From 38a09766f048f113461a3b95005aa5ef2e28be05 Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Tue, 8 Dec 2009 20:24:07 +0000
Subject: [PATCH] Updated heavyduty sample to work with current trunk

---
 .gitignore                                    |  6 ++
 sandbox/heavyduty/pom.xml                     | 68 ++++++++++++-------
 ...avyDutyAuthenticationProcessingFilter.java |  7 +-
 .../security/ui/HeavyDutyEntryPoint.java      |  4 +-
 .../src/main/java/sample/TestVoter.java       |  6 +-
 .../webapp/WEB-INF/appContext-security.xml    | 54 +++++++--------
 sandbox/heavyduty/src/main/webapp/context.jsp |  8 +--
 sandbox/heavyduty/src/main/webapp/login.jsp   | 26 ++-----
 8 files changed, 95 insertions(+), 84 deletions(-)
 create mode 100644 .gitignore
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000000..fd9252ddbf
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,6 @@
+target/
+.classpath
+.project
+.settings/
+build/
+*.log
\ No newline at end of file
diff --git a/sandbox/heavyduty/pom.xml b/sandbox/heavyduty/pom.xml
index 72e74b6e36..cb7d538857 100755
--- a/sandbox/heavyduty/pom.xml
+++ b/sandbox/heavyduty/pom.xml
@@ -21,7 +21,17 @@
             <artifactId>spring-security-config</artifactId>
             <version>${spring.security.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-taglibs</artifactId>
+            <version>${spring.security.version}</version>
+        </dependency>
 
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-context-support</artifactId>
+            <version>${spring.version}</version>
+        </dependency>
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-web</artifactId>
@@ -43,12 +53,9 @@
             <artifactId>spring-orm</artifactId>
             <version>${spring.version}</version>
         </dependency>
+        
 <!--
-        <dependency>
-            <groupId>org.springframework.security</groupId>
-            <artifactId>spring-security-taglibs</artifactId>
-            <version>${spring.security.version}</version>
-        </dependency>
+
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-context</artifactId>
@@ -66,7 +73,7 @@
             <groupId>org.freemarker</groupId>
             <artifactId>freemarker</artifactId>
             <scope>runtime</scope>
-            <version>2.3.12</version>
+            <version>2.3.16</version>
         </dependency>
         <dependency>
           <groupId>hsqldb</groupId>
@@ -75,15 +82,21 @@
           <scope>compile</scope>
         </dependency>
         <dependency>
-          <groupId>org.hibernate</groupId>
-          <artifactId>hibernate-entitymanager</artifactId>
-          <version>3.3.2.GA</version>
-          <scope>compile</scope>
+            <groupId>org.hibernate</groupId>
+            <artifactId>hibernate-entitymanager</artifactId>
+            <version>3.4.0.GA</version>
+            <scope>compile</scope>
+            <exclusions>
+                <exclusion>
+                    <artifactId>commons-logging</artifactId>
+                    <groupId>commons-logging</groupId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
           <groupId>net.sf.ehcache</groupId>
           <artifactId>ehcache</artifactId>
-          <version>1.4.1</version>
+          <version>1.6.2</version>
           <scope>compile</scope>
         </dependency>
         <dependency>
@@ -107,26 +120,35 @@
         <dependency>
             <groupId>org.apache.directory.server</groupId>
             <artifactId>apacheds-core</artifactId>
-            <version>1.0.2</version>
-            <scope>runtime</scope>
+            <version>1.5.5</version>
+            <scope>compile</scope>
+            <optional>true</optional>
         </dependency>
         <dependency>
             <groupId>org.apache.directory.server</groupId>
             <artifactId>apacheds-server-jndi</artifactId>
-            <version>1.0.2</version>
-            <scope>runtime</scope>
+            <version>1.5.5</version>
+            <scope>compile</scope>
+            <optional>true</optional>
         </dependency>
+        <dependency>
+            <groupId>commons-collections</groupId>
+            <artifactId>commons-collections</artifactId>
+            <version>3.2.1</version>
+            <scope>runtime</scope>
+        </dependency>        
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+            <version>1.5.8</version>
+            <scope>runtime</scope>
+        </dependency>        
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-log4j12</artifactId>
-            <version>1.4.3</version>
+            <version>1.5.8</version>
             <scope>runtime</scope>
         </dependency>
-        <dependency>
-            <groupId>org.springframework.ldap</groupId>
-            <artifactId>spring-ldap</artifactId>
-            <version>1.2.1</version>
-        </dependency>
         <dependency>
             <groupId>log4j</groupId>
             <artifactId>log4j</artifactId>
@@ -157,7 +179,7 @@
             <plugin>
                 <groupId>org.mortbay.jetty</groupId>
                 <artifactId>maven-jetty-plugin</artifactId>
-                <version>6.1.11</version>
+                <version>6.1.18</version>
                 <configuration>
                     <contextPath>/heavyduty</contextPath>
                     <!--jettyConfig>jetty-jmx.xml</jettyConfig-->
@@ -182,7 +204,7 @@
         </plugins>
     </build>
     <properties>
-        <spring.version>3.0.0.CI-SNAPSHOT</spring.version>
+        <spring.version>3.0.0.RC3</spring.version>
         <spring.security.version>3.0.0.CI-SNAPSHOT</spring.security.version>
     </properties>
 
