diff --git a/sandbox/heavyduty/build.gradle b/sandbox/heavyduty/build.gradle
deleted file mode 100644
index 4533d90ba4..0000000000
--- a/sandbox/heavyduty/build.gradle
+++ /dev/null
@@ -1,43 +0,0 @@
-apply: 'war'
-apply: 'jetty'
-//apply: 'project-reports'
-
-version = '3.1.0.CI-SNAPSHOT'
-springVersion = '3.0.1.RELEASE'
-targetCompatibility = '1.5'
-sourceCompatibility = '1.5'
-
-repositories {
-	mavenRepo name:'Local', urls: "file://" + System.properties['user.home'] + "/.m2/repository"
-}
-
-dependencies {
-	compile 'aopalliance:aopalliance:1.0',
-			"org.springframework.security:spring-security-core:$version",
-			"org.springframework.security:spring-security-web:$version",
-			"org.springframework:spring-beans:$springVersion",
-			"org.springframework:spring-core:$springVersion",
-			"org.springframework:spring-context:$springVersion",
-			"org.springframework:spring-tx:$springVersion",
-			"org.springframework:spring-web:$springVersion",
-			"org.springframework:spring-webmvc:$springVersion",
-			'org.aspectj:aspectjrt:1.6.8',
-			'org.hibernate:ejb3-persistence:1.0.2.GA',
-			"org.eclipse.persistence:javax.persistence:$javaPersistenceVersion",
-			'org.slf4j:jcl-over-slf4j:1.5.11'
-
-	providedCompile "javax.servlet:javax.servlet-api:$servletApiVersion"
-
-	runtime 'org.hibernate:hibernate-entitymanager:3.4.0.GA',
-			"org.springframework:spring-context-support:$springVersion",
-			"org.springframework.security:spring-security-ldap:$version",
-			"org.springframework.security:spring-security-config:$version",
-			"org.springframework.security:spring-security-taglibs:$version",
-			"org.springframework:spring-orm:$springVersion",
-			'org.apache.directory.server:apacheds-core:1.5.5',
-			'org.apache.directory.server:apacheds-server-jndi:1.5.5',
-			'org.freemarker:freemarker:2.3.16',
-			"org.hsqldb:hsqldb:$hsqlVersion",
-			'org.slf4j:slf4j-log4j12:1.5.11',
-			'log4j:log4j:1.2.14'
-}
diff --git a/sandbox/heavyduty/certificates/Readme.txt b/sandbox/heavyduty/certificates/Readme.txt
deleted file mode 100755
index 64b415cf83..0000000000
--- a/sandbox/heavyduty/certificates/Readme.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-This directory contains certificates and keys for use with SSL in the sample applications. Certificates are issued by
-our "Spring Security Test CA" certificate authority.
-
-ca.pem     - the certificate authority's certificate.
-server.jks - Java keystore containing the server certificate and privatekey. It Also contains the certificate authority
-             file and this is used as both keystore and truststore for they jetty server when running the samples with
-             the maven jetty plugin ("mvn jetty:run").
-
-rod.p12, dianne.p12, scott.p12 are all certificate/key combinations for client authentication and can be installed in
-your browser if you want to try out support for X.509 authentication.
\ No newline at end of file
diff --git a/sandbox/heavyduty/certificates/ca.pem b/sandbox/heavyduty/certificates/ca.pem
deleted file mode 100755
index a5b52ca9d7..0000000000
--- a/sandbox/heavyduty/certificates/ca.pem
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDojCCAoqgAwIBAgIEMKX1dzANBgkqhkiG9w0BAQUFADCBiTELMAkGA1UEBhMC
-R0IxETAPBgNVBAgTCFNjb3RsYW5kMRAwDgYDVQQHEwdHbGFzZ293MRkwFwYDVQQK
-ExBTcHJpbmcgRnJhbWV3b3JrMRgwFgYDVQQLEw9TcHJpbmcgU2VjdXJpdHkxIDAe
-BgNVBAMTF1NwcmluZyBTZWN1cml0eSBUZXN0IENBMB4XDTA4MDEyNTExMTIyMVoX
-DTE4MDIyNTAwMDAwMFowgYkxCzAJBgNVBAYTAkdCMREwDwYDVQQIEwhTY290bGFu
-ZDEQMA4GA1UEBxMHR2xhc2dvdzEZMBcGA1UEChMQU3ByaW5nIEZyYW1ld29yazEY
-MBYGA1UECxMPU3ByaW5nIFNlY3VyaXR5MSAwHgYDVQQDExdTcHJpbmcgU2VjdXJp
-dHkgVGVzdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALzl/wEe
-snYrwqaGZuB8hmwACtptazh1+eXCfd66FkioxlLF7yTnjCC7DT+vmMgSuThIEIsN
-xlxLpEgyU3bU8GIuR8wyYIyvuSMcptdFJLV7NKYuRycxpDuqimTM7Br0nfNgKVEv
-1QwguGWr6YN3aZ68/xe/D5xyPhakKu++7VFXIXw9f0+nqojdrFTqQ6l9GAVRgfX6
-h4JOaV1VFx83y2pnFj0iFneVxRcvXyWnyXlcOvJDIyVuyS/hYxb+E5rtBvp5XQ0o
-5CP4OMwCZGx/jEqlL8oO7BwEgu9aEBxKvoIKJmHDTHgWIxgawTrKabmong4utnMI
-yNrhsI77bmh2U7UCAwEAAaMQMA4wDAYDVR0PBAUDAwcGADANBgkqhkiG9w0BAQUF
-AAOCAQEAuD8W9Ukkfyi0y65mwguFVAqBC3RSTMRXcjbLQV4rMDM/Q9kjA6acY4Ta
-WgxGTwNCydqaqwDVsmn+6Je8Lp2xm9KLDLypVdNopGs+Mlfo55dhwqymXkQw1oJI
-CPhR3nBmGEnSWW0UY9bPlpxRF2D5GDVwpuxDtXvWa4baPwRRI9MxwPWHA3ITl+fc
-s9QVKy+pRAnuP9MSIp755cJ1CODOn2ElNCqnxxsZmcWcmI3LkHAwTmegl3PVvhrk
-MKMEA/neshh/M/hWGNTFt77Hoa7pU9dv5RCWFvZPqsUgPrwGrmUvcmSDir3lSWQm
-SuSED2LKVo+BFqwWS+jp49AR9b8B/Q==
------END CERTIFICATE-----
diff --git a/sandbox/heavyduty/certificates/dianne.p12 b/sandbox/heavyduty/certificates/dianne.p12
deleted file mode 100755
index 6e5ba218db..0000000000
Binary files a/sandbox/heavyduty/certificates/dianne.p12 and /dev/null differ
diff --git a/sandbox/heavyduty/certificates/rod.p12 b/sandbox/heavyduty/certificates/rod.p12
deleted file mode 100755
index 4cd0564430..0000000000
Binary files a/sandbox/heavyduty/certificates/rod.p12 and /dev/null differ
diff --git a/sandbox/heavyduty/certificates/scott.p12 b/sandbox/heavyduty/certificates/scott.p12
deleted file mode 100755
index f0a6357e73..0000000000
Binary files a/sandbox/heavyduty/certificates/scott.p12 and /dev/null differ
diff --git a/sandbox/heavyduty/certificates/server.jks b/sandbox/heavyduty/certificates/server.jks
deleted file mode 100755
index f56cf2e837..0000000000
Binary files a/sandbox/heavyduty/certificates/server.jks and /dev/null differ
diff --git a/sandbox/heavyduty/jetty-jmx.xml b/sandbox/heavyduty/jetty-jmx.xml
deleted file mode 100644
index f109d6c233..0000000000
--- a/sandbox/heavyduty/jetty-jmx.xml
+++ /dev/null
@@ -1,54 +0,0 @@
-<?xml version="1.0"?>
-<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://jetty.mortbay.org/configure.dtd">
-
-
-<!-- =============================================================== -->
-<!-- Configure the JVM JMX Server									 -->
-<!-- this configuration file should be used in combination with		 -->
-<!-- other configuration files.	 e.g.								 -->
-<!--	java -jar start.jar etc/jetty-jmx.xml etc/jetty.xml			 -->
-<!-- See jetty-jmx-mx4j.xml for a non JVM server solution			 -->
-<!-- =============================================================== -->
-<Configure id="Server" class="org.mortbay.jetty.Server">
-
-	<!-- =========================================================== -->
-	<!-- Initialize platform mbean server							 -->
-	<!-- =========================================================== -->
-	<!-- Create an MBeanServer or use the jdk 1.5 platformMBeanServer -->
-	<Call id="MBeanServer" class="java.lang.management.ManagementFactory" name="getPlatformMBeanServer"/>
-
-	<!-- =========================================================== -->
-	<!-- Initialize mx4j mbean server								 -->
-	<!-- =========================================================== -->
-	<!-- replace platform config with
-	<Call id="MBeanServer" class="javax.management.MBeanServerFactory" name="createMBeanServer"/>
-	-->
-
-	<!-- initialize the Jetty MBean container -->
-	<Get id="Container" name="container">
-	  <Call name="addEventListener">
-		<Arg>
-		  <New class="org.mortbay.management.MBeanContainer">
-			<Arg><Ref id="MBeanServer"/></Arg>
-			<!-- Set name="managementPort">8082</Set -->
-			<Call name="start" />
-		  </New>
-		</Arg>
-	  </Call>
-	</Get>
-
-	<!-- optionally add a remote JMX connector
-	<Call id="jmxConnector" class="javax.management.remote.JMXConnectorServerFactory" name="newJMXConnectorServer">
-	  <Arg>
-		<New  class="javax.management.remote.JMXServiceURL">
-		  <Arg>service:jmx:rmi:///jndi/rmi:///jettymbeanserver</Arg>
-		</New>
-	  </Arg>
-	  <Arg/>
-	  <Arg><Ref id="MBeanServer"/></Arg>
-	  <Call name="start"/>
-	</Call>
-	-->
-
-</Configure>
-
diff --git a/sandbox/heavyduty/src/main/java/bigbank/Account.java b/sandbox/heavyduty/src/main/java/bigbank/Account.java
deleted file mode 100755
index 989eb25c47..0000000000
--- a/sandbox/heavyduty/src/main/java/bigbank/Account.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package bigbank;
-
-/**
- * Note this class does not represent best practice, as we are failing to
- * encapsulate business logic (methods) and state in the domain object.
