diff --git a/config/alfresco/application-context.xml b/config/alfresco/application-context.xml
index 2e935fd494..9f5483131c 100644
--- a/config/alfresco/application-context.xml
+++ b/config/alfresco/application-context.xml
@@ -17,7 +17,7 @@
     <import resource="classpath:alfresco/network-protocol-context.xml" />
     <import resource="classpath:alfresco/email-service-context.xml" />
     <import resource="classpath:alfresco/content-services-context.xml" />
-    <import resource="classpath*:alfresco/extension/mt/mt-contentstore-context.xml"/>    
+    <import resource="classpath*:alfresco/extension/mt/mt-contentstore-context.xml"/>
     <import resource="classpath:alfresco/hibernate-context.xml" />
     <import resource="classpath:alfresco/ownable-services-context.xml" />
     <import resource="classpath:alfresco/template-services-context.xml" />
@@ -27,8 +27,8 @@
     <import resource="classpath:alfresco/authentication-services-context.xml" />
     <import resource="classpath:alfresco/policy-context.xml" />
     <import resource="classpath:alfresco/import-export-context.xml" />
-    <import resource="classpath:alfresco/bootstrap-context.xml" />        
-    <import resource="classpath:alfresco/repo-admin-context.xml"/>   
+    <import resource="classpath:alfresco/bootstrap-context.xml" />
+    <import resource="classpath:alfresco/repo-admin-context.xml"/>
     <import resource="classpath:alfresco/workflow-context.xml" />
     <import resource="classpath:alfresco/jcr-api-context.xml" />
     <import resource="classpath:alfresco/avm-services-context.xml" />
@@ -36,7 +36,6 @@
     <import resource="classpath:alfresco/attributes-service-context.xml"/>
     <import resource="classpath:alfresco/linkvalidation-service-context.xml"/>
     <import resource="classpath:alfresco/remote-services-context.xml"/>
-    <import resource="classpath:alfresco/simple-permissions-context.xml"/>
     <import resource="classpath*:alfresco/patch/*-context.xml" />
     <import resource="classpath*:alfresco/domain/*-context.xml" />
 
@@ -47,18 +46,18 @@
     -->
     <import resource="classpath*:alfresco/module-context.xml" />
 
-    <!-- 
+    <!--
          Import of general extensions and bean overrides.
 
-         To give developers final control over the tuning 
-         of their own local build, the dev-context.xml file 
+         To give developers final control over the tuning
+         of their own local build, the dev-context.xml file
          is processed last  (note: dev-context.xml isn't
-         part of the source tree itself).  
-         
+         part of the source tree itself).
+
          For details, see:
          http://wiki.alfresco.com/wiki/Developer_Runtime_Configuration
     -->
     <import resource="classpath*:alfresco/extension/*-context.xml"/>
     <import resource="classpath*:alfresco/extension/dev-context.xml" />
-    
+
 </beans>
diff --git a/config/alfresco/authentication-services-context.xml b/config/alfresco/authentication-services-context.xml
index e1c71a6898..1265f434de 100644
--- a/config/alfresco/authentication-services-context.xml
+++ b/config/alfresco/authentication-services-context.xml
@@ -9,10 +9,10 @@
 <!-- Acegi is used for authentication and protecting method calls on public -->
 <!-- services. To do this requires our authentication mechanism to work     -->
 <!-- within the acegi framework.                                            -->
-<!--                                                                        --> 
+<!--                                                                        -->
 <!-- It is important to decide if user names are case sensitive or not.     -->
 <!-- This is configured in repository.properties.                           -->
-<!--                                                                        -->  
+<!--                                                                        -->
 <!--                                                                        -->
 <!-- TODO:                                                                  -->
 <!--                                                                        -->
@@ -20,8 +20,8 @@
 <!-- file. This should be done in the public services definitions.          -->
 <!-- This requires some tests to be fixed up.                               -->
 <!--                                                                        -->
-                                                                         
-    
+
+
 <beans>
     <!--                                                                    -->
     <!-- The Acegi authentication manager.                                  -->
@@ -96,13 +96,10 @@
        <property name="passwordEncoder">
            <ref bean="passwordEncoder" />
        </property>
-       <property name="authorityCapabilityRegistry">
-           <ref bean="authorityCapabilityRegistry"/>
-       </property>
     </bean>
 
