diff --git a/servlet/xml/java/contacts/build.gradle b/servlet/xml/java/contacts/build.gradle
deleted file mode 100644
index 660c554..0000000
--- a/servlet/xml/java/contacts/build.gradle
+++ /dev/null
@@ -1,55 +0,0 @@
-plugins {
- id "java"
- id "war"
- id "nebula.integtest" version "8.2.0"
- id "org.gretty" version "4.0.0"
-}
-
-apply from: "gradle/gretty.gradle"
-
-repositories {
- mavenCentral()
- maven { url "https://repo.spring.io/milestone" }
- maven { url "https://repo.spring.io/snapshot" }
-}
-
-dependencies {
- implementation platform("org.springframework.security:spring-security-bom:6.0.0-SNAPSHOT")
- implementation platform("org.springframework:spring-framework-bom:6.0.0-SNAPSHOT")
- implementation platform("org.junit:junit-bom:5.7.0")
-
- implementation "org.springframework.security:spring-security-config"
- implementation "org.springframework.security:spring-security-web"
- implementation "org.springframework.security:spring-security-acl"
- implementation "org.springframework.security:spring-security-taglibs"
- implementation 'org.springframework:spring-web'
- implementation "org.springframework:spring-webmvc"
- implementation 'org.springframework:spring-aop'
- implementation 'org.springframework:spring-beans'
- implementation 'org.springframework:spring-context'
- implementation 'org.springframework:spring-jdbc'
- implementation 'org.springframework:spring-tx'
- implementation 'org.slf4j:slf4j-api:1.7.30'
- implementation 'org.slf4j:slf4j-simple:1.7.30'
-
- providedCompile "jakarta.servlet:jakarta.servlet-api:5.0.0"
- providedCompile "org.glassfish.web:jakarta.servlet.jsp.jstl:2.0.0"
-
- runtimeOnly 'net.sf.ehcache:ehcache:2.10.5'
- runtimeOnly 'org.hsqldb:hsqldb:2.5.0'
- runtimeOnly 'org.springframework:spring-context-support'
-
- testImplementation "org.springframework:spring-test"
- testImplementation "org.springframework.security:spring-security-test"
- testImplementation("org.junit.jupiter:junit-jupiter-api")
- testImplementation "org.assertj:assertj-core:3.18.0"
-
- testRuntimeOnly("org.junit.jupiter:junit-jupiter-engine")
-
- integTestImplementation "org.seleniumhq.selenium:htmlunit-driver:2.44.0"
-}
-
-tasks.withType(Test).configureEach {
- useJUnitPlatform()
- outputs.upToDateWhen { false }
-}
diff --git a/servlet/xml/java/contacts/client/client.properties b/servlet/xml/java/contacts/client/client.properties
deleted file mode 100644
index 9f3feee..0000000
--- a/servlet/xml/java/contacts/client/client.properties
+++ /dev/null
@@ -1,8 +0,0 @@
-# Properties file with server URL settings for remote access.
-# Applied by PropertyPlaceholderConfigurer from "clientContext.xml".
-#
-
-serverName=localhost
-httpPort=8080
-contextPath=/spring-security-sample-contacts-filter
-rmiPort=1099
diff --git a/servlet/xml/java/contacts/client/clientContext.xml b/servlet/xml/java/contacts/client/clientContext.xml
deleted file mode 100644
index f30d172..0000000
--- a/servlet/xml/java/contacts/client/clientContext.xml
+++ /dev/null
@@ -1,73 +0,0 @@
-
-
-
-
-
-
-
-
-
- client.properties
-
-
-
-
-
-
-
-
-
- sample.contact.ContactManager
-
-
- http://${serverName}:${httpPort}${contextPath}/remoting/ContactManager-httpinvoker
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/servlet/xml/java/contacts/gradle.properties b/servlet/xml/java/contacts/gradle.properties
deleted file mode 100644
index a2f0b27..0000000
--- a/servlet/xml/java/contacts/gradle.properties
+++ /dev/null
@@ -1 +0,0 @@
-version=6.0.0-SNAPSHOT
diff --git a/servlet/xml/java/contacts/gradle/gretty.gradle b/servlet/xml/java/contacts/gradle/gretty.gradle
deleted file mode 100644
index ae3483d..0000000
--- a/servlet/xml/java/contacts/gradle/gretty.gradle
+++ /dev/null
@@ -1,41 +0,0 @@
-gretty {
- servletContainer = "tomcat10"
- contextPath = "/"
- fileLogEnabled = false
- integrationTestTask = 'integrationTest'
-}
-
-Task prepareAppServerForIntegrationTests = project.tasks.create('prepareAppServerForIntegrationTests') {
- group = 'Verification'
- description = 'Prepares the app server for integration tests'
- doFirst {
- project.gretty {
- httpPort = -1
- }
- }
-}
-
-project.tasks.matching { it.name == "appBeforeIntegrationTest" }.all { task ->
- task.dependsOn prepareAppServerForIntegrationTests
-}
-
-project.tasks.matching { it.name == "integrationTest" }.all {
- task -> task.doFirst {
- def gretty = project.gretty
- String host = project.gretty.host ?: 'localhost'
- boolean isHttps = gretty.httpsEnabled
- Integer httpPort = integrationTest.systemProperties['gretty.httpPort']
- Integer httpsPort = integrationTest.systemProperties['gretty.httpsPort']
- int port = isHttps ? httpsPort : httpPort
- String contextPath = project.gretty.contextPath
- String httpBaseUrl = "http://${host}:${httpPort}${contextPath}"
- String httpsBaseUrl = "https://${host}:${httpsPort}${contextPath}"
- String baseUrl = isHttps ? httpsBaseUrl : httpBaseUrl
- integrationTest.systemProperty 'app.port', port
- integrationTest.systemProperty 'app.httpPort', httpPort
- integrationTest.systemProperty 'app.httpsPort', httpsPort
- integrationTest.systemProperty 'app.baseURI', baseUrl
- integrationTest.systemProperty 'app.httpBaseURI', httpBaseUrl
- integrationTest.systemProperty 'app.httpsBaseURI', httpsBaseUrl
- }
-}
\ No newline at end of file
diff --git a/servlet/xml/java/contacts/gradle/wrapper/gradle-wrapper.jar b/servlet/xml/java/contacts/gradle/wrapper/gradle-wrapper.jar
deleted file mode 100644
index 62d4c05..0000000
Binary files a/servlet/xml/java/contacts/gradle/wrapper/gradle-wrapper.jar and /dev/null differ
diff --git a/servlet/xml/java/contacts/gradle/wrapper/gradle-wrapper.properties b/servlet/xml/java/contacts/gradle/wrapper/gradle-wrapper.properties
deleted file mode 100644
index e750102..0000000
--- a/servlet/xml/java/contacts/gradle/wrapper/gradle-wrapper.properties
+++ /dev/null
@@ -1,5 +0,0 @@
-distributionBase=GRADLE_USER_HOME
-distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.3-bin.zip
-zipStoreBase=GRADLE_USER_HOME
-zipStorePath=wrapper/dists
diff --git a/servlet/xml/java/contacts/gradlew b/servlet/xml/java/contacts/gradlew
deleted file mode 100755
index fbd7c51..0000000
--- a/servlet/xml/java/contacts/gradlew
+++ /dev/null
@@ -1,185 +0,0 @@
-#!/usr/bin/env sh
-
-#
-# Copyright 2015 the original author or authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# https://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-##############################################################################
-##
-## Gradle start up script for UN*X
-##
-##############################################################################
-
-# Attempt to set APP_HOME
-# Resolve links: $0 may be a link
-PRG="$0"
-# Need this for relative symlinks.
-while [ -h "$PRG" ] ; do
- ls=`ls -ld "$PRG"`
- link=`expr "$ls" : '.*-> \(.*\)$'`
- if expr "$link" : '/.*' > /dev/null; then
- PRG="$link"
- else
- PRG=`dirname "$PRG"`"/$link"
- fi
-done
-SAVED="`pwd`"
-cd "`dirname \"$PRG\"`/" >/dev/null
-APP_HOME="`pwd -P`"
-cd "$SAVED" >/dev/null
-
-APP_NAME="Gradle"
-APP_BASE_NAME=`basename "$0"`
-
-# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
-
-# Use the maximum available, or set MAX_FD != -1 to use that value.
-MAX_FD="maximum"
-
-warn () {
- echo "$*"
-}
-
-die () {
- echo
- echo "$*"
- echo
- exit 1
-}
-
-# OS specific support (must be 'true' or 'false').
-cygwin=false
-msys=false
-darwin=false
-nonstop=false
-case "`uname`" in
- CYGWIN* )
- cygwin=true
- ;;
- Darwin* )
- darwin=true
- ;;
- MINGW* )
- msys=true
- ;;
- NONSTOP* )
- nonstop=true
- ;;
-esac
-
-CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
-
-
-# Determine the Java command to use to start the JVM.
-if [ -n "$JAVA_HOME" ] ; then
- if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
- # IBM's JDK on AIX uses strange locations for the executables
- JAVACMD="$JAVA_HOME/jre/sh/java"
- else
- JAVACMD="$JAVA_HOME/bin/java"
- fi
- if [ ! -x "$JAVACMD" ] ; then
- die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
- fi
-else
- JAVACMD="java"
- which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
-fi
-
-# Increase the maximum file descriptors if we can.
-if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
- MAX_FD_LIMIT=`ulimit -H -n`
- if [ $? -eq 0 ] ; then
- if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
- MAX_FD="$MAX_FD_LIMIT"
- fi
- ulimit -n $MAX_FD
- if [ $? -ne 0 ] ; then
- warn "Could not set maximum file descriptor limit: $MAX_FD"
- fi
- else
- warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
- fi
-fi
-
-# For Darwin, add options to specify how the application appears in the dock
-if $darwin; then
- GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
-fi
-
-# For Cygwin or MSYS, switch paths to Windows format before running java
-if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
- APP_HOME=`cygpath --path --mixed "$APP_HOME"`
- CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
-
- JAVACMD=`cygpath --unix "$JAVACMD"`
-
- # We build the pattern for arguments to be converted via cygpath
- ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
- SEP=""
- for dir in $ROOTDIRSRAW ; do
- ROOTDIRS="$ROOTDIRS$SEP$dir"
- SEP="|"
- done
- OURCYGPATTERN="(^($ROOTDIRS))"
- # Add a user-defined pattern to the cygpath arguments
- if [ "$GRADLE_CYGPATTERN" != "" ] ; then
- OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
- fi
- # Now convert the arguments - kludge to limit ourselves to /bin/sh
- i=0
- for arg in "$@" ; do
- CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
- CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option
-
- if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition
- eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
- else
- eval `echo args$i`="\"$arg\""
- fi
- i=`expr $i + 1`
- done
- case $i in
- 0) set -- ;;
- 1) set -- "$args0" ;;
- 2) set -- "$args0" "$args1" ;;
- 3) set -- "$args0" "$args1" "$args2" ;;
- 4) set -- "$args0" "$args1" "$args2" "$args3" ;;
- 5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
- 6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
- 7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
- 8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
- 9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
- esac
-fi
-
-# Escape application args
-save () {
- for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
- echo " "
-}
-APP_ARGS=`save "$@"`
-
-# Collect all arguments for the java command, following the shell quoting and substitution rules
-eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
-
-exec "$JAVACMD" "$@"
diff --git a/servlet/xml/java/contacts/gradlew.bat b/servlet/xml/java/contacts/gradlew.bat
deleted file mode 100644
index a9f778a..0000000
--- a/servlet/xml/java/contacts/gradlew.bat
+++ /dev/null
@@ -1,104 +0,0 @@
-@rem
-@rem Copyright 2015 the original author or authors.
