Configured contacts app to use namespaces. Removed ldap, cas, x509 files to avoid confusion. Ldap and CAS will be better served by new samples.

samples/contacts/src/main/resources/applicationContext-common-authorization.xml

@@ -148,9 +148,7 @@
   <!-- Processes AFTER_ACL_COLLECTION_READ configuration settings -->
   <bean id="afterAclCollectionRead"
         class="org.springframework.security.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider">
-    <constructor-arg>
-      <ref bean="aclService"/>
-    </constructor-arg>
+    <constructor-arg ref="aclService"/>
     <constructor-arg>
       <list>
         <ref local="org.springframework.security.acls.domain.BasePermission.ADMINISTRATION"/>
@@ -161,9 +159,7 @@
 
   <!-- Processes AFTER_ACL_READ configuration settings -->
   <bean id="afterAclRead" class="org.springframework.security.afterinvocation.AclEntryAfterInvocationProvider">
-    <constructor-arg>
-      <ref bean="aclService"/>
-    </constructor-arg>
+    <constructor-arg ref="aclService"/>
     <constructor-arg>
       <list>
         <ref local="org.springframework.security.acls.domain.BasePermission.ADMINISTRATION"/>
@@ -183,15 +179,12 @@
   ensure the user is authenticated via their ACL_CONTACT_DELETE or
   ACL_CONTACT_READ attribute, which also ensures the user has permission
   to the Contact presented as a method argument.
+
+  Autowired to pick up authentication manager from namespace config.
   -->
-  <bean id="contactManagerSecurity" class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
-    <property name="authenticationManager" ref="authenticationManager"/>
-    <property name="accessDecisionManager">
-      <ref local="businessAccessDecisionManager"/>
-    </property>
-    <property name="afterInvocationManager">
-      <ref local="afterInvocationManager"/>
-    </property>
+  <bean id="contactManagerSecurity" class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor" autowire="byType">
+    <property name="accessDecisionManager" ref="businessAccessDecisionManager"/>
+    <property name="afterInvocationManager" ref="afterInvocationManager"/>
     <property name="objectDefinitionSource">
       <value>
         sample.contact.ContactManager.create=ROLE_USER

samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-cas.xml

@@ -1,192 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-
-<!--
-  - Application context containing authentication, channel
-  - security and web URI beans.
-  -
-  - Only used by "cas" artifact.
-  -
-  - $Id: applicationContext-acegi-security.xml 1409 2006-04-26 23:36:03Z benalex $
-  -->
-
-<beans>
-
-   <!-- ======================== FILTER CHAIN ======================= -->
-
-  <bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
-    <property name="filterInvocationDefinitionSource">
-      <value>
-        CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-        PATTERN_TYPE_APACHE_ANT
-        /**=channelProcessingFilter,httpSessionContextIntegrationFilter,logoutFilter,casProcessingFilter,basicProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
-      </value>
-    </property>
-  </bean>
-
-  <!-- ======================== AUTHENTICATION ======================= -->
-
-  <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
-    <property name="providers">
-      <list>
-        <ref local="casAuthenticationProvider"/>
-      </list>
-    </property>
-  </bean>
-
-  <bean id="jdbcDaoImpl" class="org.springframework.security.userdetails.jdbc.JdbcDaoImpl">
-    <property name="dataSource" ref="dataSource"/>
-  </bean>
-
-  <bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
-    <property name="authenticationManager"><ref local="authenticationManager"/></property>
-    <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
-  </bean>
-
-  <bean id="basicProcessingFilterEntryPoint" class="org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint">
-    <property name="realmName"><value>Contacts Realm</value></property>
-  </bean>
-
-  <bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/>
-
-	<bean id="casAuthenticationProvider" class="org.springframework.security.providers.cas.CasAuthenticationProvider">
-		<property name="casAuthoritiesPopulator"><ref local="casAuthoritiesPopulator"/></property>
-		<property name="casProxyDecider"><ref local="casProxyDecider"/></property>
-		<property name="ticketValidator"><ref local="casProxyTicketValidator"/></property>
-		<property name="statelessTicketCache"><ref local="statelessTicketCache"/></property>
-		<property name="key"><value>my_password_for_this_auth_provider_only</value></property>
-	</bean>
-
-	<bean id="casProxyTicketValidator" class="org.springframework.security.providers.cas.ticketvalidator.CasProxyTicketValidator">
-		<property name="casValidate" value="https://localhost:8443/cas/proxyValidate"/>
-		<property name="proxyCallbackUrl" value="https://localhost:8443/contacts-cas/casProxy/receptor"/>
-		<property name="serviceProperties"><ref local="serviceProperties"/></property>
-        <!-- <property name="trustStore"><value>/some/path/to/your/lib/security/cacerts</value></property> -->
-	</bean>
-
-  <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
-
-  <bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
-    <property name="cacheManager"><ref local="cacheManager"/></property>
-    <property name="cacheName" value="ticketCache"/>
-  </bean>
-
-	<bean id="statelessTicketCache" class="org.springframework.security.providers.cas.cache.EhCacheBasedTicketCache">
-      <property name="cache"><ref local="ticketCacheBackend"/></property>
-	</bean>
-
-	<bean id="casAuthoritiesPopulator" class="org.springframework.security.providers.cas.populator.DaoCasAuthoritiesPopulator">
-		<property name="userDetailsService"><ref local="jdbcDaoImpl"/></property>
-	</bean>
-
-	<bean id="casProxyDecider" class="org.springframework.security.providers.cas.proxy.RejectProxyTickets"/>
-
-	<bean id="serviceProperties" class="org.springframework.security.ui.cas.ServiceProperties">
-		<property name="service" value="https://localhost:8443/contacts-cas/j_spring_cas_security_check"/>
-		<property name="sendRenew" value="false"/>
-	</bean>
-
-	<!-- note logout has little impact, due to CAS reauthentication functionality (it will cause a refresh of the authentication though) -->
-   <bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