     <!-- The DAO also acts as a salt provider.                              -->
-    
+
     <alias alias="saltSource" name="authenticationDao"/>
 
     <!-- Passwords are encoded using MD4                                    -->
@@ -119,7 +116,7 @@
     <!--                                                                    -->
     <!-- The permissions service is required so that permissions can be     -->
     <!-- cleaned up when a user is deleted.                                 -->
-    
+
     <bean id="authenticationService" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
         <property name="authenticationDao">
             <ref bean="authenticationDao" />
@@ -150,7 +147,7 @@
             </props>
         </property>
     </bean>
-    
+
     <bean id="authenticationComponent" class="org.alfresco.repo.security.authentication.AuthenticationComponentImpl">
         <property name="authenticationDao">
             <ref bean="authenticationDao" />
@@ -163,19 +160,19 @@
         </property>
     </bean>
 
-    
+
     <!-- Simple Authentication component that rejects all authentication requests -->
     <!-- Use this defintion for Novell IChain integration.                        -->
     <!-- It should never go to the login screen  so this is not required          -->
-    
+
     <!--
     <bean id="authenticationComponent" class="org.alfresco.repo.security.authentication.SimpleAcceptOrRejectAllAuthenticationComponentImpl">
         <property name="accept">
             <value>true</value>
-        </property>    
+        </property>
     </bean>
     -->
-    
+
 
     <!-- The person service.                                                -->
 
@@ -255,7 +252,7 @@
             <ref bean="userHomesHomeFolderProvider" />
         </property>
     </bean>
-    
+
     <bean name="companyHomeFolderProvider" class="org.alfresco.repo.security.person.ExistingPathBasedHomeFolderProvider">
         <property name="serviceRegistry">
             <ref bean="ServiceRegistry" />
@@ -270,7 +267,7 @@
             <ref bean="homeFolderManager" />
         </property>
     </bean>
-    
+
     <bean name="guestHomeFolderProvider" class="org.alfresco.repo.security.person.ExistingPathBasedHomeFolderProvider">
         <property name="serviceRegistry">
             <ref bean="ServiceRegistry" />
@@ -290,13 +287,13 @@
             </set>
         </property>
     </bean>
-    
+
     <bean name="bootstrapHomeFolderProvider" class="org.alfresco.repo.security.person.BootstrapHomeFolderProvider">
         <property name="homeFolderManager">
             <ref bean="homeFolderManager" />
         </property>
     </bean>
-    
+
     <bean name="personalHomeFolderProvider" class="org.alfresco.repo.security.person.UIDBasedHomeFolderProvider">
         <property name="serviceRegistry">
             <ref bean="ServiceRegistry" />
@@ -324,7 +321,7 @@
             </set>
         </property>
     </bean>
-    
+
     <bean name="userHomesHomeFolderProvider" class="org.alfresco.repo.security.person.UIDBasedHomeFolderProvider">
         <property name="serviceRegistry">
             <ref bean="ServiceRegistry" />
@@ -352,8 +349,8 @@
             </set>
         </property>
     </bean>
-    
-    
+
+
     <!-- The ticket component.                                              -->
     <!-- Used for reauthentication                                          -->
     <bean id="ticketComponent" class="org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl">
diff --git a/config/alfresco/authority-services-context.xml b/config/alfresco/authority-services-context.xml
index c6af6b9f48..2cade7c63e 100644
--- a/config/alfresco/authority-services-context.xml
+++ b/config/alfresco/authority-services-context.xml
@@ -9,9 +9,9 @@
 <!-- This implementation supports the identification of users as admin users. -->
 <!-- It also supports groups and allows groups and users to be arranged into  -->
 <!-- hierarchies.                                                             -->
-<!--                                                                          --> 
+<!--                                                                          -->
 <beans>
-    
+
     <bean id="authorityService" class="org.alfresco.repo.security.authority.AuthorityServiceImpl">
         <property name="authenticationComponent">
             <ref bean="authenticationComponent" />
@@ -51,13 +51,13 @@
     		</set>
         </property>
     </bean>
-    
+
     <!-- Authority DAO that stores group information along with user information, -->
     <!-- in the repository.                                                       -->
     <!--                                                                          -->
     <!-- This bean uses the userToAuthorityCache configured in cache-context.xml  -->
     <!--                                                                          -->
-    <bean id="authorityDAO" class="org.alfresco.repo.security.authority.AuthorityDAOImpl">   
+    <bean id="authorityDAO" class="org.alfresco.repo.security.authority.AuthorityDAOImpl">
         <property name="nodeService">
             <ref bean="nodeService" />
         </property>
@@ -73,9 +73,6 @@
         <property name="userToAuthorityCache">
             <ref bean="userToAuthorityCache" />
         </property>
-        <property name="authorityCapabilityRegistry">
-        	<ref bean="authorityCapabilityRegistry"/>
-        </property>
     </bean>
-    
+
 </beans>
\ No newline at end of file
diff --git a/config/alfresco/bootstrap-context.xml b/config/alfresco/bootstrap-context.xml
index 5b13075c2c..cbd185cf06 100644
--- a/config/alfresco/bootstrap-context.xml
+++ b/config/alfresco/bootstrap-context.xml
@@ -4,14 +4,14 @@
 
