SEC-239: New ACL module.

samples/contacts-tiger/src/main/webapp/common/WEB-INF/contacts-servlet.xml

@@ -29,12 +29,12 @@
 
     <bean id="adminPermissionController" class="sample.contact.AdminPermissionController">
     	<property name="contactManager"><ref bean="contactManager"/></property>
-    	<property name="aclManager"><ref bean="aclManager"/></property>
+    	<property name="aclService"><ref bean="aclService"/></property>
  	</bean>
 
     <bean id="deletePermissionController" class="sample.contact.DeletePermissionController">
     	<property name="contactManager"><ref bean="contactManager"/></property>
-    	<property name="aclManager"><ref bean="aclManager"/></property>
+    	<property name="aclService"><ref bean="aclService"/></property>
  	</bean>
 
     <bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">

samples/contacts-tiger/src/main/webapp/common/WEB-INF/jsp/adminPermission.jsp

@@ -1,4 +1,3 @@
-<%@ page import="net.sf.acegisecurity.acl.basic.SimpleAclEntry" %>
 <%@ include file="/WEB-INF/jsp/include.jsp" %>
 
 <html>
@@ -11,27 +10,17 @@
 </code>
 <P>
 <table cellpadding=3 border=0>
-<c:forEach var="acl" items="${model.acls}">
-  <c:if test="${acl.class.name eq 'net.sf.acegisecurity.acl.basic.SimpleAclEntry'}">
+<c:forEach var="acl" items="${model.acl.entries}">
     <tr>
       <td>
         <code>
-          <%
-            SimpleAclEntry simpleAcl = ((SimpleAclEntry) pageContext.getAttribute("acl"));
-            String permissionBlock = simpleAcl.printPermissionsBlock(); 
-          %>
-          <%= permissionBlock %>
-          [<c:out value="${acl.mask}"/>]
-          <c:out value="${acl.recipient}"/>
+          <c:out value="${acl}"/>
         </code>
       </td>
       <td>
-      <!-- This application doesn't use ACL inheritance, so we can safely use
-           the model's contact and know it was directly assigned the ACL -->
-        <A HREF="<c:url value="deletePermission.htm"><c:param name="contactId" value="${model.contact.id}"/><c:param name="recipient" value="${acl.recipient}"/></c:url>">Del</A>
+      <A HREF="<c:url value="deletePermission.htm"><c:param name="contactId" value="${model.contact.id}"/><c:param name="sid" value="${acl.sid.principal}"/><c:param name="permission" value="${acl.permission.mask}"/></c:url>">Del</A>
       </td>
     </tr>
-  </c:if>
 </c:forEach>
 </table>
 <p><a href="<c:url value="addPermission.htm"><c:param name="contactId" value="${model.contact.id}"/></c:url>">Add Permission</a>   <a href="<c:url value="index.htm"/>">Manage</a>

samples/contacts-tiger/src/main/webapp/common/WEB-INF/jsp/deletePermission.jsp

@@ -1,4 +1,3 @@
-<%@ page import="net.sf.acegisecurity.acl.basic.SimpleAclEntry" %>
 <%@ include file="/WEB-INF/jsp/include.jsp" %>
 
 <html>
@@ -11,7 +10,10 @@
 </code>
 <P>
 <code>
-<c:out value="${model.recipient}"/>
+<c:out value="${model.sid}"/>
+</code>
+<code>
+<c:out value="${model.permission}"/>
 </code>
 <p><a href="<c:url value="index.htm"/>">Manage</a>
 </body>

samples/contacts-tiger/src/main/webapp/common/WEB-INF/jsp/include.jsp

@@ -1,5 +1,5 @@
 <%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
-<%@ taglib prefix="authz" uri="http://acegisecurity.sf.net/authz" %>
+<%@ taglib prefix="authz" uri="http://acegisecurity.org/authz" %>
 
