Expand Contacts sample application to use Hessian and Burlap remoting.

.classpath

@@ -19,5 +19,6 @@
 	<classpathentry kind="lib" path="lib/extracted/resin/resin-extracted.jar"/>
 	<classpathentry kind="lib" path="integration-test/lib/httpunit.jar"/>
 	<classpathentry kind="lib" path="lib/regexp/jakarta-oro.jar"/>
+	<classpathentry kind="lib" path="lib/jakarta-commons/commons-codec.jar"/>
 	<classpathentry kind="output" path="target/eclipseclasses"/>
 </classpath>

integration-test/build.xml

@@ -21,6 +21,7 @@
 		<fileset dir="${httpunit.lib.dir}">
 			<include name="**/*.jar"/>
 		</fileset>
+		<fileset file="${contacts.client.jar}"/>
 	</path>
 
 	<path id="antcontrib-classpath">
@@ -49,6 +50,7 @@ Among the available targets are:
 clean             --> deletes output directories
 unzip             --> unzips each container into file system
 tests             --> unzips each container and runs all tests
+tests-all         --> runs all tests (does not unzip each container)
 tests-jetty       --> runs the integration tests with Jetty
 tests-jboss       --> runs the integration tests with JBoss
 tests-catalina    --> runs the integration tests with Catalina
@@ -94,7 +96,10 @@ Each tests-xxxx target assumes the container is unzipped
         </jalopy>
 	</target>
 
-	<target name="tests" depends="clean,unzip,tests-jetty,tests-catalina,tests-jboss"
+	<target name="tests" depends="clean,unzip,tests-all">
+	</target>
+	
+	<target name="tests-all" depends="tests-jetty,tests-catalina,tests-jboss"
 		description="Run all integration tests">
 		<condition property="anyerrors" value="true">
 			<or>
@@ -217,6 +222,9 @@ Tomcat ${tomcat-5.version}:&#9;Run: ${jakarta-tomcat-5.run}&#9;Errored: ${jakart
 		<copy file="${dist.lib.dir}/acegi-security-jetty-ext.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
 		<copy file="${lib.dir}/aop-alliance/aopalliance.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
 		<copy file="${lib.dir}/jakarta-commons/commons-logging.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
+		<copy file="${lib.dir}/jakarta-commons/commons-codec.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
+		<copy file="${lib.dir}/caucho/burlap.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
+		<copy file="${lib.dir}/caucho/hessian.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
 		<copy file="${lib.dir}/spring/spring.jar" todir="${tmp.dir}/jetty-${jetty.version}/ext" overwrite="true"/>
 		<copy file="${contacts.ca.war}" todir="${tmp.dir}/jetty-${jetty.version}/webapps" overwrite="true"/>
 		<antcallback target="-perform-test-jetty" return="jetty-${jetty.version}.errored, jetty-${jetty.version}.failed">
@@ -287,6 +295,9 @@ Tomcat ${tomcat-5.version}:&#9;Run: ${jakarta-tomcat-5.run}&#9;Errored: ${jakart
 		<copy file="${dist.lib.dir}/acegi-security-catalina-common.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/>
 		<copy file="${lib.dir}/aop-alliance/aopalliance.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/>
 		<copy file="${lib.dir}/spring/spring.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/>
+		<copy file="${lib.dir}/jakarta-commons/commons-codec.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/>
+		<copy file="${lib.dir}/caucho/burlap.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/>
+		<copy file="${lib.dir}/caucho/hessian.jar" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/common/lib" overwrite="true"/>
 		<copy file="${contacts.ca.war}" todir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/webapps" overwrite="true"/>
 		<delete dir="${tmp.dir}/jakarta-tomcat-${tomcat.version}/webapps/contacts-container-adapter"/>
 		<antcallback target="-perform-test-catalina" return="jakarta-tomcat-${tomcat.version}.errored, jakarta-tomcat-${tomcat.version}.failed">
@@ -349,6 +360,9 @@ Tomcat ${tomcat-5.version}:&#9;Run: ${jakarta-tomcat-5.run}&#9;Errored: ${jakart
 		<copy file="${dist.lib.dir}/acegi-security-jboss-lib.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/>
 		<copy file="${lib.dir}/aop-alliance/aopalliance.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/>
 		<copy file="${lib.dir}/spring/spring.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/>
+		<copy file="${lib.dir}/jakarta-commons/commons-codec.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/>
+		<copy file="${lib.dir}/caucho/burlap.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/>
+		<copy file="${lib.dir}/caucho/hessian.jar" todir="${tmp.dir}/jboss-${jboss.version}/server/default/lib" overwrite="true"/>
 		<copy file="${contacts.ca.war}" todir="${tmp.dir}/jboss-${jboss.version}/server/default/deploy" overwrite="true"/>
 		<antcallback target="-perform-test-jboss" return="jboss-${jboss.version}.errored, jboss-${jboss.version}.failed">
 			<param name="test.includes" value="**/ContainerAdapterContactsTests.class"/>