 <!--
     Repository Bootstrap Sequence.
-    
+
     This file specifies the initialisation (and order of initialisation) to perform during Repository startup.
-    
+
     The pattern for adding new initialisation to the bootstrap sequence is as follows:
-    
+
     1) Develop a bean that implements the Spring interface ApplicationListener
     2) Place the initialisation logic in the method onApplicationEvent(ApplicationEvent event)...
-    
+
        public void onApplicationEvent(ApplicationEvent event)
        {
           if (event instanceof ContextRefreshedEvent)
@@ -19,7 +19,7 @@
              // initialisation logic here
           }
        }
-       
+
     3) Add the bean definition to this file - Note: the beans are initialised in the order they are specified.
 -->
 
@@ -60,7 +60,7 @@
           </list>
        </property>
     </bean>
-    
+
     <!-- Bootstrap the AVM -->
     <bean id="avmBootstrap" class="org.alfresco.repo.avm.AvmBootstrap" >
        <property name="issuers">
@@ -73,7 +73,7 @@
        	 <ref bean="avmLockingAwareService"/>
        </property>
     </bean>
- 
+
     <!-- Bootstrap AVM Locking Service. -->
     <bean id="avmLockingBootstrap" class="org.alfresco.repo.avm.locking.AVMLockingBootstrap">
        <property name="avmLockingService">
@@ -203,7 +203,7 @@
                     <prop key="path">/${spaces.company_home.childname}/${spaces.dictionary.childname}</prop>
                     <prop key="location">alfresco/bootstrap/webScriptsReadme.xml</prop>
                 </props>
-                
+
                 <props>
                     <prop key="path">/${spaces.company_home.childname}/${spaces.dictionary.childname}</prop>
                     <prop key="location">alfresco/bootstrap/customModelsSpace.acp</prop>
@@ -216,16 +216,16 @@
                     <prop key="path">/${spaces.company_home.childname}/${spaces.dictionary.childname}</prop>
                     <prop key="location">alfresco/bootstrap/customWebClientExtensionSpace.xml</prop>
                 </props>
-                      
+
                 <props>
                     <prop key="path">/${spaces.company_home.childname}/${spaces.dictionary.childname}</prop>
                     <prop key="location">alfresco/bootstrap/customWorkflowDefsSpace.acp</prop>
                 </props>
-                                                 
+
             </list>
         </property>
     </bean>
-    
+
     <import resource="classpath:alfresco/bootstrap/st-admin-context.xml"/>
     <import resource="classpath*:alfresco/extension/mt/mt-admin-context.xml"/>
 
@@ -274,15 +274,8 @@
 		</property>
 	</bean>
 
-	<!-- Bootstrap for the authorityCapabilityRegistry -->    
- 	<bean id="authorityCapabilityBootstrap" class="org.alfresco.repo.simple.permission.AuthorityCapabilityBootstrap">
- 	    <property name="authorityCapabilityRegistry">
- 	        <ref bean="authorityCapabilityRegistry"/>
- 	    </property>
- 	</bean>
-
     <!-- Bootstrap any extensions -->
-    
+
     <import resource="classpath*:alfresco/extension/bootstrap/*-context.xml" />
 