 <%@ taglib prefix="c" uri="http://java.sun.com/jstl/core" %>
 <%@ taglib prefix="fmt" uri="http://java.sun.com/jstl/fmt" %>

samples/contacts-tiger/src/main/webapp/common/WEB-INF/jsp/index.jsp

@@ -3,7 +3,7 @@
 <html>
 <head><title>Your Contacts</title></head>
 <body>
-<h1><authz:authentication operation="principal"/>'s Contacts</h1>
+<h1><authz:authentication operation="username"/>'s Contacts</h1>
 <P>
 <table cellpadding=3 border=0>
 <tr><td><b>id</b></td><td><b>Name</b></td><td><b>Email</b></td></tr>
@@ -18,15 +18,15 @@
   <td>
       <c:out value="${contact.email}"/>
   </td>
-  <authz:acl domainObject="${contact}" hasPermission="16,1">
+  <authz:accesscontrollist domainObject="${contact}" hasPermission="8,16">
     <td><A HREF="<c:url value="del.htm"><c:param name="contactId" value="${contact.id}"/></c:url>">Del</A></td>
-  </authz:acl>
-  <authz:acl domainObject="${contact}" hasPermission="1">
+  </authz:accesscontrollist>
+  <authz:accesscontrollist domainObject="${contact}" hasPermission="16">
     <td><A HREF="<c:url value="adminPermission.htm"><c:param name="contactId" value="${contact.id}"/></c:url>">Admin Permission</A></td>
-  </authz:acl>
+  </authz:accesscontrollist>
   </tr>
 </c:forEach>
 </table>
-<p><a href="<c:url value="add.htm"/>">Add</a>   <p><a href="<c:url value="../logoff.jsp"/>">Logoff</a> (also clears any remember-me cookie)
+<p><a href="<c:url value="add.htm"/>">Add</a>   <p><a href="<c:url value="../j_acegi_logout"/>">Logoff</a> (also clears any remember-me cookie)
 </body>
 </html>

samples/contacts-tiger/src/main/webapp/filter/accessDenied.jsp

@@ -1,16 +1,16 @@
-<%@ page import="org.acegisecurity.context.SecurityContextHolder" %>
-<%@ page import="org.acegisecurity.Authentication" %>
-<%@ page import="org.acegisecurity.ui.AccessDeniedHandlerImpl" %>
-
-<h1>Sorry, access is denied</h1>
-
-
-<p>
-<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
-
-<p>
-
-<%		Authentication auth = SecurityContextHolder.getContext().getAuthentication();
-		if (auth != null) { %>
-			Authentication object as a String: <%= auth.toString() %><BR><BR>
-<%      } %>
+<%@ page import="org.acegisecurity.context.SecurityContextHolder" %>
+<%@ page import="org.acegisecurity.Authentication" %>
+<%@ page import="org.acegisecurity.ui.AccessDeniedHandlerImpl" %>
+
+<h1>Sorry, access is denied</h1>
+
+
+<p>
+<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
+
+<p>
+
+<%		Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+		if (auth != null) { %>
+			Authentication object as a String: <%= auth.toString() %><BR><BR>
+<%      } %>

samples/contacts-tiger/src/main/webapp/filter/acegilogin.jsp

@@ -1,7 +1,7 @@
 <%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
-<%@ page import="net.sf.acegisecurity.ui.AbstractProcessingFilter" %>
-<%@ page import="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
-<%@ page import="net.sf.acegisecurity.AuthenticationException" %>
+<%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
+<%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
+<%@ page import="org.acegisecurity.AuthenticationException" %>
 
 <html>
   <head>

samples/contacts-tiger/src/main/webapp/filter/exitUser.jsp

@@ -1,10 +1,10 @@
 <%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
 
-<%@ page import="net.sf.acegisecurity.context.SecurityContextHolder" %>
-<%@ page import="net.sf.acegisecurity.Authentication" %>
-<%@ page import="net.sf.acegisecurity.ui.AbstractProcessingFilter" %>
-<%@ page import="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
-<%@ page import="net.sf.acegisecurity.AuthenticationException" %>
+<%@ page import="org.acegisecurity.context.SecurityContextHolder" %>
+<%@ page import="org.acegisecurity.Authentication" %>
+<%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
+<%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
+<%@ page import="org.acegisecurity.AuthenticationException" %>
 
 <html>
   <head>

samples/contacts-tiger/src/main/webapp/filter/switchUser.jsp

@@ -1,7 +1,7 @@
 <%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
-<%@ page import="net.sf.acegisecurity.ui.AbstractProcessingFilter" %>
-<%@ page import="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
-<%@ page import="net.sf.acegisecurity.AuthenticationException" %>
+<%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
+<%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
+<%@ page import="org.acegisecurity.AuthenticationException" %>
 
 <html>
   <head>