From fe4bbe0fbf421f735928782ab75080ea3305191f Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Tue, 24 Jul 2007 17:46:43 +0000
Subject: [PATCH] SEC-514: Refactoring contacts sample into single webapp.

---
 samples/contacts/pom.xml                      |  84 +++-
 ...pplicationContext-common-authorization.xml | 360 +++++++++---------
 .../applicationContext-common-business.xml    |  73 ++--
 .../webapp/{common => }/WEB-INF/.cvsignore    |   0
 ...applicationContext-acegi-security-cas.xml} | 104 +++--
 ...pplicationContext-acegi-security-ldap.xml} |  22 +-
 ...pplicationContext-acegi-security-x509.xml} |  16 +-
 .../applicationContext-acegi-security.xml     |  24 +-
 .../main/webapp/WEB-INF/contacts-servlet.xml  |  83 ++++
 .../webapp/{common => }/WEB-INF/jsp/add.jsp   |   0
 .../WEB-INF/jsp/addPermission.jsp             | 110 +++---
 .../WEB-INF/jsp/adminPermission.jsp           |  56 +--
 .../WEB-INF/jsp/deletePermission.jsp          |  34 +-
 .../{common => }/WEB-INF/jsp/deleted.jsp      |   0
 .../webapp/{common => }/WEB-INF/jsp/hello.jsp |   4 +-
 .../{common => }/WEB-INF/jsp/include.jsp      |   0
 .../webapp/{common => }/WEB-INF/jsp/index.jsp |   0
 .../{common => }/WEB-INF/remoting-servlet.xml |   4 +-
 .../webapp/{common => }/WEB-INF/spring.tld    |   0
 .../main/webapp/{ldap => }/WEB-INF/web.xml    |  38 +-
 .../main/webapp/{filter => }/accessDenied.jsp |  32 +-
 .../main/webapp/{filter => }/acegilogin.jsp   |   6 +-
 .../applicationContext-acegi-security.xml     |  70 ----
 .../WEB-INF/classes/resin-acegisecurity.xml   |  48 ---
 .../src/main/webapp/ca/WEB-INF/jboss-web.xml  |   7 -
 .../src/main/webapp/ca/WEB-INF/resin-web.xml  |  13 -
 .../src/main/webapp/ca/WEB-INF/web.xml        | 137 -------
 samples/contacts/src/main/webapp/ca/login.jsp |  46 ---
 .../src/main/webapp/cas/WEB-INF/web.xml       | 107 ------
 .../src/main/webapp/{cas => }/casfailed.jsp   |   6 +-
 .../common/WEB-INF/contacts-servlet.xml       |  87 -----
 .../src/main/webapp/{ldap => }/error.html     |   0
 .../src/main/webapp/{filter => }/exitUser.jsp |  12 +-
 .../src/main/webapp/filter/WEB-INF/web.xml    | 107 ------
 .../src/main/webapp/{common => }/index.jsp    |   0
 .../src/main/webapp/ldap/acegilogin.jsp       |  46 ---
 .../main/webapp/{common => }/secure/debug.jsp |   6 +-
 .../main/webapp/{filter => }/switchUser.jsp   |   5 +-
 .../src/main/webapp/x509/WEB-INF/web.xml      |  99 -----
 39 files changed, 608 insertions(+), 1238 deletions(-)
 rename samples/contacts/src/main/webapp/{common => }/WEB-INF/.cvsignore (100%)
 rename samples/contacts/src/main/webapp/{cas/WEB-INF/applicationContext-acegi-security.xml => WEB-INF/applicationContext-acegi-security-cas.xml} (71%)
 rename samples/contacts/src/main/webapp/{ldap/WEB-INF/applicationContext-acegi-security.xml => WEB-INF/applicationContext-acegi-security-ldap.xml} (94%)
 rename samples/contacts/src/main/webapp/{x509/WEB-INF/applicationContext-acegi-security.xml => WEB-INF/applicationContext-acegi-security-x509.xml} (98%)
 rename samples/contacts/src/main/webapp/{filter => }/WEB-INF/applicationContext-acegi-security.xml (96%)
 create mode 100644 samples/contacts/src/main/webapp/WEB-INF/contacts-servlet.xml
 rename samples/contacts/src/main/webapp/{common => }/WEB-INF/jsp/add.jsp (100%)
 rename samples/contacts/src/main/webapp/{common => }/WEB-INF/jsp/addPermission.jsp (97%)
 rename samples/contacts/src/main/webapp/{common => }/WEB-INF/jsp/adminPermission.jsp (96%)
 rename samples/contacts/src/main/webapp/{common => }/WEB-INF/jsp/deletePermission.jsp (95%)
 rename samples/contacts/src/main/webapp/{common => }/WEB-INF/jsp/deleted.jsp (100%)
 rename samples/contacts/src/main/webapp/{common => }/WEB-INF/jsp/hello.jsp (97%)
 rename samples/contacts/src/main/webapp/{common => }/WEB-INF/jsp/include.jsp (100%)
 rename samples/contacts/src/main/webapp/{common => }/WEB-INF/jsp/index.jsp (100%)
 rename samples/contacts/src/main/webapp/{common => }/WEB-INF/remoting-servlet.xml (95%)
 rename samples/contacts/src/main/webapp/{common => }/WEB-INF/spring.tld (100%)
 rename samples/contacts/src/main/webapp/{ldap => }/WEB-INF/web.xml (82%)
 rename samples/contacts/src/main/webapp/{filter => }/accessDenied.jsp (97%)
 rename samples/contacts/src/main/webapp/{filter => }/acegilogin.jsp (88%)
 delete mode 100644 samples/contacts/src/main/webapp/ca/WEB-INF/applicationContext-acegi-security.xml
 delete mode 100644 samples/contacts/src/main/webapp/ca/WEB-INF/classes/resin-acegisecurity.xml
 delete mode 100644 samples/contacts/src/main/webapp/ca/WEB-INF/jboss-web.xml
 delete mode 100644 samples/contacts/src/main/webapp/ca/WEB-INF/resin-web.xml
 delete mode 100644 samples/contacts/src/main/webapp/ca/WEB-INF/web.xml
 delete mode 100644 samples/contacts/src/main/webapp/ca/login.jsp
 delete mode 100644 samples/contacts/src/main/webapp/cas/WEB-INF/web.xml
 rename samples/contacts/src/main/webapp/{cas => }/casfailed.jsp (59%)
 delete mode 100644 samples/contacts/src/main/webapp/common/WEB-INF/contacts-servlet.xml
 rename samples/contacts/src/main/webapp/{ldap => }/error.html (100%)
 rename samples/contacts/src/main/webapp/{filter => }/exitUser.jsp (97%)
 delete mode 100644 samples/contacts/src/main/webapp/filter/WEB-INF/web.xml
 rename samples/contacts/src/main/webapp/{common => }/index.jsp (100%)
 delete mode 100644 samples/contacts/src/main/webapp/ldap/acegilogin.jsp
 rename samples/contacts/src/main/webapp/{common => }/secure/debug.jsp (98%)
 rename samples/contacts/src/main/webapp/{filter => }/switchUser.jsp (90%)
 delete mode 100644 samples/contacts/src/main/webapp/x509/WEB-INF/web.xml

diff --git a/samples/contacts/pom.xml b/samples/contacts/pom.xml
index f8c1a32cc5..e345dcc9d5 100644
--- a/samples/contacts/pom.xml
+++ b/samples/contacts/pom.xml
@@ -13,24 +13,86 @@
   <packaging>war</packaging>
 
   <dependencies>
+    <dependency>
+      <groupId>org.acegisecurity</groupId>
+      <artifactId>acegi-security</artifactId>
+      <version>${project.version}</version>
+    </dependency>
+    <dependency>
+        <groupId>org.springframework</groupId>
+        <artifactId>spring-webmvc</artifactId>
+        <version>${spring.version}</version>
+        <scope>compile</scope>
+    </dependency>
     <dependency>
       <groupId>javax.servlet</groupId>
       <artifactId>servlet-api</artifactId>
       <version>2.4</version>
       <scope>provided</scope>
     </dependency>
+    <dependency>
+      <groupId>net.sf.ehcache</groupId>
+      <artifactId>ehcache</artifactId>
+      <version>1.2.4</version>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>hessian</groupId>
+      <artifactId>hessian</artifactId>
+      <version>3.0.1</version>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>hsqldb</groupId>
+      <artifactId>hsqldb</artifactId>
+      <version>1.8.0.4</version>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>jstl</groupId>
+      <artifactId>jstl</artifactId>
+      <version>1.0</version>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>taglibs</groupId>
+      <artifactId>standard</artifactId>
+      <version>1.0.6</version>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-ldap</artifactId>
+      <version>1.1.2</version>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-mock</artifactId>
+      <version>${spring.version}</version>
+      <scope>test</scope>
+    </dependency>
   </dependencies>
 
-  <build>
-    <plugins>
-      <plugin>
-        <groupId>org.apache.maven.plugins</groupId>
-        <artifactId>maven-war-plugin</artifactId>
-        <configuration>
-          <webXml>src/main/webapp/filter/WEB-INF/web.xml</webXml>
-        </configuration>
-      </plugin>
-    </plugins>
-  </build>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-war-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.mortbay.jetty</groupId>
+                <artifactId>maven-jetty-plugin</artifactId>
+                <configuration>
+                <contextPath>/contacts</contextPath>
+                <!--jettyConfig>${basedir}/src/test/resources/jetty.xml</jettyConfig-->
+                <scanIntervalSeconds>10</scanIntervalSeconds>
+                <!--scanTargets>
+                    <scanTarget>src/main/webapp/css</scanTarget>
+                </scanTargets-->
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
 
 </project>
diff --git a/samples/contacts/src/main/resources/applicationContext-common-authorization.xml b/samples/contacts/src/main/resources/applicationContext-common-authorization.xml
index 28ca3d6195..05593ff3c3 100644
--- a/samples/contacts/src/main/resources/applicationContext-common-authorization.xml
+++ b/samples/contacts/src/main/resources/applicationContext-common-authorization.xml
@@ -11,204 +11,198 @@
 
 <beans>
 
-	<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
-		<property name="basenames">
-			<list>
-				<value>classpath:/org/acegisecurity/messages</value>
-			</list>
-		</property>
-	</bean>
+  <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
+    <property name="basenames">
+      <list>
+        <value>classpath:/org/acegisecurity/messages</value>
+      </list>
+    </property>
+  </bean>
 
-   <!-- ~~~~~~~~~~~~~~~~~~ "BEFORE INVOCATION" AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~ -->
+  <!-- ~~~~~~~~~~~~~~~~~~ "BEFORE INVOCATION" AUTHORIZATION DEFINITIONS ~~~~~~~~~~~~~~~~ -->
 
-   <!-- ACL permission masks used by this application -->
-   <bean id="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
-      <property name="staticField"><value>org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION</value></property>
-   </bean>
-   <bean id="org.acegisecurity.acls.domain.BasePermission.READ" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
-      <property name="staticField"><value>org.acegisecurity.acls.domain.BasePermission.READ</value></property>
-   </bean>
-   <bean id="org.acegisecurity.acls.domain.BasePermission.DELETE" class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
-      <property name="staticField"><value>org.acegisecurity.acls.domain.BasePermission.DELETE</value></property>
-   </bean>
+  <!-- ACL permission masks used by this application -->
+  <bean id="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"
+        class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
+    <property name="staticField" value="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
+  </bean>
+  <bean id="org.acegisecurity.acls.domain.BasePermission.READ"
+        class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
+    <property name="staticField" value="org.acegisecurity.acls.domain.BasePermission.READ"/>
+  </bean>
+  <bean id="org.acegisecurity.acls.domain.BasePermission.DELETE"
+        class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean">
+    <property name="staticField" value="org.acegisecurity.acls.domain.BasePermission.DELETE"/>
+  </bean>
 
 
-   <!-- An access decision voter that reads ROLE_* configuration settings -->
-   <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>
+  <!-- An access decision voter that reads ROLE_* configuration settings -->
+  <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/>
 