-@rem
-@rem Licensed under the Apache License, Version 2.0 (the "License");
-@rem you may not use this file except in compliance with the License.
-@rem You may obtain a copy of the License at
-@rem
-@rem https://www.apache.org/licenses/LICENSE-2.0
-@rem
-@rem Unless required by applicable law or agreed to in writing, software
-@rem distributed under the License is distributed on an "AS IS" BASIS,
-@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-@rem See the License for the specific language governing permissions and
-@rem limitations under the License.
-@rem
-
-@if "%DEBUG%" == "" @echo off
-@rem ##########################################################################
-@rem
-@rem Gradle startup script for Windows
-@rem
-@rem ##########################################################################
-
-@rem Set local scope for the variables with windows NT shell
-if "%OS%"=="Windows_NT" setlocal
-
-set DIRNAME=%~dp0
-if "%DIRNAME%" == "" set DIRNAME=.
-set APP_BASE_NAME=%~n0
-set APP_HOME=%DIRNAME%
-
-@rem Resolve any "." and ".." in APP_HOME to make it shorter.
-for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
-
-@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
-
-@rem Find java.exe
-if defined JAVA_HOME goto findJavaFromJavaHome
-
-set JAVA_EXE=java.exe
-%JAVA_EXE% -version >NUL 2>&1
-if "%ERRORLEVEL%" == "0" goto init
-
-echo.
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:findJavaFromJavaHome
-set JAVA_HOME=%JAVA_HOME:"=%
-set JAVA_EXE=%JAVA_HOME%/bin/java.exe
-
-if exist "%JAVA_EXE%" goto init
-
-echo.
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:init
-@rem Get command-line arguments, handling Windows variants
-
-if not "%OS%" == "Windows_NT" goto win9xME_args
-
-:win9xME_args
-@rem Slurp the command line arguments.
-set CMD_LINE_ARGS=
-set _SKIP=2
-
-:win9xME_args_slurp
-if "x%~1" == "x" goto execute
-
-set CMD_LINE_ARGS=%*
-
-:execute
-@rem Setup the command line
-
-set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
-
-
-@rem Execute Gradle
-"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
-
-:end
-@rem End local scope for the variables with windows NT shell
-if "%ERRORLEVEL%"=="0" goto mainEnd
-
-:fail
-rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
-rem the _cmd.exe /c_ return code!
-if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
-exit /b 1
-
-:mainEnd
-if "%OS%"=="Windows_NT" endlocal
-
-:omega
diff --git a/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/ContactsTests.java b/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/ContactsTests.java
deleted file mode 100644
index faa5583..0000000
--- a/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/ContactsTests.java
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
- * Copyright 2002-2018 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.samples;
-
-import org.junit.jupiter.api.AfterEach;
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-import org.openqa.selenium.WebDriver;
-import org.openqa.selenium.htmlunit.HtmlUnitDriver;
-
-import org.springframework.security.samples.pages.ContactsPage;
-import org.springframework.security.samples.pages.HomePage;
-
-/**
- * Test for Contacts application.
- *
- * @author Michael Simons
- */
-public class ContactsTests {
-
- private WebDriver driver;
-
- private int port;
-
- @BeforeEach
- void setup() {
- this.port = Integer.parseInt(System.getProperty("app.httpPort"));
- this.driver = new HtmlUnitDriver();
- }
-
- @AfterEach
- void tearDown() {
- this.driver.quit();
- }
-
- @Test
- void accessHomePageWithUnauthenticatedUserSuccess() {
- final HomePage homePage = HomePage.to(this.driver, this.port);
- homePage.assertAt();
- }
-
- @Test
- void authenticatedUserCanAddContacts() {
- final String name = "Rob Winch";
- final String email = "rob@example.com";
-
- // @formatter:off
- ContactsPage.accessManagePageWithUnauthenticatedUser(this.driver, this.port)
- .sendsToLoginPage()
- .username("rod")
- .password("koala")
- .submit()
- .isAtContactsPage()
- .addContact()
- .name(name)
- .email(email)
- .submit()
- .andHasContact(name, email)
- .delete()
- .andConfirmDeletion()
- .isAtContactsPage()
- .andContactHasBeenRemoved(name, email);
- // @formatter:on
- }
-
- @Test
- void authenticatedUserLogsOut() {
- // @formatter:off
- final HomePage homePage = ContactsPage.accessManagePageWithUnauthenticatedUser(this.driver, this.port)
- .sendsToLoginPage()
- .username("rod")
- .password("koala")
- .submit()
- .isAtContactsPage()
- .logout();
- // @formatter:on
- homePage.assertAt();
-
- ContactsPage.accessManagePageWithUnauthenticatedUser(this.driver, this.port).sendsToLoginPage();
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/pages/AddPage.java b/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/pages/AddPage.java
deleted file mode 100644
index 812ee52..0000000
--- a/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/pages/AddPage.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * Copyright 2002-2018 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.samples.pages;
-
-import org.openqa.selenium.WebDriver;
-import org.openqa.selenium.WebElement;
-import org.openqa.selenium.support.FindBy;
-import org.openqa.selenium.support.PageFactory;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-/**
- * The add new contact page.
- *
- * @author Michael Simons
- */
-public class AddPage {
-
- private final WebDriver webDriver;
-
- private final AddForm addForm;
-
- public AddPage(WebDriver webDriver) {
- this.webDriver = webDriver;
- this.addForm = PageFactory.initElements(this.webDriver, AddForm.class);
- }
-
- AddForm addForm() {
- assertThat(this.webDriver.getTitle()).isEqualTo("Add New Contact");
- return this.addForm;
- }
-
- public static class AddForm {
-
- private WebDriver webDriver;
-
- private WebElement name;
-
- private WebElement email;
-
- @FindBy(css = "input[type=submit]")
- private WebElement submit;
-
- public AddForm(WebDriver webDriver) {
- this.webDriver = webDriver;
- }
-
- public AddForm name(String name) {
- this.name.sendKeys(name);
- return this;
- }
-
- public AddForm email(String email) {
- this.email.sendKeys(email);
- return this;
- }
-
- public ContactsPage submit() {
- this.submit.click();
- return PageFactory.initElements(this.webDriver, ContactsPage.class);
- }
-
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/pages/ContactsPage.java b/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/pages/ContactsPage.java
deleted file mode 100644
index 3de827f..0000000
--- a/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/pages/ContactsPage.java
+++ /dev/null
@@ -1,131 +0,0 @@
-/*
- * Copyright 2002-2018 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.samples.pages;
-
-import java.util.List;
-import java.util.function.Predicate;
-
-import org.openqa.selenium.By;
-import org.openqa.selenium.WebDriver;
-import org.openqa.selenium.WebElement;
-import org.openqa.selenium.support.FindBy;
-import org.openqa.selenium.support.PageFactory;
-
-import org.springframework.security.samples.pages.AddPage.AddForm;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-/**
- * The contacts / manage page.
- *
- * @author Michael Simons
- */
-public class ContactsPage {
-
- public static LoginPage accessManagePageWithUnauthenticatedUser(WebDriver driver, int port) {
- driver.get("http://localhost:" + port + "/secure/index.htm");
- return PageFactory.initElements(driver, LoginPage.class);
- }
-
- private final WebDriver webDriver;
-
- @FindBy(linkText = "Add")
- private WebElement a;
-
- @FindBy(css = "table tr")
- private List contacts;
-
- @FindBy(xpath = "//input[@type='submit' and @value='Logoff']")
- private WebElement logout;
-
- public ContactsPage(WebDriver webDriver) {
- this.webDriver = webDriver;
- }
-
- public ContactsPage isAtContactsPage() {
- assertThat(this.webDriver.getTitle()).isEqualTo("Your Contacts");
- return this;
- }
-
- public AddForm addContact() {
- this.a.click();
- final AddPage addPage = PageFactory.initElements(this.webDriver, AddPage.class);
- return addPage.addForm();
- }
-
- Predicate byEmail(final String val) {
- return (e) -> e.findElements(By.xpath("td[position()=3 and normalize-space()='" + val + "']")).size() == 1;
- }
-
- Predicate byName(final String val) {
- return (e) -> e.findElements(By.xpath("td[position()=2 and normalize-space()='" + val + "']")).size() == 1;
- }
-
- public DeleteContactLink andHasContact(final String name, final String email) {
- return this.contacts.stream().filter(byEmail(email).and(byName(name)))
- .map((e) -> e.findElement(By.cssSelector("td:nth-child(4) > a"))).findFirst()
- .map((e) -> new DeleteContactLink(this.webDriver, e)).get();
- }
-
- public ContactsPage andContactHasBeenRemoved(final String name, final String email) {
- assertThat(this.contacts.stream().filter(byEmail(email).and(byName(name))).findAny()).isEmpty();
- return this;
- }
-
- public HomePage logout() {
- this.logout.click();
- return PageFactory.initElements(this.webDriver, HomePage.class);
- }
-
- public static class DeleteContactLink {
-
- private final WebDriver webDriver;
-
- private final WebElement a;
-
- public DeleteContactLink(WebDriver webDriver, WebElement a) {
- this.webDriver = webDriver;
- this.a = a;
- }
-
- public DeleteConfirmationPage delete() {
- this.a.click();
- return PageFactory.initElements(this.webDriver, DeleteConfirmationPage.class);
- }
-
- }
-
- public static class DeleteConfirmationPage {
-
- private final WebDriver webDriver;
-
- @FindBy(linkText = "Manage")
- private WebElement a;
-
- public DeleteConfirmationPage(WebDriver webDriver) {
- this.webDriver = webDriver;
- }
-
- public ContactsPage andConfirmDeletion() {
- assertThat(this.webDriver.getTitle()).isEqualTo("Deletion completed");
- this.a.click();
- return PageFactory.initElements(this.webDriver, ContactsPage.class);
- }
-
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/pages/HomePage.java b/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/pages/HomePage.java
deleted file mode 100644
index 41fae8f..0000000
--- a/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/pages/HomePage.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright 2002-2018 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.samples.pages;
-
-import org.openqa.selenium.WebDriver;
-import org.openqa.selenium.WebElement;
-import org.openqa.selenium.support.FindBy;
-import org.openqa.selenium.support.PageFactory;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-/**
- * The home page.