-      <constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
-      <constructor-arg>
-         <list>
-              <bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
-         </list>
-      </constructor-arg>
-   </bean>
-
-
-	<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
-
-	<!-- Enabled by default for CAS, as a CAS deployment uses HTTPS -->
-	<bean id="channelProcessingFilter" class="org.springframework.security.securechannel.ChannelProcessingFilter">
-		<property name="channelDecisionManager"><ref local="channelDecisionManager"/></property>
- 		<property name="filterInvocationDefinitionSource">
-			<value>
-			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-				\A/secure/.*\Z=REQUIRES_SECURE_CHANNEL
-				\A/j_spring_cas_security_check.*\Z=REQUIRES_SECURE_CHANNEL
-				\A.*\Z=REQUIRES_INSECURE_CHANNEL
-			</value>
-		</property>
-	</bean>
-
-	<bean id="channelDecisionManager" class="org.springframework.security.securechannel.ChannelDecisionManagerImpl">
-	    <property name="channelProcessors">
-      		<list>
- 	        	<ref local="secureChannelProcessor"/>
-        		<ref local="insecureChannelProcessor"/>
-     		</list>
-	    </property>
-	</bean>
-
-	<bean id="secureChannelProcessor" class="org.springframework.security.securechannel.SecureChannelProcessor"/>
-	<bean id="insecureChannelProcessor" class="org.springframework.security.securechannel.InsecureChannelProcessor"/>
-
-	<!-- ===================== HTTP REQUEST SECURITY ==================== -->
-
-	<bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
-		<property name="authenticationEntryPoint"><ref local="casProcessingFilterEntryPoint"/></property>
-	</bean>
-
-	<bean id="casProcessingFilter" class="org.springframework.security.ui.cas.CasProcessingFilter">
-		<property name="authenticationManager"><ref local="authenticationManager"/></property>
-		<property name="authenticationFailureUrl"><value>/casfailed.jsp</value></property>
-		<property name="defaultTargetUrl"><value>/</value></property>
-		<property name="filterProcessesUrl"><value>/j_spring_cas_security_check</value></property>
-	</bean>
-
-	<bean id="casProcessingFilterEntryPoint" class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint">
-		<property name="loginUrl"><value>https://localhost:8443/cas/login</value></property>
-		<property name="serviceProperties"><ref local="serviceProperties"/></property>
-	</bean>
-
-	<bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
-   		<property name="allowIfAllAbstainDecisions"><value>false</value></property>
-		<property name="decisionVoters">
-		  <list>
-		    <ref bean="roleVoter"/>
-		  </list>
-		</property>
-	</bean>
-
-	<!-- Note the order that entries are placed against the objectDefinitionSource is critical.
-	     The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
-	     Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last -->
-	<bean id="filterInvocationInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
-    	<property name="authenticationManager"><ref local="authenticationManager"/></property>
-    	<property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
- 		<property name="objectDefinitionSource">
-			<value>
-			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-				\A/secure/super.*\Z=ROLE_WE_DONT_HAVE
-				\A/secure/.*\Z=ROLE_SUPERVISOR,ROLE_TELLER
-			</value>
-		</property>
-	</bean>
-
-	<!-- BASIC Regular Expression Syntax (for beginners):
-
-	     \A means the start of the string (ie the beginning of the URL)
-	     \Z means the end of the string (ie the end of the URL)
-	     .  means any single character
-	     *  means null or any number of repetitions of the last expression (so .* means zero or more characters)
-
-	     Some examples:
-
-	     Expression:   \A/my/directory/.*\Z
-	     Would match:    /my/directory/
-	                     /my/directory/hello.html
-
-	     Expression:   \A/.*\Z
-	     Would match:    /hello.html
-	                     /
-
-	     Expression:   \A/.*/secret.html\Z
-	     Would match:    /some/directory/secret.html
-	                     /another/secret.html
-	     Not match:      /anothersecret.html (missing required /)
-	-->
-
-</beans>

samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-ldap.xml

@@ -1,142 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-
-<!--
-  - Application context containing authentication, channel
-  - security and web URI beans.
-  -
-  - Only used by "ldap" artifact.
-  -
-  - $Id: applicationContext-acegi-security.xml 1468 2006-05-20 17:50:51Z luke_t $
-  -->
-
-<beans>
-
-   <!-- ======================== FILTER CHAIN ======================= -->
-
-	<!--  if you wish to use channel security, add "channelProcessingFilter," in front
-	      of "httpSessionContextIntegrationFilter" in the list below -->
-   <bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
-      <property name="filterInvocationDefinitionSource">
-         <value>
-        CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-        PATTERN_TYPE_APACHE_ANT
-            /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
-         </value>
-      </property>
-   </bean>
-
-   <!-- ======================== AUTHENTICATION ======================= -->
-
-   <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
-      <property name="providers">
-         <list>
-            <ref local="ldapAuthenticationProvider"/>
-         </list>
-      </property>
-   </bean>
-
-   <bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
-     <constructor-arg value="ldap://monkeymachine.co.uk:389/dc=springframework,dc=org"/>
-     <property name="userDn" value="cn=manager,dc=springframework,dc=org" />
-     <property name="password" value="acegisecurity"/>
-   </bean>
-
-   <bean id="ldapAuthenticationProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
-     <constructor-arg>
-       <bean class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator">
-          <constructor-arg><ref local="contextSource"/></constructor-arg>
-          <property name="userDnPatterns"><list><value>uid={0},ou=people</value></list></property>
-       </bean>
-     </constructor-arg>
-     <constructor-arg>
-       <bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
-          <constructor-arg><ref local="contextSource"/></constructor-arg>
-          <constructor-arg><value>ou=groups</value></constructor-arg>
-          <property name="groupRoleAttribute"><value>ou</value></property>
-       </bean>
-     </constructor-arg>
-   </bean>
-
-   <!-- Automatically receives AuthenticationEvent messages -->
-   <bean id="loggerListener" class="org.springframework.security.event.authentication.LoggerListener"/>
-
-   <bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter">
-   </bean>
-
-   <bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
-      <constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
-      <constructor-arg>
-         <list>
-              <bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
-         </list>
-      </constructor-arg>
-   </bean>
-
-
-   <!-- ===================== HTTP REQUEST SECURITY ==================== -->
-
-   <bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
-      <property name="authenticationEntryPoint"><ref local="authenticationProcessingFilterEntryPoint"/></property>
-   </bean>
-
-   <bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
-      <property name="authenticationManager"><ref bean="authenticationManager"/></property>
-      <property name="authenticationFailureUrl"><value>/acegilogin.jsp?login_error=1</value></property>
-      <property name="defaultTargetUrl"><value>/</value></property>
-      <property name="filterProcessesUrl"><value>/j_spring_security_check</value></property>
-   </bean>
-
-   <bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
-      <property name="loginFormUrl"><value>/acegilogin.jsp</value></property>
-      <property name="forceHttps"><value>false</value></property>
-   </bean>
-
-   <bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
-      <property name="allowIfAllAbstainDecisions"><value>false</value></property>
-      <property name="decisionVoters">
-         <list>
-            <ref bean="roleVoter"/>
-         </list>
-      </property>
-   </bean>
-
-	<!-- Note the order that entries are placed against the objectDefinitionSource is critical.
-	     The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
-	     Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last -->
-	 <bean id="filterInvocationInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
-    	<property name="authenticationManager"><ref local="authenticationManager"/></property>
-    	<property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
-      <property name="objectDefinitionSource">
-			  <value>
-			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-				\A/secure/super.*\Z=ROLE_WE_DONT_HAVE
-				\A/secure/.*\Z=ROLE_SUPERVISOR,ROLE_TELLER
-			  </value>
-		  </property>
-	 </bean>
-
-	<!-- BASIC Regular Expression Syntax (for beginners):
-
-	     \A means the start of the string (ie the beginning of the URL)
-	     \Z means the end of the string (ie the end of the URL)
-	     .  means any single character
-	     *  means null or any number of repetitions of the last expression (so .* means zero or more characters)
-
-	     Some examples:
-
-	     Expression:   \A/my/directory/.*\Z
-	     Would match:    /my/directory/
-	                     /my/directory/hello.html
-
-	     Expression:   \A/.*\Z
-	     Would match:    /hello.html
-	                     /
-
-	     Expression:   \A/.*/secret.html\Z
-	     Would match:    /some/directory/secret.html
-	                     /another/secret.html
-	     Not match:      /anothersecret.html (missing required /)
-	-->
-
-</beans>

samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-x509.xml

@@ -1,175 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-
-<!--
-  - Application context containing authentication, channel
-  - security and web URI beans.
-  -
-  - Only used by "x509" artifact.
-  -
-  - $Id: applicationContext-acegi-security.xml 1409 2006-04-26 23:36:03Z benalex $
-  -->
-
-<beans>
-
-   <!-- ======================== FILTER CHAIN ======================= -->
-
-	<bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
-      <property name="filterInvocationDefinitionSource">
-         <value>
-		    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-		    PATTERN_TYPE_APACHE_ANT
-            /**=channelProcessingFilter,httpSessionContextIntegrationFilter,logoutFilter,x509ProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
-         </value>
-      </property>
-    </bean>
-
-   <!-- ======================== AUTHENTICATION ======================= -->
-
-   <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
-      <property name="providers">
-         <list>
-		    <ref local="x509AuthenticationProvider"/>
-         </list>
-      </property>
-   </bean>
-
-   <bean id="jdbcDaoImpl" class="org.springframework.security.userdetails.jdbc.JdbcDaoImpl">
-      <property name="dataSource"><ref bean="dataSource"/></property>
-   </bean>
-
-   <bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
-      <property name="authenticationManager"><ref local="authenticationManager"/></property>
-      <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
-   </bean>
-
-   <bean id="basicProcessingFilterEntryPoint" class="org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint">
-      <property name="realmName"><value>Contacts Realm</value></property>
-   </bean>
-
-   <bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter">
-   </bean>
-
-	<bean id="x509AuthenticationProvider" class="org.springframework.security.providers.x509.X509AuthenticationProvider">
-		<property name="x509AuthoritiesPopulator"><ref local="x509AuthoritiesPopulator"/></property>
-        <property name="x509UserCache"><ref local="x509UserCache"/></property>
-	</bean>
-
-    <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
-
-    <bean id="x509UserCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
-       <property name="cacheManager">
-          <ref local="cacheManager"/>
-       </property>
-       <property name="cacheName">
-          <value>x509Cache</value>
-       </property>
-    </bean>
-
-	<bean id="x509UserCache" class="org.springframework.security.providers.x509.cache.EhCacheBasedX509UserCache">
-      <property name="cache"><ref local="x509UserCacheBackend"/></property>
-	</bean>
-
-	<bean id="x509AuthoritiesPopulator" class="org.springframework.security.providers.x509.populator.DaoX509AuthoritiesPopulator">
-		<property name="userDetailsService"><ref local="jdbcDaoImpl"/></property>
-      <!--  <property name="subjectDNRegex"><value>emailAddress=(.*?),</value></property> -->
-	</bean>
-
-	<!-- note logout has little impact, due to X509 certificate still being presented (it will cause a refresh of the authentication though) -->
-   <bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
-      <constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
-      <constructor-arg>
-         <list>
-              <bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
-         </list>
-      </constructor-arg>
-   </bean>
-
-
-	<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
-
-	<!-- Enabled by default for X.509 (obviously) -->
-	<bean id="channelProcessingFilter" class="org.springframework.security.securechannel.ChannelProcessingFilter">
-		<property name="channelDecisionManager"><ref local="channelDecisionManager"/></property>
- 		<property name="filterInvocationDefinitionSource">
-			<value>
-			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-				\A/secure/.*\Z=REQUIRES_SECURE_CHANNEL
-				\A.*\Z=REQUIRES_INSECURE_CHANNEL
-			</value>
-		</property>
-	</bean>
-
-	<bean id="channelDecisionManager" class="org.springframework.security.securechannel.ChannelDecisionManagerImpl">
-	    <property name="channelProcessors">
-      		<list>
- 	        	<ref local="secureChannelProcessor"/>
-        		<ref local="insecureChannelProcessor"/>
-     		</list>
-	    </property>
-	</bean>
-
-	<bean id="secureChannelProcessor" class="org.springframework.security.securechannel.SecureChannelProcessor"/>
-	<bean id="insecureChannelProcessor" class="org.springframework.security.securechannel.InsecureChannelProcessor"/>
-
-	<!-- ===================== HTTP REQUEST SECURITY ==================== -->
-
-	<bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
-		<property name="authenticationEntryPoint"><ref local="x509ProcessingFilterEntryPoint"/></property>
-	</bean>
-
-	<bean id="x509ProcessingFilter" class="org.springframework.security.ui.x509.X509ProcessingFilter">
-		<property name="authenticationManager"><ref local="authenticationManager"/></property>
-	</bean>
-
-	<bean id="x509ProcessingFilterEntryPoint" class="org.springframework.security.ui.x509.X509ProcessingFilterEntryPoint">
-	</bean>
-
-	<bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
-   		<property name="allowIfAllAbstainDecisions"><value>false</value></property>
-		<property name="decisionVoters">
-		  <list>
-		    <ref bean="roleVoter"/>
-		  </list>
-		</property>
-	</bean>
-
-	<!-- Note the order that entries are placed against the objectDefinitionSource is critical.
-	     The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL.
-	     Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last -->
-	<bean id="filterInvocationInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
-    	<property name="authenticationManager"><ref local="authenticationManager"/></property>
-    	<property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
- 		<property name="objectDefinitionSource">
-			<value>
-			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-				\A/secure/super.*\Z=ROLE_WE_DONT_HAVE
-				\A/secure/.*\Z=ROLE_SUPERVISOR,ROLE_TELLER
-			</value>
-		</property>
-	</bean>
-
-	<!-- BASIC Regular Expression Syntax (for beginners):
-
-	     \A means the start of the string (ie the beginning of the URL)
-	     \Z means the end of the string (ie the end of the URL)
-	     .  means any single character
-	     *  means null or any number of repetitions of the last expression (so .* means zero or more characters)
-
-	     Some examples:
-
-	     Expression:   \A/my/directory/.*\Z
-	     Would match:    /my/directory/
-	                     /my/directory/hello.html
-
-	     Expression:   \A/.*\Z
-	     Would match:    /hello.html
-	                     /
-
-	     Expression:   \A/.*/secret.html\Z
-	     Would match:    /some/directory/secret.html
-	                     /another/secret.html
-	     Not match:      /anothersecret.html (missing required /)
-	-->
-
-</beans>

samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml

@@ -24,7 +24,7 @@
         <intercept-url pattern="/**" access="ROLE_USER"/>
 
         <form-login login-page="/acegilogin.jsp" authentication-failure-url="/acegilogin.jsp?login_error=1"/>
-        <logout logout-url="/index.jsp"/>
+        <logout logout-success-url="/index.jsp"/>
     </http>
 
 <!--

samples/contacts/src/main/webapp/WEB-INF/web.xml

@@ -46,12 +46,12 @@
 
 
     <filter>
-        <filter-name>filterChainProxy</filter-name>
+        <filter-name>_filterChainProxy</filter-name>
         <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
     </filter>
 
     <filter-mapping>
-      <filter-name>filterChainProxy</filter-name>
+      <filter-name>_filterChainProxy</filter-name>
       <url-pattern>/*</url-pattern>
     </filter-mapping>