-   <!-- An access decision voter that reads ACL_CONTACT_READ configuration settings -->
-   <bean id="aclContactReadVoter" class="org.acegisecurity.vote.AclEntryVoter">
-      <constructor-arg>
-      	<ref bean="aclService"/>
-      </constructor-arg>
-      <constructor-arg>
-      	<value>ACL_CONTACT_READ</value>
-      </constructor-arg>
-      <constructor-arg>
-      	<list>
-          <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
-          <ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
-      	</list>
-      </constructor-arg>
-      <property name="processDomainObjectClass"><value>sample.contact.Contact</value></property>
-   </bean>
+  <!-- An access decision voter that reads ACL_CONTACT_READ configuration settings -->
+  <bean id="aclContactReadVoter" class="org.acegisecurity.vote.AclEntryVoter">
+    <constructor-arg ref="aclService"/>
+    <constructor-arg value="ACL_CONTACT_READ"/>
+    <constructor-arg>
+      <list>
+        <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
+        <ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
+      </list>
+    </constructor-arg>
+    <property name="processDomainObjectClass" value="sample.contact.Contact"/>
+  </bean>
 
-   <!-- An access decision voter that reads ACL_CONTACT_DELETE configuration settings -->
-   <bean id="aclContactDeleteVoter" class="org.acegisecurity.vote.AclEntryVoter">
-      <constructor-arg>
-      	<ref bean="aclService"/>
-      </constructor-arg>
-      <constructor-arg>
-      	<value>ACL_CONTACT_DELETE</value>
-      </constructor-arg>
-      <constructor-arg>
-      	<list>
-          <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
-          <ref local="org.acegisecurity.acls.domain.BasePermission.DELETE"/>
-      	</list>
-      </constructor-arg>
-      <property name="processDomainObjectClass"><value>sample.contact.Contact</value></property>
-   </bean>
+  <!-- An access decision voter that reads ACL_CONTACT_DELETE configuration settings -->
+  <bean id="aclContactDeleteVoter" class="org.acegisecurity.vote.AclEntryVoter">
+    <constructor-arg ref="aclService"/>
+    <constructor-arg value="ACL_CONTACT_DELETE"/>
+    <constructor-arg>
+      <list>
+        <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
+        <ref local="org.acegisecurity.acls.domain.BasePermission.DELETE"/>
+      </list>
+    </constructor-arg>
+    <property name="processDomainObjectClass" value="sample.contact.Contact"/>
+  </bean>
 
-   <!-- An access decision voter that reads ACL_CONTACT_ADMIN configuration settings -->
-   <bean id="aclContactAdminVoter" class="org.acegisecurity.vote.AclEntryVoter">
-      <constructor-arg>
-      	<ref bean="aclService"/>
-      </constructor-arg>
-      <constructor-arg>
-      	<value>ACL_CONTACT_ADMIN</value>
-      </constructor-arg>
-      <constructor-arg>
-      	<list>
-          <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
-      	</list>
-      </constructor-arg>
-      <property name="processDomainObjectClass"><value>sample.contact.Contact</value></property>
-   </bean>
+  <!-- An access decision voter that reads ACL_CONTACT_ADMIN configuration settings -->
+  <bean id="aclContactAdminVoter" class="org.acegisecurity.vote.AclEntryVoter">
+    <constructor-arg ref="aclService"/>
+    <constructor-arg value="ACL_CONTACT_ADMIN"/>
+    <constructor-arg>
+      <list>
+        <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
+      </list>
+    </constructor-arg>
+    <property name="processDomainObjectClass" value="sample.contact.Contact"/>
+  </bean>
 
-   <!-- An access decision manager used by the business objects -->
-   <bean id="businessAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
-      <property name="allowIfAllAbstainDecisions"><value>false</value></property>
-      <property name="decisionVoters">
-         <list>
-            <ref local="roleVoter"/>
-            <ref local="aclContactReadVoter"/>
-            <ref local="aclContactDeleteVoter"/>
-            <ref local="aclContactAdminVoter"/>
-         </list>
-      </property>
-   </bean>
+  <!-- An access decision manager used by the business objects -->
+  <bean id="businessAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
+    <property name="allowIfAllAbstainDecisions" value="false"/>
+    <property name="decisionVoters">
+      <list>
+        <ref local="roleVoter"/>
+        <ref local="aclContactReadVoter"/>
+        <ref local="aclContactDeleteVoter"/>
+        <ref local="aclContactAdminVoter"/>
+      </list>
+    </property>
+  </bean>
 
-   <!-- ========= ACCESS CONTROL LIST LOOKUP MANAGER DEFINITIONS ========= -->
+  <!-- ========= ACCESS CONTROL LIST LOOKUP MANAGER DEFINITIONS ========= -->
 
-	<bean id="aclCache" class="org.acegisecurity.acls.jdbc.EhCacheBasedAclCache">
-		<constructor-arg>
-		   <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
-		      <property name="cacheManager">
-				<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
-		      </property>
-		      <property name="cacheName">
-		         <value>aclCache</value>
-		      </property>
-		   </bean>
-		</constructor-arg>
-	</bean>
-    
-	<bean id="lookupStrategy" class="org.acegisecurity.acls.jdbc.BasicLookupStrategy">
-		<constructor-arg ref="dataSource"/>
-		<constructor-arg ref="aclCache"/>
-		<constructor-arg ref="aclAuthorizationStrategy"/>
-		<constructor-arg>
-			<bean class="org.acegisecurity.acls.domain.ConsoleAuditLogger"/>
-		</constructor-arg>
-	</bean>
-	
-	<bean id="aclAuthorizationStrategy" class="org.acegisecurity.acls.domain.AclAuthorizationStrategyImpl">
-		<constructor-arg>
-			<list>
-				<bean class="org.acegisecurity.GrantedAuthorityImpl">
-					<constructor-arg value="ROLE_ADMINISTRATOR"/>
-				</bean>
-				<bean class="org.acegisecurity.GrantedAuthorityImpl">
-					<constructor-arg value="ROLE_ADMINISTRATOR"/>
-				</bean>
-				<bean class="org.acegisecurity.GrantedAuthorityImpl">
-					<constructor-arg value="ROLE_ADMINISTRATOR"/>
-				</bean>
-			</list>
-		</constructor-arg>
-	</bean>
-	
-	<bean id="aclService" class="org.acegisecurity.acls.jdbc.JdbcMutableAclService">
-		<constructor-arg ref="dataSource"/>
-		<constructor-arg ref="lookupStrategy"/>
-		<constructor-arg ref="aclCache"/>
-	</bean>
+  <bean id="aclCache" class="org.acegisecurity.acls.jdbc.EhCacheBasedAclCache">
+    <constructor-arg>
+      <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
+        <property name="cacheManager">
+          <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
+        </property>
+        <property name="cacheName" value="aclCache"/>
+      </bean>
+    </constructor-arg>
+  </bean>
 
-   <!-- ============== "AFTER INTERCEPTION" AUTHORIZATION DEFINITIONS =========== -->
+  <bean id="lookupStrategy" class="org.acegisecurity.acls.jdbc.BasicLookupStrategy">
+    <constructor-arg ref="dataSource"/>
+    <constructor-arg ref="aclCache"/>
+    <constructor-arg ref="aclAuthorizationStrategy"/>
+    <constructor-arg>
+      <bean class="org.acegisecurity.acls.domain.ConsoleAuditLogger"/>
+    </constructor-arg>
+  </bean>
 
-   <bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager">
-      <property name="providers">
-         <list>
-            <ref local="afterAclRead"/>
-            <ref local="afterAclCollectionRead"/>
-         </list>
-      </property>
-   </bean>
-   
-   <!-- Processes AFTER_ACL_COLLECTION_READ configuration settings -->
-   <bean id="afterAclCollectionRead" class="org.acegisecurity.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider">
-      <constructor-arg>
-      	<ref bean="aclService"/>
-      </constructor-arg>
-      <constructor-arg>
-      	<list>
-          <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
-          <ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
-      	</list>
-      </constructor-arg>
-   </bean>
-   
-   <!-- Processes AFTER_ACL_READ configuration settings -->
-   <bean id="afterAclRead" class="org.acegisecurity.afterinvocation.AclEntryAfterInvocationProvider">
-      <constructor-arg>
-      	<ref bean="aclService"/>
-      </constructor-arg>
-      <constructor-arg>
-      	<list>
-          <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
-          <ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
-      	</list>
-      </constructor-arg>
-   </bean>
+  <bean id="aclAuthorizationStrategy" class="org.acegisecurity.acls.domain.AclAuthorizationStrategyImpl">
+    <constructor-arg>
+      <list>
+        <bean class="org.acegisecurity.GrantedAuthorityImpl">
+          <constructor-arg value="ROLE_ADMINISTRATOR"/>
+        </bean>
+        <bean class="org.acegisecurity.GrantedAuthorityImpl">
+          <constructor-arg value="ROLE_ADMINISTRATOR"/>
+        </bean>
+        <bean class="org.acegisecurity.GrantedAuthorityImpl">
+          <constructor-arg value="ROLE_ADMINISTRATOR"/>
+        </bean>
+      </list>
+    </constructor-arg>
+  </bean>
 
-   <!-- ================= METHOD INVOCATION AUTHORIZATION ==================== -->
+  <bean id="aclService" class="org.acegisecurity.acls.jdbc.JdbcMutableAclService">
+    <constructor-arg ref="dataSource"/>
+    <constructor-arg ref="lookupStrategy"/>
+    <constructor-arg ref="aclCache"/>
+  </bean>
 
-   <!-- getRandomContact() is public.
+  <!-- ============== "AFTER INTERCEPTION" AUTHORIZATION DEFINITIONS =========== -->
 
-    The create, getAll, getById etc have ROLE_USER to ensure user is
-    authenticated (all users hold ROLE_USER in this application).
+  <bean id="afterInvocationManager" class="org.acegisecurity.afterinvocation.AfterInvocationProviderManager">
+    <property name="providers">
+      <list>
+        <ref local="afterAclRead"/>
+        <ref local="afterAclCollectionRead"/>
+      </list>
+    </property>
+  </bean>
 
-    The delete and update methods don't need a ROLE_USER as they will
-    ensure the user is authenticated via their ACL_CONTACT_DELETE or
-    ACL_CONTACT_READ attribute, which also ensures the user has permission
-    to the Contact presented as a method argument.
-    -->
-   <bean id="contactManagerSecurity" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
-      <property name="authenticationManager"><ref bean="authenticationManager"/></property>
-      <property name="accessDecisionManager"><ref local="businessAccessDecisionManager"/></property>
-      <property name="afterInvocationManager"><ref local="afterInvocationManager"/></property>
-      <property name="objectDefinitionSource">
-         <value>
-            sample.contact.ContactManager.create=ROLE_USER
-            sample.contact.ContactManager.getAllRecipients=ROLE_USER
-            sample.contact.ContactManager.getAll=ROLE_USER,AFTER_ACL_COLLECTION_READ
-            sample.contact.ContactManager.getById=ROLE_USER,AFTER_ACL_READ
-            sample.contact.ContactManager.delete=ACL_CONTACT_DELETE
-            sample.contact.ContactManager.deletePermission=ACL_CONTACT_ADMIN
-            sample.contact.ContactManager.addPermission=ACL_CONTACT_ADMIN
-         </value>
-      </property>
-   </bean>
+  <!-- Processes AFTER_ACL_COLLECTION_READ configuration settings -->
+  <bean id="afterAclCollectionRead"
+        class="org.acegisecurity.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider">
+    <constructor-arg>
+      <ref bean="aclService"/>
+    </constructor-arg>
+    <constructor-arg>
+      <list>
+        <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
+        <ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
+      </list>
+    </constructor-arg>
+  </bean>
+
+  <!-- Processes AFTER_ACL_READ configuration settings -->
+  <bean id="afterAclRead" class="org.acegisecurity.afterinvocation.AclEntryAfterInvocationProvider">
+    <constructor-arg>
+      <ref bean="aclService"/>
+    </constructor-arg>
+    <constructor-arg>
+      <list>
+        <ref local="org.acegisecurity.acls.domain.BasePermission.ADMINISTRATION"/>
+        <ref local="org.acegisecurity.acls.domain.BasePermission.READ"/>
+      </list>
+    </constructor-arg>
+  </bean>
+
+  <!-- ================= METHOD INVOCATION AUTHORIZATION ==================== -->
+
+  <!-- getRandomContact() is public.
+
+  The create, getAll, getById etc have ROLE_USER to ensure user is
+  authenticated (all users hold ROLE_USER in this application).
+
+  The delete and update methods don't need a ROLE_USER as they will
+  ensure the user is authenticated via their ACL_CONTACT_DELETE or
+  ACL_CONTACT_READ attribute, which also ensures the user has permission
+  to the Contact presented as a method argument.
+  -->
+  <bean id="contactManagerSecurity" class="org.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor">
+    <property name="authenticationManager" ref="authenticationManager"/>
+    <property name="accessDecisionManager">
+      <ref local="businessAccessDecisionManager"/>
+    </property>
+    <property name="afterInvocationManager">
+      <ref local="afterInvocationManager"/>
+    </property>
+    <property name="objectDefinitionSource">
+      <value>
+        sample.contact.ContactManager.create=ROLE_USER
+        sample.contact.ContactManager.getAllRecipients=ROLE_USER
+        sample.contact.ContactManager.getAll=ROLE_USER,AFTER_ACL_COLLECTION_READ
+        sample.contact.ContactManager.getById=ROLE_USER,AFTER_ACL_READ
+        sample.contact.ContactManager.delete=ACL_CONTACT_DELETE
+        sample.contact.ContactManager.deletePermission=ACL_CONTACT_ADMIN
+        sample.contact.ContactManager.addPermission=ACL_CONTACT_ADMIN
+      </value>
+    </property>
+  </bean>
 