diff --git a/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyAuthenticationProcessingFilter.java b/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyAuthenticationProcessingFilter.java
index 4e7be0180c..c548242fd6 100755
--- a/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyAuthenticationProcessingFilter.java
+++ b/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyAuthenticationProcessingFilter.java
@@ -1,11 +1,8 @@
 package heavyduty.security.ui;
 
-import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
-
-public class HeavyDutyAuthenticationProcessingFilter extends AuthenticationProcessingFilter {
-
-
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
+public class HeavyDutyAuthenticationProcessingFilter extends UsernamePasswordAuthenticationFilter {
 
 
 }
diff --git a/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyEntryPoint.java b/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyEntryPoint.java
index af40c3ea20..b2c76ea568 100755
--- a/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyEntryPoint.java
+++ b/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyEntryPoint.java
@@ -1,8 +1,8 @@
 package heavyduty.security.ui;
 
-import org.springframework.security.web.authentication.AuthenticationProcessingFilterEntryPoint;
+import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
 
-public class HeavyDutyEntryPoint extends AuthenticationProcessingFilterEntryPoint {
+public class HeavyDutyEntryPoint extends LoginUrlAuthenticationEntryPoint {
 
 
 
diff --git a/sandbox/heavyduty/src/main/java/sample/TestVoter.java b/sandbox/heavyduty/src/main/java/sample/TestVoter.java
index 557dfc2fdd..31d20c2330 100644
--- a/sandbox/heavyduty/src/main/java/sample/TestVoter.java
+++ b/sandbox/heavyduty/src/main/java/sample/TestVoter.java
@@ -1,10 +1,10 @@
 package sample;
 
-import java.util.List;
+import java.util.Collection;
 
 import org.aopalliance.intercept.MethodInvocation;
 import org.springframework.security.access.ConfigAttribute;
-import org.springframework.security.access.vote.AccessDecisionVoter;
+import org.springframework.security.access.AccessDecisionVoter;
 import org.springframework.security.core.Authentication;
 
 public class TestVoter implements AccessDecisionVoter {
@@ -17,7 +17,7 @@ public class TestVoter implements AccessDecisionVoter {
         return MethodInvocation.class.isAssignableFrom(clazz);
     }
 