integration-test/project.properties

@@ -16,6 +16,7 @@ lib.dir=${basedir}/../lib
 dist.lib.dir=${basedir}/../dist
 contacts.ca.war=${basedir}/../samples/contacts/dist/contacts-container-adapter.war
 contacts.filter.war=${basedir}/../samples/contacts/dist/contacts.war
+contacts.client.jar=${basedir}/../samples/contacts/client/contacts.jar
 
 acegisecurity.xml=../src/net/sf/acegisecurity/adapters/acegisecurity.xml
 jalopy.xml=${basedir}/../jalopy.xml

integration-test/src/net/sf/acegisecurity/integrationtests/web/AbstractContactsTests.java

@@ -24,8 +24,17 @@ import com.meterware.httpunit.WebResponse;
 
 import junit.framework.TestCase;
 
+import org.springframework.beans.factory.support.DefaultListableBeanFactory;
+import org.springframework.beans.factory.support.PropertiesBeanDefinitionReader;
+
+import org.springframework.remoting.RemoteAccessException;
+
+import sample.contact.ContactManager;
+
 import java.net.URL;
 
+import java.util.Properties;
+
 
 /**
  * Tests the Contacts sample application from a HTTP user's perspective.
@@ -63,6 +72,54 @@ public abstract class AbstractContactsTests extends TestCase {
         assertTrue(response.getText().lastIndexOf("sample.contact.Contact@") != -1);
     }
 
+    public void testHessianFailsWithIncorrectCredentials() {
+        String PREFIX = "beans.";
+        DefaultListableBeanFactory lbf = new DefaultListableBeanFactory();
+        Properties p = new Properties();
+        p.setProperty(PREFIX + "hessianProxy.class",
+            "org.springframework.remoting.caucho.HessianProxyFactoryBean");
+        p.setProperty(PREFIX + "hessianProxy.serviceInterface",
+            "sample.contact.ContactManager");
+        p.setProperty(PREFIX + "hessianProxy.serviceUrl",
+            getBaseUrl() + "/caucho/ContactManager-hessian");
+        p.setProperty(PREFIX + "hessianProxy.username", "marissa");
+        p.setProperty(PREFIX + "hessianProxy.password", "WRONG_PASSWORD");
+
+        (new PropertiesBeanDefinitionReader(lbf)).registerBeanDefinitions(p,
+            PREFIX);
+
+        ContactManager contactManager = (ContactManager) lbf.getBean(
+                "hessianProxy");
+
+        try {
+            contactManager.getRandomContact();
+            fail("Should have thrown RemoteAccessException");
+        } catch (RemoteAccessException exception) {
+             assertTrue(true);
+        }
+    }
+
+    public void testHessianOperational() {
+        String PREFIX = "beans.";
+        DefaultListableBeanFactory lbf = new DefaultListableBeanFactory();
+        Properties p = new Properties();
+        p.setProperty(PREFIX + "hessianProxy.class",
+            "org.springframework.remoting.caucho.HessianProxyFactoryBean");
+        p.setProperty(PREFIX + "hessianProxy.serviceInterface",
+            "sample.contact.ContactManager");
+        p.setProperty(PREFIX + "hessianProxy.serviceUrl",
+            getBaseUrl() + "/caucho/ContactManager-hessian");
+        p.setProperty(PREFIX + "hessianProxy.username", "marissa");
+        p.setProperty(PREFIX + "hessianProxy.password", "koala");
+
+        (new PropertiesBeanDefinitionReader(lbf)).registerBeanDefinitions(p,
+            PREFIX);
+
+        ContactManager contactManager = (ContactManager) lbf.getBean(
+                "hessianProxy");
+        assertTrue(contactManager.getRandomContact() != null);
+    }
+
     public void testLoginNameCaseSensitive() throws Exception {
         WebConversation conversation = new WebConversation();
         WebRequest request = new GetMethodWebRequest(getBaseUrl());

samples/contacts/build.xml

@@ -74,11 +74,14 @@
 			<classpath refid="qa-portalpath"/>
 		</javac>
 
-		<copy todir="${build.dir}">
-			<fileset dir="${src.dir}">
-				<include name="*.properties"/>
+		<jar jarfile="${client.dir}/contacts.jar">
+			<fileset dir="${build.dir}">
+				<include name="sample/contact/Contact.class"/>
+				<include name="sample/contact/ContactManager.class"/>
+				<include name="sample/contact/ClientApplication.class"/>
 			</fileset>
-		</copy>
+		</jar>
+
 	</target>
 