- *
- * @author Michael Simons
- */
-public class HomePage {
-
- public static HomePage to(WebDriver driver, int port) {
- driver.get("http://localhost:" + port + "/");
- return PageFactory.initElements(driver, HomePage.class);
- }
-
- private final WebDriver webDriver;
-
- @FindBy(css = "p")
- private WebElement message;
-
- @FindBy(css = "input[type=submit]")
- private WebElement logoutButton;
-
- public HomePage(WebDriver webDriver) {
- this.webDriver = webDriver;
- }
-
- public Content assertAt() {
- assertThat(this.webDriver.getTitle()).isEqualTo("Contacts Security Demo");
- return PageFactory.initElements(this.webDriver, Content.class);
- }
-
- public LoginPage logout() {
- this.logoutButton.submit();
- return PageFactory.initElements(this.webDriver, LoginPage.class);
- }
-
- public static class Content {
-
- @FindBy(css = "p")
- private WebElement message;
-
- public Content andTheUserNameIsDisplayed() {
- assertThat(this.message.getText()).isEqualTo("Hello user");
- return this;
- }
-
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/pages/LoginPage.java b/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/pages/LoginPage.java
deleted file mode 100644
index 9ceff20..0000000
--- a/servlet/xml/java/contacts/src/integTest/java/org/springframework/security/samples/pages/LoginPage.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * Copyright 2002-2018 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.samples.pages;
-
-import org.openqa.selenium.WebDriver;
-import org.openqa.selenium.WebElement;
-import org.openqa.selenium.support.FindBy;
-import org.openqa.selenium.support.PageFactory;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-/**
- * The login page.
- *
- * @author Michael Simons
- */
-public class LoginPage {
-
- private final WebDriver webDriver;
-
- private final LoginForm loginForm;
-
- public LoginPage(WebDriver webDriver) {
- this.webDriver = webDriver;
- this.loginForm = PageFactory.initElements(this.webDriver, LoginForm.class);
- }
-
- public LoginForm sendsToLoginPage() {
- assertThat(this.webDriver.getTitle()).isEqualTo("Login");
- return this.loginForm;
- }
-
- public static class LoginForm {
-
- private WebDriver webDriver;
-
- private WebElement username;
-
- private WebElement password;
-
- @FindBy(css = "input[type=submit]")
- private WebElement submit;
-
- public LoginForm(WebDriver webDriver) {
- this.webDriver = webDriver;
- }
-
- public LoginForm username(String username) {
- this.username.sendKeys(username);
- return this;
- }
-
- public LoginForm password(String password) {
- this.password.sendKeys(password);
- return this;
- }
-
- public ContactsPage submit() {
- this.submit.click();
- return PageFactory.initElements(this.webDriver, ContactsPage.class);
- }
-
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/AddDeleteContactController.java b/servlet/xml/java/contacts/src/main/java/sample/contact/AddDeleteContactController.java
deleted file mode 100644
index bf69b39..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/AddDeleteContactController.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Controller;
-import org.springframework.validation.BindingResult;
-import org.springframework.validation.Validator;
-import org.springframework.web.bind.WebDataBinder;
-import org.springframework.web.bind.annotation.InitBinder;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.servlet.ModelAndView;
-
-/**
- * AddDeleteContactController.
- *
- * @author Luke Taylor
- * @since 3.0
- */
-@Controller
-public class AddDeleteContactController {
-
- @Autowired
- private ContactManager contactManager;
-
- private final Validator validator = new WebContactValidator();
-
- @RequestMapping(value = "/secure/add.htm", method = RequestMethod.GET)
- public ModelAndView addContactDisplay() {
- return new ModelAndView("add", "webContact", new WebContact());
- }
-
- @InitBinder
- public void initBinder(WebDataBinder binder) {
- System.out.println("A binder for object: " + binder.getObjectName());
- }
-
- @RequestMapping(value = "/secure/add.htm", method = RequestMethod.POST)
- public String addContact(WebContact form, BindingResult result) {
- this.validator.validate(form, result);
-
- if (result.hasErrors()) {
- return "add";
- }
-
- Contact contact = new Contact(form.getName(), form.getEmail());
- this.contactManager.create(contact);
-
- return "redirect:/secure/index.htm";
- }
-
- @RequestMapping(value = "/secure/del.htm", method = RequestMethod.GET)
- public ModelAndView delContact(@RequestParam("contactId") int contactId) {
- Contact contact = this.contactManager.getById((long) contactId);
- this.contactManager.delete(contact);
-
- return new ModelAndView("deleted", "contact", contact);
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/AddPermission.java b/servlet/xml/java/contacts/src/main/java/sample/contact/AddPermission.java
deleted file mode 100644
index 93bc6c7..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/AddPermission.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import org.springframework.security.acls.domain.BasePermission;
-
-/**
- * Model object for add permission use case.
- *
- * @author Ben Alex
- */
-public class AddPermission {
-
- private Contact contact;
-
- private Integer permission = BasePermission.READ.getMask();
-
- private String recipient;
-
- public Contact getContact() {
- return this.contact;
- }
-
- public Integer getPermission() {
- return this.permission;
- }
-
- public String getRecipient() {
- return this.recipient;
- }
-
- public void setContact(Contact contact) {
- this.contact = contact;
- }
-
- public void setPermission(Integer permission) {
- this.permission = permission;
- }
-
- public void setRecipient(String recipient) {
- this.recipient = recipient;
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/AddPermissionValidator.java b/servlet/xml/java/contacts/src/main/java/sample/contact/AddPermissionValidator.java
deleted file mode 100644
index 9a277e3..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/AddPermissionValidator.java
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import org.springframework.security.acls.domain.BasePermission;
-import org.springframework.validation.Errors;
-import org.springframework.validation.ValidationUtils;
-import org.springframework.validation.Validator;
-
-/**
- * Validates {@link AddPermission}.
- *
- * @author Ben Alex
- */
-public class AddPermissionValidator implements Validator {
-
- @SuppressWarnings("unchecked")
- public boolean supports(Class clazz) {
- return clazz.equals(AddPermission.class);
- }
-
- public void validate(Object obj, Errors errors) {
- AddPermission addPermission = (AddPermission) obj;
-
- ValidationUtils.rejectIfEmptyOrWhitespace(errors, "permission", "err.permission", "Permission is required. *");
- ValidationUtils.rejectIfEmptyOrWhitespace(errors, "recipient", "err.recipient", "Recipient is required. *");
-
- if (addPermission.getPermission() != null) {
- int permission = addPermission.getPermission();
-
- if ((permission != BasePermission.ADMINISTRATION.getMask()) && (permission != BasePermission.READ.getMask())
- && (permission != BasePermission.DELETE.getMask())) {
- errors.rejectValue("permission", "err.permission.invalid", "The indicated permission is invalid. *");
- }
- }
-
- if (addPermission.getRecipient() != null) {
- if (addPermission.getRecipient().length() > 100) {
- errors.rejectValue("recipient", "err.recipient.length",
- "The recipient is too long (maximum 100 characters). *");
- }
- }
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/AdminPermissionController.java b/servlet/xml/java/contacts/src/main/java/sample/contact/AdminPermissionController.java
deleted file mode 100644
index 88830bf..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/AdminPermissionController.java
+++ /dev/null
@@ -1,176 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import java.util.HashMap;
-import java.util.LinkedHashMap;
-import java.util.Map;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.MessageSource;
-import org.springframework.context.MessageSourceAware;
-import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.dao.DataAccessException;
-import org.springframework.security.acls.domain.BasePermission;
-import org.springframework.security.acls.domain.DefaultPermissionFactory;
-import org.springframework.security.acls.domain.ObjectIdentityImpl;
-import org.springframework.security.acls.domain.PermissionFactory;
-import org.springframework.security.acls.domain.PrincipalSid;
-import org.springframework.security.acls.model.Acl;
-import org.springframework.security.acls.model.AclService;
-import org.springframework.security.acls.model.Permission;
-import org.springframework.security.acls.model.Sid;
-import org.springframework.stereotype.Controller;
-import org.springframework.ui.ModelMap;
-import org.springframework.validation.BindingResult;
-import org.springframework.validation.Validator;
-import org.springframework.web.bind.WebDataBinder;
-import org.springframework.web.bind.annotation.InitBinder;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.SessionAttributes;
-import org.springframework.web.servlet.ModelAndView;
-
-/**
- * Web controller to handle Permission administration functions - adding and
- * deleting permissions for contacts.