 </beans>
diff --git a/samples/contacts/src/main/resources/applicationContext-common-business.xml b/samples/contacts/src/main/resources/applicationContext-common-business.xml
index 303d572dd2..082f1ff93c 100644
--- a/samples/contacts/src/main/resources/applicationContext-common-business.xml
+++ b/samples/contacts/src/main/resources/applicationContext-common-business.xml
@@ -11,38 +11,29 @@
 
 <beans>
 
-    <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
-        <property name="driverClassName">
-            <value>org.hsqldb.jdbcDriver</value>
-        </property>
-        <property name="url">
-            <value>jdbc:hsqldb:mem:test</value>
-            <!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
-        </property>
-        <property name="username">
-            <value>sa</value>
-        </property>
-        <property name="password">
-            <value></value>
-        </property>
-    </bean>
-	
+  <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
+      <property name="driverClassName" value="org.hsqldb.jdbcDriver"/>
+      <property name="url" value="jdbc:hsqldb:mem:test"/> <!-- <value>jdbc:hsqldb:hsql://localhost/acl</value> -->
+      <property name="username" value="sa"/>
+      <property name="password" value=""/>
+  </bean>
+
 	<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
 		<property name="dataSource"><ref local="dataSource"/></property>
 	</bean>
-	
+
 	<bean id="transactionInterceptor" class="org.springframework.transaction.interceptor.TransactionInterceptor">
-    	<property name="transactionManager"><ref bean="transactionManager"/></property>
+    <property name="transactionManager"><ref local="transactionManager"/></property>
 		<property name="transactionAttributeSource">
-			<value>
-				sample.contact.ContactManager.create=PROPAGATION_REQUIRED
-				sample.contact.ContactManager.getAllRecipients=PROPAGATION_REQUIRED,readOnly
-				sample.contact.ContactManager.getAll=PROPAGATION_REQUIRED,readOnly
-				sample.contact.ContactManager.getById=PROPAGATION_REQUIRED,readOnly
-				sample.contact.ContactManager.delete=PROPAGATION_REQUIRED
-				sample.contact.ContactManager.deletePermission=PROPAGATION_REQUIRED
-				sample.contact.ContactManager.addPermission=PROPAGATION_REQUIRED
-			</value>
+      <value>
+        sample.contact.ContactManager.create=PROPAGATION_REQUIRED
+        sample.contact.ContactManager.getAllRecipients=PROPAGATION_REQUIRED,readOnly
+        sample.contact.ContactManager.getAll=PROPAGATION_REQUIRED,readOnly
+        sample.contact.ContactManager.getById=PROPAGATION_REQUIRED,readOnly
+        sample.contact.ContactManager.delete=PROPAGATION_REQUIRED
+        sample.contact.ContactManager.deletePermission=PROPAGATION_REQUIRED
+        sample.contact.ContactManager.addPermission=PROPAGATION_REQUIRED
+      </value>
 		</property>
 	</bean>
 
@@ -51,25 +42,25 @@
 	   <property name="mutableAclService" ref="aclService"/>
 	   <property name="platformTransactionManager" ref="transactionManager"/>
    </bean>
-   
-   <bean id="contactDao" class="sample.contact.ContactDaoSpring">
-	   <property name="dataSource"><ref local="dataSource"/></property>
-   </bean>
 
    <bean id="contactManager" class="org.springframework.aop.framework.ProxyFactoryBean">
-      <property name="proxyInterfaces"><value>sample.contact.ContactManager</value></property>
-      <property name="interceptorNames">
-         <list>
-            <idref local="transactionInterceptor"/>
-            <idref bean="contactManagerSecurity"/>
-            <idref local="contactManagerTarget"/>
-         </list>
-      </property>
+     <property name="proxyInterfaces" value="sample.contact.ContactManager"/>
+     <property name="interceptorNames">
+       <list>
+         <idref local="transactionInterceptor"/>
+         <idref bean="contactManagerSecurity"/>
+         <idref local="contactManagerTarget"/>
+       </list>
+     </property>
    </bean>
 
    <bean id="contactManagerTarget" class="sample.contact.ContactManagerBackend">
-	   <property name="contactDao"><ref local="contactDao"/></property>
-	   <property name="mutableAclService"><ref bean="aclService"/></property>
+	   <property name="contactDao">
+       <bean class="sample.contact.ContactDaoSpring">
+	       <property name="dataSource"><ref local="dataSource"/></property>
+       </bean>
+     </property>
+     <property name="mutableAclService" ref="aclService"/>
    </bean>
 
 </beans>
diff --git a/samples/contacts/src/main/webapp/common/WEB-INF/.cvsignore b/samples/contacts/src/main/webapp/WEB-INF/.cvsignore
similarity index 100%
rename from samples/contacts/src/main/webapp/common/WEB-INF/.cvsignore
rename to samples/contacts/src/main/webapp/WEB-INF/.cvsignore
diff --git a/samples/contacts/src/main/webapp/cas/WEB-INF/applicationContext-acegi-security.xml b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-cas.xml
similarity index 71%
rename from samples/contacts/src/main/webapp/cas/WEB-INF/applicationContext-acegi-security.xml
rename to samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-cas.xml
index eaabf39df2..a3522f576e 100644
--- a/samples/contacts/src/main/webapp/cas/WEB-INF/applicationContext-acegi-security.xml
+++ b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-cas.xml
@@ -7,48 +7,47 @@
   -
   - Only used by "cas" artifact.
   -
-  - $Id$
+  - $Id: applicationContext-acegi-security.xml 1409 2006-04-26 23:36:03Z benalex $
   -->
 
 <beans>
 
    <!-- ======================== FILTER CHAIN ======================= -->
 
-	<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
-      <property name="filterInvocationDefinitionSource">
-         <value>
-		    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-		    PATTERN_TYPE_APACHE_ANT
-            /**=channelProcessingFilter,httpSessionContextIntegrationFilter,logoutFilter,casProcessingFilter,basicProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
-         </value>
-      </property>
-    </bean>
+  <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
+    <property name="filterInvocationDefinitionSource">
+      <value>
+        CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
+        PATTERN_TYPE_APACHE_ANT
+        /**=channelProcessingFilter,httpSessionContextIntegrationFilter,logoutFilter,casProcessingFilter,basicProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
+      </value>
+    </property>
+  </bean>
 
-   <!-- ======================== AUTHENTICATION ======================= -->
+  <!-- ======================== AUTHENTICATION ======================= -->
 
-   <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
-      <property name="providers">
-         <list>
-		    <ref local="casAuthenticationProvider"/>
-         </list>
-      </property>
-   </bean>
+  <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
+    <property name="providers">
+      <list>
+        <ref local="casAuthenticationProvider"/>
+      </list>
+    </property>
+  </bean>
 
-   <bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
-      <property name="dataSource"><ref bean="dataSource"/></property>
-   </bean>
+  <bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
+    <property name="dataSource" ref="dataSource"/>
+  </bean>
 
-   <bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
-      <property name="authenticationManager"><ref local="authenticationManager"/></property>
-      <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
-   </bean>
+  <bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter">
+    <property name="authenticationManager"><ref local="authenticationManager"/></property>
+    <property name="authenticationEntryPoint"><ref local="basicProcessingFilterEntryPoint"/></property>
+  </bean>
 
-   <bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
-      <property name="realmName"><value>Contacts Realm</value></property>
-   </bean>
+  <bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint">
+    <property name="realmName"><value>Contacts Realm</value></property>
+  </bean>
 
-   <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
-   </bean>
+  <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
 
 	<bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider">
 		<property name="casAuthoritiesPopulator"><ref local="casAuthoritiesPopulator"/></property>
@@ -59,23 +58,19 @@
 	</bean>
 
 	<bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">
-		<property name="casValidate"><value>https://localhost:8443/cas/proxyValidate</value></property>
-		<property name="proxyCallbackUrl"><value>https://localhost:8443/contacts-cas/casProxy/receptor</value></property>
+		<property name="casValidate" value="https://localhost:8443/cas/proxyValidate"/>
+		<property name="proxyCallbackUrl" value="https://localhost:8443/contacts-cas/casProxy/receptor"/>
 		<property name="serviceProperties"><ref local="serviceProperties"/></property>
         <!-- <property name="trustStore"><value>/some/path/to/your/lib/security/cacerts</value></property> -->
 	</bean>
 
-    <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
-    
-    <bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
-       <property name="cacheManager">
-          <ref local="cacheManager"/>
-       </property>
-       <property name="cacheName">
-          <value>ticketCache</value>
-       </property>
-    </bean>
-   
+  <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
+
+  <bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
+    <property name="cacheManager"><ref local="cacheManager"/></property>
+    <property name="cacheName" value="ticketCache"/>
+  </bean>
+
 	<bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache">
       <property name="cache"><ref local="ticketCacheBackend"/></property>
 	</bean>
@@ -84,12 +79,11 @@
 		<property name="userDetailsService"><ref local="jdbcDaoImpl"/></property>
 	</bean>
 
-	<bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets">
-	</bean>
+	<bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets"/>
 
 	<bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties">
-		<property name="service"><value>https://localhost:8443/contacts-cas/j_acegi_cas_security_check</value></property>
-		<property name="sendRenew"><value>false</value></property>
+		<property name="service" value="https://localhost:8443/contacts-cas/j_acegi_cas_security_check"/>
+		<property name="sendRenew" value="false"/>
 	</bean>
 
 	<!-- note logout has little impact, due to CAS reauthentication functionality (it will cause a refresh of the authentication though) -->
@@ -104,7 +98,7 @@
 
 
 	<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
-	
+
 	<!-- Enabled by default for CAS, as a CAS deployment uses HTTPS -->
 	<bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter">
 		<property name="channelDecisionManager"><ref local="channelDecisionManager"/></property>
@@ -112,7 +106,7 @@
 			<value>
 			    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
 				\A/secure/.*\Z=REQUIRES_SECURE_CHANNEL
-				\A/j_acegi_cas_security_check.*\Z=REQUIRES_SECURE_CHANNEL	
+				\A/j_acegi_cas_security_check.*\Z=REQUIRES_SECURE_CHANNEL
 				\A.*\Z=REQUIRES_INSECURE_CHANNEL
 			</value>
 		</property>
@@ -171,24 +165,24 @@
 			</value>
 		</property>
 	</bean>
-	
+
 	<!-- BASIC Regular Expression Syntax (for beginners):
-	     
+
 	     \A means the start of the string (ie the beginning of the URL)
 	     \Z means the end of the string (ie the end of the URL)
 	     .  means any single character
 	     *  means null or any number of repetitions of the last expression (so .* means zero or more characters)
-	     
+
 	     Some examples:
-	     
+
 	     Expression:   \A/my/directory/.*\Z
 	     Would match:    /my/directory/
 	                     /my/directory/hello.html
-	     
+
 	     Expression:   \A/.*\Z
 	     Would match:    /hello.html
 	                     /
-	     
+
 	     Expression:   \A/.*/secret.html\Z
 	     Would match:    /some/directory/secret.html
 	                     /another/secret.html
diff --git a/samples/contacts/src/main/webapp/ldap/WEB-INF/applicationContext-acegi-security.xml b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-ldap.xml
similarity index 94%
rename from samples/contacts/src/main/webapp/ldap/WEB-INF/applicationContext-acegi-security.xml
rename to samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-ldap.xml
index 5d8bc5bd99..23cff61740 100644
--- a/samples/contacts/src/main/webapp/ldap/WEB-INF/applicationContext-acegi-security.xml
+++ b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-ldap.xml
@@ -7,7 +7,7 @@
   -
   - Only used by "ldap" artifact.
   -
-  - $Id$
+  - $Id: applicationContext-acegi-security.xml 1468 2006-05-20 17:50:51Z luke_t $
   -->
 