     <target name="format" description="Formats all project source code">
@@ -147,6 +150,8 @@
 			<lib dir="${lib.dir}/aop-alliance" includes="aopalliance.jar"/>
 			<lib dir="${lib.dir}/regexp" includes="jakarta-oro.jar"/>
 			<lib dir="${lib.dir}/j2ee" includes="jstl.jar"/>
+			<lib dir="${lib.dir}/caucho" includes="*.jar"/>
+			<lib dir="${lib.dir}/jakarta-commons" includes="commons-codec.jar"/>
 			<lib dir="${dist.lib.dir}" includes="acegi-security-taglib.jar"/>
 			<lib dir="${dist.lib.dir}" includes="acegi-security.jar"/>
 		</war>
@@ -175,6 +180,7 @@
 				<include name="jboss-web.xml"/>
 				<include name="resin-web.xml"/>
 				<include name="web.xml"/>
+				<include name="applicationContext.xml"/>
 			</fileset>
 		</copy>
 		<war warfile="${dist.dir}/${name.ca}.war" webxml="${tmp.dir}/${name.ca}/WEB-INF/web.xml">

samples/contacts/client/client.bat

@@ -0,0 +1 @@
+%JAVA_HOME%/bin/java -cp ../../../lib/aop-alliance/aopalliance.jar;../../../lib/caucho/hessian.jar;../../../lib/caucho/burlap.jar;../../../lib/jakarta-commons/commons-collections.jar;../../../lib/jakarta-commons/commons-logging.jar;../../../lib/spring/spring.jar;contacts.jar sample.contact.ClientApplication %1 %2 %3

samples/contacts/client/client.properties

@@ -0,0 +1,10 @@
+# Properties file with server URL settings for remote access.
+# Applied by PropertyPlaceholderConfigurer from "clientContext.xml".
+#
+# $Id$
+
+serverName=localhost
+httpPort=8080
+contextPath=/contacts
+username=marissa
+password=koala

samples/contacts/client/clientContext.xml

@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+
+<!--
+  - Contacts web application
+  - Client application context
+  - $Id$
+  -->
+
+<beans>
+
+	<!-- Resolves ${...} placeholders from client.properties -->
+	<bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
+		<property name="location"><value>client.properties</value></property>
+	</bean>
+
+	<!-- Proxy for the Hessian-exported ContactManager -->
+	<!-- Hessian is a slim binary HTTP remoting protocol -->
+	<bean id="hessianProxy" class="org.springframework.remoting.caucho.HessianProxyFactoryBean">
+		<property name="serviceInterface">
+			<value>sample.contact.ContactManager</value>
+		</property>
+		<property name="serviceUrl">
+			<value>http://${serverName}:${httpPort}${contextPath}/caucho/ContactManager-hessian</value>
+		</property>
+		<property name="username"><value>${username}</value></property>
+		<property name="password"><value>${password}</value></property>
+	</bean>
+
+	<!-- Proxy for the Burlap-exported ContactManager -->
+	<!-- Burlap is a slim XML-based HTTP remoting protocol -->
+	<bean id="burlapProxy" class="org.springframework.remoting.caucho.BurlapProxyFactoryBean">
+		<property name="serviceInterface">
+			<value>sample.contact.ContactManager</value>
+		</property>
+		<property name="serviceUrl">
+			<value>http://${serverName}:${httpPort}${contextPath}/caucho/ContactManager-burlap</value>
+		</property>
+		<property name="username"><value>${username}</value></property>
+		<property name="password"><value>${password}</value></property>
+	</bean>
+
+</beans>