- *
- * @author Luke Taylor
- * @since 3.0
- */
-@Controller
-@SessionAttributes("addPermission")
-public final class AdminPermissionController implements MessageSourceAware {
-
- @Autowired
- private AclService aclService;
-
- @Autowired
- private ContactManager contactManager;
-
- private MessageSourceAccessor messages;
-
- private final Validator addPermissionValidator = new AddPermissionValidator();
-
- private final PermissionFactory permissionFactory = new DefaultPermissionFactory();
-
- @RequestMapping(value = "/secure/adminPermission.htm", method = RequestMethod.GET)
- public ModelAndView displayAdminPage(@RequestParam("contactId") int contactId) {
- Contact contact = this.contactManager.getById((long) contactId);
- Acl acl = this.aclService.readAclById(new ObjectIdentityImpl(contact));
-
- Map model = new HashMap<>();
- model.put("contact", contact);
- model.put("acl", acl);
-
- return new ModelAndView("adminPermission", "model", model);
- }
-
- @RequestMapping(value = "/secure/addPermission.htm", method = RequestMethod.GET)
- public ModelAndView displayAddPermissionPageForContact(@RequestParam("contactId") long contactId) {
- Contact contact = this.contactManager.getById(contactId);
-
- AddPermission addPermission = new AddPermission();
- addPermission.setContact(contact);
-
- Map model = new HashMap<>();
- model.put("addPermission", addPermission);
- model.put("recipients", listRecipients());
- model.put("permissions", listPermissions());
-
- return new ModelAndView("addPermission", model);
- }
-
- @InitBinder("addPermission")
- public void initBinder(WebDataBinder binder) {
- binder.setAllowedFields("recipient", "permission");
- }
-
- @RequestMapping(value = "/secure/addPermission.htm", method = RequestMethod.POST)
- public String addPermission(AddPermission addPermission, BindingResult result, ModelMap model) {
- this.addPermissionValidator.validate(addPermission, result);
-
- if (result.hasErrors()) {
- model.put("recipients", listRecipients());
- model.put("permissions", listPermissions());
-
- return "addPermission";
- }
-
- PrincipalSid sid = new PrincipalSid(addPermission.getRecipient());
- Permission permission = this.permissionFactory.buildFromMask(addPermission.getPermission());
-
- try {
- this.contactManager.addPermission(addPermission.getContact(), sid, permission);
- }
- catch (DataAccessException existingPermission) {
- existingPermission.printStackTrace();
- result.rejectValue("recipient", "err.recipientExistsForContact", "Addition failure.");
-
- model.put("recipients", listRecipients());
- model.put("permissions", listPermissions());
- return "addPermission";
- }
-
- return "redirect:/secure/index.htm";
- }
-
- @RequestMapping("/secure/deletePermission.htm")
- public ModelAndView deletePermission(@RequestParam("contactId") long contactId, @RequestParam("sid") String sid,
- @RequestParam("permission") int mask) {
-
- Contact contact = this.contactManager.getById(contactId);
-
- Sid sidObject = new PrincipalSid(sid);
- Permission permission = this.permissionFactory.buildFromMask(mask);
-
- this.contactManager.deletePermission(contact, sidObject, permission);
-
- Map model = new HashMap<>();
- model.put("contact", contact);
- model.put("sid", sidObject);
- model.put("permission", permission);
-
- return new ModelAndView("deletePermission", "model", model);
- }
-
- private Map listPermissions() {
- Map map = new LinkedHashMap<>();
- map.put(BasePermission.ADMINISTRATION.getMask(), this.messages.getMessage("select.administer", "Administer"));
- map.put(BasePermission.READ.getMask(), this.messages.getMessage("select.read", "Read"));
- map.put(BasePermission.DELETE.getMask(), this.messages.getMessage("select.delete", "Delete"));
-
- return map;
- }
-
- private Map listRecipients() {
- Map map = new LinkedHashMap<>();
- map.put("", this.messages.getMessage("select.pleaseSelect", "-- please select --"));
-
- for (String recipient : this.contactManager.getAllRecipients()) {
- map.put(recipient, recipient);
- }
-
- return map;
- }
-
- public void setMessageSource(MessageSource messageSource) {
- this.messages = new MessageSourceAccessor(messageSource);
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/ClientApplication.java b/servlet/xml/java/contacts/src/main/java/sample/contact/ClientApplication.java
deleted file mode 100644
index a404666..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/ClientApplication.java
+++ /dev/null
@@ -1,140 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.util.List;
-import java.util.Map;
-
-import org.springframework.beans.factory.ListableBeanFactory;
-import org.springframework.context.support.FileSystemXmlApplicationContext;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.util.StopWatch;
-
-/**
- * Demonstrates accessing the {@link ContactManager} via remoting protocols.
- *
- * Based on Spring's JPetStore sample, written by Juergen Hoeller.
- *
- * @author Ben Alex
- */
-public class ClientApplication {
-
- private final ListableBeanFactory beanFactory;
-
- public ClientApplication(ListableBeanFactory beanFactory) {
- this.beanFactory = beanFactory;
- }
-
- public void invokeContactManager(Authentication authentication, int nrOfCalls) {
- StopWatch stopWatch = new StopWatch(nrOfCalls + " ContactManager call(s)");
- Map contactServices = this.beanFactory.getBeansOfType(ContactManager.class, true, true);
-
- SecurityContextHolder.getContext().setAuthentication(authentication);
-
- for (Map.Entry entry : contactServices.entrySet()) {
- String beanName = entry.getKey();
- ContactManager remoteContactManager = entry.getValue();
- Object object = this.beanFactory.getBean("&" + beanName);
-
- try {
- System.out.println("Trying to find setUsername(String) method on: " + object.getClass().getName());
-
- Method method = object.getClass().getMethod("setUsername", new Class[] { String.class });
- System.out.println("Found; Trying to setUsername(String) to " + authentication.getPrincipal());
- method.invoke(object, authentication.getPrincipal());
- }
- catch (NoSuchMethodException ignored) {
- System.out.println("This client proxy factory does not have a setUsername(String) method");
- }
- catch (IllegalAccessException | InvocationTargetException ignored) {
- ignored.printStackTrace();
- }
-
- try {
- System.out.println("Trying to find setPassword(String) method on: " + object.getClass().getName());
-
- Method method = object.getClass().getMethod("setPassword", new Class[] { String.class });
- method.invoke(object, authentication.getCredentials());
- System.out.println("Found; Trying to setPassword(String) to " + authentication.getCredentials());
- }
- catch (NoSuchMethodException ignored) {
- System.out.println("This client proxy factory does not have a setPassword(String) method");
- }
- catch (IllegalAccessException | InvocationTargetException ignored) {
- }
-
- System.out.println("Calling ContactManager '" + beanName + "'");
-
- stopWatch.start(beanName);
-
- List contacts = null;
-
- for (int i = 0; i < nrOfCalls; i++) {
- contacts = remoteContactManager.getAll();
- }
-
- stopWatch.stop();
-
- if (contacts.size() != 0) {
- for (Contact contact : contacts) {
- System.out.println("Contact: " + contact);
- }
- }
- else {
- System.out.println("No contacts found which this user has permission to");
- }
-
- System.out.println();
- System.out.println(stopWatch.prettyPrint());
- }
-
- SecurityContextHolder.clearContext();
- }
-
- public static void main(String[] args) {
- String username = System.getProperty("username", "");
- String password = System.getProperty("password", "");
- String nrOfCallsString = System.getProperty("nrOfCalls", "");
-
- if ("".equals(username) || "".equals(password)) {
- System.out.println(
- "You need to specify the user ID to use, the password to use, and optionally a number of calls "
- + "using the username, password, and nrOfCalls system properties respectively. eg for user rod, "
- + "use: -Dusername=rod -Dpassword=koala' for a single call per service and "
- + "use: -Dusername=rod -Dpassword=koala -DnrOfCalls=10 for ten calls per service.");
- System.exit(-1);
- }
- else {
- int nrOfCalls = 1;
-
- if (!"".equals(nrOfCallsString)) {
- nrOfCalls = Integer.parseInt(nrOfCallsString);
- }
-
- ListableBeanFactory beanFactory = new FileSystemXmlApplicationContext("clientContext.xml");
- ClientApplication client = new ClientApplication(beanFactory);
-
- client.invokeContactManager(new UsernamePasswordAuthenticationToken(username, password), nrOfCalls);
- System.exit(0);
- }
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/Contact.java b/servlet/xml/java/contacts/src/main/java/sample/contact/Contact.java
deleted file mode 100644
index fa5361a..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/Contact.java
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import java.io.Serializable;
-
-/**
- * Represents a contact.
- *
- * @author Ben Alex
- */
-public class Contact implements Serializable {
-
- private Long id;
-
- private String email;
-
- private String name;
-
- public Contact(String name, String email) {
- this.name = name;
- this.email = email;
- }
-
- public Contact() {
- }
-
- public String getEmail() {
- return this.email;
- }
-
- public Long getId() {
- return this.id;
- }
-
- public String getName() {
- return this.name;
- }
-
- public void setEmail(String email) {
- this.email = email;
- }
-
- public void setId(Long id) {
- this.id = id;
- }
-
- public void setName(String name) {
- this.name = name;
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder();
- sb.append(super.toString() + ": ");
- sb.append("Id: " + this.getId() + "; ");
- sb.append("Name: " + this.getName() + "; ");
- sb.append("Email: " + this.getEmail());
-
- return sb.toString();
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/ContactDao.java b/servlet/xml/java/contacts/src/main/java/sample/contact/ContactDao.java
deleted file mode 100644
index 495e30f..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/ContactDao.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import java.util.List;
-
-/**
- * Provides access to the application's persistence layer.
- *
- * @author Ben Alex
- */
-public interface ContactDao {
-
- void create(Contact contact);
-
- void delete(Long contactId);
-
- List findAll();
-
- List findAllPrincipals();
-
- List findAllRoles();
-
- Contact getById(Long id);
-
- void update(Contact contact);
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/ContactDaoSpring.java b/servlet/xml/java/contacts/src/main/java/sample/contact/ContactDaoSpring.java
deleted file mode 100644
index 8b86206..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/ContactDaoSpring.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.util.List;
-
-import org.springframework.jdbc.core.support.JdbcDaoSupport;
-
-/**
- * Base implementation of {@link ContactDao} that uses Spring's JdbcTemplate.
- *
- * @author Ben Alex
- * @author Luke Taylor
- */
-public class ContactDaoSpring extends JdbcDaoSupport implements ContactDao {
-
- public void create(final Contact contact) {
- getJdbcTemplate().update("insert into contacts values (?, ?, ?)", (ps) -> {
- ps.setLong(1, contact.getId());
- ps.setString(2, contact.getName());
- ps.setString(3, contact.getEmail());
- });
- }
-
- public void delete(final Long contactId) {
- getJdbcTemplate().update("delete from contacts where id = ?", (ps) -> ps.setLong(1, contactId));
- }
-
- public void update(final Contact contact) {
- getJdbcTemplate().update("update contacts set contact_name = ?, address = ? where id = ?", (ps) -> {
- ps.setString(1, contact.getName());
- ps.setString(2, contact.getEmail());
- ps.setLong(3, contact.getId());
- });
- }
-
- public List findAll() {
- return getJdbcTemplate().query("select id, contact_name, email from contacts order by id",
- (rs, rowNum) -> mapContact(rs));
- }
-
- public List findAllPrincipals() {
- return getJdbcTemplate().queryForList("select username from users order by username", String.class);
- }
-
- public List findAllRoles() {
- return getJdbcTemplate().queryForList("select distinct authority from authorities order by authority",
- String.class);
- }
-
- public Contact getById(Long id) {
- List list = getJdbcTemplate().query(
- "select id, contact_name, email from contacts where id = ? order by id", (rs, rowNum) -> mapContact(rs),
- id);
-
- if (list.size() == 0) {
- return null;
- }
- else {
- return list.get(0);
- }
- }
-
- private Contact mapContact(ResultSet rs) throws SQLException {
- Contact contact = new Contact();
- contact.setId(rs.getLong("id"));
- contact.setName(rs.getString("contact_name"));
- contact.setEmail(rs.getString("email"));
-
- return contact;
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/ContactManager.java b/servlet/xml/java/contacts/src/main/java/sample/contact/ContactManager.java
deleted file mode 100644
index c090d9a..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/ContactManager.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import java.util.List;
-
-import org.springframework.security.access.prepost.PostFilter;
-import org.springframework.security.access.prepost.PreAuthorize;
-import org.springframework.security.acls.model.Permission;
-import org.springframework.security.acls.model.Sid;
-
-/**
- * Interface for the application's services layer.