     <!-- Descriptor Service -->
@@ -310,13 +303,13 @@
 
     <!-- Perform index recovery before applying any patches -->
     <!-- rebuild the index if required - before we check that it is there -->
-    
+
     <bean id="indexRecoveryBootstrap" class="org.alfresco.repo.node.index.IndexRecoveryBootstrapBean" >
        <property name="indexRecoveryComponent">
            <ref bean="indexRecoveryComponent"/>
        </property>
     </bean>
-    
+
     <bean id="avmIndexRecoveryBootstrap" class="org.alfresco.repo.node.index.IndexRecoveryBootstrapBean" >
        <property name="indexRecoveryComponent">
           <ref bean="avmIndexRecoveryComponent"/>
@@ -385,15 +378,15 @@
            <ref bean="fileServersConfigService"/>
        </property>
     </bean>
-    
+
     <bean id="cifsServer" class="org.alfresco.filesys.CIFSServer" destroy-method="stopServer">
         <constructor-arg>
            <ref local="fileServerConfiguration"/>
         </constructor-arg>
     </bean>
-   
+
     <!-- FTP Server -->
-    
+
     <bean id="ftpServer" class="org.alfresco.filesys.FTPServer" destroy-method="stopServer">
         <constructor-arg>
            <ref local="fileServerConfiguration"/>
@@ -401,7 +394,7 @@
     </bean>
 
     <!-- NFS Server -->
-    
+
     <bean id="nfsServer" class="org.alfresco.filesys.NFSServer" destroy-method="stopServer">
         <constructor-arg>
            <ref local="fileServerConfiguration"/>
@@ -409,13 +402,13 @@
     </bean>
 
     <!-- Start the quartz scheduler -->
-    
+
     <bean id="schedulerStarter" class="org.alfresco.util.SchedulerStarterBean" >
        <property name="scheduler">
            <ref bean="schedulerFactory"/>
        </property>
     </bean>
-       
+
 	<!-- Startup Message -->
 
     <bean id="openOfficeConnectionTester" class="org.alfresco.util.OpenOfficeConnectionTester" >
@@ -432,7 +425,7 @@
 	       	<ref local="descriptorComponent"/>
        </property>
 	</bean>
-	
+
     <!-- Workflow Scheduler -->
     <bean id="workflowScheduler" class="org.alfresco.repo.workflow.jbpm.JBPMScheduler">
        <property name="JBPMTemplate" ref="jbpm_template" />
@@ -446,5 +439,5 @@
         </constructor-arg>
     </bean>
     -->
-   
+
 </beans>
diff --git a/config/alfresco/hibernate-context.xml b/config/alfresco/hibernate-context.xml
index b12c77277d..8b36c30b19 100644
--- a/config/alfresco/hibernate-context.xml
+++ b/config/alfresco/hibernate-context.xml
@@ -3,7 +3,7 @@
 