samples/contacts/etc/ca/applicationContext.xml

@@ -0,0 +1,133 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+
+<!--
+  - Application context loaded by ContextLoaderListener if using container adapters
+  - $Id$
+  -->
+
+<beans>
+
+	<!-- =================== SECURITY SYSTEM DEFINITIONS ================== -->
+	
+	<!-- RunAsManager -->
+	<bean id="runAsManager" class="net.sf.acegisecurity.runas.RunAsManagerImpl">
+     	<property name="key"><value>my_run_as_password</value></property>
+ 	</bean>
+
+	<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHENTICATION DEFINITIONS ~~~~~~~~~~~~~~~~~~ -->
+	
+	<bean id="runAsAuthenticationProvider" class="net.sf.acegisecurity.runas.RunAsImplAuthenticationProvider">
+     	<property name="key"><value>my_run_as_password</value></property>
+ 	</bean>
+
+	<bean id="authByAdapterProvider" class="net.sf.acegisecurity.adapters.AuthByAdapterProvider">
+  		<property name="key"><value>my_password</value></property>
+ 	</bean>
+
+	<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
+		<property name="providers">
+		  <list>
+		    <ref bean="runAsAuthenticationProvider"/>
+		    <ref bean="authByAdapterProvider"/>
+		    <ref bean="daoAuthenticationProvider"/>
+		  </list>
+		</property>
+	</bean>
+
+	<bean id="inMemoryDaoImpl" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
+  		<property name="userMap">
+			<value>
+				marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR
+				dianne=emu,ROLE_TELLER
+				scott=wombat,ROLE_TELLER
+				peter=opal,disabled,ROLE_TELLER
+			</value>
+		</property>
+	</bean>
+	
+	<bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
+     	<property name="authenticationDao"><ref bean="inMemoryDaoImpl"/></property>
+ 		<property name="ignorePasswordCase"><value>false</value></property>
+ 		<property name="ignoreUsernameCase"><value>true</value></property>
+	</bean>
+
+	<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~~~~ -->
+
+	<!-- An access decision voter that reads ROLE_* configuaration settings -->
+	<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
+
+	<!-- An access decision voter that reads CONTACT_OWNED_BY_CURRENT_USER configuaration settings -->
+	<bean id="contactSecurityVoter" class="sample.contact.ContactSecurityVoter"/>
+
+	<!-- An access decision manager used by the business objects -->
+	<bean id="businessAccessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
+   		<property name="allowIfAllAbstainDecisions"><value>false</value></property>
+		<property name="decisionVoters">
+		  <list>
+		    <ref bean="roleVoter"/>
+		    <ref bean="contactSecurityVoter"/>
+		  </list>
+		</property>
+	</bean>
+
+	<!-- ===================== SECURITY DEFINITIONS ======================= -->
+	
+	<bean id="publicContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
+    	<property name="authenticationManager"><ref bean="authenticationManager"/></property>
+    	<property name="accessDecisionManager"><ref bean="businessAccessDecisionManager"/></property>
+    	<property name="runAsManager"><ref bean="runAsManager"/></property>
+ 		<property name="objectDefinitionSource">
+			<value>
+				sample.contact.ContactManager.delete=ROLE_SUPERVISOR,RUN_AS_SERVER
+				sample.contact.ContactManager.getAllByOwner=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
+				sample.contact.ContactManager.save=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
+				sample.contact.ContactManager.getById=ROLE_TELLER,RUN_AS_SERVER
+			</value>
+		</property>
+	</bean>
+
+	<!-- We expect all callers of the backend object to hold the role ROLE_RUN_AS_SERVER -->
+	<bean id="backendContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
+    	<property name="authenticationManager"><ref bean="authenticationManager"/></property>
+    	<property name="accessDecisionManager"><ref bean="businessAccessDecisionManager"/></property>
+    	<property name="runAsManager"><ref bean="runAsManager"/></property>
+ 		<property name="objectDefinitionSource">
+			<value>
+				sample.contact.ContactManager.delete=ROLE_RUN_AS_SERVER
+				sample.contact.ContactManager.getAllByOwner=ROLE_RUN_AS_SERVER
+				sample.contact.ContactManager.save=ROLE_RUN_AS_SERVER
+				sample.contact.ContactManager.getById=ROLE_RUN_AS_SERVER
+			</value>
+		</property>
+	</bean>
+
+	<!-- ======================= BUSINESS DEFINITIONS ===================== -->
+
+	<bean id="contactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
+    	<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
+	    <property name="interceptorNames">
+      	<list>
+        	<value>publicContactManagerSecurity</value>
+ 	        <value>publicContactManagerTarget</value>
+    	</list>
+	    </property>
+  	</bean>
+
+	<bean id="publicContactManagerTarget" class="sample.contact.ContactManagerFacade">
+    	<property name="backend"><ref bean="backendContactManager"/></property>
+	</bean>
+
+	<bean id="backendContactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
+    	<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
+	    <property name="interceptorNames">
+      	<list>
+        	<value>backendContactManagerSecurity</value>
+ 	        <value>backendContactManagerTarget</value>
+    	</list>
+	    </property>
+  	</bean>
+
+	<bean id="backendContactManagerTarget" class="sample.contact.ContactManagerBackend"/>
+
+</beans>

