Added X.509 user to contacts with user name matching certificate email address.

samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java

@@ -50,6 +50,17 @@ public class DataSourcePopulator implements InitializingBean {
 
         JdbcTemplate template = new JdbcTemplate(dataSource);
 
+        try {
+            template.execute("DROP TABLE AUTHORITIES");
+            template.execute("DROP TABLE USERS");
+            template.execute("DROP TABLE ACL_PERMISSION");
+            template.execute("DROP TABLE ACL_OBJECT_IDENTITY");
+            template.execute("DROP TABLE CONTACTS");
+        } catch(Exception e) {
+            // ignored
+        }
+
+
         template.execute(
             "CREATE TABLE CONTACTS(ID INTEGER NOT NULL PRIMARY KEY, CONTACT_NAME VARCHAR_IGNORECASE(50) NOT NULL, EMAIL VARCHAR_IGNORECASE(50) NOT NULL)");
         template.execute(
@@ -118,6 +129,8 @@ public class DataSourcePopulator implements InitializingBean {
             "INSERT INTO acl_permission VALUES (null, 8, 'scott', 2);"); // read
         template.execute(
             "INSERT INTO acl_permission VALUES (null, 9, 'scott', 22);"); // read+write+delete
+        template.execute(
+            "INSERT INTO acl_permission VALUES (null, 8, 'luke@monkeymachine', 2);"); // read
         template.execute(
             "CREATE TABLE USERS(USERNAME VARCHAR_IGNORECASE(50) NOT NULL PRIMARY KEY,PASSWORD VARCHAR_IGNORECASE(50) NOT NULL,ENABLED BOOLEAN NOT NULL);");
         template.execute(
@@ -131,6 +144,8 @@ public class DataSourcePopulator implements InitializingBean {
                    Encoded password for dianne is "emu"
                    Encoded password for scott is "wombat"
                    Encoded password for peter is "opal" (but user is disabled)
+                   Encoded password for luke@monkeymachine is "monkey" (but this user is for the X.509 authentication example)
+
 
          */
         template.execute(
@@ -141,6 +156,8 @@ public class DataSourcePopulator implements InitializingBean {
             "INSERT INTO USERS VALUES('scott','2b58af6dddbd072ed27ffc86725d7d3a',TRUE);");
         template.execute(
             "INSERT INTO USERS VALUES('peter','22b5c9accc6e1ba628cedc63a72d57f8',FALSE);");
+        template.execute(
+            "INSERT INTO USERS VALUES('luke@monkeymachine','2f548f61bd37f628077e552ae1537be2',TRUE);");
         template.execute(
             "INSERT INTO AUTHORITIES VALUES('marissa','ROLE_USER');");
         template.execute(
@@ -149,5 +166,7 @@ public class DataSourcePopulator implements InitializingBean {
             "INSERT INTO AUTHORITIES VALUES('dianne','ROLE_USER');");
         template.execute("INSERT INTO AUTHORITIES VALUES('scott','ROLE_USER');");
         template.execute("INSERT INTO AUTHORITIES VALUES('peter','ROLE_USER');");
+        template.execute("INSERT INTO AUTHORITIES VALUES('luke@monkeymachine','ROLE_SUPERVISOR');");
+        template.execute("INSERT INTO AUTHORITIES VALUES('luke@monkeymachine','ROLE_USER');");
     }
 }

samples/contacts/src/main/webapp/x509/WEB-INF/applicationContext-acegi-security.xml

@@ -59,6 +59,7 @@
 
 	<bean id="x509AuthoritiesPopulator" class="net.sf.acegisecurity.providers.x509.populator.DaoX509AuthoritiesPopulator">
 		<property name="authenticationDao"><ref local="jdbcDaoImpl"/></property>
+        <property name="subjectDNRegex"><value>emailAddress=(.*?),</value></property>
 	</bean>
 
 	<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
@@ -70,7 +71,6 @@
 			<value>
 			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
 				\A/secure/.*\Z=REQUIRES_SECURE_CHANNEL
-				\A/j_acegi_cas_security_check.*\Z=REQUIRES_SECURE_CHANNEL	
 				\A.*\Z=REQUIRES_INSECURE_CHANNEL
 			</value>
 		</property>