- *
- * @author Ben Alex
- */
-public interface ContactManager {
-
- @PreAuthorize("hasPermission(#contact, admin)")
- void addPermission(Contact contact, Sid recipient, Permission permission);
-
- @PreAuthorize("hasPermission(#contact, admin)")
- void deletePermission(Contact contact, Sid recipient, Permission permission);
-
- @PreAuthorize("hasRole('ROLE_USER')")
- void create(Contact contact);
-
- @PreAuthorize("hasPermission(#contact, 'delete') or hasPermission(#contact, admin)")
- void delete(Contact contact);
-
- @PreAuthorize("hasRole('ROLE_USER')")
- @PostFilter("hasPermission(filterObject, 'read') or hasPermission(filterObject, admin)")
- List getAll();
-
- @PreAuthorize("hasRole('ROLE_USER')")
- List getAllRecipients();
-
- @PreAuthorize("hasPermission(#id, 'sample.contact.Contact', read) or "
- + "hasPermission(#id, 'sample.contact.Contact', admin)")
- Contact getById(Long id);
-
- Contact getRandomContact();
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/ContactManagerBackend.java b/servlet/xml/java/contacts/src/main/java/sample/contact/ContactManagerBackend.java
deleted file mode 100644
index 98efea5..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/ContactManagerBackend.java
+++ /dev/null
@@ -1,181 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import java.util.List;
-import java.util.Random;
-
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.context.support.ApplicationObjectSupport;
-import org.springframework.security.acls.domain.BasePermission;
-import org.springframework.security.acls.domain.ObjectIdentityImpl;
-import org.springframework.security.acls.domain.PrincipalSid;
-import org.springframework.security.acls.model.AccessControlEntry;
-import org.springframework.security.acls.model.MutableAcl;
-import org.springframework.security.acls.model.MutableAclService;
-import org.springframework.security.acls.model.NotFoundException;
-import org.springframework.security.acls.model.ObjectIdentity;
-import org.springframework.security.acls.model.Permission;
-import org.springframework.security.acls.model.Sid;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.transaction.annotation.Transactional;
-import org.springframework.util.Assert;
-
-/**
- * Concrete implementation of {@link ContactManager}.
- *
- * @author Ben Alex
- */
-@Transactional
-public class ContactManagerBackend extends ApplicationObjectSupport implements ContactManager, InitializingBean {
-
- private ContactDao contactDao;
-
- private MutableAclService mutableAclService;
-
- private int counter = 1000;
-
- public void afterPropertiesSet() {
- Assert.notNull(this.contactDao, "contactDao required");
- Assert.notNull(this.mutableAclService, "mutableAclService required");
- }
-
- public void addPermission(Contact contact, Sid recipient, Permission permission) {
- MutableAcl acl;
- ObjectIdentity oid = new ObjectIdentityImpl(Contact.class, contact.getId());
-
- try {
- acl = (MutableAcl) this.mutableAclService.readAclById(oid);
- }
- catch (NotFoundException nfe) {
- acl = this.mutableAclService.createAcl(oid);
- }
-
- acl.insertAce(acl.getEntries().size(), permission, recipient, true);
- this.mutableAclService.updateAcl(acl);
-
- logger.debug("Added permission " + permission + " for Sid " + recipient + " contact " + contact);
- }
-
- public void create(Contact contact) {
- // Create the Contact itself
- contact.setId((long) this.counter++);
- this.contactDao.create(contact);
-
- // Grant the current principal administrative permission to the contact
- addPermission(contact, new PrincipalSid(getUsername()), BasePermission.ADMINISTRATION);
-
- if (logger.isDebugEnabled()) {
- logger.debug("Created contact " + contact + " and granted admin permission to recipient " + getUsername());
- }
- }
-
- public void delete(Contact contact) {
- this.contactDao.delete(contact.getId());
-
- // Delete the ACL information as well
- ObjectIdentity oid = new ObjectIdentityImpl(Contact.class, contact.getId());
- this.mutableAclService.deleteAcl(oid, false);
-
- if (logger.isDebugEnabled()) {
- logger.debug("Deleted contact " + contact + " including ACL permissions");
- }
- }
-
- public void deletePermission(Contact contact, Sid recipient, Permission permission) {
- ObjectIdentity oid = new ObjectIdentityImpl(Contact.class, contact.getId());
- MutableAcl acl = (MutableAcl) this.mutableAclService.readAclById(oid);
-
- // Remove all permissions associated with this particular recipient (string
- // equality to KISS)
- List entries = acl.getEntries();
-
- for (int i = 0; i < entries.size(); i++) {
- if (entries.get(i).getSid().equals(recipient) && entries.get(i).getPermission().equals(permission)) {
- acl.deleteAce(i);
- }
- }
-
- this.mutableAclService.updateAcl(acl);
-
- if (logger.isDebugEnabled()) {
- logger.debug("Deleted contact " + contact + " ACL permissions for recipient " + recipient);
- }
- }
-
- @Transactional(readOnly = true)
- public List getAll() {
- logger.debug("Returning all contacts");
-
- return this.contactDao.findAll();
- }
-
- @Transactional(readOnly = true)
- public List getAllRecipients() {
- logger.debug("Returning all recipients");
-
- return this.contactDao.findAllPrincipals();
- }
-
- @Transactional(readOnly = true)
- public Contact getById(Long id) {
- if (logger.isDebugEnabled()) {
- logger.debug("Returning contact with id: " + id);
- }
-
- return this.contactDao.getById(id);
- }
-
- @Transactional(readOnly = true)
- public Contact getRandomContact() {
- logger.debug("Returning random contact");
-
- Random rnd = new Random();
- List contacts = this.contactDao.findAll();
- int getNumber = rnd.nextInt(contacts.size());
-
- return contacts.get(getNumber);
- }
-
- protected String getUsername() {
- Authentication auth = SecurityContextHolder.getContext().getAuthentication();
-
- if (auth.getPrincipal() instanceof UserDetails) {
- return ((UserDetails) auth.getPrincipal()).getUsername();
- }
- else {
- return auth.getPrincipal().toString();
- }
- }
-
- public void setContactDao(ContactDao contactDao) {
- this.contactDao = contactDao;
- }
-
- public void setMutableAclService(MutableAclService mutableAclService) {
- this.mutableAclService = mutableAclService;
- }
-
- public void update(Contact contact) {
- this.contactDao.update(contact);
-
- logger.debug("Updated contact " + contact);
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/DataSourcePopulator.java b/servlet/xml/java/contacts/src/main/java/sample/contact/DataSourcePopulator.java
deleted file mode 100644
index d064d95..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/DataSourcePopulator.java
+++ /dev/null
@@ -1,279 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import java.util.Random;
-
-import javax.sql.DataSource;
-
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.jdbc.core.JdbcTemplate;
-import org.springframework.security.acls.domain.AclImpl;
-import org.springframework.security.acls.domain.BasePermission;
-import org.springframework.security.acls.domain.ObjectIdentityImpl;
-import org.springframework.security.acls.domain.PrincipalSid;
-import org.springframework.security.acls.model.MutableAcl;
-import org.springframework.security.acls.model.MutableAclService;
-import org.springframework.security.acls.model.ObjectIdentity;
-import org.springframework.security.acls.model.Permission;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.transaction.PlatformTransactionManager;
-import org.springframework.transaction.support.TransactionTemplate;
-import org.springframework.util.Assert;
-
-/**
- * Populates the Contacts in-memory database with contact and ACL information.