samples/contacts/etc/ca/web.xml

@@ -15,16 +15,45 @@
     	Example of an application secured using Acegi Security System for Spring.
     </description>
 
+	<!--
+	  - Location of the XML file that defines the root application context
+	  - Applied by ContextLoaderListener.
+	  -->
+	<context-param>
+		<param-name>contextConfigLocation</param-name>
+		<param-value>/WEB-INF/applicationContext.xml</param-value>
+	</context-param>
+
+    <filter>
+        <filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
+        <filter-class>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</filter-class>
+    </filter>
+
     <filter>
         <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
         <filter-class>net.sf.acegisecurity.ui.AutoIntegrationFilter</filter-class>
     </filter>
 
+    <filter-mapping>
+      <filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
+      <url-pattern>/*</url-pattern>
+    </filter-mapping>
+
     <filter-mapping>
       <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
       <url-pattern>/*</url-pattern>
     </filter-mapping>
 
+	<!--
+	  - Loads the root application context of this web app at startup,
+	  - by default from "/WEB-INF/applicationContext.xml".
+	  - Use WebApplicationContextUtils.getWebApplicationContext(servletContext)
+	  - to access it anywhere in the web application, outside of the framework.
+    -->
+	<listener>
+		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+	</listener>
+
   <!--
     - Servlet that dispatches request to registered handlers (Controller implementations).
     - Has its own application context, by default defined in "{servlet-name}-servlet.xml",
@@ -40,6 +69,12 @@
 		<load-on-startup>1</load-on-startup>
 	</servlet>
 
+	<servlet>
+		<servlet-name>caucho</servlet-name>
+		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
+		<load-on-startup>2</load-on-startup>
+	</servlet>
+
   <!--
     - Maps the contacts dispatcher to /*.
     -
@@ -49,6 +84,15 @@
     	<url-pattern>*.htm</url-pattern>
  	</servlet-mapping>
   
+  <!--
+	- Dispatcher servlet mapping for HTTP remoting via the Caucho protocols,
+	- i.e. Hessian and Burlap (see caucho-servlet.xml for the controllers).
+   -->
+	<servlet-mapping>
+		<servlet-name>caucho</servlet-name>
+		<url-pattern>/caucho/*</url-pattern>
+	</servlet-mapping>
+
  	<welcome-file-list>
 		<welcome-file>index.jsp</welcome-file>
 	</welcome-file-list>

samples/contacts/etc/filter/applicationContext.xml

@@ -52,6 +52,79 @@
 	<!-- An access decision voter that reads ROLE_* configuaration settings -->
 	<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
 