 <beans>
@@ -37,9 +37,9 @@
    </bean>
 
    <bean id="initialDirContextFactory" class="org.acegisecurity.ldap.DefaultInitialDirContextFactory">
-     <constructor-arg value="ldap://monkeymachine:389/dc=acegisecurity,dc=org"/>
-     <property name="managerDn"><value>cn=manager,dc=acegisecurity,dc=org</value></property>
-     <property name="managerPassword"><value>acegisecurity</value></property>
+     <constructor-arg value="ldap://monkeymachine.co.uk:389/dc=acegisecurity,dc=org"/>
+     <property name="managerDn" value="cn=manager,dc=acegisecurity,dc=org" />
+     <property name="managerPassword" value="acegisecurity"/>
    </bean>
 
    <bean id="ldapAuthenticationProvider" class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider">
@@ -115,28 +115,28 @@
 			  </value>
 		  </property>
 	 </bean>
-	
+
 	<!-- BASIC Regular Expression Syntax (for beginners):
-	     
+
 	     \A means the start of the string (ie the beginning of the URL)
 	     \Z means the end of the string (ie the end of the URL)
 	     .  means any single character
 	     *  means null or any number of repetitions of the last expression (so .* means zero or more characters)
-	     
+
 	     Some examples:
-	     
+
 	     Expression:   \A/my/directory/.*\Z
 	     Would match:    /my/directory/
 	                     /my/directory/hello.html
-	     
+
 	     Expression:   \A/.*\Z
 	     Would match:    /hello.html
 	                     /
-	     
+
 	     Expression:   \A/.*/secret.html\Z
 	     Would match:    /some/directory/secret.html
 	                     /another/secret.html
 	     Not match:      /anothersecret.html (missing required /)
-	-->    
+	-->
 
 </beans>
diff --git a/samples/contacts/src/main/webapp/x509/WEB-INF/applicationContext-acegi-security.xml b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-x509.xml
similarity index 98%
rename from samples/contacts/src/main/webapp/x509/WEB-INF/applicationContext-acegi-security.xml
rename to samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-x509.xml
index 8fb89e398b..54c9e3ec86 100644
--- a/samples/contacts/src/main/webapp/x509/WEB-INF/applicationContext-acegi-security.xml
+++ b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security-x509.xml
@@ -7,7 +7,7 @@
   -
   - Only used by "x509" artifact.
   -
-  - $Id$
+  - $Id: applicationContext-acegi-security.xml 1409 2006-04-26 23:36:03Z benalex $
   -->
 
 <beans>
@@ -87,7 +87,7 @@
 
 
 	<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
-	
+
 	<!-- Enabled by default for X.509 (obviously) -->
 	<bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter">
 		<property name="channelDecisionManager"><ref local="channelDecisionManager"/></property>
@@ -148,24 +148,24 @@
 			</value>
 		</property>
 	</bean>
-	
+
 	<!-- BASIC Regular Expression Syntax (for beginners):
-	     
+
 	     \A means the start of the string (ie the beginning of the URL)
 	     \Z means the end of the string (ie the end of the URL)
 	     .  means any single character
 	     *  means null or any number of repetitions of the last expression (so .* means zero or more characters)
-	     
+
 	     Some examples:
-	     
+
 	     Expression:   \A/my/directory/.*\Z
 	     Would match:    /my/directory/
 	                     /my/directory/hello.html
-	     
+
 	     Expression:   \A/.*\Z
 	     Would match:    /hello.html
 	                     /
-	     
+
 	     Expression:   \A/.*/secret.html\Z
 	     Would match:    /some/directory/secret.html
 	                     /another/secret.html
diff --git a/samples/contacts/src/main/webapp/filter/WEB-INF/applicationContext-acegi-security.xml b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
similarity index 96%
rename from samples/contacts/src/main/webapp/filter/WEB-INF/applicationContext-acegi-security.xml
rename to samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
index ce8adddd9d..9de26a1c66 100644
--- a/samples/contacts/src/main/webapp/filter/WEB-INF/applicationContext-acegi-security.xml
+++ b/samples/contacts/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
@@ -7,7 +7,7 @@
   -
   - Only used by "filter" artifact.
   -
-  - $Id$
+  - $Id: applicationContext-acegi-security.xml 1425 2006-04-28 06:43:50Z benalex $
   -->
 
 <beans>
@@ -21,7 +21,7 @@
          <value>
 		    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
 		    PATTERN_TYPE_APACHE_ANT
-            /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor,switchUserProcessingFilter
+            /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,switchUserProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
          </value>
       </property>
     </bean>
@@ -46,12 +46,12 @@
 
    <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
       <property name="userDetailsService"><ref local="jdbcDaoImpl"/></property>
-      <property name="userCache"><ref local="userCache"/></property>
+<!--      <property name="userCache"><ref local="userCache"/></property> -->
       <property name="passwordEncoder"><ref local="passwordEncoder"/></property>
    </bean>
-
+<!--
    <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
-    
+
    <bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
       <property name="cacheManager">
          <ref local="cacheManager"/>
@@ -60,11 +60,11 @@
          <value>userCache</value>
       </property>
    </bean>
-   
+
    <bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
       <property name="cache"><ref local="userCacheBackend"/></property>
    </bean>
-
+-->
    <!-- Automatically receives AuthenticationEvent messages -->
    <bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/>
 
@@ -98,11 +98,11 @@
       <property name="userDetailsService"><ref local="jdbcDaoImpl"/></property>
       <property name="key"><value>springRocks</value></property>
    </bean>
-   
+
    <bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
       <property name="key"><value>springRocks</value></property>
    </bean>
-   
+
    <bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
       <constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
       <constructor-arg>
@@ -112,7 +112,7 @@
          </list>
       </constructor-arg>
    </bean>
-   
+
    <bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>
 
    <!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
@@ -199,7 +199,7 @@
       </property>
    </bean>
 
-   <!-- Filter used to switch the user context. Note: the switch and exit url must be secured 
+   <!-- Filter used to switch the user context. Note: the switch and exit url must be secured
         based on the role granted the ability to 'switch' to another user -->
    <!-- In this example 'marissa' has ROLE_SUPERVISOR that can switch to regular ROLE_USER(s) -->
    <bean id="switchUserProcessingFilter" class="org.acegisecurity.ui.switchuser.SwitchUserProcessingFilter">
@@ -207,6 +207,6 @@
 	  <property name="switchUserUrl"><value>/j_acegi_switch_user</value></property>
 	  <property name="exitUserUrl"><value>/j_acegi_exit_user</value></property>
 	  <property name="targetUrl"><value>/acegi-security-sample-contacts-filter/secure/index.htm</value></property>
-   </bean>    
+   </bean>
 
