Added use of authz tag to tutorial. Upgraded to use webapp 2.4 xsd. Changed JSTL dependency to 1.2

samples/tutorial/pom.xml

@@ -42,7 +42,7 @@
         <dependency>
             <groupId>javax.servlet</groupId>
             <artifactId>jstl</artifactId>
-            <version>1.0</version>
+            <version>1.2</version>
             <scope>runtime</scope>
         </dependency>
         <dependency>

samples/tutorial/src/main/webapp/WEB-INF/jsp/listAccounts.jsp

@@ -1,4 +1,4 @@
-<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core" %>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
 
 <h1>Accounts</h1>
 

samples/tutorial/src/main/webapp/WEB-INF/web.xml

@@ -1,26 +1,24 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
-
 <!--
-  - Contacts web application
-  -
-  - web.xml for "filter" artifact only.
+  - Tutorial web application
   -
   - $Id$
   -->
 
-<web-app>
+<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
 
     <display-name>Spring Security Tutorial Application</display-name>
-
-	<!--
+    
+    <!--
 	  - Location of the XML file that defines the root application context
 	  - Applied by ContextLoaderListener.
 	  -->
 	<context-param>
 		<param-name>contextConfigLocation</param-name>
 		<param-value>
-			classpath:applicationContext-business.xml
+			classpath:applicationContext-business.xml
 			/WEB-INF/applicationContext-security-ns.xml
 		</param-value>
 	</context-param>
@@ -51,20 +49,20 @@
     <listener>
       <listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>
     </listener>
-
-  <!--
-	- Provides core MVC application controller. See contacts-servlet.xml.
-    -->
-	<servlet>
-		<servlet-name>bank</servlet-name>
-		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-		<load-on-startup>1</load-on-startup>
-	</servlet>
-
-	<servlet-mapping>
-    	<servlet-name>bank</servlet-name>
-    	<url-pattern>*.html</url-pattern>
- 	</servlet-mapping>
+
+  <!--
+	- Provides core MVC application controller. See contacts-servlet.xml.
+    -->
+	<servlet>
+		<servlet-name>bank</servlet-name>
+		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
+		<load-on-startup>1</load-on-startup>
+	</servlet>
+
+	<servlet-mapping>
+    	<servlet-name>bank</servlet-name>
+    	<url-pattern>*.html</url-pattern>
+ 	</servlet-mapping>
 
      <welcome-file-list>
 		<welcome-file>index.jsp</welcome-file>

samples/tutorial/src/main/webapp/secure/extreme/index.jsp

@@ -1,8 +1,14 @@
+<%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags" %>
+
 <html>
 <body>
 <h1>VERY Secure Page</h1>
 This is a protected page. You can only see me if you are a supervisor.
 
+<authz:authorize ifAllGranted="ROLE_SUPERVISOR">
+   You have "ROLE_SUPERVISOR" (this text is surrounded by &lt;authz:authorize&gt; tags).
+</authz:authorize>
+
 <p><a href="../../">Home</a>
 <p><a href="../../j_spring_security_logout">Logout</a>
 </body>