+	<!-- An access decision voter that reads CONTACT_OWNED_BY_CURRENT_USER configuaration settings -->
+	<bean id="contactSecurityVoter" class="sample.contact.ContactSecurityVoter"/>
+
+	<!-- An access decision manager used by the business objects -->
+	<bean id="businessAccessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
+   		<property name="allowIfAllAbstainDecisions"><value>false</value></property>
+		<property name="decisionVoters">
+		  <list>
+		    <ref bean="roleVoter"/>
+		    <ref bean="contactSecurityVoter"/>
+		  </list>
+		</property>
+	</bean>
+
+	<!-- ===================== SECURITY DEFINITIONS ======================= -->
+	
+	<bean id="publicContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
+    	<property name="authenticationManager"><ref bean="authenticationManager"/></property>
+    	<property name="accessDecisionManager"><ref bean="businessAccessDecisionManager"/></property>
+    	<property name="runAsManager"><ref bean="runAsManager"/></property>
+ 		<property name="objectDefinitionSource">
+			<value>
+				sample.contact.ContactManager.delete=ROLE_SUPERVISOR,RUN_AS_SERVER
+				sample.contact.ContactManager.getAllByOwner=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
+				sample.contact.ContactManager.save=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
+				sample.contact.ContactManager.getById=ROLE_TELLER,RUN_AS_SERVER
+			</value>
+		</property>
+	</bean>
+
+	<!-- We expect all callers of the backend object to hold the role ROLE_RUN_AS_SERVER -->
+	<bean id="backendContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
+    	<property name="authenticationManager"><ref bean="authenticationManager"/></property>
+    	<property name="accessDecisionManager"><ref bean="businessAccessDecisionManager"/></property>
+    	<property name="runAsManager"><ref bean="runAsManager"/></property>
+ 		<property name="objectDefinitionSource">
+			<value>
+				sample.contact.ContactManager.delete=ROLE_RUN_AS_SERVER
+				sample.contact.ContactManager.getAllByOwner=ROLE_RUN_AS_SERVER
+				sample.contact.ContactManager.save=ROLE_RUN_AS_SERVER
+				sample.contact.ContactManager.getById=ROLE_RUN_AS_SERVER
+			</value>
+		</property>
+	</bean>
+
+	<!-- ======================= BUSINESS DEFINITIONS ===================== -->
+
+	<bean id="contactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
+    	<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
+	    <property name="interceptorNames">
+      	<list>
+        	<value>publicContactManagerSecurity</value>
+ 	        <value>publicContactManagerTarget</value>
+    	</list>
+	    </property>
+  	</bean>
+
+	<bean id="publicContactManagerTarget" class="sample.contact.ContactManagerFacade">
+    	<property name="backend"><ref bean="backendContactManager"/></property>
+	</bean>
+
+	<bean id="backendContactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
+    	<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
+	    <property name="interceptorNames">
+      	<list>
+        	<value>backendContactManagerSecurity</value>
+ 	        <value>backendContactManagerTarget</value>
+    	</list>
+	    </property>
+  	</bean>
+
+	<bean id="backendContactManagerTarget" class="sample.contact.ContactManagerBackend"/>
+
 	<!-- ===================== HTTP REQUEST SECURITY ==================== -->
 
 	<bean id="httpRequestAccessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">

samples/contacts/etc/filter/web.xml

@@ -41,6 +41,11 @@
         </init-param>
     </filter>
 
+    <filter>
+        <filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
+        <filter-class>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</filter-class>
+    </filter>
+
     <filter>
         <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
         <filter-class>net.sf.acegisecurity.ui.AutoIntegrationFilter</filter-class>
@@ -60,6 +65,11 @@
       <url-pattern>/*</url-pattern>
     </filter-mapping>
 
+    <filter-mapping>
+      <filter-name>Acegi HTTP BASIC Authorization Filter</filter-name>
+      <url-pattern>/*</url-pattern>
+    </filter-mapping>
+
     <filter-mapping>
       <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name>
       <url-pattern>/*</url-pattern>
@@ -95,6 +105,12 @@
 		<load-on-startup>1</load-on-startup>
 	</servlet>
 
+	<servlet>
+		<servlet-name>caucho</servlet-name>
+		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
+		<load-on-startup>2</load-on-startup>
+	</servlet>
+
   <!--
     - Maps the contacts dispatcher to /*.
     -
@@ -104,6 +120,15 @@
     	<url-pattern>*.htm</url-pattern>
  	</servlet-mapping>
   
+  <!--
+	- Dispatcher servlet mapping for HTTP remoting via the Caucho protocols,
+	- i.e. Hessian and Burlap (see caucho-servlet.xml for the controllers).
+   -->
+	<servlet-mapping>
+		<servlet-name>caucho</servlet-name>
+		<url-pattern>/caucho/*</url-pattern>
+	</servlet-mapping>
+
  	<welcome-file-list>
 		<welcome-file>index.jsp</welcome-file>
 	</welcome-file-list>

samples/contacts/project.properties

@@ -13,3 +13,4 @@ javadocs.dir=api
 jalopy.xml=${basedir}/../../jalopy.xml
 tmp.dir=temporary
 etc.dir=etc
+client.dir=client