- * Nevertheless, this demo is intended to reflect what people usually do,
- * as opposed to what they ideally would be doing.
- *
- * @author Ben Alex
- */
-public class Account {
-	private long id = -1;
-	private String holder;
-	private double balance;
-
-	public Account(String holder) {
-		super();
-		this.holder = holder;
-	}
-
-	public long getId() {
-		return id;
-	}
-
-	public void setId(long id) {
-		this.id = id;
-	}
-
-	public String getHolder() {
-		return holder;
-	}
-
-	public void setHolder(String holder) {
-		this.holder = holder;
-	}
-
-	public double getBalance() {
-		return balance;
-	}
-
-	public void setBalance(double balance) {
-		this.balance = balance;
-	}
-
-	public String toString() {
-		return "Account[id=" + id + ",balance=" + balance +",holder=" + holder + "]";
-	}
-
-
-}
diff --git a/sandbox/heavyduty/src/main/java/bigbank/BankDao.java b/sandbox/heavyduty/src/main/java/bigbank/BankDao.java
deleted file mode 100755
index aaa3aa79a3..0000000000
--- a/sandbox/heavyduty/src/main/java/bigbank/BankDao.java
+++ /dev/null
@@ -1,22 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package bigbank;
-
-public interface BankDao {
-	public Account readAccount(Long id);
-	public void createOrUpdateAccount(Account account);
-	public Account[] findAccounts();
-}
diff --git a/sandbox/heavyduty/src/main/java/bigbank/BankDaoStub.java b/sandbox/heavyduty/src/main/java/bigbank/BankDaoStub.java
deleted file mode 100755
index b38651878b..0000000000
--- a/sandbox/heavyduty/src/main/java/bigbank/BankDaoStub.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package bigbank;
-
-import java.util.HashMap;
-import java.util.Map;
-
-public class BankDaoStub implements BankDao {
-	private long id = 0;
-	private Map<Long, Account> accounts = new HashMap<Long, Account>();
-
-	public void createOrUpdateAccount(Account account) {
-		if (account.getId() == -1) {
-			id++;
-			account.setId(id);
-		}
-		accounts.put(new Long(account.getId()), account);
-		System.out.println("SAVE: " + account);
-	}
-
-	public Account[] findAccounts() {
-		Account[] a = (Account[]) accounts.values().toArray(new Account[] {});
-		System.out.println("Returning " + a.length + " account(s):");
-		for (int i = 0; i < a.length; i++) {
-			System.out.println(" > " + a[i]);
-		}
-		return a;
-	}
-
-	public Account readAccount(Long id) {
-		return (Account) accounts.get(id);
-	}
-
-}
diff --git a/sandbox/heavyduty/src/main/java/bigbank/BankService.java b/sandbox/heavyduty/src/main/java/bigbank/BankService.java
deleted file mode 100755
index 2bcc8ce895..0000000000
--- a/sandbox/heavyduty/src/main/java/bigbank/BankService.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package bigbank;
-
-import org.springframework.security.access.annotation.Secured;
-
-public interface BankService {
-
-	@Secured("IS_AUTHENTICATED_ANONYMOUSLY")
-	public Account readAccount(Long id);
-
-	@Secured("IS_AUTHENTICATED_ANONYMOUSLY")
-	public Account[] findAccounts();
-
-	@Secured("ROLE_TELLER")
-	public Account post(Account account, double amount);
-}
diff --git a/sandbox/heavyduty/src/main/java/bigbank/BankServiceImpl.java b/sandbox/heavyduty/src/main/java/bigbank/BankServiceImpl.java
deleted file mode 100755
index e8bf91acfa..0000000000
--- a/sandbox/heavyduty/src/main/java/bigbank/BankServiceImpl.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package bigbank;
-
-import org.aspectj.lang.annotation.Pointcut;
-import org.springframework.util.Assert;
-
-public class BankServiceImpl implements BankService {
-	private BankDao bankDao;
-
-	// Not used unless you declare a <protect-pointcut>
-	@Pointcut("execution(* bigbank.BankServiceImpl.*(..))")
-	public void myPointcut() {}
-
-	public BankServiceImpl(BankDao bankDao) {
-		Assert.notNull(bankDao);
-		this.bankDao = bankDao;
-	}
-
-	public Account[] findAccounts() {
-		return this.bankDao.findAccounts();
-	}
-
-	public Account post(Account account, double amount) {
-		Assert.notNull(account);
-		Assert.notNull(account.getId());
-
-		// We read account bank from DAO so it reflects the latest balance
-		Account a = bankDao.readAccount(account.getId());
-		if (account == null) {
-			throw new IllegalArgumentException("Couldn't find requested account");
-		}
-
-		a.setBalance(a.getBalance() + amount);
-		bankDao.createOrUpdateAccount(a);
-		return a;
-	}
-
-	public Account readAccount(Long id) {
-		return bankDao.readAccount(id);
-	}
-}
diff --git a/sandbox/heavyduty/src/main/java/bigbank/SeedData.java b/sandbox/heavyduty/src/main/java/bigbank/SeedData.java
deleted file mode 100755
index 319ad4a07c..0000000000
--- a/sandbox/heavyduty/src/main/java/bigbank/SeedData.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package bigbank;
-
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.util.Assert;
-
-public class SeedData implements InitializingBean{
-	private BankDao bankDao;
-
-	public void afterPropertiesSet() throws Exception {
-		Assert.notNull(bankDao);
-		bankDao.createOrUpdateAccount(new Account("rod"));
-		bankDao.createOrUpdateAccount(new Account("dianne"));
-		bankDao.createOrUpdateAccount(new Account("scott"));
-		bankDao.createOrUpdateAccount(new Account("peter"));
-	}
-
-	public void setBankDao(BankDao bankDao) {
-		this.bankDao = bankDao;
-	}
-
-}
diff --git a/sandbox/heavyduty/src/main/java/bigbank/web/ListAccounts.java b/sandbox/heavyduty/src/main/java/bigbank/web/ListAccounts.java
deleted file mode 100755
index 94c942928e..0000000000
--- a/sandbox/heavyduty/src/main/java/bigbank/web/ListAccounts.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package bigbank.web;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.springframework.util.Assert;
-import org.springframework.web.servlet.ModelAndView;
-import org.springframework.web.servlet.mvc.Controller;
-
-import bigbank.BankService;
-
-public class ListAccounts implements Controller {
-
-	private BankService bankService;
-
-	public ListAccounts(BankService bankService) {
-		Assert.notNull(bankService);
-		this.bankService = bankService;
-	}
-
-	public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
-		// Actual business logic
-		ModelAndView mav = new ModelAndView("listAccounts");
-		mav.addObject("accounts", bankService.findAccounts());
-		return mav;
-	}
-
-}
diff --git a/sandbox/heavyduty/src/main/java/bigbank/web/PostAccounts.java b/sandbox/heavyduty/src/main/java/bigbank/web/PostAccounts.java
deleted file mode 100755
index 59c65bee9a..0000000000
--- a/sandbox/heavyduty/src/main/java/bigbank/web/PostAccounts.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package bigbank.web;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.springframework.util.Assert;
-import org.springframework.web.bind.ServletRequestUtils;
-import org.springframework.web.servlet.ModelAndView;
-import org.springframework.web.servlet.mvc.Controller;
-
-import bigbank.Account;
-import bigbank.BankService;
-
-public class PostAccounts implements Controller {
-
-	private BankService bankService;
-
-	public PostAccounts(BankService bankService) {
-		Assert.notNull(bankService);
-		this.bankService = bankService;
-	}
-
-	public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception {
-		// Security check (this is unnecessary if Spring Security is performing the authorization)
-//        if (!request.isUserInRole("ROLE_TELLER")) {
-//            throw new AccessDeniedException("You must be a teller to post transactions (Spring Security message)"); // only for Spring Security managed authentication
-//        }
-
-		// Actual business logic
-		Long id = ServletRequestUtils.getRequiredLongParameter(request, "id");
-		Double amount = ServletRequestUtils.getRequiredDoubleParameter(request, "amount");
-		Account a = bankService.readAccount(id);
-		bankService.post(a, amount);
-
-		return new ModelAndView("redirect:listAccounts.html");
-	}
-
-}
diff --git a/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyAuthenticationProcessingFilter.java b/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyAuthenticationProcessingFilter.java
deleted file mode 100755
index 217a369684..0000000000
--- a/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyAuthenticationProcessingFilter.java
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package heavyduty.security.ui;
-
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-
-public class HeavyDutyAuthenticationProcessingFilter extends UsernamePasswordAuthenticationFilter {
-
-
-}
diff --git a/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyEntryPoint.java b/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyEntryPoint.java
deleted file mode 100755
index 0c6dcf807c..0000000000
--- a/sandbox/heavyduty/src/main/java/heavyduty/security/ui/HeavyDutyEntryPoint.java
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package heavyduty.security.ui;
-
-import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
-
-public class HeavyDutyEntryPoint extends LoginUrlAuthenticationEntryPoint {
-
-
-
-}
diff --git a/sandbox/heavyduty/src/main/java/heavyduty/web/TestMultiActionController.java b/sandbox/heavyduty/src/main/java/heavyduty/web/TestMultiActionController.java
deleted file mode 100644
index a49df018e0..0000000000
--- a/sandbox/heavyduty/src/main/java/heavyduty/web/TestMultiActionController.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package heavyduty.web;
-
-import java.io.IOException;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.springframework.web.bind.ServletRequestBindingException;
-import org.springframework.web.servlet.ModelAndView;
-import org.springframework.web.servlet.mvc.multiaction.MultiActionController;
-
-/**
- * Reproduces SEC-830.