 </beans>
diff --git a/samples/contacts/src/main/webapp/WEB-INF/contacts-servlet.xml b/samples/contacts/src/main/webapp/WEB-INF/contacts-servlet.xml
new file mode 100644
index 0000000000..3fe00d250c
--- /dev/null
+++ b/samples/contacts/src/main/webapp/WEB-INF/contacts-servlet.xml
@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+
+<!--
+  - Application context definition for "contacts" DispatcherServlet.
+  -
+  - $Id: contacts-servlet.xml 1754 2006-11-17 02:01:21Z benalex $
+  -->
+
+<beans>
+
+	<!-- ========================== WEB DEFINITIONS ======================= -->
+
+  <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
+    <property name="basename" value="messages"/>
+  </bean>
+
+  <bean id="publicIndexController" class="sample.contact.PublicIndexController">
+    <property name="contactManager" ref="contactManager"/>
+  </bean>
+
+  <bean id="secureIndexController" class="sample.contact.SecureIndexController">
+    <property name="contactManager" ref="contactManager"/>
+  </bean>
+
+  <bean id="secureDeleteController" class="sample.contact.DeleteController">
+    <property name="contactManager" ref="contactManager"/>
+  </bean>
+
+  <bean id="adminPermissionController" class="sample.contact.AdminPermissionController">
+    <property name="contactManager" ref="contactManager"/>
+    <property name="aclService" ref="aclService"/>
+  </bean>
+
+  <bean id="deletePermissionController" class="sample.contact.DeletePermissionController">
+    <property name="contactManager" ref="contactManager"/>
+    <property name="aclService" ref="aclService"/>
+  </bean>
+
+  <bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
+    <property name="mappings">
+      <props>
+        <prop key="/hello.htm">publicIndexController</prop>
+        <prop key="/secure/add.htm">secureAddForm</prop>
+        <prop key="/secure/index.htm">secureIndexController</prop>
+        <prop key="/secure/del.htm">secureDeleteController</prop>
+        <prop key="/secure/adminPermission.htm">adminPermissionController</prop>
+        <prop key="/secure/deletePermission.htm">deletePermissionController</prop>
+        <prop key="/secure/addPermission.htm">addPermissionForm</prop>
+      </props>
+    </property>
+  </bean>
+
+  <bean id="secureAddForm" class="sample.contact.WebContactAddController">
+    <property name="sessionForm" value="true"/>
+    <property name="commandName" value="webContact"/>
+    <property name="commandClass" value="sample.contact.WebContact"/>
+    <property name="validator">
+      <bean id="addValidator" class="sample.contact.WebContactValidator"/>
+    </property>
+    <property name="formView" value="add"/>
+    <property name="successView" value="index.htm"/>
+    <property name="contactManager" ref="contactManager"/>
+  </bean>
+
+  <bean id="addPermissionForm" class="sample.contact.AddPermissionController">
+    <property name="sessionForm" value="true"/>
+    <property name="commandName" value="addPermission"/>
+    <property name="commandClass" value="sample.contact.AddPermission"/>
+    <property name="validator">
+      <bean id="addPermissionValidator" class="sample.contact.AddPermissionValidator"/>
+    </property>
+    <property name="formView" value="addPermission"/>
+    <property name="successView" value="index.htm"/>
+    <property name="contactManager" ref="contactManager"/>
+  </bean>
+
+	<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
+		<property name="prefix" value="/WEB-INF/jsp/"/>
+		<property name="suffix" value=".jsp"/>
+	</bean>
+
+</beans>
diff --git a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/add.jsp b/samples/contacts/src/main/webapp/WEB-INF/jsp/add.jsp
similarity index 100%
rename from samples/contacts/src/main/webapp/common/WEB-INF/jsp/add.jsp
rename to samples/contacts/src/main/webapp/WEB-INF/jsp/add.jsp
diff --git a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/addPermission.jsp b/samples/contacts/src/main/webapp/WEB-INF/jsp/addPermission.jsp
similarity index 97%
rename from samples/contacts/src/main/webapp/common/WEB-INF/jsp/addPermission.jsp
rename to samples/contacts/src/main/webapp/WEB-INF/jsp/addPermission.jsp
index 96f7d76120..52c05365ec 100644
--- a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/addPermission.jsp
+++ b/samples/contacts/src/main/webapp/WEB-INF/jsp/addPermission.jsp
@@ -1,55 +1,55 @@
-<%@ include file="/WEB-INF/jsp/include.jsp" %>
-<html>
-<head><title>Add Permission</title></head>
-<body>
-<h1>Add Permission</h1>
-<form method="post">
-  <table width="95%" bgcolor="f8f8ff" border="0" cellspacing="0" cellpadding="5">
-    <tr>
-      <td alignment="right" width="20%">Contact:</td>
-      <td width="60%"><c:out value="${addPermission.contact}"/></td>
-    </tr>
-    <tr>
-      <td alignment="right" width="20%">Recipient:</td>
-      <spring:bind path="addPermission.recipient">
-        <td width="20%">
-		    <select name="<c:out value="${status.expression}"/>">
-		      <c:forEach var="thisRecipient" items="${recipients}">
-		        <option <c:if test="${thisRecipient.key == status.value}">selected</c:if> value="<c:out value="${thisRecipient.key}"/>">
-		        <c:out value="${thisRecipient.value}"/></option>
-			    </c:forEach>
-		    </select>
-        </td>
-        <td width="60%">
-          <font color="red"><c:out value="${status.errorMessage}"/></font>
-        </td>
-      </spring:bind>
-    </tr>
-    <tr>
-      <td alignment="right" width="20%">Permission:</td>
-      <spring:bind path="addPermission.permission">
-        <td width="20%">
-		    <select name="<c:out value="${status.expression}"/>">
-		      <c:forEach var="thisPermission" items="${permissions}">
-		        <option <c:if test="${thisPermission.key == status.value}">selected</c:if> value="<c:out value="${thisPermission.key}"/>">
-		        <c:out value="${thisPermission.value}"/></option>
-			    </c:forEach>
-		    </select>
-        </td>
-        <td width="60%">
-          <font color="red"><c:out value="${status.errorMessage}"/></font>
-        </td>
-      </spring:bind>
-    </tr>
-  </table>
-  <br>
-  <spring:hasBindErrors name="webContact">
-    <b>Please fix all errors!</b>
-  </spring:hasBindErrors>
-  <br><br>
-  <input name="execute" type="submit" alignment="center" value="Execute">
-</form>
-<p>
-<A HREF="<c:url value="adminPermission.htm"><c:param name="contactId" value="${addPermission.contact.id}"/></c:url>">Admin Permission</A> <a href="<c:url value="index.htm"/>">Manage</a>
-</body>
-</html>
+<%@ include file="/WEB-INF/jsp/include.jsp" %>
+<html>
+<head><title>Add Permission</title></head>
+<body>
+<h1>Add Permission</h1>
+<form method="post">
+  <table width="95%" bgcolor="f8f8ff" border="0" cellspacing="0" cellpadding="5">
+    <tr>
+      <td alignment="right" width="20%">Contact:</td>
+      <td width="60%"><c:out value="${addPermission.contact}"/></td>
+    </tr>
+    <tr>
+      <td alignment="right" width="20%">Recipient:</td>
+      <spring:bind path="addPermission.recipient">
+        <td width="20%">
+		    <select name="<c:out value="${status.expression}"/>">
+		      <c:forEach var="thisRecipient" items="${recipients}">
+		        <option <c:if test="${thisRecipient.key == status.value}">selected</c:if> value="<c:out value="${thisRecipient.key}"/>">
+		        <c:out value="${thisRecipient.value}"/></option>
+			    </c:forEach>
+		    </select>
+        </td>
+        <td width="60%">
+          <font color="red"><c:out value="${status.errorMessage}"/></font>
+        </td>
+      </spring:bind>
+    </tr>
+    <tr>
+      <td alignment="right" width="20%">Permission:</td>
+      <spring:bind path="addPermission.permission">
+        <td width="20%">
+		    <select name="<c:out value="${status.expression}"/>">
+		      <c:forEach var="thisPermission" items="${permissions}">
+		        <option <c:if test="${thisPermission.key == status.value}">selected</c:if> value="<c:out value="${thisPermission.key}"/>">
+		        <c:out value="${thisPermission.value}"/></option>
+			    </c:forEach>
+		    </select>
+        </td>
+        <td width="60%">
+          <font color="red"><c:out value="${status.errorMessage}"/></font>
+        </td>
+      </spring:bind>
+    </tr>
+  </table>
+  <br>
+  <spring:hasBindErrors name="webContact">
+    <b>Please fix all errors!</b>
+  </spring:hasBindErrors>
+  <br><br>
+  <input name="execute" type="submit" alignment="center" value="Execute">
+</form>
+<p>
+<A HREF="<c:url value="adminPermission.htm"><c:param name="contactId" value="${addPermission.contact.id}"/></c:url>">Admin Permission</A> <a href="<c:url value="index.htm"/>">Manage</a>
+</body>
+</html>
diff --git a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/adminPermission.jsp b/samples/contacts/src/main/webapp/WEB-INF/jsp/adminPermission.jsp
similarity index 96%
rename from samples/contacts/src/main/webapp/common/WEB-INF/jsp/adminPermission.jsp
rename to samples/contacts/src/main/webapp/WEB-INF/jsp/adminPermission.jsp
index c6aa83063d..9f799b0ee2 100644
--- a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/adminPermission.jsp
+++ b/samples/contacts/src/main/webapp/WEB-INF/jsp/adminPermission.jsp
@@ -1,28 +1,28 @@
-<%@ include file="/WEB-INF/jsp/include.jsp" %>
-
-<html>
-<head><title>Administer Permissions</title></head>
-<body>
-<h1>Administer Permissions</h1>
-<P>
-<code>
-<c:out value="${model.contact}"/>
-</code>
-<P>
-<table cellpadding=3 border=0>
-<c:forEach var="acl" items="${model.acl.entries}">
-    <tr>
-      <td>
-        <code>
-          <c:out value="${acl}"/>
-        </code>
-      </td>
-      <td>
-      <A HREF="<c:url value="deletePermission.htm"><c:param name="contactId" value="${model.contact.id}"/><c:param name="sid" value="${acl.sid.principal}"/><c:param name="permission" value="${acl.permission.mask}"/></c:url>">Del</A>
-      </td>
-    </tr>
-</c:forEach>
-</table>
-<p><a href="<c:url value="addPermission.htm"><c:param name="contactId" value="${model.contact.id}"/></c:url>">Add Permission</a>   <a href="<c:url value="index.htm"/>">Manage</a>
-</body>
-</html>
+<%@ include file="/WEB-INF/jsp/include.jsp" %>
+
+<html>
+<head><title>Administer Permissions</title></head>
+<body>
+<h1>Administer Permissions</h1>
+<P>
+<code>
+<c:out value="${model.contact}"/>
+</code>
+<P>
+<table cellpadding=3 border=0>
+<c:forEach var="acl" items="${model.acl.entries}">
+    <tr>
+      <td>
+        <code>
+          <c:out value="${acl}"/>
+        </code>
+      </td>
+      <td>
+      <A HREF="<c:url value="deletePermission.htm"><c:param name="contactId" value="${model.contact.id}"/><c:param name="sid" value="${acl.sid.principal}"/><c:param name="permission" value="${acl.permission.mask}"/></c:url>">Del</A>
+      </td>
+    </tr>
+</c:forEach>
+</table>
+<p><a href="<c:url value="addPermission.htm"><c:param name="contactId" value="${model.contact.id}"/></c:url>">Add Permission</a>   <a href="<c:url value="index.htm"/>">Manage</a>
+</body>
+</html>
diff --git a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/deletePermission.jsp b/samples/contacts/src/main/webapp/WEB-INF/jsp/deletePermission.jsp
similarity index 95%
rename from samples/contacts/src/main/webapp/common/WEB-INF/jsp/deletePermission.jsp
rename to samples/contacts/src/main/webapp/WEB-INF/jsp/deletePermission.jsp
index 9fdb393ace..85a71a2b6b 100644
--- a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/deletePermission.jsp
+++ b/samples/contacts/src/main/webapp/WEB-INF/jsp/deletePermission.jsp
@@ -1,20 +1,20 @@
-<%@ include file="/WEB-INF/jsp/include.jsp" %>
-
-<html>
-<head><title>Permission Deleted</title></head>
-<body>
-<h1>Permission Deleted</h1>
-<P>
-<code>
-<c:out value="${model.contact}"/>
-</code>
-<P>
-<code>
-<c:out value="${model.sid}"/>
-</code>
+<%@ include file="/WEB-INF/jsp/include.jsp" %>
+
+<html>
+<head><title>Permission Deleted</title></head>
+<body>
+<h1>Permission Deleted</h1>
+<P>
+<code>
+<c:out value="${model.contact}"/>
+</code>
+<P>
+<code>
+<c:out value="${model.sid}"/>
+</code>
 <code>
 <c:out value="${model.permission}"/>
 </code>
-<p><a href="<c:url value="index.htm"/>">Manage</a>
-</body>
-</html>
+<p><a href="<c:url value="index.htm"/>">Manage</a>
+</body>
+</html>
diff --git a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/deleted.jsp b/samples/contacts/src/main/webapp/WEB-INF/jsp/deleted.jsp
similarity index 100%
rename from samples/contacts/src/main/webapp/common/WEB-INF/jsp/deleted.jsp
rename to samples/contacts/src/main/webapp/WEB-INF/jsp/deleted.jsp
diff --git a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/hello.jsp b/samples/contacts/src/main/webapp/WEB-INF/jsp/hello.jsp
similarity index 97%
rename from samples/contacts/src/main/webapp/common/WEB-INF/jsp/hello.jsp
rename to samples/contacts/src/main/webapp/WEB-INF/jsp/hello.jsp
index 2a40c618f9..4f018bcc74 100644
--- a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/hello.jsp
+++ b/samples/contacts/src/main/webapp/WEB-INF/jsp/hello.jsp
@@ -15,13 +15,13 @@
    layer bean has a number of secured (protected) and public (unprotected)
    methods.</li>
 <li><b>Web request security</b>. The <code>/secure</code> URI path is protected
-   by Acegi Security from principals not holding the 
+   by Acegi Security from principals not holding the
    <code>ROLE_USER</code> granted authority.</li>
 <li><b>Security unaware application objects</b>. None of the objects
    are aware of the security being implemented by Acegi Security. *</li>
 <li><b>Security taglib usage</b>. All of the JSPs use Acegi Security's
    taglib to evaluate security information. *</li>
-<li><b>Fully declarative security</b>. Every capability is configured in 
+<li><b>Fully declarative security</b>. Every capability is configured in
    the application context using standard Acegi Security classes. *</li>
 <li><b>Database-sourced security data</b>. All of the user, role and ACL
    information is obtained from an in-memory JDBC-compliant database.</li>
diff --git a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/include.jsp b/samples/contacts/src/main/webapp/WEB-INF/jsp/include.jsp
similarity index 100%
rename from samples/contacts/src/main/webapp/common/WEB-INF/jsp/include.jsp
rename to samples/contacts/src/main/webapp/WEB-INF/jsp/include.jsp
diff --git a/samples/contacts/src/main/webapp/common/WEB-INF/jsp/index.jsp b/samples/contacts/src/main/webapp/WEB-INF/jsp/index.jsp
similarity index 100%
rename from samples/contacts/src/main/webapp/common/WEB-INF/jsp/index.jsp
rename to samples/contacts/src/main/webapp/WEB-INF/jsp/index.jsp
diff --git a/samples/contacts/src/main/webapp/common/WEB-INF/remoting-servlet.xml b/samples/contacts/src/main/webapp/WEB-INF/remoting-servlet.xml
similarity index 95%
rename from samples/contacts/src/main/webapp/common/WEB-INF/remoting-servlet.xml
rename to samples/contacts/src/main/webapp/WEB-INF/remoting-servlet.xml
index cdc2ec7171..647b9b6a23 100644
--- a/samples/contacts/src/main/webapp/common/WEB-INF/remoting-servlet.xml
+++ b/samples/contacts/src/main/webapp/WEB-INF/remoting-servlet.xml
@@ -3,12 +3,12 @@
 
 <!--
   - Contacts web application
-  - $Id$
+  - $Id: remoting-servlet.xml 469 2004-11-20 05:28:20Z benalex $
   -->
 <beans>
 
 	<!-- RMI exporter for the ContactManager -->
-	<!-- This could just as easily have been in 
+	<!-- This could just as easily have been in
 		 applicationContext-common-business.xml, because it doesn't rely on
 		 DispatcherServlet or indeed any other HTTP services. It's in this
 		 application context simply for logical placement with other
diff --git a/samples/contacts/src/main/webapp/common/WEB-INF/spring.tld b/samples/contacts/src/main/webapp/WEB-INF/spring.tld
similarity index 100%
rename from samples/contacts/src/main/webapp/common/WEB-INF/spring.tld
rename to samples/contacts/src/main/webapp/WEB-INF/spring.tld
diff --git a/samples/contacts/src/main/webapp/ldap/WEB-INF/web.xml b/samples/contacts/src/main/webapp/WEB-INF/web.xml
similarity index 82%
rename from samples/contacts/src/main/webapp/ldap/WEB-INF/web.xml
rename to samples/contacts/src/main/webapp/WEB-INF/web.xml
index b2f86de8d8..2b4d03e5a2 100644
--- a/samples/contacts/src/main/webapp/ldap/WEB-INF/web.xml
+++ b/samples/contacts/src/main/webapp/WEB-INF/web.xml
@@ -4,15 +4,13 @@
 <!--
   - Contacts web application
   -
-  - web.xml for "ldap" artifact only.
-  -
-  - $Id$
+  - $Id: web.xml 1741 2006-11-14 03:18:42Z benalex $
   -->
 
 <web-app>
 
     <display-name>Contacts Sample Application</display-name>
-    
+
 	<!--
 	  - Location of the XML file that defines the root application context
 	  - Applied by ContextLoaderListener.
@@ -25,12 +23,28 @@
 			classpath:applicationContext-common-authorization.xml
 		</param-value>
 	</context-param>
-	
+
+
+	<!--
+	     Required for CAS ProxyTicketReceptor servlet. This is the
+	     URL to CAS' "proxy" actuator, where a PGT and TargetService can
+	     be presented to obtain a new proxy ticket. THIS CAN BE
+	     REMOVED IF THE APPLICATION DOESN'T NEED TO ACT AS A PROXY
+	  -->
+
+    <context-param>
+        <param-name>edu.yale.its.tp.cas.proxyUrl</param-name>
+        <param-value>http://localhost:8433/cas/proxy</param-value>
+    </context-param>
+
+   <!-- Nothing below here needs to be modified -->
+
 	<context-param>
 		<param-name>log4jConfigLocation</param-name>
 		<param-value>/WEB-INF/classes/log4j.properties</param-value>
 	</context-param>
 