- *
- * @author Ben Alex
- */
-public class DataSourcePopulator implements InitializingBean {
-
- JdbcTemplate template;
-
- private MutableAclService mutableAclService;
-
- final Random rnd = new Random();
-
- TransactionTemplate tt;
-
- final String[] firstNames = { "Bob", "Mary", "James", "Jane", "Kristy", "Kirsty", "Kate", "Jeni", "Angela",
- "Melanie", "Kent", "William", "Geoff", "Jeff", "Adrian", "Amanda", "Lisa", "Elizabeth", "Prue", "Richard",
- "Darin", "Phillip", "Michael", "Belinda", "Samantha", "Brian", "Greg", "Matthew" };
-
- final String[] lastNames = { "Smith", "Williams", "Jackson", "Rictor", "Nelson", "Fitzgerald", "McAlpine",
- "Sutherland", "Abbott", "Hall", "Edwards", "Gates", "Black", "Brown", "Gray", "Marwell", "Booch", "Johnson",
- "McTaggart", "Parklin", "Findlay", "Robinson", "Giugni", "Lang", "Chi", "Carmichael" };
-
- private int createEntities = 50;
-
- public void afterPropertiesSet() {
- Assert.notNull(this.mutableAclService, "mutableAclService required");
- Assert.notNull(this.template, "dataSource required");
- Assert.notNull(this.tt, "platformTransactionManager required");
-
- // Set a user account that will initially own all the created data
- Authentication authRequest = new UsernamePasswordAuthenticationToken("rod", "koala",
- AuthorityUtils.createAuthorityList("ROLE_IGNORED"));
- SecurityContextHolder.getContext().setAuthentication(authRequest);
-
- try {
- this.template.execute("DROP TABLE CONTACTS");
- this.template.execute("DROP TABLE AUTHORITIES");
- this.template.execute("DROP TABLE USERS");
- this.template.execute("DROP TABLE ACL_ENTRY");
- this.template.execute("DROP TABLE ACL_OBJECT_IDENTITY");
- this.template.execute("DROP TABLE ACL_CLASS");
- this.template.execute("DROP TABLE ACL_SID");
- }
- catch (Exception ex) {
- System.out.println("Failed to drop tables: " + ex.getMessage());
- }
-
- this.template.execute("CREATE TABLE ACL_SID("
- + "ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100) NOT NULL PRIMARY KEY,"
- + "PRINCIPAL BOOLEAN NOT NULL," + "SID VARCHAR_IGNORECASE(100) NOT NULL,"
- + "CONSTRAINT UNIQUE_UK_1 UNIQUE(SID,PRINCIPAL));");
- this.template.execute("CREATE TABLE ACL_CLASS("
- + "ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100) NOT NULL PRIMARY KEY,"
- + "CLASS VARCHAR_IGNORECASE(100) NOT NULL," + "CLASS_ID_TYPE VARCHAR_IGNORECASE(100),"
- + "CONSTRAINT UNIQUE_UK_2 UNIQUE(CLASS));");
- this.template.execute("CREATE TABLE ACL_OBJECT_IDENTITY("
- + "ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100) NOT NULL PRIMARY KEY,"
- + "OBJECT_ID_CLASS BIGINT NOT NULL," + "OBJECT_ID_IDENTITY VARCHAR_IGNORECASE(36) NOT NULL,"
- + "PARENT_OBJECT BIGINT," + "OWNER_SID BIGINT," + "ENTRIES_INHERITING BOOLEAN NOT NULL,"
- + "CONSTRAINT UNIQUE_UK_3 UNIQUE(OBJECT_ID_CLASS,OBJECT_ID_IDENTITY),"
- + "CONSTRAINT FOREIGN_FK_1 FOREIGN KEY(PARENT_OBJECT)REFERENCES ACL_OBJECT_IDENTITY(ID),"
- + "CONSTRAINT FOREIGN_FK_2 FOREIGN KEY(OBJECT_ID_CLASS)REFERENCES ACL_CLASS(ID),"
- + "CONSTRAINT FOREIGN_FK_3 FOREIGN KEY(OWNER_SID)REFERENCES ACL_SID(ID));");
- this.template.execute("CREATE TABLE ACL_ENTRY("
- + "ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 100) NOT NULL PRIMARY KEY,"
- + "ACL_OBJECT_IDENTITY BIGINT NOT NULL,ACE_ORDER INT NOT NULL,SID BIGINT NOT NULL,"
- + "MASK INTEGER NOT NULL,GRANTING BOOLEAN NOT NULL,AUDIT_SUCCESS BOOLEAN NOT NULL,"
- + "AUDIT_FAILURE BOOLEAN NOT NULL,CONSTRAINT UNIQUE_UK_4 UNIQUE(ACL_OBJECT_IDENTITY,ACE_ORDER),"
- + "CONSTRAINT FOREIGN_FK_4 FOREIGN KEY(ACL_OBJECT_IDENTITY) REFERENCES ACL_OBJECT_IDENTITY(ID),"
- + "CONSTRAINT FOREIGN_FK_5 FOREIGN KEY(SID) REFERENCES ACL_SID(ID));");
-
- this.template.execute(
- "CREATE TABLE USERS(USERNAME VARCHAR_IGNORECASE(50) NOT NULL PRIMARY KEY,PASSWORD VARCHAR_IGNORECASE(500) NOT NULL,ENABLED BOOLEAN NOT NULL);");
- this.template.execute(
- "CREATE TABLE AUTHORITIES(USERNAME VARCHAR_IGNORECASE(50) NOT NULL,AUTHORITY VARCHAR_IGNORECASE(50) NOT NULL,CONSTRAINT FK_AUTHORITIES_USERS FOREIGN KEY(USERNAME) REFERENCES USERS(USERNAME));");
- this.template.execute("CREATE UNIQUE INDEX IX_AUTH_USERNAME ON AUTHORITIES(USERNAME,AUTHORITY);");
-
- this.template.execute(
- "CREATE TABLE CONTACTS(ID BIGINT NOT NULL PRIMARY KEY, CONTACT_NAME VARCHAR_IGNORECASE(50) NOT NULL, EMAIL VARCHAR_IGNORECASE(50) NOT NULL)");
-
- /*
- * Passwords encoded using MD5, NOT in Base64 format, with null as salt Encoded
- * password for rod is "koala" Encoded password for dianne is "emu" Encoded
- * password for scott is "wombat" Encoded password for peter is "opal" (but user
- * is disabled) Encoded password for bill is "wombat" Encoded password for bob is
- * "wombat" Encoded password for jane is "wombat"
- */
- this.template.execute(
- "INSERT INTO USERS VALUES('rod','$2a$10$75pBjapg4Nl8Pzd.3JRnUe7PDJmk9qBGwNEJDAlA3V.dEJxcDKn5O',TRUE);");
- this.template.execute(
- "INSERT INTO USERS VALUES('dianne','$2a$04$bCMEyxrdF/7sgfUiUJ6Ose2vh9DAMaVBldS1Bw2fhi1jgutZrr9zm',TRUE);");
- this.template.execute(
- "INSERT INTO USERS VALUES('scott','$2a$06$eChwvzAu3TSexnC3ynw4LOSw1qiEbtNItNeYv5uI40w1i3paoSfLu',TRUE);");
- this.template.execute(
- "INSERT INTO USERS VALUES('peter','$2a$04$8.H8bCMROLF4CIgd7IpeQ.tcBXLP5w8iplO0n.kCIkISwrIgX28Ii',FALSE);");
- this.template.execute(
- "INSERT INTO USERS VALUES('bill','$2a$04$8.H8bCMROLF4CIgd7IpeQ.3khQlPVNWbp8kzSQqidQHGFurim7P8O',TRUE);");
- this.template.execute(
- "INSERT INTO USERS VALUES('bob','$2a$06$zMgxlMf01SfYNcdx7n4NpeFlAGU8apCETz/i2C7VlYWu6IcNyn4Ay',TRUE);");
- this.template.execute(
- "INSERT INTO USERS VALUES('jane','$2a$05$ZrdS7yMhCZ1J.AAidXZhCOxdjD8LO/dhlv4FJzkXA6xh9gdEbBT/u',TRUE);");
- this.template.execute("INSERT INTO AUTHORITIES VALUES('rod','ROLE_USER');");
- this.template.execute("INSERT INTO AUTHORITIES VALUES('rod','ROLE_SUPERVISOR');");
- this.template.execute("INSERT INTO AUTHORITIES VALUES('dianne','ROLE_USER');");
- this.template.execute("INSERT INTO AUTHORITIES VALUES('scott','ROLE_USER');");
- this.template.execute("INSERT INTO AUTHORITIES VALUES('peter','ROLE_USER');");
- this.template.execute("INSERT INTO AUTHORITIES VALUES('bill','ROLE_USER');");
- this.template.execute("INSERT INTO AUTHORITIES VALUES('bob','ROLE_USER');");
- this.template.execute("INSERT INTO AUTHORITIES VALUES('jane','ROLE_USER');");
-
- this.template.execute("INSERT INTO contacts VALUES (1, 'John Smith', 'john@somewhere.com');");
- this.template.execute("INSERT INTO contacts VALUES (2, 'Michael Citizen', 'michael@xyz.com');");
- this.template.execute("INSERT INTO contacts VALUES (3, 'Joe Bloggs', 'joe@demo.com');");
- this.template.execute("INSERT INTO contacts VALUES (4, 'Karen Sutherland', 'karen@sutherland.com');");
- this.template.execute("INSERT INTO contacts VALUES (5, 'Mitchell Howard', 'mitchell@abcdef.com');");
- this.template.execute("INSERT INTO contacts VALUES (6, 'Rose Costas', 'rose@xyz.com');");
- this.template.execute("INSERT INTO contacts VALUES (7, 'Amanda Smith', 'amanda@abcdef.com');");
- this.template.execute("INSERT INTO contacts VALUES (8, 'Cindy Smith', 'cindy@smith.com');");
- this.template.execute("INSERT INTO contacts VALUES (9, 'Jonathan Citizen', 'jonathan@xyz.com');");
-
- for (int i = 10; i < this.createEntities; i++) {
- String[] person = selectPerson();
- this.template.execute("INSERT INTO contacts VALUES (" + i + ", '" + person[2] + "', '"
- + person[0].toLowerCase() + "@" + person[1].toLowerCase() + ".com');");
- }
-
- // Create acl_object_identity rows (and also acl_class rows as needed
- for (int i = 1; i < this.createEntities; i++) {
- final ObjectIdentity objectIdentity = new ObjectIdentityImpl(Contact.class, (long) i);
- this.tt.execute((arg0) -> {
- this.mutableAclService.createAcl(objectIdentity);
-
- return null;
- });
- }
-
- // Now grant some permissions
- grantPermissions(1, "rod", BasePermission.ADMINISTRATION);
- grantPermissions(2, "rod", BasePermission.READ);
- grantPermissions(3, "rod", BasePermission.READ);
- grantPermissions(3, "rod", BasePermission.WRITE);
- grantPermissions(3, "rod", BasePermission.DELETE);
- grantPermissions(4, "rod", BasePermission.ADMINISTRATION);
- grantPermissions(4, "dianne", BasePermission.ADMINISTRATION);
- grantPermissions(4, "scott", BasePermission.READ);
- grantPermissions(5, "dianne", BasePermission.ADMINISTRATION);
- grantPermissions(5, "dianne", BasePermission.READ);
- grantPermissions(6, "dianne", BasePermission.READ);
- grantPermissions(6, "dianne", BasePermission.WRITE);
- grantPermissions(6, "dianne", BasePermission.DELETE);
- grantPermissions(6, "scott", BasePermission.READ);
- grantPermissions(7, "scott", BasePermission.ADMINISTRATION);
- grantPermissions(8, "dianne", BasePermission.ADMINISTRATION);
- grantPermissions(8, "dianne", BasePermission.READ);
- grantPermissions(8, "scott", BasePermission.READ);
- grantPermissions(9, "scott", BasePermission.ADMINISTRATION);
- grantPermissions(9, "scott", BasePermission.READ);
- grantPermissions(9, "scott", BasePermission.WRITE);
- grantPermissions(9, "scott", BasePermission.DELETE);
-
- // Now expressly change the owner of the first ten contacts
- // We have to do this last, because "rod" owns all of them (doing it sooner would
- // prevent ACL updates)
- // Note that ownership has no impact on permissions - they're separate (ownership
- // only allows ACl editing)
- changeOwner(5, "dianne");
- changeOwner(6, "dianne");
- changeOwner(7, "scott");
- changeOwner(8, "dianne");
- changeOwner(9, "scott");
-
- String[] users = { "bill", "bob", "jane" }; // don't want to mess around with
- // consistent sample data
- Permission[] permissions = { BasePermission.ADMINISTRATION, BasePermission.READ, BasePermission.DELETE };
-
- for (int i = 10; i < this.createEntities; i++) {
- String user = users[this.rnd.nextInt(users.length)];
- Permission permission = permissions[this.rnd.nextInt(permissions.length)];
- grantPermissions(i, user, permission);
-
- String user2 = users[this.rnd.nextInt(users.length)];
- Permission permission2 = permissions[this.rnd.nextInt(permissions.length)];
- grantPermissions(i, user2, permission2);
- }
-
- SecurityContextHolder.clearContext();
- }
-
- private void changeOwner(int contactNumber, String newOwnerUsername) {
- AclImpl acl = (AclImpl) this.mutableAclService
- .readAclById(new ObjectIdentityImpl(Contact.class, (long) contactNumber));
- acl.setOwner(new PrincipalSid(newOwnerUsername));
- updateAclInTransaction(acl);
- }
-
- public int getCreateEntities() {
- return this.createEntities;
- }
-
- private void grantPermissions(int contactNumber, String recipientUsername, Permission permission) {
- AclImpl acl = (AclImpl) this.mutableAclService
- .readAclById(new ObjectIdentityImpl(Contact.class, (long) contactNumber));
- acl.insertAce(acl.getEntries().size(), permission, new PrincipalSid(recipientUsername), true);
- updateAclInTransaction(acl);
- }
-
- private String[] selectPerson() {
- String firstName = this.firstNames[this.rnd.nextInt(this.firstNames.length)];
- String lastName = this.lastNames[this.rnd.nextInt(this.lastNames.length)];
-
- return new String[] { firstName, lastName, firstName + " " + lastName };
- }
-
- public void setCreateEntities(int createEntities) {
- this.createEntities = createEntities;
- }
-
- public void setDataSource(DataSource dataSource) {
- this.template = new JdbcTemplate(dataSource);
- }
-
- public void setMutableAclService(MutableAclService mutableAclService) {
- this.mutableAclService = mutableAclService;
- }
-
- public void setPlatformTransactionManager(PlatformTransactionManager platformTransactionManager) {
- this.tt = new TransactionTemplate(platformTransactionManager);
- }
-
- private void updateAclInTransaction(final MutableAcl acl) {
- this.tt.execute((arg0) -> {
- this.mutableAclService.updateAcl(acl);
-
- return null;
- });
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/IndexController.java b/servlet/xml/java/contacts/src/main/java/sample/contact/IndexController.java
deleted file mode 100644
index 9dffd12..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/IndexController.java
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.PermissionEvaluator;
-import org.springframework.security.acls.AclPermissionEvaluator;
-import org.springframework.security.acls.domain.BasePermission;
-import org.springframework.security.acls.model.Permission;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.servlet.ModelAndView;
-
-/**
- * Controller which handles simple, single request use cases such as index pages and
- * contact deletion.