- */
-public class TestMultiActionController extends MultiActionController {
-	public static final String VIEW_NAME = "multi-action-test";
-
-	public String login(HttpServletRequest request, HttpServletResponse response) {
-		return "login";
-	}
-
-	public void step1(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-		String[] x = request.getParameterValues("x");
-		logger.info("x= " + (x == null ? "null" : Arrays.asList(x)));
-		String[] y = request.getParameterValues("y");
-		logger.info("y = " + (y == null ? "null" : Arrays.asList(y)));
-		request.getRequestDispatcher("/testMulti.htm?action=step1xtra&x=5&x=5").forward(request, response);
-	}
-
-	public ModelAndView step1xtra(HttpServletRequest request, HttpServletResponse response) throws ServletRequestBindingException {
-		logger.info("x = " + Arrays.asList(request.getParameterValues("x")));
-		return createView("step2");
-	}
-
-	public ModelAndView step2(HttpServletRequest request, HttpServletResponse response) throws ServletRequestBindingException {
-		return createView("step1");
-	}
-
-	private ModelAndView createView(String name) {
-		Map<String, String> model = new HashMap<String, String>();
-		model.put("nextAction", name);
-		return new ModelAndView(VIEW_NAME, model);
-	}
-
-}
-
diff --git a/sandbox/heavyduty/src/main/java/sample/TestVoter.java b/sandbox/heavyduty/src/main/java/sample/TestVoter.java
deleted file mode 100644
index e5346e367b..0000000000
--- a/sandbox/heavyduty/src/main/java/sample/TestVoter.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package sample;
-
-import java.util.Collection;
-
-import org.aopalliance.intercept.MethodInvocation;
-import org.springframework.security.access.ConfigAttribute;
-import org.springframework.security.access.AccessDecisionVoter;
-import org.springframework.security.core.Authentication;
-
-public class TestVoter implements AccessDecisionVoter {
-
-	public boolean supports(ConfigAttribute attribute) {
-		return true;
-	}
-
-	public boolean supports(Class<?> clazz) {
-		return MethodInvocation.class.isAssignableFrom(clazz);
-	}
-
-	public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> config) {
-		MethodInvocation mi = (MethodInvocation) object;
-
-		mi.getMethod().getParameterAnnotations();
-
-
-		return ACCESS_GRANTED;
-	}
-
-}
diff --git a/sandbox/heavyduty/src/main/java/sample/dao/GenericDAO.java b/sandbox/heavyduty/src/main/java/sample/dao/GenericDAO.java
deleted file mode 100755
index 14cab4c3ac..0000000000
--- a/sandbox/heavyduty/src/main/java/sample/dao/GenericDAO.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package sample.dao;
-
-import java.io.Serializable;
-
-
-/**
- * The Interface GenericDAO.
- */
-public interface GenericDAO<T extends Serializable, PK extends Serializable>
-{
-	   /**
-		* persist
-		* @param transientInstance objet to persist
-		*/
-	void persist(T transientInstance);
-
-
-	/**
-		* refresh
-		* @param instance objet to refresh
-		*/
-	void refresh(T instance);
-
-
-	/**
-		* delete
-		* @param persistentInstance objet to delete
-		*/
-	void delete(T persistentInstance);
-
-
-	/**
-		* merge
-		* @param detachedInstance objet to merge
-		* @return merged object
-		*/
-	T merge(T detachedInstance);
-
-
-	/**
-		* read
-		* @param id of object to read
-		* @return read object
-		*/
-	T read(PK id);
-}
\ No newline at end of file
diff --git a/sandbox/heavyduty/src/main/java/sample/dao/UserDAO.java b/sandbox/heavyduty/src/main/java/sample/dao/UserDAO.java
deleted file mode 100755
index 961d8093a7..0000000000
--- a/sandbox/heavyduty/src/main/java/sample/dao/UserDAO.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package sample.dao;
-
-import sample.domain.User;
-
-
-/**
- * The Interface PatientDAO.
- */
-public interface UserDAO extends GenericDAO<User,Long> {
-
-	public User findByUsername(String username);
-}
diff --git a/sandbox/heavyduty/src/main/java/sample/dao/impl/GenericDAOImpl.java b/sandbox/heavyduty/src/main/java/sample/dao/impl/GenericDAOImpl.java
deleted file mode 100755
index 2d717cc4c8..0000000000
--- a/sandbox/heavyduty/src/main/java/sample/dao/impl/GenericDAOImpl.java
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package sample.dao.impl;
-
-import java.io.Serializable;
-
-import javax.persistence.EntityManager;
-import javax.persistence.PersistenceContext;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-import sample.dao.GenericDAO;
-
-
-public class GenericDAOImpl<T extends Serializable, PK extends Serializable>
-		implements GenericDAO<T, PK> {
-	/** type */
-	private Class<T> type;
-
-	/** the logger */
-	private static final Log LOG = LogFactory.getLog(GenericDAOImpl.class);
-
-	@PersistenceContext
-	private EntityManager entityManager;
-
-	/**
-	 * Minimal constructor
-	 *
-	 * @param t
-	 *            type POJO hibernate
-	 */
-	public GenericDAOImpl(Class<T> t) {
-		this.type = t;
-	}
-
-	/**
-	 * read data
-	 *
-	 * @param id
-	 *            data id
-	 * @return data
-	 */
-	public T read(PK id) {
-		if (id == null) {
-			throw new IllegalArgumentException("Id cannot be null or empty");
-		}
-
-		// find() au lieu de getReference() pour forcer l'initialisation de
-		// l'objet, sinon on ne recupère
-		// qu'un proxy non-initialisé !
-		return entityManager.find(type, id);
-
-	}
-
-	/**
-	 * persist data
-	 *
-	 * @param transientInstance
-	 *            data to persist
-	 * @see sido.common.dao.GenericDAO#persist(T)
-	 */
-	public void persist(T transientInstance) {
-		if (LOG.isDebugEnabled()) {
-			LOG.debug("Persisting instance of "
-					+ transientInstance.getClass().getSimpleName());
-		}
-		entityManager.persist(transientInstance);
-	}
-
-	/**
-	 *
-	 * attach clean
-	 *
-	 * @param instance
-	 *            data to attach
-	 * @see sido.common.dao.GenericDAO#refresh(T)
-	 */
-	public void refresh(T instance) {
-		if (LOG.isDebugEnabled()) {
-			LOG.debug("refreshing instance of "
-					+ instance.getClass().getSimpleName());
-		}
-		entityManager.refresh(instance);
-	}
-
-	/**
-	 * delete
-	 *
-	 * @param persistentInstance
-	 *            data to delete
-	 * @see sido.common.dao.GenericDAO#delete(T)
-	 */
-	public void delete(T persistentInstance) {
-		if (LOG.isDebugEnabled()) {
-			LOG.debug("deleting instance of "
-					+ persistentInstance.getClass().getSimpleName());
-		}
-		entityManager.remove(persistentInstance);
-	}
-
-	/**
-	 * merge
-	 *
-	 * @param detachedInstance
-	 *            data to merge
-	 * @return the merged data
-	 * @see sido.common.dao.GenericDAO#merge(T)
-	 */
-	public T merge(T detachedInstance) {
-		if (LOG.isDebugEnabled()) {
-			LOG.debug("merging instance of "
-					+ detachedInstance.getClass().getSimpleName());
-		}
-		return entityManager.merge(detachedInstance);
-	}
-
-	/**
-	 * @return the entityManager
-	 */
-	public EntityManager getEntityManager() {
-		return entityManager;
-	}
-
-
-}
diff --git a/sandbox/heavyduty/src/main/java/sample/dao/impl/UserDAOImpl.java b/sandbox/heavyduty/src/main/java/sample/dao/impl/UserDAOImpl.java
deleted file mode 100755
index b47d103507..0000000000
--- a/sandbox/heavyduty/src/main/java/sample/dao/impl/UserDAOImpl.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package sample.dao.impl;
-
-import org.springframework.stereotype.Repository;
-
-import sample.domain.User;
-
-/**
- * UserDAOImpl
- */
-@Repository
-public class UserDAOImpl extends GenericDAOImpl<User, Long> implements
-		sample.dao.UserDAO {
-
-	/**
-	 * Required constructor
-	 */
-	public UserDAOImpl() {
-		super(User.class);
-	}
-
-	public User findByUsername(String username) {
-		return (User) getEntityManager().createNamedQuery("User.findByUsername")
-				.setParameter("username", username).getSingleResult();
-	}
-
-
-}
diff --git a/sandbox/heavyduty/src/main/java/sample/domain/User.java b/sandbox/heavyduty/src/main/java/sample/domain/User.java
deleted file mode 100755
index 2b7a93e6b7..0000000000
--- a/sandbox/heavyduty/src/main/java/sample/domain/User.java
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample.domain;
-
-import java.io.Serializable;
-import java.util.Date;
-
-import javax.persistence.Basic;
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.NamedQuery;
-
-/**
- * The Class Patient.
