mutate the returned
-		object based on ACLs.<br /><br />
-        </li>
-        <li><B>Secures your HTTP requests as well:</B> In addition to securing
-        your beans, the project also secures your HTTP requests. No longer is it
-        necessary to rely on web.xml security constraints. Best of all, your
-        HTTP requests can now be secured by your choice of regular expressions
-        or Apache Ant paths, along with pluggable authentication, authorization
-        and run-as replacement managers.<br /><br />
-        </li>
-        <li><B>Channel security:</B> Acegi Security can
-        automatically redirect requests across an appropriate transport channel.
-        Whilst flexible enough to support any of your "channel" requirements (eg
-        the remote user is a human, not a robot), a common channel security
-        feature is to ensure your secure pages will only be available over
-        HTTPS, and your public pages only over HTTP. Acegi Security also
-        supports unusual port combinations (including if accessed via an
-        intermediate server like Apache) and pluggable transport decision
-        managers.<br /><br />
-        </li>
-        <li><B>Supports HTTP BASIC authentication:</B> Perfect for remoting
-        protocols or those web applications that prefer a simple browser pop-up
-        (rather than a form login), Acegi Security can directly process HTTP
-        BASIC authentication requests as per RFC 1945.<br /><br />
-        </li>
-        <li><B>Supports HTTP Digest authentication:</B> For greater security than
-        offered by BASIC authentcation, Acegi Security also supports Digest Authentication
-        (which never sends the user's password across the wire). Digest Authentication
-        is widely supported by modern browsers. Acegi Security's implementation complies
-        with both RFC 2617 and RFC 2069.<br /><br />
-        </li>
-        <li><B>Computer Associates Siteminder support:</B> Authentication can be
-        delegated through to CA's Siteminder solution, which is common in large
-        corporate environments.<br /><br />
-        </li>
-        <li><B>X509 (Certificate) support:</B> Acegi Security can easily read
-        client-side X509 certificates for authenticating users.<br /><br />
-        </li>
-        <li><B>LDAP Support:</B> Do you have an LDAP directory? Acegi Security can
-        happily authenticate against it.<br /><br />
-        </li>
-        <li><B>Tag library support:</B> Your JSP files can use our taglib
-        to ensure that protected content like links and messages are only
-        displayed to users holding the appropriate granted authorities. The taglib
-		also fully integrates with Acegi Security's ACL services, and
-		obtaining extra information about the logged-in principal.<br /><br />
-        </li>
-        <li><B>Configuration via IoC XML, Commons Attributes, or JDK 5 Annotations:</B> You
-        select the method used to configure your security environment. The
-        project supports configuration via Spring application contexts, as well
-        as Jakarta Commons Attributes and Java 5's annotations feature. Some users
-        (such as those building content management systems) pull configuration data
-        from a database, which exemplifies Acegi Security's flexible configuration
-        metadata system.<br /><br />
-        </li>
-        <li><B>Various authentication backends:</B> We include the ability to
-        retrieve your user and granted authority definitions from an XML
-        file, JDBC datasource or Properties file. Alternatively, you can implement the
-        single-method UserDetailsService interface and obtain authentication details from
-        anywhere you like.<br /><br />
-        </li>
-        <li><B>Event support:</B> Building upon Spring's
-        <CODE>ApplicationEvent</CODE> services, you can write your own listeners
-        for authentication-related events, along with authorisation-related events.
-		This enables you to implement account lockout and audit log systems, with
-		complete decoupling from Acegi Security code.<br /><br />
-        </li>
-        <li><B>Easy integration with existing databases:</B> Our implementations
-        have been designed to make it very easy to use your existing
-        authentication schema and data (without modification). Of course,
-		you can also provide your own Data Access Object if you wish.<br /><br />
-        </li>
-        <li><B>Caching:</B> Acegi Security integrates with Spring's <A
-        href="http://ehcache.sourceforge.net/">EHCACHE</A> factory.
-        This flexibility means your database (or other authentication
-        repository) is not repeatedly queried for authentication
-        information.<br /><br />
-        </li>
-        <li><B>Pluggable architecture:</B> Every critical aspect of the package
-        has been modelled using high cohesion, loose coupling, interface-driven
-        design principles. You can easily replace, customise or extend parts of
-        the package.<br /><br />
-        </li>
-        <li><B>Startup-time validation:</B> Every critical object dependency and
-        configuration parameter is validated at application context startup
-        time. Security configuration errors are therefore detected early and
-        corrected quickly.<br /><br />
-        </li>
-        <li><B>Remoting support:</B> Does your project use a rich client? Not a
-        problem. Acegi Security integrates with standard Spring remoting
-        protocols, because it automatically processes the HTTP BASIC
-        authentication headers they present. Add our BASIC authentication filter
-        to your web.xml and you're done. You can also easily use RMI or Digest
-        authentication for your rich clients with a simple configuration statement.<br /><br />
-        </li>
-        <li><B>Advanced password encoding:</B> Of course, passwords in your
-        authentication repository need not be in plain text. We support both SHA
-        and MD5 encoding, and also pluggable "salt" providers to maximise
-        password security. Acegi Security doesn't even need to see the password
-        if your backend can use a bind-based strategy for authentication (such as
-        an LDAP directory, or a database login).<br /><br />
-        </li>
-        <li><B>Run-as replacement:</B> The system fully supports
-        temporarily replacing the authenticated principal for the duration of the web
-        request or bean invocation. This enables you to build public-facing
-        object tiers with different security configurations than your backend
-        objects.<br /><br />
-        </li>
-        <li><B>Transparent security propagation:</B> Acegi Security can automatically
-		transfer its core authentication information from one machine to another,
-		using a variety of protocols including RMI and Spring's HttpInvoker.<br /><br />
-        </li>
-        <li><B>Compatible with HttpServletRequest's security methods:</B> Even though
-		Acegi Security can deliver authentication using a range of pluggable mechanisms
-		(most of which require no web container configuration), we allow you to access
-		the resulting Authentication object via the getRemoteUser() and other
-		security methods on HttpServletRequest.<br /><br />
-        </li>
-        <li><B>Unit tests:</B> A must-have of any quality security project, unit
-        tests are included. Our unit test coverage is very high, as shown in the
-		<a href="multiproject/acegi-security/clover/index.html">coverage report</a>.<br /><br />
-        </li>
-        <li><B>Built by Maven:</B> This assists you in effectively reusing the Acegi
-		Security artifacts in your own Maven-based projects.<br /><br />
-        </li>
-        <li><B>Supports your own unit tests:</B> We provide a number of classes
-        that assist with your own unit testing of secured business objects. For
-        example, you can change the authentication identity and its associated
-        granted authorities directly within your test methods.<br /><br />
-        </li>
-        <li><B>Peer reviewed:</B> Whilst nothing is ever completely secure,
-        using an open source security package leverages the continuous design
-        and code quality improvements that emerge from peer review.<br /><br />
-        </li>
-        <li><B>Community:</B> Well-known for its supportive community, Acegi Security
-        has an active group of developers and users. Visit our project resources (below)
-        to access these services.<br /><br />
-        </li>
-        <li><B>Apache license.</B> You can confidently use Acegi Security in your project.<br /><br /></li>
-
-        </ul><br />
-
-
-      </section>
-
-      <section name="Project Resources">
-      <p>
-      <A href="http://forum.springframework.org/"><B>Support Forums</B></A><br /><br />
-      <A href="mail-lists.html"><B>Developer Mailing List</B></A><br /><br />
-      <A href="downloads.html"><B>Downloads</B></A>
-      </p>
-      </section>
-
-  </body>
-
-</document>