diff --git a/samples/cas/Readme.txt b/samples/cas/Readme.txt
new file mode 100644
index 0000000000..8eddb240a0
--- /dev/null
+++ b/samples/cas/Readme.txt
@@ -0,0 +1,53 @@
+There are two subdirectories in this project;
+
+server - this is not a real maven sub-project in the sense that it builds anything. It is just here to allow you to
+ conveniently run the CAS server using the maven Jetty plugin with our preconfigured SSL certificates.
+
+client - this contains the actual sample web application which uses the cas server for authentication. It uses the same
+ certificates. In practice, the CAS server would likely be running on a different machine and both client and
+ server would have different certificates issued to the server hostname.
+
+Running the CAS Server
+-----------------------
+
+You first need to download the CAS server 3.1.1 distribution from
+
+http://www.ja-sig.org/products/cas/downloads/index.html
+
+You only need the modules/cas-server-webapp-3.1.1.war web application file from the distribution. Copy this to the
+"server" directory inside the one that contains this readme file (i.e. copy it to samples/cas/server).
+
+You can then run the CAS server (from the same) by executing the maven command
+
+mvn jetty:run-war
+
+This will start the server on
+
+https://localhost:9443/cas
+
+If you point your browser at this URL, you should see the CAS login screen.
+
+
+Running the Client Application
+-------------------------------
+
+Leave the server running and start up a separate command window to run the sample application. Change to the directory
+samples/cas/client and execute the command
+
+mvn:jetty-run
+
+
+This should start the sample application on
+
+http://localhost:8080/cas-sample/
+
+Try to access the secure page (as with the other samples) and you should be redirected to the CAS server to log in. Note
+that the sample authentication module that comes with the CAS server webapp will authenticate any user whose password
+matches the username. So you have to log in here as rod/rod, dianne/dianne etc. Obviously the usernames must still match
+those listed in the application's user-service.
+
+
+$Id$
+
+
+
diff --git a/samples/cas/client/pom.xml b/samples/cas/client/pom.xml
new file mode 100644
index 0000000000..40e54bf091
--- /dev/null
+++ b/samples/cas/client/pom.xml
@@ -0,0 +1,104 @@
+
+ 4.0.0
+
+ org.springframework.security
+ spring-security-samples
+ 2.0-SNAPSHOT
+
+ org.springframework.security
+ spring-security-samples-cas-client
+ Spring Security - CAS Sample Client Web Application
+ war
+
+
+ org.springframework.security
+ spring-security-core
+ ${project.version}
+
+
+ org.springframework
+ spring-web
+
+
+ org.springframework
+ spring-webmvc
+ ${spring.version}
+
+
+ org.springframework
+ spring-jdbc
+ runtime
+
+
+ org.springframework
+ spring-aop
+ runtime
+
+
+ cas
+ casclient
+ 2.1.1
+
+
+ net.sf.ehcache
+ ehcache
+ 1.2.4
+ runtime
+
+
+ javax.servlet
+ jstl
+ 1.2
+ runtime
+
+
+ taglibs
+ standard
+ 1.0.6
+ runtime
+
+
+ org.slf4j
+ slf4j-log4j12
+ 1.4.3
+ runtime
+ true
+
+
+
+
+
+
+ org.apache.maven.plugins
+ maven-compiler-plugin
+
+ 1.5
+ 1.5
+
+
+
+ org.mortbay.jetty
+ maven-jetty-plugin
+ 6.1.7
+
+ /cas-sample
+
+
+ 8080
+ 8443
+
+
+ 8443
+ ../../certificates/server.jks
+ password
+ password
+ ../../certificates/server.jks
+ password
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/samples/cas/client/src/main/java/Dummy.java b/samples/cas/client/src/main/java/Dummy.java
new file mode 100644
index 0000000000..e8f5b26783
--- /dev/null
+++ b/samples/cas/client/src/main/java/Dummy.java
@@ -0,0 +1,7 @@
+/**
+ *
+ * @author Luke Taylor
+ * @version $Id$
+ */
+public class Dummy {
+}
diff --git a/samples/cas/client/src/main/webapp/WEB-INF/applicationContext-security.xml b/samples/cas/client/src/main/webapp/WEB-INF/applicationContext-security.xml
new file mode 100644
index 0000000000..880a968123
--- /dev/null
+++ b/samples/cas/client/src/main/webapp/WEB-INF/applicationContext-security.xml
@@ -0,0 +1,71 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/samples/cas/client/src/main/webapp/WEB-INF/classes/log4j.properties b/samples/cas/client/src/main/webapp/WEB-INF/classes/log4j.properties
new file mode 100644
index 0000000000..98c0a42aa6
--- /dev/null
+++ b/samples/cas/client/src/main/webapp/WEB-INF/classes/log4j.properties
@@ -0,0 +1,19 @@
+# Global logging configuration
+log4j.rootLogger=INFO, stdout, fileout
+
+log4j.logger.org.springframework.security=DEBUG, stdout, fileout
+
+# Console output...