- */
-@Entity
-@NamedQuery(name = "User.findByUsername", query = "from User where username= :username")
-public class User implements Serializable {
-
-	/** serialVersionUID */
-	private static final long serialVersionUID = 7073017148588882593L;
-
-	/** The id. */
-	@Id
-	@GeneratedValue(strategy=GenerationType.IDENTITY)
-	private Long id;
-
-	/** The username. */
-	@Basic(optional = false)
-	private String username;
-
-	/** The username. */
-	@Basic(optional = false)
-	private String password;
-
-	/**
-	 * Default constructor
-	 */
-	public User() {
-		super();
-	}
-
-	/**
-	 * @param username
-	 * @param password
-	 */
-	public User(String username, String password) {
-		super();
-		this.username = username;
-		this.password = password;
-	}
-
-	/**
-	 * @return the id
-	 */
-	public Long getId() {
-		return id;
-	}
-
-	/**
-	 * @param id the id to set
-	 */
-	public void setId(Long id) {
-		this.id = id;
-	}
-
-	/**
-	 * @return the username
-	 */
-	public String getUsername() {
-		return username;
-	}
-
-	/**
-	 * @param username the username to set
-	 */
-	public void setUsername(String username) {
-		this.username = username;
-	}
-
-	/**
-	 * Full constructor
-	 * @param username
-	 */
-	public User(String username, String password, Date derniereConnexion,
-			String key) {
-		super();
-		this.username = username;
-	}
-
-	/**
-	 * @return the password
-	 */
-	public String getPassword() {
-		return password;
-	}
-
-	/**
-	 * @param password the password to set
-	 */
-	public void setPassword(String password) {
-		this.password = password;
-	}
-}
diff --git a/sandbox/heavyduty/src/main/java/sample/service/UserService.java b/sandbox/heavyduty/src/main/java/sample/service/UserService.java
deleted file mode 100755
index 4103e49120..0000000000
--- a/sandbox/heavyduty/src/main/java/sample/service/UserService.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package sample.service;
-
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-
-public interface UserService extends UserDetailsService {
-
-	/**
-	 * Register a new User in database
-	 * @param username
-	 */
-	public UserDetails register(String username, String password);
-
-
-
-}
diff --git a/sandbox/heavyduty/src/main/java/sample/service/impl/UserServiceImpl.java b/sandbox/heavyduty/src/main/java/sample/service/impl/UserServiceImpl.java
deleted file mode 100755
index 7c31690fe1..0000000000
--- a/sandbox/heavyduty/src/main/java/sample/service/impl/UserServiceImpl.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * Copyright 2002-2016 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- *
- */
-package sample.service.impl;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.stereotype.Component;
-import org.springframework.transaction.annotation.Transactional;
-
-import sample.dao.UserDAO;
-import sample.domain.User;
-import sample.service.UserService;
-
-/**
- * @author A207119
- *
- */
-@Component
-@Transactional
-public class UserServiceImpl implements UserService {
-
-	/** The logger */
-	private static final Log LOG = LogFactory.getLog(UserServiceImpl.class);
-
-	/** The User DAO */
-	@Autowired
-	private UserDAO userDAO = null;
-
-	public UserDetails loadUserByUsername(String username)
-			throws AuthenticationException {
-		try {
-			User user = userDAO.findByUsername(username);
-
-			return new org.springframework.security.core.userdetails.User(user
-					.getUsername(), user.getPassword(), true, true, true, true,
-					AuthorityUtils.createAuthorityList("ROLE_USER"));
-		} catch (Exception e) {
-			LOG.error(e.getMessage(), e);
-			throw new UsernameNotFoundException("No matching account", e);
-		}
-	}
-
-	public UserDetails register(String username, String password) {
-		User user = new User(username, password);
-		userDAO.persist(user);
-		return new org.springframework.security.core.userdetails.User(user
-				.getUsername(), user.getPassword(), true, true, true, true,
-				AuthorityUtils.createAuthorityList("ROLE_USER"));
-
-	}
-
-	/**
-	 * @param userDAO
-	 *            the userDAO to set
-	 */
-	public void setUserDAO(UserDAO userDAO) {
-		this.userDAO = userDAO;
-	}
-
-}
diff --git a/sandbox/heavyduty/src/main/resources/applicationContext-business.xml b/sandbox/heavyduty/src/main/resources/applicationContext-business.xml
deleted file mode 100755
index 65376beb8f..0000000000
--- a/sandbox/heavyduty/src/main/resources/applicationContext-business.xml
+++ /dev/null
@@ -1,24 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<beans xmlns="http://www.springframework.org/schema/beans"
-	xmlns:security="http://www.springframework.org/schema/security"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
-
-	<bean id="bankDao" class="bigbank.BankDaoStub"/>
-
-	<bean id="seedData" class="bigbank.SeedData">
-		<property name="bankDao" ref="bankDao"/>
-	</bean>
-
-	<bean id="bankService" class="bigbank.BankServiceImpl">
-		<constructor-arg ref="bankDao"/>
-		<!-- This will add a security interceptor to the bean
-		<security:intercept-methods>
-			<security:protect method="bigbank.BankService.*" access="IS_AUTHENTICATED_REMEMBERED" />
-			<security:protect method="bigbank.BankService.post" access="ROLE_TELLER" />
-		</security:intercept-methods>  -->
-	</bean>
-
-</beans>
\ No newline at end of file
diff --git a/sandbox/heavyduty/src/main/webapp/META-INF/MANIFEST.MF b/sandbox/heavyduty/src/main/webapp/META-INF/MANIFEST.MF
deleted file mode 100755
index 58630c02ef..0000000000
--- a/sandbox/heavyduty/src/main/webapp/META-INF/MANIFEST.MF
+++ /dev/null
@@ -1,2 +0,0 @@
-Manifest-Version: 1.0
-
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-misc.xml b/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-misc.xml
deleted file mode 100755
index 506f314d55..0000000000
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-misc.xml
+++ /dev/null
@@ -1,65 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!--
-  |
-  |  Miscellaneous beans added just to test configuration options
-  |
-  -->
-
-<beans xmlns="http://www.springframework.org/schema/beans"
-	xmlns:sec="http://www.springframework.org/schema/security"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xmlns:util="http://www.springframework.org/schema/util"
-	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-						http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd
-						http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.5.xsd">
-
-	<bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
-		<property name="decisionVoters">
-			<list>
-				<bean class="org.springframework.security.vote.RoleVoter"/>
-				<bean class="org.springframework.security.vote.AuthenticatedVoter"/>
-			</list>
-		</property>
-	</bean>
-
-
-	<bean id="filterInvocationInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
-		<property name="authenticationManager" ref="authenticationManager"/>
-		<property name="accessDecisionManager" ref="accessDecisionManager"/>
-		<property name="objectDefinitionSource">
-			<value><![CDATA[
-				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-				PATTERN_TYPE_APACHE_ANT
-				/secure/extreme/**=ROLE_SUPERVISOR
-				/secure/**=IS_AUTHENTICATED_REMEMBERED
-				/**=IS_AUTHENTICATED_ANONYMOUSLY
-			]]></value>
-		</property>
-	</bean>
-
-	<bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
-		<property name="authenticationManager" ref="authenticationManager"/>
-		<property name="authenticationEntryPoint" ref="basicProcessingFilterEntryPoint"/>
-	</bean>
-
-	<bean id="basicProcessingFilterEntryPoint" class="org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint">
-		<property name="realmName"><value>My Realm</value></property>
-	</bean>
-
-	<bean id="bankServiceSecurityInterceptor"
-		class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
-	  <property name="authenticationManager" ref="authenticationManager"/>
-	  <property name="accessDecisionManager" ref="accessDecisionManager"/>
-	  <!-- property name="afterInvocationManager" ref="afterInvocationManager"/ -->
-	  <property name="objectDefinitionSource">
-		<value>
-			bigbank.BankService.post*=ROLE_SUPERVISOR
-			bigbank.BankService.find*=ROLE_SUPERVISOR
-		</value>
-	  </property>
-	</bean>
-
-</beans>
-
-
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-persistence.xml b/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-persistence.xml
deleted file mode 100755
index 8b82eb9c20..0000000000
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-persistence.xml
+++ /dev/null
@@ -1,55 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:aop="http://www.springframework.org/schema/aop"
-  xmlns:config="http://www.springframework.org/schema/config"
-  xmlns:tx="http://www.springframework.org/schema/tx"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xmlns:security="http://www.springframework.org/schema/security"
-  xsi:schemaLocation="
-	http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-	http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
-	http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
-	http://www.springframework.org/schema/config http://www.springframework.org/schema/config/spring-config-2.5.xsd
-	http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd
-	http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-  <bean id="AllPropertiesConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
-	<property name="location" value="classpath:jdbc.properties"/>
-  </bean>
-
-  <tx:annotation-driven transaction-manager="transactionManager" />
-
-  <bean id="userDAO" class="sample.dao.impl.UserDAOImpl"/>
-
-  <bean id="daoUserService" class="sample.service.impl.UserServiceImpl"/>
-
-  <bean class="org.springframework.orm.jpa.support.PersistenceAnnotationBeanPostProcessor">
-	<!--  property name="order" value="0"/ -->
-  </bean>
-
-  <bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
-	<property name="entityManagerFactory" ref="entityManagerFactory" />
-	<property name="dataSource" ref="dataSource" />
-  </bean>
-
-  <bean id="entityManagerFactory"
-	class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
-	<property name="dataSource" ref="dataSource" />
-	<property name="jpaVendorAdapter">
-	  <bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
-		<property name="generateDdl" value="${jpa.generateDdl}" />
-		<property name="showSql" value="${jpa.showSql}" />
-		<property name="databasePlatform" value="${jpa.dialect}" />
-	  </bean>
-	</property>
-  </bean>
-
-  <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
-	<property name="driverClassName" value="${jdbc.driver}" />
-	<property name="url" value="${jdbc.url}" />
-	<property name="username" value="${jdbc.username}" />
-	<property name="password" value="${jdbc.password}" />
-  </bean>
-
-</beans>
\ No newline at end of file
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-security.xml b/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-security.xml
deleted file mode 100755
index e78dad3351..0000000000
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/appContext-security.xml
+++ /dev/null
@@ -1,127 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!--
-  - Sample namespace-based configuration
-  -
-  -->
-
-<b:beans xmlns="http://www.springframework.org/schema/security"
-	xmlns:b="http://www.springframework.org/schema/beans"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xmlns:aop="http://www.springframework.org/schema/aop"
-	xmlns:context="http://www.springframework.org/schema/context"
-	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-						http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
-						http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
-						http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
-
-	<!--b:import resource="appContext-misc.xml"/-->
-	<context:component-scan base-package='sample'/>
-
-	<global-method-security secured-annotations="enabled" access-decision-manager-ref="methodAccessMgr">
-		<protect-pointcut expression="execution(* sample.service.UserService+.*(..))"