- *
- * @author Luke Taylor
- * @since 3.0
- */
-@Controller
-public class IndexController {
-
- private static final Permission[] HAS_DELETE = new Permission[] { BasePermission.DELETE,
- BasePermission.ADMINISTRATION };
-
- private static final Permission[] HAS_ADMIN = new Permission[] { BasePermission.ADMINISTRATION };
-
- @Autowired
- private ContactManager contactManager;
-
- @Autowired
- private PermissionEvaluator permissionEvaluator;
-
- /**
- * The public index page, used for unauthenticated users.
- * @return the public index page
- */
- @RequestMapping(value = "/hello.htm", method = RequestMethod.GET)
- public ModelAndView displayPublicIndex() {
- Contact rnd = this.contactManager.getRandomContact();
-
- return new ModelAndView("hello", "contact", rnd);
- }
-
- /**
- * The index page for an authenticated user.
- *
- * This controller displays a list of all the contacts for which the current user has
- * read or admin permissions. It makes a call to {@link ContactManager#getAll()} which
- * automatically filters the returned list using Spring Security's ACL mechanism (see
- * the expression annotations on this interface for the details).
- *
- * In addition to rendering the list of contacts, the view will also include a "Del"
- * or "Admin" link beside the contact, depending on whether the user has the
- * corresponding permissions (admin permission is assumed to imply delete here). This
- * information is stored in the model using the injected {@link PermissionEvaluator}
- * instance. The implementation should be an instance of
- * {@link AclPermissionEvaluator} or one which is compatible with Spring Security's
- * ACL module.
- * @return index page
- */
- @RequestMapping(value = "/secure/index.htm", method = RequestMethod.GET)
- public ModelAndView displayUserContacts() {
- List myContactsList = this.contactManager.getAll();
- Map hasDelete = new HashMap<>(myContactsList.size());
- Map hasAdmin = new HashMap<>(myContactsList.size());
-
- Authentication user = SecurityContextHolder.getContext().getAuthentication();
-
- for (Contact contact : myContactsList) {
- hasDelete.put(contact, this.permissionEvaluator.hasPermission(user, contact, HAS_DELETE));
- hasAdmin.put(contact, this.permissionEvaluator.hasPermission(user, contact, HAS_ADMIN));
- }
-
- Map model = new HashMap<>();
- model.put("contacts", myContactsList);
- model.put("hasDeletePermission", hasDelete);
- model.put("hasAdminPermission", hasAdmin);
-
- return new ModelAndView("index", "model", model);
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/WebContact.java b/servlet/xml/java/contacts/src/main/java/sample/contact/WebContact.java
deleted file mode 100644
index d2496f7..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/WebContact.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-/**
- * An object that represents user-editable sections of a {@link Contact}.
- *
- * @author Ben Alex
- */
-public class WebContact {
-
- private String email;
-
- private String name;
-
- public String getEmail() {
- return this.email;
- }
-
- public String getName() {
- return this.name;
- }
-
- public void setEmail(String email) {
- this.email = email;
- }
-
- public void setName(String name) {
- this.name = name;
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/java/sample/contact/WebContactValidator.java b/servlet/xml/java/contacts/src/main/java/sample/contact/WebContactValidator.java
deleted file mode 100644
index 4033ec1..0000000
--- a/servlet/xml/java/contacts/src/main/java/sample/contact/WebContactValidator.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import org.springframework.validation.Errors;
-import org.springframework.validation.Validator;
-
-/**
- * Validates {@link WebContact}.
- *
- * @author Ben Alex
- */
-public class WebContactValidator implements Validator {
-
- @SuppressWarnings("unchecked")
- public boolean supports(Class clazz) {
- return clazz.equals(WebContact.class);
- }
-
- public void validate(Object obj, Errors errors) {
- WebContact wc = (WebContact) obj;
-
- if ((wc.getName() == null) || (wc.getName().length() < 3) || (wc.getName().length() > 50)) {
- errors.rejectValue("name", "err.name", "Name 3-50 characters is required. *");
- }
-
- if ((wc.getEmail() == null) || (wc.getEmail().length() < 3) || (wc.getEmail().length() > 50)) {
- errors.rejectValue("email", "err.email", "Email 3-50 characters is required. *");
- }
- }
-
-}
diff --git a/servlet/xml/java/contacts/src/main/resources/applicationContext-common-authorization.xml b/servlet/xml/java/contacts/src/main/resources/applicationContext-common-authorization.xml
deleted file mode 100644
index 92bee0e..0000000
--- a/servlet/xml/java/contacts/src/main/resources/applicationContext-common-authorization.xml
+++ /dev/null
@@ -1,65 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/servlet/xml/java/contacts/src/main/resources/applicationContext-common-business.xml b/servlet/xml/java/contacts/src/main/resources/applicationContext-common-business.xml
deleted file mode 100644
index 28ebc0a..0000000
--- a/servlet/xml/java/contacts/src/main/resources/applicationContext-common-business.xml
+++ /dev/null
@@ -1,49 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/servlet/xml/java/contacts/src/main/resources/applicationContext-security.xml b/servlet/xml/java/contacts/src/main/resources/applicationContext-security.xml
deleted file mode 100644
index 40ff543..0000000
--- a/servlet/xml/java/contacts/src/main/resources/applicationContext-security.xml
+++ /dev/null
@@ -1,70 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/servlet/xml/java/contacts/src/main/resources/logback.xml b/servlet/xml/java/contacts/src/main/resources/logback.xml
deleted file mode 100644
index 993a0bf..0000000
--- a/servlet/xml/java/contacts/src/main/resources/logback.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-
-
-
- %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
-
-
-
-
-
-
-
-
-
-
diff --git a/servlet/xml/java/contacts/src/main/resources/messages.properties b/servlet/xml/java/contacts/src/main/resources/messages.properties
deleted file mode 100644
index 058905c..0000000
--- a/servlet/xml/java/contacts/src/main/resources/messages.properties
+++ /dev/null
@@ -1,6 +0,0 @@
-err.name=Name 3-50 characters is required.
-err.email=Email 3-50 characters is required.
-err.permission=Permission is required.
-err.recipient=Recipient is required.
-err.permission.invalid=The indicated permission is invalid.
-err.recipient.length=The recipient is too long (maximum 100 characters).
\ No newline at end of file
diff --git a/servlet/xml/java/contacts/src/main/webapp/WEB-INF/contacts-servlet.xml b/servlet/xml/java/contacts/src/main/webapp/WEB-INF/contacts-servlet.xml
deleted file mode 100644
index 1ec14d6..0000000
--- a/servlet/xml/java/contacts/src/main/webapp/WEB-INF/contacts-servlet.xml
+++ /dev/null
@@ -1,26 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/servlet/xml/java/contacts/src/main/webapp/WEB-INF/jsp/add.jsp b/servlet/xml/java/contacts/src/main/webapp/WEB-INF/jsp/add.jsp
deleted file mode 100644
index 02630f9..0000000
--- a/servlet/xml/java/contacts/src/main/webapp/WEB-INF/jsp/add.jsp
+++ /dev/null
@@ -1,42 +0,0 @@
-<%@ include file="/WEB-INF/jsp/include.jsp" %>
-
-Add New Contact
-
-
This contains frames, but the frames will not be loaded due to the X-Frame-Options
-being specified as denied. This protects against clickjacking attacks
-
-
-
\ No newline at end of file
diff --git a/servlet/xml/java/contacts/src/main/webapp/WEB-INF/jsp/hello.jsp b/servlet/xml/java/contacts/src/main/webapp/WEB-INF/jsp/hello.jsp
deleted file mode 100644
index 8713e0a..0000000
--- a/servlet/xml/java/contacts/src/main/webapp/WEB-INF/jsp/hello.jsp
+++ /dev/null
@@ -1,52 +0,0 @@
-<%@ include file="/WEB-INF/jsp/include.jsp" %>
-
-
-Contacts Security Demo
-
-
Contacts Security Demo
-
Contacts demonstrates the following central Spring Security capabilities:
-
-
Role-based security. Each principal is a member of certain roles,
- which are used to restrict access to certain secure objects.
-
Domain object instance security. The Contact, the
- main domain object in the application, has an access control list (ACL)
- that indicates who is allowed read, administer and delete the object.
-
Method invocation security. The ContactManager service
- layer bean has a number of secured (protected) and public (unprotected)
- methods.
-
Web request security. The /secure URI path is protected
- by Spring Security from principals not holding the
- ROLE_USER granted authority.