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+log4j.appender.stdout.layout.conversionPattern=[%p,%c{1},%t] %m%n
+
+# Rolling log file output...
+log4j.appender.fileout=org.apache.log4j.RollingFileAppender
+log4j.appender.fileout.File=spring-security-cas-client.log
+log4j.appender.fileout.MaxFileSize=1024KB
+log4j.appender.fileout.MaxBackupIndex=1
+log4j.appender.fileout.layout=org.apache.log4j.PatternLayout
+log4j.appender.fileout.layout.conversionPattern=%d{ABSOLUTE} %5p %c{1},%t:%L - %m%n
+
+
diff --git a/samples/cas/client/src/main/webapp/WEB-INF/web.xml b/samples/cas/client/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 0000000000..b8d7877b73
--- /dev/null
+++ b/samples/cas/client/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,61 @@
+
+
+
+
+
+ Spring Security CAS Demo Application
+
+
+
+ contextConfigLocation
+
+ /WEB-INF/applicationContext-security.xml
+
+
+
+
+ log4jConfigLocation
+ /WEB-INF/classes/log4j.properties
+
+
+
+ _filterChainProxy
+ org.springframework.web.filter.DelegatingFilterProxy
+
+
+
+ _filterChainProxy
+ /*
+
+
+
+
+ org.springframework.web.context.ContextLoaderListener
+
+
+
+ org.springframework.web.util.Log4jConfigListener
+
+
+
+
+ org.springframework.security.ui.session.HttpSessionEventPublisher
+
+
+
diff --git a/samples/cas/client/src/main/webapp/casfailed.jsp b/samples/cas/client/src/main/webapp/casfailed.jsp
new file mode 100644
index 0000000000..3ff8466128
--- /dev/null
+++ b/samples/cas/client/src/main/webapp/casfailed.jsp
@@ -0,0 +1,18 @@
+<%@ page import="org.springframework.security.AuthenticationException" %>
+<%@ page import="org.springframework.security.ui.AbstractProcessingFilter" %>
+
+
+
+ Login to CAS failed!
+
+
+
+
Login to CAS failed!
+
+
+ Your CAS credentials were rejected.
+ Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
+
+
+
+
\ No newline at end of file
diff --git a/samples/cas/client/src/main/webapp/index.jsp b/samples/cas/client/src/main/webapp/index.jsp
new file mode 100644
index 0000000000..9f056599b6
--- /dev/null
+++ b/samples/cas/client/src/main/webapp/index.jsp
@@ -0,0 +1,11 @@
+
+
+
Home Page
+
Anyone can view this page.
+
+
Your principal object is....: <%= request.getUserPrincipal() %>
+
+
\ No newline at end of file
diff --git a/samples/cas/client/src/main/webapp/secure/extreme/index.jsp b/samples/cas/client/src/main/webapp/secure/extreme/index.jsp
new file mode 100644
index 0000000000..93f7a17cfc
--- /dev/null
+++ b/samples/cas/client/src/main/webapp/secure/extreme/index.jsp
@@ -0,0 +1,15 @@
+<%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags" %>
+
+
+
+
VERY Secure Page
+This is a protected page. You can only see me if you are a supervisor.
+
+
+ You have "ROLE_SUPERVISOR" (this text is surrounded by <authz:authorize> tags).
+
+
+
Logout
+
+
\ No newline at end of file
diff --git a/samples/cas/client/src/main/webapp/secure/index.jsp b/samples/cas/client/src/main/webapp/secure/index.jsp
new file mode 100644
index 0000000000..0c960942a7
--- /dev/null
+++ b/samples/cas/client/src/main/webapp/secure/index.jsp
@@ -0,0 +1,15 @@
+
+
+
Secure Page
+This is a protected page. You can get to me if you've been remembered,
+or if you've authenticated this session.
+
+<%if (request.isUserInRole("ROLE_SUPERVISOR")) { %>
+ You are a supervisor! You can therefore see the extremely secure page.