-					access="ROLE_LOGGEDIN" />
-	</global-method-security>
-
-	<aop:aspectj-autoproxy/>
-
-	<b:bean id="methodAccessMgr" class="org.springframework.security.access.vote.AffirmativeBased">
-	   <b:property name="decisionVoters">
-		   <b:list>
-			   <b:bean class="sample.TestVoter"/>
-		   </b:list>
-	   </b:property>
-	</b:bean>
-
-	<http use-expressions="false">
-		<intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR"/>
-		<intercept-url pattern="/secure/**" access="IS_AUTHENTICATED_REMEMBERED" />
-		<intercept-url pattern="/testMulti.htm*" access="IS_AUTHENTICATED_FULLY" />
-		<!-- Disable web URI authorization, as we're using <global-method-security> and have @Secured the services layer instead
-		<intercept-url pattern="/listAccounts.html" access="IS_AUTHENTICATED_REMEMBERED" />
-		<intercept-url pattern="/post.html" access="ROLE_TELLER" />
-		-->
-		<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-<!--
-	Uncomment to enable X509 client authentication support
-		<x509 user-service-ref="daoUserService"/>
--->
-		<form-login default-target-url="/secure/index.jsp" login-page="/login.jsp" authentication-failure-url="/login.jsp?login-error=1" always-use-default-target="false"/>
-
-		<!-- http-basic / -->
-		<logout />
-		<remember-me key='doesntmatter' token-repository-ref='tokenRepo' user-service-ref='daoUserService'/>
-
-<!--          <remember-me user-service-ref="daoUserService"/> -->
-
-		<!-- Uncomment to limit the number of sessions a user can have -->
-		<session-management>
-			<concurrency-control max-sessions="1" error-if-maximum-exceeded="true" session-registry-ref='sessionRegistry'/>
-		</session-management>
-
-		<!-- custom-filter position="AUTHENTICATION_PROCESSING_FILTER" ref="customAuthFilter" / -->
-	</http>
-
-	<b:bean id='tokenRepo' class='org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl'/>
-
-	<!-- Traditional Session Control Beans -->
-<!--
-	<b:bean id='sessionControlFilter' class="org.springframework.security.concurrent.ConcurrentSessionFilter">
-		<custom-filter position="CONCURRENT_SESSION_FILTER"/>
-		<b:property name="sessionRegistry" ref='sessionRegistry'/>
-	</b:bean>
-
- -->
-	<b:bean id='sessionRegistry' class="org.springframework.security.core.session.SessionRegistryImpl"/>
-<!--
-	<b:bean id="customAuthFilter" class="heavyduty.security.ui.HeavyDutyAuthenticationProcessingFilter">
-		<b:property name="defaultTargetUrl" value="/"/>
-		<b:property name="authenticationManager" ref="authenticationManager"/>
-	</b:bean>
-
-	<b:bean id="customEntryPoint" class="heavyduty.security.ui.HeavyDutyEntryPoint">
-		<b:property name="loginFormUrl" value="/login.jsp"/>
-	</b:bean>
--->
-<!--
-	<b:bean id="loginPageGenerator" class="org.springframework.security.ui.webapp.DefaultLoginPageGeneratingFilter">
-		<custom-filter after="AUTHENTICATION_PROCESSING_FILTER"/>
-		<b:constructor-arg ref="customAuthFilter"/>
-	</b:bean>
- -->
-	<authentication-manager alias="authenticationManager" >
-
-		<authentication-provider user-service-ref="daoUserService">
-			<password-encoder hash="md5" />
-		</authentication-provider>
-
-		<authentication-provider>
-			<password-encoder hash="md5"/>
-			<user-service>
-				<user name="rod" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
-				<user name="dianne" password="65d15fe9156f9c4bbffd98085992a44e" authorities="ROLE_USER,ROLE_TELLER" />
-				<user name="scott" password="2b58af6dddbd072ed27ffc86725d7d3a" authorities="ROLE_USER" />
-				<user name="peter" password="22b5c9accc6e1ba628cedc63a72d57f8" authorities="ROLE_USER" />
-			</user-service>
-		</authentication-provider>
-	</authentication-manager>
-
-	<ldap-server id="ldapServer"/>
-
-	<!-- b:bean id="mbeanServer" class="org.springframework.jmx.support.MBeanServerFactoryBean"/ -->
-
-	<b:bean id="exporter" class="org.springframework.jmx.export.MBeanExporter">
-		<b:property name="beans">
-		  <b:map>
-			<b:entry key="bean:name=ldapContextSource" value-ref="ldapServer"/>
-		  </b:map>
-		</b:property>
-		<b:property name="assembler">
-		  <b:bean class="org.springframework.jmx.export.assembler.MethodNameBasedMBeanInfoAssembler">
-			<b:property name="managedMethods" value="setPassword,setUserDn,getUrls,setUrl,setUrls,setPooled,isPooled,setBase,getBaseLdapPathAsString"/>
-		  </b:bean>
-		</b:property>
-		<!-- b:property name="server" ref="mbeanServer"/-->
-	</b:bean>
-
-</b:beans>
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml b/sandbox/heavyduty/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
deleted file mode 100644
index 3d7ac540e3..0000000000
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/applicationContext-acegi-security.xml
+++ /dev/null
@@ -1,160 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-
-<!--
-  - A simple "base bones" Acegi Security configuration.
-  -
-  - The sample includes the "popular" features that people tend to use.
-  - Specifically, form authentication, remember-me, and anonymous processing.
-  - Other features aren't setup, as these can be added later by inserting
-  - the relevant XML fragments as specified in the Reference Guide.
-  -
-  - To assist new users, the filters specified in the FilterChainProxy are
-  - declared in the application context in the same order. Collaborators
-  - required by those filters are placed at the end of the file.
-  -
-  -->
-
-<beans>
-
-	<bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
-		<property name="filterInvocationDefinitionSource">
-			<value><![CDATA[
-				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-				PATTERN_TYPE_APACHE_ANT
-				/**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
-			]]></value>
-		</property>
-	</bean>
-
-	<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter"/>
-
-	<bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
-		<constructor-arg value="/index.jsp"/> <!-- URL redirected to after logout -->
-		<constructor-arg>
-			<list>
-				<ref bean="rememberMeServices"/>
-				<bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler"/>
-			</list>
-		</constructor-arg>
-	</bean>
-
-	<bean id="authenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
-		<property name="authenticationManager" ref="authenticationManager"/>
-		<property name="authenticationFailureUrl" value="/acegilogin.jsp?login_error=1"/>
-		<property name="defaultTargetUrl" value="/"/>
-		<property name="filterProcessesUrl" value="/login"/>
-		<property name="rememberMeServices" ref="rememberMeServices"/>
-	</bean>
-
-	<bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
-		<property name="authenticationManager"><ref bean="authenticationManager"/></property>
-		<property name="authenticationEntryPoint"><ref bean="basicProcessingFilterEntryPoint"/></property>
-	</bean>
-
-	<bean id="basicProcessingFilterEntryPoint" class="org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint">
-		<property name="realmName"><value>My Realm</value></property>
-	</bean>
-
-	<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter"/>
-
-	<bean id="rememberMeProcessingFilter" class="org.springframework.security.ui.rememberme.RememberMeProcessingFilter">
-		<property name="authenticationManager" ref="authenticationManager"/>
-		<property name="rememberMeServices" ref="rememberMeServices"/>
-	</bean>
-
-	<bean id="anonymousProcessingFilter" class="org.springframework.security.providers.anonymous.AnonymousProcessingFilter">
-		<property name="key" value="changeThis"/>
-		<property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
-	</bean>
-
-	<bean id="exceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
-		<property name="authenticationEntryPoint">
-			<bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
-				<property name="loginFormUrl" value="/acegilogin.jsp"/>
-				<property name="forceHttps" value="false"/>
-			</bean>
-		</property>
-		<property name="accessDeniedHandler">
-			<bean class="org.springframework.security.ui.AccessDeniedHandlerImpl">
-				<property name="errorPage" value="/accessDenied.jsp"/>
-			</bean>
-		</property>
-	</bean>
-
-	<bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
-		<property name="allowIfAllAbstainDecisions" value="false"/>
-		<property name="decisionVoters">
-			<list>
-				<bean class="org.springframework.security.access.vote.RoleVoter"/>
-				<bean class="org.springframework.security.access.vote.AuthenticatedVoter"/>
-			</list>
-		</property>
-	</bean>
-
-	<bean id="filterInvocationInterceptor" class="org.springframework.security.web.intercept.FilterSecurityInterceptor">
-		<property name="authenticationManager" ref="authenticationManager"/>
-		<property name="accessDecisionManager" ref="accessDecisionManager"/>
-		<property name="objectDefinitionSource">
-			<value><![CDATA[
-				CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
-				PATTERN_TYPE_APACHE_ANT
-				/secure/extreme/**=ROLE_SUPERVISOR
-				/secure/**=IS_AUTHENTICATED_REMEMBERED
-				/**=IS_AUTHENTICATED_ANONYMOUSLY
-			]]></value>
-		</property>
-	</bean>
-
-	<bean id="rememberMeServices" class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
-		<property name="userDetailsService" ref="userDetailsService"/>
-		<property name="key" value="changeThis"/>
-	</bean>
-
-	<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
-		<property name="providers">
-			<list>
-				<ref bean="daoAuthenticationProvider"/>
-				<bean class="org.springframework.security.authentication.AnonymousAuthenticationProvider">
-					<property name="key" value="changeThis"/>
-				</bean>
-				<bean class="org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationProvider">
-					<property name="key" value="changeThis"/>
-				</bean>
-			</list>
-		</property>
-	</bean>
-
-	<bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
-		<property name="userDetailsService" ref="userDetailsService"/>
-	</bean>
-
-	<!-- UserDetailsService is the most commonly frequently Acegi Security interface implemented by end users -->
-	<bean id="userDetailsService" class="org.springframework.security.core.userdetails.memory.InMemoryDaoImpl">
-		<property name="userProperties">
-			<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">
-				<property name="location" value="/WEB-INF/users.properties"/>
-			</bean>
-		</property>
-	</bean>
-
-	<!-- This bean is optional; it isn't used by any other bean as it only listens and logs -->
-	<bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener"/>
-
-	<bean id="daacc" class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator"/>
-
-	<bean id="attributes" class="org.springframework.security.access.annotation.SecurityAnnotationAttributes"/>
-
-	<bean id="securityMetadataSource" class="org.springframework.security.access.intercept.method.MethodDefinitionAttributes">
-		<property name="attributes"><ref bean="attributes"/></property>
-	</bean>
-
-	<bean id="securityInterceptor" class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
-		<property name="authenticationManager"><ref bean="authenticationManager"/></property>
-		<property name="accessDecisionManager"><ref bean="accessDecisionManager"/></property>
-		<property name="securityMetadataSource">
-			<ref bean="securityMetadataSource"/>
-		</property>
-	</bean>
-
-</beans>
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/classes/META-INF/persistence.xml b/sandbox/heavyduty/src/main/webapp/WEB-INF/classes/META-INF/persistence.xml
deleted file mode 100644
index 3f9784b418..0000000000
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/classes/META-INF/persistence.xml
+++ /dev/null
@@ -1,24 +0,0 @@
-<persistence xmlns="http://java.sun.com/xml/ns/persistence"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://java.sun.com/xml/ns/persistence