 <beans>
 
-    <!-- load hibernate configuration properties -->    
+    <!-- load hibernate configuration properties -->
     <bean id="hibernateConfigProperties" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
         <property name="locations">
             <list>
@@ -11,7 +11,7 @@
             </list>
         </property>
     </bean>
-    <!-- load hibernate entity cache strategies -->    
+    <!-- load hibernate entity cache strategies -->
     <bean id="cacheStrategiesPlaceholderConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
         <property name="ignoreUnresolvablePlaceholders">
             <value>true</value>
@@ -38,7 +38,7 @@
                 <!--  -->
                 <!-- Alfresco Node Storage -->
                 <!--  -->
-                
+
                 <value>org/alfresco/repo/domain/hibernate/Node.hbm.xml</value>
                 <value>org/alfresco/repo/domain/hibernate/Store.hbm.xml</value>
                 <value>org/alfresco/repo/domain/hibernate/Transaction.hbm.xml</value>
@@ -47,8 +47,7 @@
                 <value>org/alfresco/repo/domain/hibernate/Permission.hbm.xml</value>
                 <value>org/alfresco/repo/avm/hibernate/AVM.hbm.xml</value>
                 <value>org/alfresco/repo/attributes/hibernate/Attributes.hbm.xml</value>
-                <value>org/alfresco/repo/simple/permission/AuthorityCapability.hbm.xml</value>
-                
+
                 <!-- Audit config -->
                 <!-- TODO: Move into org/alfresco/repo/domain/hibernate/ -->
                 <value>org/alfresco/repo/audit/hibernate/Audit.hbm.xml</value>
@@ -111,7 +110,7 @@
                 <value>org/jbpm/job/ExecuteActionJob.hbm.xml</value>
                 <value>org/jbpm/taskmgmt/exe/TaskMgmtInstance.hbm.xml</value>
                 <value>org/jbpm/taskmgmt/exe/TaskInstance.hbm.xml</value>
-                <value>org/alfresco/repo/workflow/jbpm/WorkflowTaskInstance.hbm.xml</value>           
+                <value>org/alfresco/repo/workflow/jbpm/WorkflowTaskInstance.hbm.xml</value>
                 <value>org/jbpm/taskmgmt/exe/PooledActor.hbm.xml</value>
                 <value>org/jbpm/taskmgmt/exe/SwimlaneInstance.hbm.xml</value>
                 <value>org/jbpm/logging/log/ProcessLog.hbm.xml</value>
@@ -158,12 +157,12 @@
                 <prop key="org.alfresco.repo.domain.hibernate.ServerImpl">${cache.strategy}</prop>
                 <prop key="org.alfresco.repo.domain.hibernate.VersionCountImpl">${cache.strategy}</prop>
                 <prop key="org.alfresco.repo.domain.hibernate.AppliedPatchImpl">${cache.strategy}</prop>
-                
+
                 <prop key="org.alfresco.repo.domain.hibernate.DbAccessControlListImpl">${cache.strategy}</prop>
                 <prop key="org.alfresco.repo.domain.hibernate.DbAccessControlEntryImpl">${cache.strategy}</prop>
                 <prop key="org.alfresco.repo.domain.hibernate.DbPermissionImpl">${cache.strategy}</prop>
                 <prop key="org.alfresco.repo.domain.hibernate.DbAuthorityImpl">${cache.strategy}</prop>
-                
+
                  <prop key="org.alfresco.repo.audit.hibernate.AuditConfigImpl">${cache.strategy}</prop>
                  <prop key="org.alfresco.repo.audit.hibernate.AuditDateImpl">${cache.strategy}</prop>
                  <prop key="org.alfresco.repo.audit.hibernate.AuditSourceImpl">${cache.strategy}</prop>
@@ -182,7 +181,7 @@
             </props>
         </property>
     </bean>
-    
+
     <!-- create a transaction manager -->
     <bean id="transactionManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager">
         <property name="transactionSynchronizationName">
@@ -192,14 +191,14 @@
             <ref bean="sessionFactory" />
         </property>
     </bean>
-    
+
     <!-- Hibernate-specific implementations of persistence components -->
    <bean id="versionCounterDaoComponent" class="org.alfresco.repo.domain.hibernate.VersionCounterDaoComponentImpl">
       <property name="sessionFactory">
          <ref bean="sessionFactory" />
       </property>
    </bean>
-   
+
    <bean id="permissionsDaoComponent" class="org.alfresco.repo.domain.hibernate.PermissionsDaoComponentImpl">
       <property name="sessionFactory">
          <ref bean="sessionFactory" />
@@ -214,7 +213,7 @@
  		 <ref bean="nodeACLDAO"/>
  	  </property>
    </bean>
-   
+
 	<bean id="nodeACLDAO" class="org.alfresco.repo.domain.hibernate.NodeAccessControlListDAO">
       <property name="nodeDaoService">
          <ref bean="nodeDaoService" />
@@ -223,13 +222,13 @@
 			<ref bean="sessionFactory"/>
 		</property>
 	</bean>
-	
+
 	<bean id="avmACLDAO" class="org.alfresco.repo.domain.hibernate.AVMAccessControlListDAO">
 		<property name="avmRepository">
 			<ref bean="avmRepository"/>
 		</property>
    </bean>
-	
+
    <bean id="nodeDaoServiceImpl" class="org.alfresco.repo.node.db.hibernate.HibernateNodeDaoServiceImpl">
       <property name="sessionFactory">
          <ref bean="sessionFactory" />
@@ -239,9 +238,9 @@
       </property>
       <property name="tenantService">
           <ref bean="tenantService"/>
-      </property>    
+      </property>
    </bean>
-    
+
    <bean id="dbNodeDaoServiceTxnRegistration" class="org.alfresco.repo.transaction.TransactionalDaoInterceptor" >
       <property name="daoService">
          <ref bean="nodeDaoServiceImpl" />
@@ -253,7 +252,7 @@
          <ref bean="permissionsDaoComponent" />
       </property>
    </bean>
-    
+
    <bean id="nodeDaoService" class="org.springframework.aop.framework.ProxyFactoryBean">
       <property name="proxyInterfaces">
          <value>org.alfresco.repo.node.db.NodeDaoService</value>
@@ -268,7 +267,7 @@
       </property>
    </bean>
 