-
Security unaware application objects. None of the objects
- are aware of the security being implemented by Spring Security. *
-
Security taglib usage. All of the JSPs use Spring Security's
- taglib to evaluate security information. *
-
Fully declarative security. Every capability is configured in
- the application context using standard Spring Security classes. *
-
Database-sourced security data. All of the user, role and ACL
- information is obtained from an in-memory JDBC-compliant database.
-
Integrated form-based and BASIC authentication. Any BASIC
- authentication header is detected and used for authentication. Normal
- interactive form-based authentication is used by default.
-
Remember-me services. Spring Security's pluggable remember-me
- strategy is demonstrated, with a corresponding checkbox on the login form.
-
-
-* As the application provides an "ACL Administration" use case, those
-classes are necessarily aware of security. But no business use cases are.
-
-
Please excuse the lack of look 'n' feel polish in this application.
-It is about security, after all! :-)
-
-
To demonstrate a public method on ContactManager,
-here's a random Contact:
-
We're sorry, but you are not authorized to perform the requested operation.
-
\ No newline at end of file
diff --git a/servlet/xml/java/contacts/src/main/webapp/exitUser.jsp b/servlet/xml/java/contacts/src/main/webapp/exitUser.jsp
deleted file mode 100644
index 5f9e33b..0000000
--- a/servlet/xml/java/contacts/src/main/webapp/exitUser.jsp
+++ /dev/null
@@ -1,39 +0,0 @@
-<%@ taglib prefix='c' uri='http://java.sun.com/jsp/jstl/core' %>
-
-<%@ page import="org.springframework.security.core.Authentication" %>
-<%@ page import="org.springframework.security.core.context.SecurityContextHolder" %>
-<%@ page pageEncoding="UTF-8" %>
-
-
-
- Exit User
-
-
-
-
Exit User
-
-
-
- Your 'Exit User' attempt was not successful, try again.
- Reason:
-
-
-
-
-
-
diff --git a/servlet/xml/java/contacts/src/main/webapp/index.jsp b/servlet/xml/java/contacts/src/main/webapp/index.jsp
deleted file mode 100644
index 4c86e33..0000000
--- a/servlet/xml/java/contacts/src/main/webapp/index.jsp
+++ /dev/null
@@ -1,4 +0,0 @@
-<%@ include file="/WEB-INF/jsp/include.jsp" %>
-
-<%-- Redirected because we can't set the welcome page to a virtual URL. --%>
-
diff --git a/servlet/xml/java/contacts/src/main/webapp/login.jsp b/servlet/xml/java/contacts/src/main/webapp/login.jsp
deleted file mode 100644
index ed07288..0000000
--- a/servlet/xml/java/contacts/src/main/webapp/login.jsp
+++ /dev/null
@@ -1,47 +0,0 @@
-<%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<%@ page pageEncoding="UTF-8" %>
-
-
-
- Login
-
-
-
-
Login
-
-
Valid users:
-
-
username rod, password koala
-
username dianne, password emu
-
username scott, password wombat
-
username peter, password opal (user disabled)
-
username bill, password wombat
-
username bob, password wombat
-
username jane, password wombat
-
-
-
Locale is: <%= request.getLocale() %>
- <%-- this form-login-page form is also used as the
- form-error-page to ask for a login again.
- --%>
-
-
- Your login attempt was not successful, try again.
- <%-- this form-login-page form is also used as the
- form-error-page to ask for a login again.
- --%>
-
-
-
- Your 'su' attempt was not successful, try again.
-
-
-
-
-
-
-
-
diff --git a/servlet/xml/java/contacts/src/site/resources/logback-test.xml b/servlet/xml/java/contacts/src/site/resources/logback-test.xml
deleted file mode 100644
index 2d51ba4..0000000
--- a/servlet/xml/java/contacts/src/site/resources/logback-test.xml
+++ /dev/null
@@ -1,15 +0,0 @@
-
-
-
- %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
-
-
-
-
-
-
-
-
-
-
-
diff --git a/servlet/xml/java/contacts/src/site/resources/sslhowto.txt b/servlet/xml/java/contacts/src/site/resources/sslhowto.txt
deleted file mode 100644
index 9e073a6..0000000
--- a/servlet/xml/java/contacts/src/site/resources/sslhowto.txt
+++ /dev/null
@@ -1,99 +0,0 @@
-$Id$
-
-CAS requires HTTPS be used for all operations, with the certificate used
-having been signed by a certificate in the cacerts files shipped with Java.
-
-If you're using a HTTPS certificate signed by a well known authority
-(like Verisign), you can safely ignore the procedure below (although you
-might find the troubleshooting section at the end helpful).
-
-The following demonstrates how to create a self-signed certificate and add
-it to the cacerts file. If you just want to use the certificate we have
-already created and shipped with Spring Security, you
-can skip directly to step 3.
-
-
-1. keytool -keystore keystore -alias acegisecurity -genkey -keyalg RSA -validity 9999 -storepass password -keypass password
-
-What is your first and last name?
- [Unknown]: localhost
-What is the name of your organizational unit?
- [Unknown]: Spring Security
-What is the name of your organization?
- [Unknown]: TEST CERTIFICATE ONLY. DO NOT USE IN PRODUCTION.
-What is the name of your City or Locality?
- [Unknown]:
-What is the name of your State or Province?
- [Unknown]:
-What is the two-letter country code for this unit?
- [Unknown]:
-Is CN=localhost, OU=Spring Security, O=TEST CERTIFICATE ONLY. D
-O NOT USE IN PRODUCTION., L=Unknown, ST=Unknown, C=Unknown correct?
- [no]: yes
-
-
-2. keytool -export -v -rfc -alias acegisecurity -file acegisecurity.txt -keystore keystore -storepass password
-
-3. copy acegisecurity.txt %JAVA_HOME%\lib\security
-
-4. copy keystore %YOUR_WEB_CONTAINER_LOCATION%
-
- NOTE: You will need to configure your web container as appropriate.
- We recommend you test the certificate works by visiting
- https://localhost:8443. When prompted by your browser, select to
- install the certificate.
-
-5. cd %JAVA_HOME%\lib\security
-
-6. keytool -import -v -file acegisecurity.txt -keypass password -keystore cacerts -storepass changeit -alias acegisecurity
-
-Owner: CN=localhost, OU=Spring Security, O=TEST CERTIFICATE ONL
-Y. DO NOT USE IN PRODUCTION., L=Unknown, ST=Unknown, C=Unknown
-Issuer: CN=localhost, OU=Spring Security, O=TEST CERTIFICATE ON
-LY. DO NOT USE IN PRODUCTION., L=Unknown, ST=Unknown, C=Unknown
-Serial number: 4080daf4
-Valid from: Sat Apr 17 07:21:24 GMT 2004 until: Tue Sep 02 07:21:24 GMT 2031
-Certificate fingerprints:
- MD5: B4:AC:A8:24:34:99:F1:A9:F8:1D:A5:6C:BF:0A:34:FA
- SHA1: F1:E6:B1:3A:01:39:2D:CF:06:FA:82:AB:86:0D:77:9D:06:93:D6:B0
-Trust this certificate? [no]: yes
-Certificate was added to keystore
-[Saving cacerts]
-
-
-7. Finished. You can now run the sample application as if you purchased a
- properly signed certificate. For production applications, of course you should
- use an appropriately signed certificate so your web visitors will trust it
- (such as issued by Thawte, Verisign etc).
-
-TROUBLESHOOTING
-
-* First of all, most CAS-Acegi Security problems are because of untrusted
- SSL certificates. So it's important to understand why. Most people can
- load the Acegi Security webapp, get redirected to the CAS server, then
- after login they get redirected back to the Acegi Security webapp and
- receive a failure. This is because the CAS server redirects to something
- like https://server3.company.com/webapp/login/cas?ticket=ST-0-ER94xMJmn6pha35CQRoZ
- which causes the "service ticket" (the "ticket" parameter) to be validated.
- net.sf.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator
- performs service ticket validation by delegation to CAS'
- ProxyTicketValidator class. The ProxyTicketValidator class will perform a
- HTTPS connection from the web server running the Acegi Security webapp
- (server3.company.com) above to the CAS server. If for some reason the
- web server keystore does not trust the HTTPS certificate presented by the
- CAS server, you will receive various failures as discussed below. NB: This
- has NOTHING to do with client-side (browser) certificates. You need to
- correct the trust between the two webserver keystores alone.
-
-* A "sun.security.validator.ValidatorException: No trusted certificate
- found" indicates the cacerts is not being used or it did not correctly
- import the certificate. To rule out your web container replacing or in
- some way modifying the trust manager, set the
- CasProxyTicketValidator.trustStore property to the full file system
- location to your cacerts file.
-
-* If your web container is ignoring your cacerts file, double-check it
- is stored in $JAVA_HOME\lib\security\cacerts. $JAVA_HOME might be
- pointing to the SDK, not JRE. In that case, copy
- $JAVA_HOME\jre\lib\security\cacerts to $JAVA_HOME\lib\security\cacerts
-
diff --git a/servlet/xml/java/contacts/src/test/java/sample/contact/ContactManagerTests.java b/servlet/xml/java/contacts/src/test/java/sample/contact/ContactManagerTests.java
deleted file mode 100644
index 47999e2..0000000
--- a/servlet/xml/java/contacts/src/test/java/sample/contact/ContactManagerTests.java
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * Copyright 2002-2021 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.contact;
-
-import java.util.List;
-
-import org.junit.jupiter.api.AfterEach;
-import org.junit.jupiter.api.Test;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.acls.domain.BasePermission;
-import org.springframework.security.acls.domain.PrincipalSid;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit.jupiter.web.SpringJUnitWebConfig;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.fail;
-
-/**
- * Tests {@link ContactManager}.
- *
- * @author David Leal
- * @author Ben Alex
- * @author Luke Taylor
- */
-@ContextConfiguration(locations = { "/applicationContext-security.xml", "/applicationContext-common-authorization.xml",
- "/applicationContext-common-business.xml" })
-@SpringJUnitWebConfig
-public class ContactManagerTests {
-
- @Autowired
- protected ContactManager contactManager;
-
- void assertContainsContact(long id, List contacts) {
- for (Contact contact : contacts) {
- if (contact.getId().equals(id)) {
- return;
- }
- }
-
- fail("List of contacts should have contained: " + id);
- }
-
- void assertDoestNotContainContact(long id, List contacts) {
- for (Contact contact : contacts) {
- if (contact.getId().equals(id)) {
- fail("List of contact should NOT (but did) contain: " + id);
- }
- }
- }
-
- /**
- * Locates the first Contact of the exact name specified.
- *