diff --git a/samples/contacts/src/main/java/sample/contact/ContactManagerBackend.java b/samples/contacts/src/main/java/sample/contact/ContactManagerBackend.java
index ae27478b7f..dfb1543e0b 100644
--- a/samples/contacts/src/main/java/sample/contact/ContactManagerBackend.java
+++ b/samples/contacts/src/main/java/sample/contact/ContactManagerBackend.java
@@ -68,7 +68,7 @@ public class ContactManagerBackend extends ApplicationObjectSupport implements C
             acl = mutableAclService.createAcl(oid);
         }
 
-        acl.insertAce(acl.getEntries().length, permission, recipient, true);
+        acl.insertAce(acl.getEntries().size(), permission, recipient, true);
         mutableAclService.updateAcl(acl);
 
         if (logger.isDebugEnabled()) {
@@ -111,10 +111,10 @@ public class ContactManagerBackend extends ApplicationObjectSupport implements C
         MutableAcl acl = (MutableAcl) mutableAclService.readAclById(oid);
 
         // Remove all permissions associated with this particular recipient (string equality to KISS)
-        AccessControlEntry[] entries = acl.getEntries();
+        List<AccessControlEntry> entries = acl.getEntries();
 
-        for (int i = 0; i < entries.length; i++) {
-            if (entries[i].getSid().equals(recipient) && entries[i].getPermission().equals(permission)) {
+        for (int i = 0; i < entries.size(); i++) {
+            if (entries.get(i).getSid().equals(recipient) && entries.get(i).getPermission().equals(permission)) {
                 acl.deleteAce(i);
             }
         }
diff --git a/samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java b/samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java
index 96d213674c..b50f8230f2 100644
--- a/samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java
+++ b/samples/contacts/src/main/java/sample/contact/DataSourcePopulator.java
@@ -243,7 +243,7 @@ public class DataSourcePopulator implements InitializingBean {
     private void grantPermissions(int contactNumber, String recipientUsername, Permission permission) {
         AclImpl acl = (AclImpl) mutableAclService.readAclById(new ObjectIdentityImpl(Contact.class,
                     new Long(contactNumber)));
-        acl.insertAce(acl.getEntries().length, permission, new PrincipalSid(recipientUsername), true);
+        acl.insertAce(acl.getEntries().size(), permission, new PrincipalSid(recipientUsername), true);
         updateAclInTransaction(acl);
     }
 
diff --git a/samples/dms/src/main/java/sample/dms/secured/SecureDataSourcePopulator.java b/samples/dms/src/main/java/sample/dms/secured/SecureDataSourcePopulator.java
index 7a7149da86..72fc48e8d2 100755
--- a/samples/dms/src/main/java/sample/dms/secured/SecureDataSourcePopulator.java
+++ b/samples/dms/src/main/java/sample/dms/secured/SecureDataSourcePopulator.java
@@ -76,9 +76,9 @@ public class SecureDataSourcePopulator extends DataSourcePopulator {
 
         // Now we have an ACL, add another ACE to it
         if (level == LEVEL_NEGATE_READ) {
-            acl.insertAce(acl.getEntries().length, permission, sid, false); // not granting
+            acl.insertAce(acl.getEntries().size(), permission, sid, false); // not granting
         } else {
-            acl.insertAce(acl.getEntries().length, permission, sid, true); // granting
+            acl.insertAce(acl.getEntries().size(), permission, sid, true); // granting
         }
 
         // Finally, persist the modified ACL
diff --git a/samples/dms/src/main/java/sample/dms/secured/SecureDocumentDaoImpl.java b/samples/dms/src/main/java/sample/dms/secured/SecureDocumentDaoImpl.java
index f79b95e6c9..d1ee9b0420 100755
--- a/samples/dms/src/main/java/sample/dms/secured/SecureDocumentDaoImpl.java
+++ b/samples/dms/src/main/java/sample/dms/secured/SecureDocumentDaoImpl.java
@@ -54,7 +54,7 @@ public class SecureDocumentDaoImpl extends DocumentDaoImpl implements SecureDocu
             MutableAcl aclParent = (MutableAcl) mutableAclService.readAclById(parentIdentity);
             acl.setParent(aclParent);
         }
-        acl.insertAce(acl.getEntries().length, BasePermission.ADMINISTRATION, new PrincipalSid(SecurityContextHolder.getContext().getAuthentication()), true);
+        acl.insertAce(acl.getEntries().size(), BasePermission.ADMINISTRATION, new PrincipalSid(SecurityContextHolder.getContext().getAuthentication()), true);
 
         mutableAclService.updateAcl(acl);
     }
diff --git a/taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java b/taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java
index 1164679db0..86dc799882 100644
--- a/taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java
+++ b/taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java
@@ -36,7 +36,9 @@ import org.springframework.context.ApplicationContext;
 import org.springframework.web.context.support.WebApplicationContextUtils;
 import org.springframework.web.util.ExpressionEvaluationUtils;
 
+import java.util.ArrayList;
 import java.util.HashSet;
+import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import java.util.StringTokenizer;
@@ -93,7 +95,7 @@ public class AccessControlListTag extends TagSupport {
         final String evaledPermissionsString = ExpressionEvaluationUtils.evaluateString("hasPermission", hasPermission,
                 pageContext);
 
-        Permission[] requiredPermissions = null;
+        List<Permission> requiredPermissions = null;
 
         try {
             requiredPermissions = parsePermissionsString(evaledPermissionsString);
@@ -128,7 +130,7 @@ public class AccessControlListTag extends TagSupport {
             return Tag.SKIP_BODY;
         }
 
-        Sid[] sids = sidRetrievalStrategy.getSids(SecurityContextHolder.getContext().getAuthentication());
+        List<Sid> sids = sidRetrievalStrategy.getSids(SecurityContextHolder.getContext().getAuthentication());
         ObjectIdentity oid = objectIdentityRetrievalStrategy.getObjectIdentity(resolvedDomainObject);
 
         // Obtain aclEntrys applying to the current Authentication object
@@ -212,9 +214,9 @@ public class AccessControlListTag extends TagSupport {
         }
     }
 
-    private Permission[] parsePermissionsString(String integersString)
+    private List<Permission> parsePermissionsString(String integersString)
         throws NumberFormatException {
-        final Set permissions = new HashSet();
+        final Set<Permission> permissions = new HashSet<Permission>();
         final StringTokenizer tokenizer;
         tokenizer = new StringTokenizer(integersString, ",", false);
 
@@ -223,7 +225,7 @@ public class AccessControlListTag extends TagSupport {
             permissions.add(BasePermission.buildFromMask(new Integer(integer).intValue()));
         }
 
-        return (Permission[]) permissions.toArray(new Permission[permissions.size()]);
+        return new ArrayList<Permission>(permissions);
     }
 
     public void setDomainObject(Object domainObject) {