-    
+
     <bean id="auditDao" class="org.alfresco.repo.audit.hibernate.HibernateAuditDAO">
         <property name="sessionFactory">
             <ref bean="sessionFactory"/>
@@ -280,5 +279,5 @@
           <ref bean="&amp;sessionFactory"></ref>  <!-- inject the actual factory, not a session -->
         </property>
     </bean>
-    
+
 </beans>
\ No newline at end of file
diff --git a/config/alfresco/simple-permissions-context.xml b/config/alfresco/simple-permissions-context.xml
deleted file mode 100644
index 6956ab4675..0000000000
--- a/config/alfresco/simple-permissions-context.xml
+++ /dev/null
@@ -1,41 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd" >
-<beans>
-
-	<bean id="authorityEntryDAO" class="org.alfresco.repo.simple.permission.AuthorityEntryDAOHibernate">
-		<property name="sessionFactory">
-			<ref bean="sessionFactory"/>
-		</property>
-	</bean>
-
-	<bean id="capabilityEntryDAO" class="org.alfresco.repo.simple.permission.CapabilityEntryDAOHibernate">
-	    <property name="sessionFactory">
-	        <ref bean="sessionFactory"/>
-	    </property>
-	</bean>
-
-    <bean id="authorityCapabilityRegistry" class="org.alfresco.repo.simple.permission.AuthorityCapabilityRegistryImpl">
-    	<property name="authorityEntryDAO">
-    		<ref bean="authorityEntryDAO"/>
-    	</property>
-    	<property name="capabilityEntryDAO">
-    		<ref bean="capabilityEntryDAO"/>
-    	</property>
-        <property name="capabilities">
-            <set>
-                <value>read</value>
-                <value>write</value>
-                <value>delete</value>
-                <value>shimmy</value>
-                <value>shake</value>
-            </set>
-        </property>
-        <property name="retryingTransactionHelper">
-            <ref bean="retryingTransactionHelper"/>
-        </property>
-        <property name="authorityService">
-            <ref bean="authorityService"/>
-        </property>
-    </bean>
-    
-</beans>
diff --git a/config/alfresco/version.properties b/config/alfresco/version.properties
index c0f6811559..87a05c9f2f 100644
--- a/config/alfresco/version.properties
+++ b/config/alfresco/version.properties
@@ -19,4 +19,4 @@ version.build=@build-number@
 
 # Schema number
 
-version.schema=107
+version.schema=108
diff --git a/source/java/org/alfresco/repo/avm/util/RawServices.java b/source/java/org/alfresco/repo/avm/util/RawServices.java
index 44ab0ac473..d73440e8d7 100644
--- a/source/java/org/alfresco/repo/avm/util/RawServices.java
+++ b/source/java/org/alfresco/repo/avm/util/RawServices.java
@@ -1,5 +1,5 @@
 /**
- * 
+ *
  */
 package org.alfresco.repo.avm.util;
 
@@ -10,7 +10,6 @@ import org.alfresco.service.cmr.dictionary.DictionaryService;
 import org.alfresco.service.cmr.repository.ContentService;
 import org.alfresco.service.cmr.repository.MimetypeService;
 import org.alfresco.service.cmr.security.AuthorityService;
-import org.alfresco.service.simple.permission.AuthorityCapabilityRegistry;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.ApplicationContextAware;
 