+
    <filter>
         <filter-name>Acegi Filter Chain Proxy</filter-name>
         <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
@@ -44,10 +58,10 @@
       <filter-name>Acegi Filter Chain Proxy</filter-name>
       <url-pattern>/*</url-pattern>
     </filter-mapping>
-	
+
 	<!--
 	  - Loads the root application context of this web app at startup.
-	  - The application context is then available via 
+	  - The application context is then available via
 	  - WebApplicationContextUtils.getWebApplicationContext(servletContext).
     -->
 	<listener>
@@ -62,11 +76,11 @@
         The HttpSessionEventPublisher will publish
         HttpSessionCreatedEvent and HttpSessionDestroyedEvent
         to the WebApplicationContext
- -->  
+ -->
     <listener>
         <listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
     </listener>
- 
+
   <!--
 	- Provides core MVC application controller. See contacts-servlet.xml.
     -->
@@ -89,7 +103,7 @@
     	<servlet-name>contacts</servlet-name>
     	<url-pattern>*.htm</url-pattern>
  	</servlet-mapping>
-  
+
 	<servlet-mapping>
 		<servlet-name>remoting</servlet-name>
 		<url-pattern>/remoting/*</url-pattern>
@@ -98,13 +112,13 @@
  	<welcome-file-list>
 		<welcome-file>index.jsp</welcome-file>
 	</welcome-file-list>
-	
+
 	<error-page>
 		<error-code>403</error-code>
 		<location>/error.html</location>
 	</error-page>
 
-  	<taglib>
+    <taglib>
       <taglib-uri>/spring</taglib-uri>
       <taglib-location>/WEB-INF/spring.tld</taglib-location>
   	</taglib>
diff --git a/samples/contacts/src/main/webapp/filter/accessDenied.jsp b/samples/contacts/src/main/webapp/accessDenied.jsp
similarity index 97%
rename from samples/contacts/src/main/webapp/filter/accessDenied.jsp
rename to samples/contacts/src/main/webapp/accessDenied.jsp
index 816d4526f8..c35b77d8ce 100644
--- a/samples/contacts/src/main/webapp/filter/accessDenied.jsp
+++ b/samples/contacts/src/main/webapp/accessDenied.jsp
@@ -1,16 +1,16 @@
-<%@ page import="org.acegisecurity.context.SecurityContextHolder" %>
-<%@ page import="org.acegisecurity.Authentication" %>
-<%@ page import="org.acegisecurity.ui.AccessDeniedHandlerImpl" %>
-
-<h1>Sorry, access is denied</h1>
-
-
-<p>
-<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
-
-<p>
-
-<%		Authentication auth = SecurityContextHolder.getContext().getAuthentication();
-		if (auth != null) { %>
-			Authentication object as a String: <%= auth.toString() %><BR><BR>
-<%      } %>
+<%@ page import="org.acegisecurity.context.SecurityContextHolder" %>
+<%@ page import="org.acegisecurity.Authentication" %>
+<%@ page import="org.acegisecurity.ui.AccessDeniedHandlerImpl" %>
+
+<h1>Sorry, access is denied</h1>
+
+
+<p>
+<%= request.getAttribute(AccessDeniedHandlerImpl.ACEGI_SECURITY_ACCESS_DENIED_EXCEPTION_KEY)%>
+
+<p>
+
+<%		Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+		if (auth != null) { %>
+			Authentication object as a String: <%= auth.toString() %><BR><BR>
+<%      } %>
diff --git a/samples/contacts/src/main/webapp/filter/acegilogin.jsp b/samples/contacts/src/main/webapp/acegilogin.jsp
similarity index 88%
rename from samples/contacts/src/main/webapp/filter/acegilogin.jsp
rename to samples/contacts/src/main/webapp/acegilogin.jsp
index f3d67e6e74..87e2298cad 100644
--- a/samples/contacts/src/main/webapp/filter/acegilogin.jsp
+++ b/samples/contacts/src/main/webapp/acegilogin.jsp
@@ -21,8 +21,8 @@
 	<p>username <b>bob</b>, password <b>wombat</b>
 	<p>username <b>jane</b>, password <b>wombat</b>
 	<p>
-	
-    <%-- this form-login-page form is also used as the 
+
+    <%-- this form-login-page form is also used as the
          form-error-page to ask for a login again.
          --%>
     <c:if test="${not empty param.login_error}">
@@ -34,7 +34,7 @@
 
     <form action="<c:url value='j_acegi_security_check'/>" method="POST">
       <table>
-        <tr><td>User:</td><td><input type='text' name='j_username' <c:if test="${not empty param.login_error}">value='<c:out value="${ACEGI_SECURITY_LAST_USERNAME}"/></c:if>></td></tr>
+        <tr><td>User:</td><td><input type='text' name='j_username' <c:if test="${not empty param.login_error}">value='<%= session.getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY) %>'</c:if>></td></tr>
         <tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
         <tr><td><input type="checkbox" name="_acegi_security_remember_me"></td><td>Don't ask for my password for two weeks</td></tr>
 