-    public int vote(Authentication authentication, Object object, List<ConfigAttribute> config) {
+    public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> config) {
         MethodInvocation mi = (MethodInvocation) object;
 
         mi.getMethod().getParameterAnnotations();
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-security.xml b/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-security.xml
index 4a85ec7f05..511109a9ab 100755
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-security.xml
+++ b/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-security.xml
@@ -11,10 +11,10 @@
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xmlns:aop="http://www.springframework.org/schema/aop"
     xmlns:context="http://www.springframework.org/schema/context"
-    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
-                        http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
-                        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
-                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
+    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+                        http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
+                        http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
+                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
 
     <!--b:import resource="appContext-misc.xml"/-->
     <context:component-scan base-package='sample'/>
@@ -48,7 +48,7 @@
         <x509 user-service-ref="daoUserService"/>
 -->
         <form-login default-target-url="/secure/index.jsp" login-page="/login.jsp" authentication-failure-url="/login.jsp?login-error=1" always-use-default-target="false"/>
-        <anonymous />
+
         <!-- http-basic / -->
         <logout />
         <remember-me key='doesntmatter' token-repository-ref='tokenRepo' user-service-ref='daoUserService'/>
@@ -56,12 +56,13 @@
 <!--          <remember-me user-service-ref="daoUserService"/> -->
 
         <!-- Uncomment to limit the number of sessions a user can have -->
-        <concurrent-session-control max-sessions="1" exception-if-maximum-exceeded="true" session-registry-ref='sessionRegistry'/>
-
+        <session-management>
+            <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" session-registry-ref='sessionRegistry'/>
+        </session-management>
+        
+        <!-- custom-filter position="AUTHENTICATION_PROCESSING_FILTER" ref="customAuthFilter" / -->        
     </http>
 
-    <authentication-manager alias="authenticationManager" />
-
     <b:bean id='tokenRepo' class='org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl'/>
 
     <!-- Traditional Session Control Beans -->
@@ -71,14 +72,10 @@
         <b:property name="sessionRegistry" ref='sessionRegistry'/>
     </b:bean>
 
-    <b:bean id='sessionController' class="org.springframework.security.concurrent.ConcurrentSessionControllerImpl">
-        <b:property name='sessionRegistry' ref='sessionRegistry'/>
-    </b:bean>
  -->
-    <b:bean id='sessionRegistry' class="org.springframework.security.authentication.concurrent.SessionRegistryImpl"/>
+    <b:bean id='sessionRegistry' class="org.springframework.security.core.session.SessionRegistryImpl"/>
 <!--
     <b:bean id="customAuthFilter" class="heavyduty.security.ui.HeavyDutyAuthenticationProcessingFilter">
-        <custom-filter position="AUTHENTICATION_PROCESSING_FILTER"/>
         <b:property name="defaultTargetUrl" value="/"/>
         <b:property name="authenticationManager" ref="authenticationManager"/>
     </b:bean>
@@ -93,20 +90,22 @@
         <b:constructor-arg ref="customAuthFilter"/>
     </b:bean>
  -->
+    <authentication-manager alias="authenticationManager" >
 
-    <authentication-provider user-service-ref="daoUserService">
-        <password-encoder hash="md5" />
-    </authentication-provider>
-
-    <authentication-provider>
-        <password-encoder hash="md5"/>
-        <user-service>
-            <user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
-            <user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
-            <user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
-            <user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
-        </user-service>
-    </authentication-provider>
+        <authentication-provider user-service-ref="daoUserService">
+            <password-encoder hash="md5" />
+        </authentication-provider>
+    
+        <authentication-provider>
+            <password-encoder hash="md5"/>
+            <user-service>
+                <user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
+                <user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
+                <user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
+                <user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
+            </user-service>
+        </authentication-provider>
+    </authentication-manager>
 
     <ldap-server id="ldapServer"/>
 
@@ -126,5 +125,4 @@
         <!-- b:property name="server" ref="mbeanServer"/-->
     </b:bean>
 