-http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd"
-  version="1.0">
-
-  <persistence-unit name="SAMPLE" transaction-type="RESOURCE_LOCAL">
-	<provider>org.hibernate.ejb.HibernatePersistence</provider>
-	<class>sample.domain.User</class>
-	<properties>
-	  <property name="hibernate.archive.autodetection" value="class" />
-	  <property name="hibernate.format_sql" value="true" />
-	  <property name="hibernate.dialect" value="org.hibernate.dialect.HSQLDialect" />
-	  <!-- property name="hibernate.cache.provider_class"
-		value="org.hibernate.cache.EHCacheProvider" />
-	  <property name="hibernate.cache.use_second_level_cache" value="true" />
-	  <property name="hibernate.cache.use_query_cache" value="true" / -->
-	  <property name="hibernate.max_fetch_depth" value="3" />
-	  <property name="hibernate.default_batch_fetch_size" value="8" />
-	  <property name="hibernate.generate_statistics" value="true" />
-	</properties>
-  </persistence-unit>
-
-</persistence>
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/classes/database/heavyduty b/sandbox/heavyduty/src/main/webapp/WEB-INF/classes/database/heavyduty
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/classes/jdbc.properties b/sandbox/heavyduty/src/main/webapp/WEB-INF/classes/jdbc.properties
deleted file mode 100755
index 144ced8acf..0000000000
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/classes/jdbc.properties
+++ /dev/null
@@ -1,8 +0,0 @@
-jpa.dialect=org.hibernate.dialect.HSQLDialect
-jpa.generateDdl=true
-jpa.showSql=true
-
-jdbc.driver=org.hsqldb.jdbcDriver
-jdbc.url=jdbc:hsqldb:mem:heavyduty
-jdbc.username=sa
-jdbc.password=
\ No newline at end of file
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/classes/users.ldif b/sandbox/heavyduty/src/main/webapp/WEB-INF/classes/users.ldif
deleted file mode 100755
index 0cf02e22ec..0000000000
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/classes/users.ldif
+++ /dev/null
@@ -1,60 +0,0 @@
-dn: ou=groups,dc=springframework,dc=org
-objectclass: top
-objectclass: organizationalUnit
-ou: groups
-
-dn: ou=people,dc=springframework,dc=org
-objectclass: top
-objectclass: organizationalUnit
-ou: people
-
-dn: uid=rod,ou=people,dc=springframework,dc=org
-objectclass: top
-objectclass: person
-objectclass: organizationalPerson
-objectclass: inetOrgPerson
-cn: Rod Johnson
-sn: Johnson
-uid: rod
-userPassword: koala
-
-dn: uid=dianne,ou=people,dc=springframework,dc=org
-objectclass: top
-objectclass: person
-objectclass: organizationalPerson
-objectclass: inetOrgPerson
-cn: Dianne Emu
-sn: Emu
-uid: dianne
-userPassword: emu
-
-dn: uid=scott,ou=people,dc=springframework,dc=org
-objectclass: top
-objectclass: person
-objectclass: organizationalPerson
-objectclass: inetOrgPerson
-cn: Scott
-sn: Wombat
-uid: scott
-userPassword: wombat
-
-dn: cn=user,ou=groups,dc=springframework,dc=org
-objectclass: top
-objectclass: groupOfNames
-cn: user
-member: uid=rod,ou=people,dc=springframework,dc=org
-member: uid=dianne,ou=people,dc=springframework,dc=org
-member: uid=scott,ou=people,dc=springframework,dc=org
-
-dn: cn=teller,ou=groups,dc=springframework,dc=org
-objectclass: top
-objectclass: groupOfNames
-cn: teller
-member: uid=rod,ou=people,dc=springframework,dc=org
-member: dianne=rod,ou=people,dc=springframework,dc=org
-
-dn: cn=supervisor,ou=groups,dc=springframework,dc=org
-objectclass: top
-objectclass: groupOfNames
-cn: supervisor
-member: uid=rod,ou=people,dc=springframework,dc=org
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/freemarker/login.ftl b/sandbox/heavyduty/src/main/webapp/WEB-INF/freemarker/login.ftl
deleted file mode 100644
index af47c4b331..0000000000
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/freemarker/login.ftl
+++ /dev/null
@@ -1,22 +0,0 @@
-<html>
-  <head>
-    <title>Spring Security Login</title>
-  </head>
-
-  <body onload="document.f.username.focus();">
-    <h1>Spring Security Login (Freemarker)</h1>
-
-    <form name="f" action="login" method="POST">
-      <table>
-        <tr><td>User:</td><td><input type='text' name='username' value=''/></td></tr>
-        <tr><td>Password:</td><td><input type='password' name='password' value=''/></td></tr>
-        <tr><td><input type="checkbox" name="remember-me"/></td><td>Don't ask for my password for two weeks</td></tr>
-
-        <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
-        <tr><td colspan='2'><input name="reset" type="reset"></td></tr>
-      </table>
-
-    </form>
-
-  </body>
-</html>
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/freemarker/multi-action-test.ftl b/sandbox/heavyduty/src/main/webapp/WEB-INF/freemarker/multi-action-test.ftl
deleted file mode 100644
index 0c73d37961..0000000000
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/freemarker/multi-action-test.ftl
+++ /dev/null
@@ -1,15 +0,0 @@
-
-<html>
-	<head>
-        <title>MultiActionController Test</title>
-	</head>
-	<body>
-
-    <form action="testMulti.htm">
-        <input name="action" value="${nextAction}" type="text"/> <br/>
-        <input name="x" value="5" type="text"/> <br/>
-        <input name="y" value="5" type="text"/> <br/>
-        <input  type='submit' value='submit' />
-    </form>
-    </body>
-</html>
\ No newline at end of file
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/heavyduty-servlet.xml b/sandbox/heavyduty/src/main/webapp/WEB-INF/heavyduty-servlet.xml
deleted file mode 100755
index 2aaaa2aac2..0000000000
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/heavyduty-servlet.xml
+++ /dev/null
@@ -1,34 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<beans xmlns="http://www.springframework.org/schema/beans"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd">
-
-	<bean name="testMultiController" class="heavyduty.web.TestMultiActionController">
-	   <property name="methodNameResolver">
-		   <bean class="org.springframework.web.servlet.mvc.multiaction.ParameterMethodNameResolver"/>
-	   </property>
-	</bean>
-<!--
-	<bean name="/post.html" class="bigbank.web.PostAccounts">
-		<constructor-arg ref="bankService"/>
-	</bean>
- -->
-	<bean id="freemarkerConfig" class="org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer">
-	  <property name="templateLoaderPath" value="/WEB-INF/freemarker/"/>
-	</bean>
-
-	<bean id="viewResolver" class="org.springframework.web.servlet.view.freemarker.FreeMarkerViewResolver">
-		<property name="prefix" value=""/>
-		<property name="suffix" value=".ftl"/>
-	</bean>
-
-	<bean class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
-		<property name="mappings">
-			<value>
-				**/testMulti.htm=testMultiController
-			</value>
-		</property>
-	</bean>
-
-</beans>
\ No newline at end of file
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/jsp/listAccounts.jsp b/sandbox/heavyduty/src/main/webapp/WEB-INF/jsp/listAccounts.jsp
deleted file mode 100755
index 548f43f3ba..0000000000
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/jsp/listAccounts.jsp
+++ /dev/null
@@ -1,27 +0,0 @@
-<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core_rt"%>
-
-<h1>Accounts</h1>
-
-<a href="index.jsp">Home3</a><br><br>
-
-<table>
-<c:forEach var="account" items="${accounts}">
-  <tr>
-  <td>
-      <c:out value="${account.id}"/>
-  </td>
-  <td>
-      <c:out value="${account.holder}"/>
-  </td>
-  <td>
-      <c:out value="${account.balance}"/>
-  </td>
-  <td>
-      <a href="post.html?id=<c:out value="${account.id}"/>&amount=-20.00">-$20</a>
-      <a href="post.html?id=<c:out value="${account.id}"/>&amount=-5.00">-$5</a>
-      <a href="post.html?id=<c:out value="${account.id}"/>&amount=5.00">+$5</a>
-      <a href="post.html?id=<c:out value="${account.id}"/>&amount=20.00">+$20</a>
-  </td>
-  </tr>
-</c:forEach>
-</table>
\ No newline at end of file
diff --git a/sandbox/heavyduty/src/main/webapp/WEB-INF/web.xml b/sandbox/heavyduty/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index eebf0d9123..0000000000
--- a/sandbox/heavyduty/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,85 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  - Tutorial web application
-  -
-  -->
-
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
-
-	<display-name>Spring Security Tutorial Application</display-name>
-
-	<!--
-	  - Location of the XML file that defines the root application context
-	  - Applied by ContextLoaderListener.
-	  -->
-	<context-param>
-		<param-name>contextConfigLocation</param-name>
-		<param-value>
-			classpath:applicationContext-business.xml
-			/WEB-INF/appContext-persistence.xml
-			/WEB-INF/appContext-security.xml
-		</param-value>
-	</context-param>
-
-	<context-param>
-		<param-name>log4jConfigLocation</param-name>
-		<param-value>/WEB-INF/classes/log4j.properties</param-value>
-	</context-param>
-
-	<context-param>
-		<param-name>webAppRootKey</param-name>
-		<param-value>heavyduty.root</param-value>
-	</context-param>
-
-	<filter>
-		<filter-name>springSecurityFilterChain</filter-name>
-		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
-	</filter>
-
-	<filter-mapping>
-	  <filter-name>springSecurityFilterChain</filter-name>
-	  <url-pattern>/*</url-pattern>
-	</filter-mapping>
-
-	<listener>
-		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
-	</listener>
-
-	<!--
-	  - Loads the root application context of this web app at startup.
-	  - The application context is then available via
-	  - WebApplicationContextUtils.getWebApplicationContext(servletContext).
-	-->
-	<listener>
-		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-	</listener>
-
-	<!--
-	  - Publishes events for session creation and destruction through the application
-	  - context. Optional unless concurrent session control is being used.
-	  -->
-	<listener>
-		<listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
-	</listener>
-
-  <!--
-	- Provides core MVC application controller.
-	-->
-	<servlet>
-		<servlet-name>heavyduty</servlet-name>
-		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-		<load-on-startup>1</load-on-startup>
-	</servlet>
-
-	<servlet-mapping>
-		<servlet-name>heavyduty</servlet-name>
-		<url-pattern>*.htm</url-pattern>
-	 </servlet-mapping>
-
-	 <welcome-file-list>
-		<welcome-file>index.jsp</welcome-file>
-	</welcome-file-list>
-
-</web-app>
diff --git a/sandbox/heavyduty/src/main/webapp/context.jsp b/sandbox/heavyduty/src/main/webapp/context.jsp
deleted file mode 100644
index f758538a4b..0000000000
--- a/sandbox/heavyduty/src/main/webapp/context.jsp
+++ /dev/null
@@ -1,29 +0,0 @@
-<%@page import="org.springframework.web.context.support.WebApplicationContextUtils"%>
-<%@page import="org.springframework.security.ldap.authentication.LdapAuthenticationProvider"%>
-<%@page import="org.springframework.security.authentication.ProviderManager"%>
-
-<html>
-<body>
-<h1>Context Information Page</h1>
-<p>
-LdapAuthenticationProvider instances: <br/>
-
-<%=
-WebApplicationContextUtils.getRequiredWebApplicationContext(
-        session.getServletContext()).getBeansOfType(LdapAuthenticationProvider.class)
-%>
-</p>
-
-<p>
-Providers: <br />
-
-<%=
-((ProviderManager)WebApplicationContextUtils.getRequiredWebApplicationContext(
-        session.getServletContext()).getBean("org.springframework.security.authenticationManager")).getProviders() %>
-</p>
-
-
-
-<p><a href="/index.jsp">Home</a></p>
-</body>
-</html>
diff --git a/sandbox/heavyduty/src/main/webapp/index.jsp b/sandbox/heavyduty/src/main/webapp/index.jsp
deleted file mode 100755
index 50ce9eec80..0000000000
--- a/sandbox/heavyduty/src/main/webapp/index.jsp
+++ /dev/null
@@ -1,18 +0,0 @@
-<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
-<html>
-<body>
-<h1>HeavyDuty App Home Page</h1>
-<p>
-Anyone can view this page.