diff --git a/samples/contacts/src/main/webapp/ca/WEB-INF/applicationContext-acegi-security.xml b/samples/contacts/src/main/webapp/ca/WEB-INF/applicationContext-acegi-security.xml
deleted file mode 100644
index f99f5e48fd..0000000000
--- a/samples/contacts/src/main/webapp/ca/WEB-INF/applicationContext-acegi-security.xml
+++ /dev/null
@@ -1,70 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-
-<!--
-  - Application context containing authentication, channel
-  - security and web URI beans.
-  -
-  - Only used by "ca" artifact.
-  -
-  - $Id$
-  -->
-
-<beans>
-
-   <!-- ======================== FILTER CHAIN ======================= -->
-
-	<!--  if you wish to use channel security, add "channelProcessingFilter," in front
-	      of "authenticationProcessingFilter" in the list below -->
-	<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
-      <property name="filterInvocationDefinitionSource">
-         <value>
-		    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-		    PATTERN_TYPE_APACHE_ANT
-            /**=httpSessionContextIntegrationFilter,httpRequestIntegrationFilter,logoutFilter
-         </value>
-      </property>
-    </bean>
-
-   <!-- ======================== AUTHENTICATION ======================= -->
-
-	<!-- We could also have a daoAuthenticationProvider in order to
-		 process BASIC authentication requests, but this has been
-		 left out given container adapters aren't recommended and
-		 it would increase the number of bean declarations required -->
-   <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
-      <property name="providers">
-         <list>
-		    <ref local="authByAdapterProvider"/>
-         </list>
-      </property>
-   </bean>
-
-   <bean id="authByAdapterProvider" class="org.acegisecurity.adapters.AuthByAdapterProvider">
-  		<property name="key"><value>my_password</value></property>
-   </bean>
-
-   <bean id="httpRequestIntegrationFilter" class="org.acegisecurity.adapters.HttpRequestIntegrationFilter"/>
-
-   <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter">
-   </bean>
-
-	<!-- note logout has little impact, due to container authentication functionality (used only so /j_acegi_logout doesn't give URL error) -->
-   <bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
-      <constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
-      <constructor-arg>
-         <list>
-              <bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/>
-         </list>
-      </constructor-arg>
-   </bean>
-   
-	<!-- ===================== HTTP CHANNEL REQUIREMENTS ==================== -->
-	
-				<!-- Implement by servlet specification -->
-
-	<!-- ===================== HTTP REQUEST SECURITY ==================== -->
-
-				<!-- Implement by servlet specification -->
-
-</beans>
diff --git a/samples/contacts/src/main/webapp/ca/WEB-INF/classes/resin-acegisecurity.xml b/samples/contacts/src/main/webapp/ca/WEB-INF/classes/resin-acegisecurity.xml
deleted file mode 100644
index a2606f4377..0000000000
--- a/samples/contacts/src/main/webapp/ca/WEB-INF/classes/resin-acegisecurity.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-<!--
- * The Acegi Security System for Spring is published under the terms
- * of the Apache Software License.
- *
- * This springsecurity.xml file will only be used by Resin. Normally the
- * springsecurity.xml is container-wide, but in the case of Resin it is
- * web application specific.
- *
- * $Id$
- *
- * This file will be copied into WAR's classes directory if using container adapter
- *
--->
-
-<beans>
-
-	<!-- ================= CONTAINER ADAPTER CONFIGURATION ================ -->
-	
-	<!-- Data access object which stores authentication information -->
-	<bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
-  		<property name="userMap">
-			<value>
-				marissa=koala,ROLE_TELLER,ROLE_SUPERVISOR
-				dianne=emu,ROLE_TELLER
-				scott=wombat,ROLE_TELLER
-				peter=opal,disabled,ROLE_TELLER
-			</value>
-		</property>
-	</bean>
-	
-	<!-- Authentication provider that queries our data access object  -->
-	<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
-     	<property name="userDetailsService"><ref bean="inMemoryDaoImpl"/></property>
-     	<property name="forcePrincipalAsString"><value>true</value></property>
-	</bean>
-
-	<!-- The authentication manager that iterates through our only authentication provider -->
-	<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
-		<property name="providers">
-		  <list>
-		    <ref bean="daoAuthenticationProvider"/>
-		  </list>
-		</property>
-	</bean>
-
-</beans>
diff --git a/samples/contacts/src/main/webapp/ca/WEB-INF/jboss-web.xml b/samples/contacts/src/main/webapp/ca/WEB-INF/jboss-web.xml
deleted file mode 100644
index 042053ac6c..0000000000
--- a/samples/contacts/src/main/webapp/ca/WEB-INF/jboss-web.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<!--
-  - $Id$
-  - File will be copied into WAR's WEB-INF directory if using container adapter
-  -->
-<jboss-web>
-    <security-domain>java:/jaas/SpringPoweredRealm</security-domain>
-</jboss-web>
diff --git a/samples/contacts/src/main/webapp/ca/WEB-INF/resin-web.xml b/samples/contacts/src/main/webapp/ca/WEB-INF/resin-web.xml
deleted file mode 100644
index 4dd24b2559..0000000000
--- a/samples/contacts/src/main/webapp/ca/WEB-INF/resin-web.xml
+++ /dev/null
@@ -1,13 +0,0 @@
-<!--
-  - $Id$
-  - File will be copied into WAR's WEB-INF directory if using container adapter
-  -->
-<web-app>
-      <authenticator>
-        <type>org.acegisecurity.adapters.resin.ResinAcegiAuthenticator</type>
-        <init>
-          <app-context-location>resin-acegisecurity.xml</app-context-location>
-           <key>my_password</key>
-        </init>
-      </authenticator>
-</web-app>
diff --git a/samples/contacts/src/main/webapp/ca/WEB-INF/web.xml b/samples/contacts/src/main/webapp/ca/WEB-INF/web.xml
deleted file mode 100644
index 79e93e20b2..0000000000
--- a/samples/contacts/src/main/webapp/ca/WEB-INF/web.xml
+++ /dev/null
@@ -1,137 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
-
-<!--
-  - Contacts web application
-  -
-  - web.xml for "ca" artifact only.
-  -
-  - $Id$
-  -->
-
-<web-app>
-
-    <display-name>Contacts Sample Application</display-name>
-    
-	<!--
-	  - Location of the XML file that defines the root application context
-	  - Applied by ContextLoaderListener.
-	  -->
-	<context-param>
-		<param-name>contextConfigLocation</param-name>
-		<param-value>
-			/WEB-INF/applicationContext-acegi-security.xml
-			classpath:applicationContext-common-business.xml
-			classpath:applicationContext-common-authorization.xml
-		</param-value>
-	</context-param>
-	
-	<context-param>
-		<param-name>log4jConfigLocation</param-name>
-		<param-value>/WEB-INF/classes/log4j.properties</param-value>
-	</context-param>
-    
-    <filter>
-        <filter-name>Acegi Filter Chain Proxy</filter-name>
-        <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>org.acegisecurity.util.FilterChainProxy</param-value>
-        </init-param>
-    </filter>
-
-    <filter-mapping>
-      <filter-name>Acegi Filter Chain Proxy</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-
-
-	<!--
-	  - Loads the root application context of this web app at startup.
-	  - The application context is then available via 
-	  - WebApplicationContextUtils.getWebApplicationContext(servletContext).
-    -->
-	<listener>
-		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-	</listener>
-
-    <listener>
-		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
-	</listener>
-	
-  <!--
-	- Provides core MVC application controller. See contacts-servlet.xml.
-    -->
-	<servlet>
-		<servlet-name>contacts</servlet-name>
-		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-		<load-on-startup>1</load-on-startup>
-	</servlet>
-
-  <!--
-    - Provides web services endpoint. See remoting-servlet.xml.
-    -->
-	<servlet>
-		<servlet-name>remoting</servlet-name>
-		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-		<load-on-startup>2</load-on-startup>
-	</servlet>
-
-	<servlet-mapping>
-    	<servlet-name>contacts</servlet-name>
-    	<url-pattern>*.htm</url-pattern>
- 	</servlet-mapping>
-  
-	<servlet-mapping>
-		<servlet-name>remoting</servlet-name>
-		<url-pattern>/remoting/*</url-pattern>
-	</servlet-mapping>
-
- 	<welcome-file-list>
-		<welcome-file>index.jsp</welcome-file>
-	</welcome-file-list>
-
-  	<taglib>
-      <taglib-uri>/spring</taglib-uri>
-      <taglib-location>/WEB-INF/spring.tld</taglib-location>
-  	</taglib>
-
-    <security-constraint>
-      <display-name>Secured Area Security Constraint</display-name>
-      <web-resource-collection>
-         <web-resource-name>Secured Area</web-resource-name>
-         <url-pattern>/secure/*</url-pattern>
-      </web-resource-collection>
-      <auth-constraint>
-         <role-name>ROLE_USER</role-name>
-	     <role-name>ROLE_SUPERVISOR</role-name>
-      </auth-constraint>
-    </security-constraint>
-
-    <!-- Default login configuration using BASIC authentication -->
-	<!--
-	<login-config>
-      <auth-method>BASIC</auth-method>
-      <realm-name>Spring Powered Realm</realm-name>
-	</login-config>
-    -->
-  
-    <!-- Default login configuration using form-based authentication -->
-    <login-config>
-      <auth-method>FORM</auth-method>
-      <realm-name>Spring Powered Realm</realm-name>
-      <form-login-config>
-        <form-login-page>/login.jsp</form-login-page>
-        <form-error-page>/login.jsp?login_error=1</form-error-page>
-      </form-login-config>
-    </login-config>
-
-    <!-- Security roles referenced by this web application -->
-    <security-role>
-      <role-name>ROLE_SUPERVISOR</role-name>
-    </security-role>
-    <security-role>
-      <role-name>ROLE_USER</role-name>
-    </security-role>    
-
-</web-app>
diff --git a/samples/contacts/src/main/webapp/ca/login.jsp b/samples/contacts/src/main/webapp/ca/login.jsp
deleted file mode 100644
index 5a0e4b0ad0..0000000000
--- a/samples/contacts/src/main/webapp/ca/login.jsp
+++ /dev/null
@@ -1,46 +0,0 @@
-<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
-<html>
-  <head>
-    <title>Login</title>
-  </head>
-
-  <body>
-    <h1>Login</h1>
-
-	<P>Valid users:
-	<P>
-	<P>username <b>marissa</b>, password <b>koala</b>
-	<P>username <b>dianne</b>, password <b>emu</b>
-	<p>username <b>scott</b>, password <b>wombat</b>
-	<p>username <b>peter</b>, password <b>opal</b> (user disabled)
-	<p>username <b>bill</b>, password <b>wombat</b>
-	<p>username <b>bob</b>, password <b>wombat</b>
-	<p>username <b>jane</b>, password <b>wombat</b>
-	<p>
-	
-    <%-- this form-login-page form is also used as the 
-         form-error-page to ask for a login again.
-         --%>
-    <c:if test="${not empty param.login_error}">
-      <font color="red">
-        Your login attempt was not successful, try again.
-      </font>
-    </c:if>
-
-    <form action="<c:url value='j_security_check'/>" method="POST">
-      <table>
-        <tr><td>User:</td><td><input type='text' name='j_username'></td></tr>
-        <tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
-
-        <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
-        <tr><td colspan='2'><input name="reset" type="reset"></td></tr>
-      </table>
-
-      <!--
-        -  The j_uri is a Resin requirement (ignored by other containers)
-        -->
-      <input type='hidden' name='j_uri' value='/secure/index.htm'/>
-    </form>
-
-  </body>
-</html>
diff --git a/samples/contacts/src/main/webapp/cas/WEB-INF/web.xml b/samples/contacts/src/main/webapp/cas/WEB-INF/web.xml
deleted file mode 100644
index f7e7d25eb6..0000000000
--- a/samples/contacts/src/main/webapp/cas/WEB-INF/web.xml
+++ /dev/null
@@ -1,107 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
-
-<!--
-  - Contacts web application
-  -
-  - web.xml for "cas" artifact only.
-  -
-  - $Id$
-  -->
-
-<web-app>
-
-    <display-name>Contacts Sample Application</display-name>
-    
-	<!--
-	  - Location of the XML file that defines the root application context
-	  - Applied by ContextLoaderListener.
-	  -->
-	<context-param>
-		<param-name>contextConfigLocation</param-name>
-		<param-value>
-			/WEB-INF/applicationContext-acegi-security.xml
-			classpath:applicationContext-common-business.xml
-			classpath:applicationContext-common-authorization.xml
-		</param-value>
-	</context-param>
-	
-	<context-param>
-		<param-name>log4jConfigLocation</param-name>
-		<param-value>/WEB-INF/classes/log4j.properties</param-value>
-	</context-param>
-
-	<!-- Required for CAS ProxyTicketReceptor servlet. This is the
-	     URL to CAS' "proxy" actuator, where a PGT and TargetService can
-	     be presented to obtain a new proxy ticket. THIS CAN BE
-	     REMOVED IF THE APPLICATION DOESN'T NEED TO ACT AS A PROXY -->
-    <context-param>
-        <param-name>edu.yale.its.tp.cas.proxyUrl</param-name>
-        <param-value>http://localhost:8433/cas/proxy</param-value>
-    </context-param>
-
-    <filter>
-        <filter-name>Acegi Filter Chain Proxy</filter-name>
-        <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>org.acegisecurity.util.FilterChainProxy</param-value>
-        </init-param>
-    </filter>
-
-    <filter-mapping>
-      <filter-name>Acegi Filter Chain Proxy</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-
-	<!--
-	  - Loads the root application context of this web app at startup.
-	  - The application context is then available via 
-	  - WebApplicationContextUtils.getWebApplicationContext(servletContext).
-    -->
-	<listener>
-		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-	</listener>
-
-    <listener>
-		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
-	</listener>
-	
-  <!--
-	- Provides core MVC application controller. See contacts-servlet.xml.
-    -->
-	<servlet>
-		<servlet-name>contacts</servlet-name>
-		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-		<load-on-startup>1</load-on-startup>
-	</servlet>
-
-  <!--
-    - Provides web services endpoint. See remoting-servlet.xml.
-    -->
-	<servlet>
-		<servlet-name>remoting</servlet-name>
-		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-		<load-on-startup>2</load-on-startup>
-	</servlet>
-
-	<servlet-mapping>
-    	<servlet-name>contacts</servlet-name>
-    	<url-pattern>*.htm</url-pattern>
- 	</servlet-mapping>
-  
-	<servlet-mapping>
-		<servlet-name>remoting</servlet-name>
-		<url-pattern>/remoting/*</url-pattern>
-	</servlet-mapping>
-
- 	<welcome-file-list>
-		<welcome-file>index.jsp</welcome-file>
-	</welcome-file-list>
-
-  	<taglib>
-      <taglib-uri>/spring</taglib-uri>
-      <taglib-location>/WEB-INF/spring.tld</taglib-location>
-  	</taglib>
-
-</web-app>
diff --git a/samples/contacts/src/main/webapp/cas/casfailed.jsp b/samples/contacts/src/main/webapp/casfailed.jsp
similarity index 59%
rename from samples/contacts/src/main/webapp/cas/casfailed.jsp
rename to samples/contacts/src/main/webapp/casfailed.jsp
index 8079e66687..67223a9d58 100644
--- a/samples/contacts/src/main/webapp/cas/casfailed.jsp
+++ b/samples/contacts/src/main/webapp/casfailed.jsp
@@ -1,6 +1,6 @@
 <%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
-<%@ page import="net.sf.acegisecurity.ui.AbstractProcessingFilter" %>
-<%@ page import="net.sf.acegisecurity.AuthenticationException" %>
+<%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
+<%@ page import="org.acegisecurity.AuthenticationException" %>
 
 <html>
   <head>
@@ -12,7 +12,7 @@
 
       <font color="red">
         Your CAS credentials were rejected.<BR><BR>
-        Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
+        Reason: <%= ((AuthenticationException) session.getAttribute(org.acegisecurity.ui.AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
       </font>
 
   </body>
diff --git a/samples/contacts/src/main/webapp/common/WEB-INF/contacts-servlet.xml b/samples/contacts/src/main/webapp/common/WEB-INF/contacts-servlet.xml
deleted file mode 100644
index 3176dec545..0000000000
--- a/samples/contacts/src/main/webapp/common/WEB-INF/contacts-servlet.xml
+++ /dev/null
@@ -1,87 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-
-<!--
-  - Application context definition for "contacts" DispatcherServlet.
-  -
-  - $Id$
-  -->
-
-<beans>
-
-	<!-- ========================== WEB DEFINITIONS ======================= -->
-
-	<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
-		<property name="basename"><value>messages</value></property>
-	</bean>
-
-    <bean id="publicIndexController" class="sample.contact.PublicIndexController">
-    	<property name="contactManager"><ref bean="contactManager"/></property>
- 	</bean>
-
-    <bean id="secureIndexController" class="sample.contact.SecureIndexController">
-    	<property name="contactManager"><ref bean="contactManager"/></property>
- 	</bean>
-
-    <bean id="secureDeleteController" class="sample.contact.DeleteController">
-    	<property name="contactManager"><ref bean="contactManager"/></property>
- 	</bean>
-
-    <bean id="adminPermissionController" class="sample.contact.AdminPermissionController">
-    	<property name="contactManager"><ref bean="contactManager"/></property>
-    	<property name="aclService"><ref bean="aclService"/></property>
- 	</bean>
-
-    <bean id="deletePermissionController" class="sample.contact.DeletePermissionController">
-    	<property name="contactManager"><ref bean="contactManager"/></property>
-    	<property name="aclService"><ref bean="aclService"/></property>
- 	</bean>
-
-    <bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
-        <property name="mappings">
-            <props>
-                <prop key="/hello.htm">publicIndexController</prop>
-                <prop key="/secure/add.htm">secureAddForm</prop>
-                <prop key="/secure/index.htm">secureIndexController</prop>
-                <prop key="/secure/del.htm">secureDeleteController</prop>
-                <prop key="/secure/adminPermission.htm">adminPermissionController</prop>
-                <prop key="/secure/deletePermission.htm">deletePermissionController</prop>
-                <prop key="/secure/addPermission.htm">addPermissionForm</prop>
-			</props>
-        </property>
-    </bean>
-
-    <bean id="addValidator" class="sample.contact.WebContactValidator"/>
-    
-	<bean id="addPermissionValidator" class="sample.contact.AddPermissionValidator"/>
-
-    <bean id="secureAddForm" class="sample.contact.WebContactAddController">
-        <property name="sessionForm"><value>true</value></property>
-        <property name="commandName"><value>webContact</value></property>
-        <property name="commandClass"><value>sample.contact.WebContact</value></property>
-        <property name="validator"><ref bean="addValidator"/></property>
-        <property name="formView"><value>add</value></property>
-        <property name="successView"><value>index.htm</value></property>
-        <property name="contactManager">
-            <ref bean="contactManager"/>
-        </property>
-    </bean>
-
-    <bean id="addPermissionForm" class="sample.contact.AddPermissionController">
-        <property name="sessionForm"><value>true</value></property>
-        <property name="commandName"><value>addPermission</value></property>
-        <property name="commandClass"><value>sample.contact.AddPermission</value></property>
-        <property name="validator"><ref bean="addPermissionValidator"/></property>
-        <property name="formView"><value>addPermission</value></property>
-        <property name="successView"><value>index.htm</value></property>
-        <property name="contactManager">
-            <ref bean="contactManager"/>
-        </property>
-    </bean>
-
-	<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
-		<property name="prefix"><value>/WEB-INF/jsp/</value></property>
-		<property name="suffix"><value>.jsp</value></property>
-	</bean>
-
-</beans>
diff --git a/samples/contacts/src/main/webapp/ldap/error.html b/samples/contacts/src/main/webapp/error.html
similarity index 100%
rename from samples/contacts/src/main/webapp/ldap/error.html
rename to samples/contacts/src/main/webapp/error.html
diff --git a/samples/contacts/src/main/webapp/filter/exitUser.jsp b/samples/contacts/src/main/webapp/exitUser.jsp
similarity index 97%
rename from samples/contacts/src/main/webapp/filter/exitUser.jsp
rename to samples/contacts/src/main/webapp/exitUser.jsp
index baae57491c..7ea7f7903b 100644
--- a/samples/contacts/src/main/webapp/filter/exitUser.jsp
+++ b/samples/contacts/src/main/webapp/exitUser.jsp
@@ -25,16 +25,16 @@
       <table>
         <tr><td>Current User:</td><td>
 