samples/contacts/src/main/java/sample/contact/ClientApplication.java

@@ -0,0 +1,107 @@
+/* Copyright 2004 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package sample.contact;
+
+import org.springframework.beans.factory.ListableBeanFactory;
+
+import org.springframework.context.support.FileSystemXmlApplicationContext;
+
+import org.springframework.util.StopWatch;
+
+import java.util.Iterator;
+import java.util.Map;
+
+
+/**
+ * Demonstrates accessing the {@link ContactManager} via remoting protocols.
+ * 
+ * <P>
+ * Based on Spring's JPetStore sample, written by Juergen Hoeller.
+ * </p>
+ *
+ * @author Ben Alex
+ */
+public class ClientApplication {
+    //~ Instance fields ========================================================
+
+    private final ListableBeanFactory beanFactory;
+
+    //~ Constructors ===========================================================
+
+    public ClientApplication(ListableBeanFactory beanFactory) {
+        this.beanFactory = beanFactory;
+    }
+
+    //~ Methods ================================================================
+
+    public void invokeContactManager(String username, int nrOfCalls) {
+        StopWatch stopWatch = new StopWatch(nrOfCalls
+                + " ContactManager call(s)");
+        Map orderServices = this.beanFactory.getBeansOfType(ContactManager.class,
+                true, true);
+
+        for (Iterator it = orderServices.keySet().iterator(); it.hasNext();) {
+            String beanName = (String) it.next();
+
+            ContactManager remoteContactManager = (ContactManager) orderServices
+                .get(beanName);
+            System.out.println("Calling ContactManager '" + beanName
+                + "' for owner " + username);
+            stopWatch.start(beanName);
+
+            Contact[] contacts = null;
+
+            for (int i = 0; i < nrOfCalls; i++) {
+                contacts = remoteContactManager.getAllByOwner(username);
+            }
+
+            stopWatch.stop();
+
+            if (contacts.length != 0) {
+                for (int i = 0; i < contacts.length; i++) {
+                    System.out.println("Contact " + i + ": "
+                        + contacts[i].toString());
+                }
+            } else {
+                System.out.println("No contacts found belonging to owner");
+            }
+
+            System.out.println();
+        }
+
+        System.out.println(stopWatch.prettyPrint());
+    }
+
+    public static void main(String[] args) {
+        if ((args.length == 0) || "".equals(args[0])) {
+            System.out.println(
+                "You need to specify a user ID and optionally a number of calls, e.g. for user marissa: "
+                + "'client marissa' for a single call per service or 'client marissa 10' for 10 calls each");
+        } else {
+            String username = args[0];
+            int nrOfCalls = 1;
+
+            if ((args.length > 1) && !"".equals(args[1])) {
+                nrOfCalls = Integer.parseInt(args[1]);
+            }
+
+            ListableBeanFactory beanFactory = new FileSystemXmlApplicationContext(
+                    "clientContext.xml");
+            ClientApplication client = new ClientApplication(beanFactory);
+            client.invokeContactManager(username, nrOfCalls);
+        }
+    }
+}

samples/contacts/war/WEB-INF/caucho-servlet.xml

@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+
+<!--
+  - Contacts web application
+  - $Id$
+  -->
+<beans>
+
+	<!-- Hessian exporter for the ContactManager -->
+	<!-- Hessian is a slim binary HTTP remoting protocol -->
+	<bean name="/ContactManager-hessian" class="org.springframework.remoting.caucho.HessianServiceExporter">
+		<property name="service"><ref bean="contactManager"/></property>
+		<property name="serviceInterface">
+			<value>sample.contact.ContactManager</value>
+		</property>
+	</bean>
+
+	<!-- Burlap exporter for the ContactManager -->
+	<!-- Burlap is a slim XML-based HTTP remoting protocol -->
+	<bean name="/ContactManager-burlap" class="org.springframework.remoting.caucho.BurlapServiceExporter">
+		<property name="service"><ref bean="contactManager"/></property>
+		<property name="serviceInterface">
+			<value>sample.contact.ContactManager</value>
+		</property>
+	</bean>
+
+</beans>

samples/contacts/war/WEB-INF/contacts-servlet.xml

@@ -51,126 +51,4 @@
 		<property name="suffix"><value>.jsp</value></property>
 	</bean>
 