-</p>
-<p>
-Test multi-action controller <a href="testMulti.htm?action=step1">SEC-830</a>.
-</p>
-<p>
-Your principal object is....: <%= request.getUserPrincipal() %>
-</p>
-<h3>Restricted Pages ...</h3>
-<p><a href="secure/index.jsp">Secure page</a></p>
-<p><a href="secure/extreme/index.jsp">Extremely secure page</a></p>
-</body>
-</html>
\ No newline at end of file
diff --git a/sandbox/heavyduty/src/main/webapp/login.jsp b/sandbox/heavyduty/src/main/webapp/login.jsp
deleted file mode 100755
index ab4b18b060..0000000000
--- a/sandbox/heavyduty/src/main/webapp/login.jsp
+++ /dev/null
@@ -1,25 +0,0 @@
-<%@ taglib prefix='c' uri='http://java.sun.com/jstl/core_rt' %>
-<%@ page import="org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter" %>
-<%@ page import="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter" %>
-<%@ page import="org.springframework.security.core.AuthenticationException" %>
-
-<html>
-  <head>
-    <title>CUSTOM SPRING SECURITY LOGIN</title>
-  </head>
-
-  <body onload="document.f.username.focus();">
-    <h1>CUSTOM SPRING SECURITY LOGIN</h1>
-
-    <form name="f" action="<c:url value='login'/>" method="POST">
-      <table>
-        <tr><td>User:</td><td><input type='text' name='username' /></td></tr>
-        <tr><td>Password:</td><td><input type='password' name='password'/></td></tr>
-        <tr><td><input type="checkbox" name="remember-me"></td><td>Don't ask for my password for two weeks</td></tr>
-
-        <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
-        <tr><td colspan='2'><input name="reset" type="reset"></td></tr>
-      </table>
-    </form>
-  </body>
-</html>
diff --git a/sandbox/heavyduty/src/main/webapp/secure/extreme/index.jsp b/sandbox/heavyduty/src/main/webapp/secure/extreme/index.jsp
deleted file mode 100755
index 4aac84c981..0000000000
--- a/sandbox/heavyduty/src/main/webapp/secure/extreme/index.jsp
+++ /dev/null
@@ -1,15 +0,0 @@
-<%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags" %>
-
-<html>
-<body>
-<h1>VERY Secure Page</h1>
-This is a protected page. You can only see me if you are a supervisor.
-
-<authz:authorize access="hasRole('ROLE_SUPERVISOR')">
-   You have "ROLE_SUPERVISOR" (this text is surrounded by &lt;authz:authorize&gt; tags).
-</authz:authorize>
-
-<p><a href="../../">Home</a>
-<p><a href="../../logout">Logout</a>
-</body>
-</html>
\ No newline at end of file
diff --git a/sandbox/heavyduty/src/main/webapp/secure/index.jsp b/sandbox/heavyduty/src/main/webapp/secure/index.jsp
deleted file mode 100755
index 8edc812194..0000000000
--- a/sandbox/heavyduty/src/main/webapp/secure/index.jsp
+++ /dev/null
@@ -1,38 +0,0 @@
-<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
-
-<html>
-<body>
-<h1>Secure Page</h1>
-<p>
-This is a protected page. You can get to me if you've been remembered,
-or if you've authenticated this session.
-</p>
-
-<sec:authorize access="hasRole('ROLE_SUPERVISOR')">
-    You are a supervisor! You can therefore see the <a href="extreme/index.jsp">extremely secure page</a>.<br/><br/>
-</sec:authorize>
-
-<h3>Properties obtained using &lt;sec:authentication /&gt; tag</h3>
-<table border="1">
-<tr><th>Tag</th><th>Value</th></tr>
-<tr>
-<td>&lt;sec:authentication property='name' /&gt;</td><td><sec:authentication property="name"/></td>
-</tr>
-<tr>
-<td>&lt;sec:authentication property='principal.username' /&gt;</td><td><sec:authentication property="principal.username"/></td>
-</tr>
-<tr>
-<td>&lt;sec:authentication property='principal.enabled' /&gt;</td><td><sec:authentication property="principal.enabled"/></td>
-</tr>
-<tr>
-<td>&lt;sec:authentication property='principal.accountNonLocked' /&gt;</td><td><sec:authentication property="principal.accountNonLocked"/></td>
-</tr>
-</table>
-
-Saved Request: <%= session.getAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY") %>
-
-
-<p><a href="../">Home</a>
-<p><a href="../logout">Logout</a>
-</body>
-</html>
\ No newline at end of file
diff --git a/sandbox/webflow/src/main/resources/applicationContext-business.xml b/sandbox/webflow/src/main/resources/applicationContext-business.xml
deleted file mode 100644
index 65376beb8f..0000000000
--- a/sandbox/webflow/src/main/resources/applicationContext-business.xml
+++ /dev/null
@@ -1,24 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<beans xmlns="http://www.springframework.org/schema/beans"
-	xmlns:security="http://www.springframework.org/schema/security"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
-
-	<bean id="bankDao" class="bigbank.BankDaoStub"/>
-
-	<bean id="seedData" class="bigbank.SeedData">
-		<property name="bankDao" ref="bankDao"/>
-	</bean>
-
-	<bean id="bankService" class="bigbank.BankServiceImpl">
-		<constructor-arg ref="bankDao"/>
-		<!-- This will add a security interceptor to the bean
-		<security:intercept-methods>
-			<security:protect method="bigbank.BankService.*" access="IS_AUTHENTICATED_REMEMBERED" />
-			<security:protect method="bigbank.BankService.post" access="ROLE_TELLER" />
-		</security:intercept-methods>  -->
-	</bean>
-
-</beans>
\ No newline at end of file
diff --git a/sandbox/webflow/src/main/webapp/META-INF/MANIFEST.MF b/sandbox/webflow/src/main/webapp/META-INF/MANIFEST.MF
deleted file mode 100644
index 58630c02ef..0000000000
--- a/sandbox/webflow/src/main/webapp/META-INF/MANIFEST.MF
+++ /dev/null
@@ -1,2 +0,0 @@
-Manifest-Version: 1.0
-
diff --git a/sandbox/webflow/src/main/webapp/WEB-INF/freemarker/form.ftl b/sandbox/webflow/src/main/webapp/WEB-INF/freemarker/form.ftl
deleted file mode 100644
index 92e3e344f1..0000000000
--- a/sandbox/webflow/src/main/webapp/WEB-INF/freemarker/form.ftl
+++ /dev/null
@@ -1,13 +0,0 @@
-
-<html>
-	<head>
-        <title>Form</title>
-	</head>
-	<body>
-
-    <form action="secure">
-        <input name="x" value='${x!"change me"}' type="text"/> <br/>
-        <input  type='submit' value='submit' />
-    </form>
-    </body>
-</html>
\ No newline at end of file
diff --git a/sandbox/webflow/src/main/webapp/WEB-INF/freemarker/login.ftl b/sandbox/webflow/src/main/webapp/WEB-INF/freemarker/login.ftl
deleted file mode 100644
index 788e5051fc..0000000000
--- a/sandbox/webflow/src/main/webapp/WEB-INF/freemarker/login.ftl
+++ /dev/null
@@ -1,22 +0,0 @@
-<html>
-  <head>
-    <title>Spring Security Login</title>
-  </head>
-
-  <body onload="document.f.username.focus();">
-    <h1>Spring Security Login (Freemarker)</h1>
-
-    <form name="f" action="authenticate" method="POST">
-      <table>
-        <tr><td>User:</td><td><input type='text' name='username' value=''/></td></tr>
-        <tr><td>Password:</td><td><input type='password' name='password' value=''/></td></tr>
-        <tr><td><input type="checkbox" name="remember-me"/></td><td>Don't ask for my password for two weeks</td></tr>
-
-        <tr><td colspan='2'><input name="submit" type="submit"></td></tr>
-        <tr><td colspan='2'><input name="reset" type="reset"></td></tr>
-      </table>
-
-    </form>
-
-  </body>
-</html>
diff --git a/sandbox/webflow/src/main/webapp/WEB-INF/jsp/listAccounts.jsp b/sandbox/webflow/src/main/webapp/WEB-INF/jsp/listAccounts.jsp
deleted file mode 100644
index 548f43f3ba..0000000000
--- a/sandbox/webflow/src/main/webapp/WEB-INF/jsp/listAccounts.jsp
+++ /dev/null
@@ -1,27 +0,0 @@
-<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core_rt"%>
-
-<h1>Accounts</h1>
-
-<a href="index.jsp">Home3</a><br><br>
-
-<table>
-<c:forEach var="account" items="${accounts}">
-  <tr>
-  <td>
-      <c:out value="${account.id}"/>
-  </td>
-  <td>
-      <c:out value="${account.holder}"/>
-  </td>
-  <td>
-      <c:out value="${account.balance}"/>
-  </td>
-  <td>
-      <a href="post.html?id=<c:out value="${account.id}"/>&amount=-20.00">-$20</a>
-      <a href="post.html?id=<c:out value="${account.id}"/>&amount=-5.00">-$5</a>
-      <a href="post.html?id=<c:out value="${account.id}"/>&amount=5.00">+$5</a>
-      <a href="post.html?id=<c:out value="${account.id}"/>&amount=20.00">+$20</a>
-  </td>
-  </tr>
-</c:forEach>
-</table>
\ No newline at end of file
diff --git a/sandbox/webflow/src/main/webapp/WEB-INF/secure.xml b/sandbox/webflow/src/main/webapp/WEB-INF/secure.xml
deleted file mode 100644
index 43f1ef9eec..0000000000
--- a/sandbox/webflow/src/main/webapp/WEB-INF/secure.xml
+++ /dev/null
@@ -1,19 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<flow xmlns="http://www.springframework.org/schema/webflow"
-	  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	  xsi:schemaLocation="http://www.springframework.org/schema/webflow http://www.springframework.org/schema/webflow/spring-webflow-2.0.xsd">
-
-	<secured attributes="ROLE_USER" />
-
-	<input name="x"/>
-
-	<view-state id="form">
-		<transition on="submit" to="finish" />
-	</view-state>
-
-	<end-state id="finish">
-		<output name="x"/>
-	</end-state>
-
-
-</flow>
\ No newline at end of file
diff --git a/sandbox/webflow/src/main/webapp/WEB-INF/security-config.xml b/sandbox/webflow/src/main/webapp/WEB-INF/security-config.xml
deleted file mode 100644
index 297c358d35..0000000000
--- a/sandbox/webflow/src/main/webapp/WEB-INF/security-config.xml
+++ /dev/null
@@ -1,36 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-	   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	   xmlns:security="http://www.springframework.org/schema/security"
-	   xsi:schemaLocation="
-		   http://www.springframework.org/schema/beans
-		   http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-		   http://www.springframework.org/schema/security
-		   http://www.springframework.org/schema/security/spring-security-2.0.2.xsd">
-
-	<!-- Configure Spring Security -->
-	<security:http auto-config="true">
-		<security:form-login login-page="/app/login" login-processing-url="/app/authenticate" authentication-failure-url="/app/login?login_error=1" />
-		<security:logout logout-url="/app/logout" />
-	</security:http>
-
-	<!--
-		Define local authentication provider, a real app would use an external provider (JDBC, LDAP, CAS, etc)
-
-		usernames/passwords are:
-			keith/melbourne
-			erwin/leuven
-			jeremy/atlanta
-			scott/rochester
-	-->
-	<security:authentication-provider>
-		<security:password-encoder hash="md5" />
-		<security:user-service>
-			<security:user name="keith" password="417c7382b16c395bc25b5da1398cf076" authorities="ROLE_USER, ROLE_SUPERVISOR" />
-			<security:user name="erwin" password="12430911a8af075c6f41c6976af22b09" authorities="ROLE_USER, ROLE_SUPERVISOR" />
-			<security:user name="jeremy" password="57c6cbff0d421449be820763f03139eb" authorities="ROLE_USER" />
-			<security:user name="scott" password="942f2339bf50796de535a384f0d1af3e" authorities="ROLE_USER" />
-		</security:user-service>
-	</security:authentication-provider>
-
-</beans>
\ No newline at end of file
diff --git a/sandbox/webflow/src/main/webapp/WEB-INF/web.xml b/sandbox/webflow/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index 2291e594e4..0000000000
--- a/sandbox/webflow/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,74 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  - Tutorial web application
-  -
-  -->
-
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4">
-
-	<display-name>Spring Security Tutorial Application</display-name>
-
-	<!--
-	  - Location of the XML file that defines the root application context
-	  - Applied by ContextLoaderListener.
