diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/BankService.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/BankService.java
new file mode 100644
index 0000000000..7ac94560aa
--- /dev/null
+++ b/sandbox/spring-security-config/src/main/java/org/acegisecurity/BankService.java
@@ -0,0 +1,50 @@
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.acegisecurity;
+
+import org.acegisecurity.annotation.Secured;
+
+
+/**
+ * BankService sample using Java 5 Annotations.
+ *
+ * @author Mark St.Godard
+ * @version $Id: BankService.java 1496 2006-05-23 13:38:33Z benalex $
+ *
+ * @see org.acegisecurity.annotation.Secured
+ */
+@Secured({"ROLE_TELLER"})
+public interface BankService {
+ //~ Methods ========================================================================================================
+
+ /**
+ * Get the account balance.
+ *
+ * @param accountNumber The account number
+ *
+ * @return The balance
+ */
+ @Secured({"ROLE_PERMISSION_BALANCE"})
+ public float balance(String accountNumber);
+
+ /**
+ * List accounts
+ *
+ * @return The list of accounts
+ */
+ @Secured({"ROLE_PERMISSION_LIST"})
+ public String[] listAccounts();
+}
diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/BankServiceImpl.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/BankServiceImpl.java
new file mode 100644
index 0000000000..ea6c7bfc5a
--- /dev/null
+++ b/sandbox/spring-security-config/src/main/java/org/acegisecurity/BankServiceImpl.java
@@ -0,0 +1,34 @@
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.acegisecurity;
+
+/**
+ * BankService sample implementation.
+ *
+ * @author Mark St.Godard
+ * @version $Id: BankServiceImpl.java 1496 2006-05-23 13:38:33Z benalex $
+ */
+public class BankServiceImpl implements BankService {
+ //~ Methods ========================================================================================================
+
+ public float balance(String accountNumber) {
+ return 42000000;
+ }
+
+ public String[] listAccounts() {
+ return new String[] {"1", "2", "3"};
+ }
+}
diff --git a/sandbox/spring-security-config/src/main/java/org/acegisecurity/Main.java b/sandbox/spring-security-config/src/main/java/org/acegisecurity/Main.java
new file mode 100644
index 0000000000..8b51c9810d
--- /dev/null
+++ b/sandbox/spring-security-config/src/main/java/org/acegisecurity/Main.java
@@ -0,0 +1,77 @@
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.acegisecurity;
+
+import org.acegisecurity.AccessDeniedException;
+import org.acegisecurity.GrantedAuthority;
+import org.acegisecurity.GrantedAuthorityImpl;
+
+import org.acegisecurity.context.SecurityContextHolder;
+import org.acegisecurity.context.SecurityContextImpl;
+
+import org.acegisecurity.providers.TestingAuthenticationToken;
+
+import org.springframework.context.support.ClassPathXmlApplicationContext;
+
+
+/**
+ *
+DOCUMENT ME!
+ *
+ * @author Mark St.Godard
+ * @version $Id: Main.java 1496 2006-05-23 13:38:33Z benalex $
+ */
+public class Main {
+ //~ Methods ========================================================================================================
+
+ /**
+ * This can be done in a web app by using a filter or SpringMvcIntegrationInterceptor.
+ */
+ private static void createSecureContext() {
+ TestingAuthenticationToken auth = new TestingAuthenticationToken("test", "test",
+ new GrantedAuthority[] {
+ new GrantedAuthorityImpl("ROLE_TELLER"), new GrantedAuthorityImpl("ROLE_PERMISSION_LIST")
+ });
+
+ SecurityContextHolder.getContext().setAuthentication(auth);
+ }
+
+ private static void destroySecureContext() {
+ SecurityContextHolder.setContext(new SecurityContextImpl());
+ }
+
+ public static void main(String[] args) throws Exception {
+ createSecureContext();
+
+ ClassPathXmlApplicationContext context = new ClassPathXmlApplicationContext(
+ "org/acegisecurity/config/auto-config.xml");
+ BankService service = (BankService) context.getBean("bankService");
+
+ // will succeed
+ service.listAccounts();
+
+ // will fail
+ try {
+ System.out.println(
+ "We expect an AccessDeniedException now, as we do not hold the ROLE_PERMISSION_BALANCE granted authority, and we're using a unanimous access decision manager... ");
+ service.balance("1");
+ } catch (AccessDeniedException e) {
+ e.printStackTrace();
+ }
+
+ destroySecureContext();
+ }
+}
diff --git a/sandbox/spring-security-config/src/test/java/org/acegisecurity/BankTests.java b/sandbox/spring-security-config/src/test/java/org/acegisecurity/BankTests.java
new file mode 100644
index 0000000000..89a5dc63d4
--- /dev/null
+++ b/sandbox/spring-security-config/src/test/java/org/acegisecurity/BankTests.java
@@ -0,0 +1,99 @@
+/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.acegisecurity;
+
+import junit.framework.TestCase;
+
+import org.acegisecurity.AccessDeniedException;
+import org.acegisecurity.GrantedAuthority;
+import org.acegisecurity.GrantedAuthorityImpl;
+
+import org.acegisecurity.context.SecurityContextHolder;
+import org.acegisecurity.context.SecurityContextImpl;
+
+import org.acegisecurity.providers.TestingAuthenticationToken;
+import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
+
+import org.springframework.context.support.ClassPathXmlApplicationContext;
+
+
+
+
+/**
+ * Tests security objects.
+ *
+ * @author Ben Alex
+ * @version $Id: BankTests.java 1496 2006-05-23 13:38:33Z benalex $
+ */
+public class BankTests extends TestCase {
+ //~ Instance fields ================================================================================================
+
+ private BankService service;
+ private ClassPathXmlApplicationContext ctx;
+
+ //~ Constructors ===================================================================================================
+
+ public BankTests() {
+ super();
+ }
+
+ public BankTests(String arg0) {
+ super(arg0);
+ }
+
+ //~ Methods ========================================================================================================
+
+ private static void createSecureContext() {
+ UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("test", "test",
+ new GrantedAuthority[] {
+ new GrantedAuthorityImpl("ROLE_TELLER"), new GrantedAuthorityImpl("ROLE_PERMISSION_LIST")
+ });
+
+ SecurityContextHolder.getContext().setAuthentication(auth);
+ }
+
+ private static void destroySecureContext() {
+ SecurityContextHolder.setContext(new SecurityContextImpl());
+ }
+
+ public static void main(String[] args) {
+ junit.textui.TestRunner.run(BankTests.class);
+ }
+
+ public final void setUp() throws Exception {
+ super.setUp();
+ ctx = new ClassPathXmlApplicationContext("org/acegisecurity/config/auto-config.xml");
+ service = (BankService) ctx.getBean("bankService");
+ }
+
+ public void testDeniedAccess() throws Exception {
+ createSecureContext();
+
+ try {
+ service.balance("1");
+ fail("Should have thrown AccessDeniedException");
+ } catch (AccessDeniedException expected) {
+ assertTrue(true);
+ }
+ destroySecureContext();
+ }
+
+ public void testListAccounts() throws Exception {
+ createSecureContext();
+ service.listAccounts();
+ destroySecureContext();
+ }
+}