-	<!-- =================== SECURITY SYSTEM DEFINITIONS ================== -->
-	
-	<!-- RunAsManager -->
-	<bean id="runAsManager" class="net.sf.acegisecurity.runas.RunAsManagerImpl">
-     	<property name="key"><value>my_run_as_password</value></property>
- 	</bean>
-
-	<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHENTICATION DEFINITIONS ~~~~~~~~~~~~~~~~~~ -->
-	
-	<bean id="runAsAuthenticationProvider" class="net.sf.acegisecurity.runas.RunAsImplAuthenticationProvider">
-     	<property name="key"><value>my_run_as_password</value></property>
- 	</bean>
-
-	<bean id="authByAdapterProvider" class="net.sf.acegisecurity.adapters.AuthByAdapterProvider">
-  		<property name="key"><value>my_password</value></property>
- 	</bean>
-
-	<bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager">
-		<property name="providers">
-		  <list>
-		    <ref bean="runAsAuthenticationProvider"/>
-		    <ref bean="authByAdapterProvider"/>
-		    <ref bean="daoAuthenticationProvider"/>
-		  </list>
-		</property>
-	</bean>
-
-	<bean id="inMemoryDaoImpl" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl">
-  		<property name="userMap">
-			<value>
-				marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR
-				dianne=emu,ROLE_TELLER
-				scott=wombat,ROLE_TELLER
-				peter=opal,disabled,ROLE_TELLER
-			</value>
-		</property>
-	</bean>
-	
-	<bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider">
-     	<property name="authenticationDao"><ref bean="inMemoryDaoImpl"/></property>
- 		<property name="ignorePasswordCase"><value>false</value></property>
- 		<property name="ignoreUsernameCase"><value>true</value></property>
-	</bean>
-
-	<!-- ~~~~~~~~~~~~~~~~~~~~ AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~~~~ -->
-
-	<!-- An access decision voter that reads ROLE_* configuaration settings -->
-	<bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/>
-
-	<!-- An access decision voter that reads CONTACT_OWNED_BY_CURRENT_USER configuaration settings -->
-	<bean id="contactSecurityVoter" class="sample.contact.ContactSecurityVoter"/>
-
-	<!-- An affirmative access decision manager -->
-	<bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased">
-   		<property name="allowIfAllAbstainDecisions"><value>false</value></property>
-		<property name="decisionVoters">
-		  <list>
-		    <ref bean="roleVoter"/>
-		    <ref bean="contactSecurityVoter"/>
-		  </list>
-		</property>
-	</bean>
-
-	<!-- ===================== SECURITY DEFINITIONS ======================= -->
-	
-	<bean id="publicContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
-    	<property name="authenticationManager"><ref bean="authenticationManager"/></property>
-    	<property name="accessDecisionManager"><ref bean="accessDecisionManager"/></property>
-    	<property name="runAsManager"><ref bean="runAsManager"/></property>
- 		<property name="objectDefinitionSource">
-			<value>
-				sample.contact.ContactManager.delete=ROLE_SUPERVISOR,RUN_AS_SERVER
-				sample.contact.ContactManager.getAllByOwner=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
-				sample.contact.ContactManager.save=CONTACT_OWNED_BY_CURRENT_USER,RUN_AS_SERVER
-				sample.contact.ContactManager.getById=ROLE_TELLER,RUN_AS_SERVER
-			</value>
-		</property>
-	</bean>
-
-	<!-- We expect all callers of the backend object to hold the role ROLE_RUN_AS_SERVER -->
-	<bean id="backendContactManagerSecurity" class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor">
-    	<property name="authenticationManager"><ref bean="authenticationManager"/></property>
-    	<property name="accessDecisionManager"><ref bean="accessDecisionManager"/></property>
-    	<property name="runAsManager"><ref bean="runAsManager"/></property>
- 		<property name="objectDefinitionSource">
-			<value>
-				sample.contact.ContactManager.delete=ROLE_RUN_AS_SERVER
-				sample.contact.ContactManager.getAllByOwner=ROLE_RUN_AS_SERVER
-				sample.contact.ContactManager.save=ROLE_RUN_AS_SERVER
-				sample.contact.ContactManager.getById=ROLE_RUN_AS_SERVER
-			</value>
-		</property>
-	</bean>
-
-	<!-- ======================= BUSINESS DEFINITIONS ===================== -->
-
-	<bean id="contactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
-    	<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
-	    <property name="interceptorNames">
-      	<list>
-        	<value>publicContactManagerSecurity</value>
- 	        <value>publicContactManagerTarget</value>
-    	</list>
-	    </property>
-  	</bean>
-
-	<bean id="publicContactManagerTarget" class="sample.contact.ContactManagerFacade">
-    	<property name="backend"><ref bean="backendContactManager"/></property>
-	</bean>
-
-	<bean id="backendContactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
-    	<property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
-	    <property name="interceptorNames">
-      	<list>
-        	<value>backendContactManagerSecurity</value>
- 	        <value>backendContactManagerTarget</value>
-    	</list>
-	    </property>
-  	</bean>
-
-	<bean id="backendContactManagerTarget" class="sample.contact.ContactManagerBackend"/>
-
 </beans>