-         <% 
+         <%
 			Authentication auth = SecurityContextHolder.getContext().getAuthentication();
 			if (auth != null) { %>
-			
+
 			<%= auth.getPrincipal().toString() %>
-			
+
 		<% } %>
-		
-			
-         
+
+
+
          </td></tr>
         <tr><td colspan='2'><input name="exit" type="submit" value="Exit"></td></tr>
       </table>
diff --git a/samples/contacts/src/main/webapp/filter/WEB-INF/web.xml b/samples/contacts/src/main/webapp/filter/WEB-INF/web.xml
deleted file mode 100644
index cd05943446..0000000000
--- a/samples/contacts/src/main/webapp/filter/WEB-INF/web.xml
+++ /dev/null
@@ -1,107 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
-
-<!--
-  - Contacts web application
-  -
-  - web.xml for "filter" artifact only.
-  -
-  - $Id$
-  -->
-
-<web-app>
-
-    <display-name>Contacts Sample Application</display-name>
-    
-	<!--
-	  - Location of the XML file that defines the root application context
-	  - Applied by ContextLoaderListener.
-	  -->
-	<context-param>
-		<param-name>contextConfigLocation</param-name>
-		<param-value>
-			/WEB-INF/applicationContext-acegi-security.xml
-			classpath:applicationContext-common-business.xml
-			classpath:applicationContext-common-authorization.xml
-		</param-value>
-	</context-param>
-	
-	<context-param>
-		<param-name>log4jConfigLocation</param-name>
-		<param-value>/WEB-INF/classes/log4j.properties</param-value>
-	</context-param>
-
-   <filter>
-        <filter-name>Acegi Filter Chain Proxy</filter-name>
-        <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>org.acegisecurity.util.FilterChainProxy</param-value>
-        </init-param>
-   </filter>
-
-    <filter-mapping>
-      <filter-name>Acegi Filter Chain Proxy</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-	
-	<!--
-	  - Loads the root application context of this web app at startup.
-	  - The application context is then available via 
-	  - WebApplicationContextUtils.getWebApplicationContext(servletContext).
-    -->
-	<listener>
-		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-	</listener>
-
-	<listener>
-		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
-	</listener>
-
-    <!--
-        The HttpSessionEventPublisher will publish
-        HttpSessionCreatedEvent and HttpSessionDestroyedEvent
-        to the WebApplicationContext
- -->  
-    <listener>
-        <listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class>
-    </listener>
- 
-  <!--
-	- Provides core MVC application controller. See contacts-servlet.xml.
-    -->
-	<servlet>
-		<servlet-name>contacts</servlet-name>
-		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-		<load-on-startup>1</load-on-startup>
-	</servlet>
-
-  <!--
-    - Provides web services endpoint. See remoting-servlet.xml.
-    -->
-	<servlet>
-		<servlet-name>remoting</servlet-name>
-		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-		<load-on-startup>2</load-on-startup>
-	</servlet>
-
-	<servlet-mapping>
-    	<servlet-name>contacts</servlet-name>
-    	<url-pattern>*.htm</url-pattern>
- 	</servlet-mapping>
-  
-	<servlet-mapping>
-		<servlet-name>remoting</servlet-name>
-		<url-pattern>/remoting/*</url-pattern>
-	</servlet-mapping>
-
- 	<welcome-file-list>
-		<welcome-file>index.jsp</welcome-file>
-	</welcome-file-list>
-
-  	<taglib>
-      <taglib-uri>/spring</taglib-uri>
-      <taglib-location>/WEB-INF/spring.tld</taglib-location>
-  	</taglib>
-
-</web-app>
diff --git a/samples/contacts/src/main/webapp/common/index.jsp b/samples/contacts/src/main/webapp/index.jsp
similarity index 100%
rename from samples/contacts/src/main/webapp/common/index.jsp
rename to samples/contacts/src/main/webapp/index.jsp
diff --git a/samples/contacts/src/main/webapp/ldap/acegilogin.jsp b/samples/contacts/src/main/webapp/ldap/acegilogin.jsp
deleted file mode 100644
index 3f842e7340..0000000000
--- a/samples/contacts/src/main/webapp/ldap/acegilogin.jsp
+++ /dev/null
@@ -1,46 +0,0 @@
-<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
-<%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
-<%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
-<%@ page import="org.acegisecurity.AuthenticationException" %>
-
-<html>
-  <head>
-    <title>Login</title>
-  </head>
-
-  <body>
-    <h1>Login</h1>
-
-	<P>Valid users:
-	<P>
-	<P>username <b>marissa</b>, password <b>koala</b>
-	<P>username <b>dianne</b>, password <b>emu</b>
-	<p>username <b>scott</b>, password <b>wombat</b>
-	<p>username <b>peter</b>, password <b>opal</b> (user disabled)
-	<p>username <b>bill</b>, password <b>wombat</b>
-	<p>username <b>bob</b>, password <b>wombat</b>
-	<p>username <b>jane</b>, password <b>wombat</b>
-	<p>
-	
-    <%-- this form-login-page form is also used as the 
-         form-error-page to ask for a login again.
-         --%>
-    <c:if test="${not empty param.login_error}">
-      <font color="red">
-        Your login attempt was not successful, try again.<BR><BR>
-        Reason: <%= ((AuthenticationException) session.getAttribute(AbstractProcessingFilter.ACEGI_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
-      </font>
-    </c:if>
-
-    <form action="<c:url value='j_acegi_security_check'/>" method="POST">
-      <table>
-        <tr><td>User:</td><td><input type='text' name='j_username' <c:if test="${not empty param.login_error}">value='<c:out value="${ACEGI_SECURITY_LAST_USERNAME}"/></c:if>></td></tr>
-        <tr><td>Password:</td><td><input type='password' name='j_password'></td></tr>
-        <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
-        <tr><td colspan='2'><input name="reset" type="reset"></td></tr>
-      </table>
-
-    </form>
-
-  </body>
-</html>
diff --git a/samples/contacts/src/main/webapp/common/secure/debug.jsp b/samples/contacts/src/main/webapp/secure/debug.jsp
similarity index 98%
rename from samples/contacts/src/main/webapp/common/secure/debug.jsp
rename to samples/contacts/src/main/webapp/secure/debug.jsp
index 2d59a4d6ab..1a136eca34 100644
--- a/samples/contacts/src/main/webapp/common/secure/debug.jsp
+++ b/samples/contacts/src/main/webapp/secure/debug.jsp
@@ -3,12 +3,12 @@
 <%@ page import="org.acegisecurity.GrantedAuthority" %>
 <%@ page import="org.acegisecurity.adapters.AuthByAdapter" %>
 
-<% 
+<%
 		Authentication auth = SecurityContextHolder.getContext().getAuthentication();
 		if (auth != null) { %>
 			Authentication object is of type: <%= auth.getClass().getName() %><BR><BR>
 			Authentication object as a String: <%= auth.toString() %><BR><BR>
-			
+
 			Authentication object holds the following granted authorities:<BR><BR>
 <%			GrantedAuthority[] granted = auth.getAuthorities();
 			for (int i = 0; i < granted.length; i++) { %>
@@ -20,7 +20,7 @@
 <%			} else { %>
 				<BR><B>SUCCESS! Your web filters appear to be properly configured!</B><BR>
 <%			}
-			
+
 		} else { %>
 			Authentication object is null.<BR>
 			This is an error and your Acegi Security application will not operate properly until corrected.<BR><BR>
diff --git a/samples/contacts/src/main/webapp/filter/switchUser.jsp b/samples/contacts/src/main/webapp/switchUser.jsp
similarity index 90%
rename from samples/contacts/src/main/webapp/filter/switchUser.jsp
rename to samples/contacts/src/main/webapp/switchUser.jsp
index caa7f1292c..b3978c770b 100644
--- a/samples/contacts/src/main/webapp/filter/switchUser.jsp
+++ b/samples/contacts/src/main/webapp/switchUser.jsp
@@ -1,6 +1,5 @@
 <%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %>
 <%@ page import="org.acegisecurity.ui.AbstractProcessingFilter" %>
-<%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter" %>
 <%@ page import="org.acegisecurity.AuthenticationException" %>
 
 <html>
@@ -20,8 +19,8 @@
 	<p>username <b>bob</b>, password <b>wombat</b>
 	<p>username <b>jane</b>, password <b>wombat</b>
 	<p>
-	
-    <%-- this form-login-page form is also used as the 
+
+    <%-- this form-login-page form is also used as the
          form-error-page to ask for a login again.
          --%>
     <c:if test="${not empty param.login_error}">
diff --git a/samples/contacts/src/main/webapp/x509/WEB-INF/web.xml b/samples/contacts/src/main/webapp/x509/WEB-INF/web.xml
deleted file mode 100644
index 2482b7db94..0000000000
--- a/samples/contacts/src/main/webapp/x509/WEB-INF/web.xml
+++ /dev/null
@@ -1,99 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
-
-<!--
-  - Contacts web application
-  -
-  - web.xml for "x509" artifact only.
-  -
-  - $Id$
-  -->
-
-<web-app>
-
-    <display-name>Contacts Sample Application</display-name>
-    
-	<!--
-	  - Location of the XML file that defines the root application context
-	  - Applied by ContextLoaderListener.
-	  -->
-	<context-param>
-		<param-name>contextConfigLocation</param-name>
-		<param-value>
-			/WEB-INF/applicationContext-acegi-security.xml
-			classpath:applicationContext-common-business.xml
-			classpath:applicationContext-common-authorization.xml
-		</param-value>
-	</context-param>
-<!--	
-	<context-param>
-		<param-name>log4jConfigLocation</param-name>
-		<param-value>/WEB-INF/classes/log4j.properties</param-value>
-	</context-param>
--->
-
-    <filter>
-        <filter-name>Acegi Filter Chain Proxy</filter-name>
-        <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
-        <init-param>
-            <param-name>targetClass</param-name>
-            <param-value>org.acegisecurity.util.FilterChainProxy</param-value>
-        </init-param>
-    </filter>
-
-    <filter-mapping>
-      <filter-name>Acegi Filter Chain Proxy</filter-name>
-      <url-pattern>/*</url-pattern>
-    </filter-mapping>
-
-	<!--
-	  - Loads the root application context of this web app at startup.
-	  - The application context is then available via 
-	  - WebApplicationContextUtils.getWebApplicationContext(servletContext).
-    -->
-	<listener>
-		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-	</listener>
-<!--
-    <listener>
-		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
-	</listener>
-	-->
-  <!--
-	- Provides core MVC application controller. See contacts-servlet.xml.
-    -->
-	<servlet>
-		<servlet-name>contacts</servlet-name>
-		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-		<load-on-startup>1</load-on-startup>
-	</servlet>
-
-  <!--
-    - Provides web services endpoint. See remoting-servlet.xml.
-    -->
-	<servlet>
-		<servlet-name>remoting</servlet-name>
-		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-		<load-on-startup>2</load-on-startup>
-	</servlet>
-
-	<servlet-mapping>
-    	<servlet-name>contacts</servlet-name>
-    	<url-pattern>*.htm</url-pattern>
- 	</servlet-mapping>
-  
-	<servlet-mapping>
-		<servlet-name>remoting</servlet-name>
-		<url-pattern>/remoting/*</url-pattern>
-	</servlet-mapping>
-
- 	<welcome-file-list>
-		<welcome-file>index.jsp</welcome-file>
-	</welcome-file-list>
-
-  	<taglib>
-      <taglib-uri>/spring</taglib-uri>
-      <taglib-location>/WEB-INF/spring.tld</taglib-location>
-  	</taglib>
-    
-</web-app>