-	  -->
-	<context-param>
-		<param-name>contextConfigLocation</param-name>
-		<param-value>
-			/WEB-INF/security-config.xml
-		</param-value>
-	</context-param>
-
-	<context-param>
-		<param-name>log4jConfigLocation</param-name>
-		<param-value>/WEB-INF/classes/log4j.properties</param-value>
-	</context-param>
-
-	<filter>
-		<filter-name>springSecurityFilterChain</filter-name>
-		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
-	</filter>
-
-	<filter-mapping>
-	  <filter-name>springSecurityFilterChain</filter-name>
-	  <url-pattern>/*</url-pattern>
-	</filter-mapping>
-
-	<!--
-	  - Loads the root application context of this web app at startup.
-	  - The application context is then available via
-	  - WebApplicationContextUtils.getWebApplicationContext(servletContext).
-	-->
-	<listener>
-		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-	</listener>
-
-	<!--
-	  - Publishes events for session creation and destruction through the application
-	  - context. Optional unless concurrent session control is being used.
-	  -->
-	<listener>
-	  <listener-class>org.springframework.security.ui.session.HttpSessionEventPublisher</listener-class>
-	</listener>
-
-	<listener>
-		<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
-	</listener>
-
-  <!--
-	- Provides core MVC application controller. See contacts-servlet.xml.
-	-->
-	<servlet>
-		<servlet-name>webflow</servlet-name>
-		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
-		<load-on-startup>1</load-on-startup>
-	</servlet>
-
-	<servlet-mapping>
-		<servlet-name>webflow</servlet-name>
-		<url-pattern>/app/*</url-pattern>
-	 </servlet-mapping>
-
-</web-app>
diff --git a/sandbox/webflow/src/main/webapp/WEB-INF/webflow-servlet.xml b/sandbox/webflow/src/main/webapp/WEB-INF/webflow-servlet.xml
deleted file mode 100644
index 2205b387fd..0000000000
--- a/sandbox/webflow/src/main/webapp/WEB-INF/webflow-servlet.xml
+++ /dev/null
@@ -1,59 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<beans xmlns="http://www.springframework.org/schema/beans"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xmlns:webflow="http://www.springframework.org/schema/webflow-config"
-	xsi:schemaLocation="
-		http://www.springframework.org/schema/beans
-		http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-		http://www.springframework.org/schema/webflow-config
-		http://www.springframework.org/schema/webflow-config/spring-webflow-config-2.0.xsd">
-
-	<bean class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
-		<property name="mappings">
-			<value>
-				/secure=flowController
-			</value>
-		</property>
-		<property name="defaultHandler">
-			<bean class="org.springframework.web.servlet.mvc.UrlFilenameViewController" />
-		</property>
-	</bean>
-
-	<bean id="freemarkerConfig" class="org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer">
-	  <property name="templateLoaderPath" value="/WEB-INF/freemarker/"/>
-	</bean>
-
-	<bean id="viewResolver" class="org.springframework.web.servlet.view.freemarker.FreeMarkerViewResolver">
-		<property name="prefix" value=""/>
-		<property name="suffix" value=".ftl"/>
-	</bean>
-
-	<bean class="org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter" />
-
-	<bean id="flowController" class="org.springframework.webflow.mvc.servlet.FlowController">
-		<property name="flowExecutor" ref="flowExecutor"/>
-	</bean>
-
-	<!-- Executes flows: the entry point into the Spring Web Flow system -->
-	<webflow:flow-executor id="flowExecutor">
-		<webflow:flow-execution-listeners>
-			<webflow:listener ref="securityFlowExecutionListener" />
-		</webflow:flow-execution-listeners>
-	</webflow:flow-executor>
-
-	<!-- The registry of executable flow definitions -->
-	<webflow:flow-registry id="flowRegistry" flow-builder-services="flowBuilderServices">
-		<webflow:flow-location id="secure" path="/WEB-INF/secure.xml" />
-	</webflow:flow-registry>
-
-	<!-- Plugs in a custom creator for Web Flow views -->
-	<webflow:flow-builder-services id="flowBuilderServices" view-factory-creator="mvcViewFactoryCreator" />
-
-	<bean id="mvcViewFactoryCreator" class="org.springframework.webflow.mvc.builder.MvcViewFactoryCreator">
-		<property name="viewResolvers" ref="viewResolver"/>
-	</bean>
-
-	<bean id="securityFlowExecutionListener" class="org.springframework.webflow.security.SecurityFlowExecutionListener" />
-
-</beans>
\ No newline at end of file
diff --git a/sandbox/webflow/src/main/webapp/index.html b/sandbox/webflow/src/main/webapp/index.html
deleted file mode 100644
index c15ad36daa..0000000000
--- a/sandbox/webflow/src/main/webapp/index.html
+++ /dev/null
@@ -1 +0,0 @@
-Hi. I'm the index.
\ No newline at end of file
diff --git a/sandbox/webflow/src/main/webapp/secure/extreme/index.jsp b/sandbox/webflow/src/main/webapp/secure/extreme/index.jsp
deleted file mode 100644
index 4aac84c981..0000000000
--- a/sandbox/webflow/src/main/webapp/secure/extreme/index.jsp
+++ /dev/null
@@ -1,15 +0,0 @@
-<%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags" %>
-
-<html>
-<body>
-<h1>VERY Secure Page</h1>
-This is a protected page. You can only see me if you are a supervisor.
-
-<authz:authorize access="hasRole('ROLE_SUPERVISOR')">
-   You have "ROLE_SUPERVISOR" (this text is surrounded by &lt;authz:authorize&gt; tags).
-</authz:authorize>
-
-<p><a href="../../">Home</a>
-<p><a href="../../logout">Logout</a>
-</body>
-</html>
\ No newline at end of file
diff --git a/sandbox/webflow/src/main/webapp/secure/index.jsp b/sandbox/webflow/src/main/webapp/secure/index.jsp
deleted file mode 100644
index 90678e7643..0000000000
--- a/sandbox/webflow/src/main/webapp/secure/index.jsp
+++ /dev/null
@@ -1,36 +0,0 @@
-<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
-
-<html>
-<body>
-<h1>Secure Page</h1>
-<p>
-This is a protected page. You can get to me if you've been remembered,
-or if you've authenticated this session.
-</p>
-
-<sec:authorize access="hasRole('ROLE_SUPERVISOR')">
-    You are a supervisor! You can therefore see the <a href="extreme/index.jsp">extremely secure page</a>.<br/><br/>
-</sec:authorize>
-
-<h3>Properties obtained using &lt;sec:authentication /&gt; tag</h3>
-<table border="1">
-<tr><th>Tag</th><th>Value</th></tr>
-<tr>
-<td>&lt;sec:authentication property='name' /&gt;</td><td><sec:authentication property="name"/></td>
-</tr>
-<tr>
-<td>&lt;sec:authentication property='principal.username' /&gt;</td><td><sec:authentication property="principal.username"/></td>
-</tr>
-<tr>
-<td>&lt;sec:authentication property='principal.enabled' /&gt;</td><td><sec:authentication property="principal.enabled"/></td>
-</tr>
-<tr>
-<td>&lt;sec:authentication property='principal.accountNonLocked' /&gt;</td><td><sec:authentication property="principal.accountNonLocked"/></td>
-</tr>
-</table>
-
-
-<p><a href="../">Home</a>
-<p><a href="../logout">Logout</a>
-</body>
-</html>
\ No newline at end of file