-
 </b:beans>
diff --git a/sandbox/heavyduty/src/main/webapp/context.jsp b/sandbox/heavyduty/src/main/webapp/context.jsp
index bcd5c6fe0f..f758538a4b 100644
--- a/sandbox/heavyduty/src/main/webapp/context.jsp
+++ b/sandbox/heavyduty/src/main/webapp/context.jsp
@@ -1,6 +1,6 @@
 <%@page import="org.springframework.web.context.support.WebApplicationContextUtils"%>
-<%@page import="org.springframework.security.providers.ldap.LdapAuthenticationProvider"%>
-<%@page import="org.springframework.security.providers.ProviderManager"%>
+<%@page import="org.springframework.security.ldap.authentication.LdapAuthenticationProvider"%>
+<%@page import="org.springframework.security.authentication.ProviderManager"%>
 
 <html>
 <body>
@@ -19,11 +19,11 @@ Providers: <br />
 
 <%=
 ((ProviderManager)WebApplicationContextUtils.getRequiredWebApplicationContext(
-        session.getServletContext()).getBean("_authenticationManager")).getProviders() %>
+        session.getServletContext()).getBean("org.springframework.security.authenticationManager")).getProviders() %>
 </p>
 
 
 
 <p><a href="/index.jsp">Home</a></p>
 </body>
-</html>
\ No newline at end of file
+</html>
diff --git a/sandbox/heavyduty/src/main/webapp/login.jsp b/sandbox/heavyduty/src/main/webapp/login.jsp
index d752d3975e..8a7abb57e1 100755
--- a/sandbox/heavyduty/src/main/webapp/login.jsp
+++ b/sandbox/heavyduty/src/main/webapp/login.jsp
@@ -1,9 +1,7 @@
 <%@ taglib prefix='c' uri='http://java.sun.com/jstl/core_rt' %>
-<%@ page import="org.springframework.security.ui.AbstractProcessingFilter" %>
-<%@ page import="org.springframework.security.ui.webapp.AuthenticationProcessingFilter" %>
-<%@ page import="org.springframework.security.AuthenticationException" %>
-
-<!-- Not used unless you declare a <form-login login-page="/login.jsp"/> element -->
+<%@ page import="org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter" %>
+<%@ page import="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter" %>
+<%@ page import="org.springframework.security.core.AuthenticationException" %>
 
 <html>
   <head>
@@ -13,35 +11,25 @@
   <body onload="document.f.j_username.focus();">
     <h1>CUSTOM SPRING SECURITY LOGIN</h1>
 
-	<P>Valid users:
-	<P>
-	<P>username <b>rod</b>, password <b>koala</b>
-	<br>username <b>dianne</b>, password <b>emu</b>
-	<br>username <b>scott</b>, password <b>wombat</b>
-	<br>username <b>peter</b>, password <b>opal</b>
-	<p>
-
     <%-- this form-login-page form is also used as the
          form-error-page to ask for a login again.
          --%>
-	<% if (session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY) != null) { %>
+    <% if (session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY) != null) { %>
       <font color="red">
-        Your login attempt was not successful, try again.<BR><BR>
-        Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
+        Your login attempt was not successful, try again.<br/><br/>
+        Reason: <%= ((AuthenticationException) session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
       </font>
     <% } %>
 
     <form name="f" action="<c:url value='j_spring_security_check'/>" method="POST">
       <table>
-        <tr><td>User:</td><td><input type='text' name='j_username' <% if (session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY) != null) { %>value='<%= session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY) %>'<% } %>></td></tr>
+        <tr><td>User:</td><td><input type='text' name='j_username' <% if (session.getAttribute(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY) != null) { %>value='<%= session.getAttribute(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY) %>'<% } %>></td></tr>
         <tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
         <tr><td><input type="checkbox" name="_spring_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>
 
         <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
         <tr><td colspan='2'><input name="reset" type="reset"></td></tr>
       </table>
-
     </form>
-
   </body>
 </html>

User:	value='<%= session.getAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY) %>'<% } %>>
User:	value='<%= session.getAttribute(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY) %>'<% } %>>
Password:
	Don't ask for my password for two weeks