@@ -24,75 +23,70 @@ public class RawServices implements ApplicationContextAware
      * The instance of RawServices
      */
     private static RawServices fgInstance;
-    
+
     /**
      * The Application Context.
      */
-    private ApplicationContext fContext; 
-    
+    private ApplicationContext fContext;
+
     /**
      * The AuthenticationComponent.
      */
     private AuthenticationComponent fAuthenticationComponent;
-    
+
     /**
      * The Content Service.
      */
     private ContentService fContentService;
-    
+
     /**
      * The Mimetype Service.
      */
     private MimetypeService fMimetypeService;
-    
+
     /**
      * The Dictionary Service.
      */
     private DictionaryService fDictionaryService;
-    
+
     /**
      * The Content Store.
      */
     private ContentStore fContentStore;
-    
+
     /**
      * The LookupCache.
      */
     private LookupCache fLookupCache;
-    
+
     /**
      * The Authority Service.
      */
     private AuthorityService fAuthorityService;
-    
-    /**
-     * The CapabilityRegistry.
-     */
-    private AuthorityCapabilityRegistry fCapabilityRegistry;
-    
+
     /**
      * Default constructor.
      */
     public RawServices()
     {
-        fgInstance = this;    
+        fgInstance = this;
     }
-    
+
     public static RawServices Instance()
     {
         return fgInstance;
     }
-    
+
     public void setApplicationContext(ApplicationContext applicationContext)
     {
         fContext = applicationContext;
     }
-    
+
     public AuthenticationComponent getAuthenticationComponent()
     {
         if (fAuthenticationComponent == null)
         {
-            fAuthenticationComponent = 
+            fAuthenticationComponent =
                 (AuthenticationComponent)fContext.getBean("authenticationComponent");
         }
         return fAuthenticationComponent;
@@ -102,7 +96,7 @@ public class RawServices implements ApplicationContextAware
     {
         if (fContentService == null)
         {
-            fContentService = 
+            fContentService =
                 (ContentService)fContext.getBean("contentService");
         }
         return fContentService;
@@ -112,12 +106,12 @@ public class RawServices implements ApplicationContextAware
     {
         if (fMimetypeService == null)
         {
-            fMimetypeService = 
+            fMimetypeService =
                 (MimetypeService)fContext.getBean("mimetypeService");
         }
         return fMimetypeService;
     }
-    
+
     public DictionaryService getDictionaryService()
     {
         if (fDictionaryService == null)
@@ -127,7 +121,7 @@ public class RawServices implements ApplicationContextAware
         }
         return fDictionaryService;
     }
-    
+
     public ContentStore getContentStore()
     {
         if (fContentStore == null)
@@ -137,7 +131,7 @@ public class RawServices implements ApplicationContextAware
         }
         return fContentStore;
     }
-    
+
     public LookupCache getLookupCache()
     {
         if (fLookupCache == null)
@@ -146,7 +140,7 @@ public class RawServices implements ApplicationContextAware
         }
         return fLookupCache;
     }
-    
+
     public AuthorityService getAuthorityService()
     {
         if (fAuthorityService == null)
@@ -157,15 +151,6 @@ public class RawServices implements ApplicationContextAware
         return fAuthorityService;
     }
 
-    public AuthorityCapabilityRegistry getAuthorityCapabilityRegistry()
-    {
-        if (fCapabilityRegistry == null)
-        {
-            fCapabilityRegistry = (AuthorityCapabilityRegistry)fContext.getBean("authorityCapabilityRegistry");
-        }
-        return fCapabilityRegistry;
-    }
-    
     public ApplicationContext getContext()
     {
         return fContext;
diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
index 179d470718..1d32e18f02 100644
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
@@ -15,11 +15,11 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
+ * As a special exception to the terms and conditions of version 2.0 of
+ * the GPL, you may redistribute this Program in connection with Free/Libre
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's
+ * FLOSS exception.  You should have recieved a copy of the text describing
+ * the FLOSS exception, and it is also available here:
  * http://www.alfresco.com/legal/licensing"
  */
 package org.alfresco.repo.security.authentication;
@@ -61,7 +61,6 @@ import org.alfresco.service.namespace.DynamicNamespacePrefixResolver;
 import org.alfresco.service.namespace.NamespacePrefixResolver;
 import org.alfresco.service.namespace.NamespaceService;
 import org.alfresco.service.namespace.QName;
-import org.alfresco.service.simple.permission.AuthorityCapabilityRegistry;
 import org.alfresco.service.transaction.TransactionService;
 import org.alfresco.util.ApplicationContextHelper;
 import org.springframework.context.ApplicationContext;
@@ -72,7 +71,7 @@ public class AuthenticationTest extends TestCase
     private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext();
 
     private NodeService nodeService;
-    
+
     private TenantService tenantService;
 
     private SearchService searchService;
@@ -96,7 +95,7 @@ public class AuthenticationTest extends TestCase
     private SaltSource saltSource;
 
     private TicketComponent ticketComponent;
-    
+
     private SimpleCache<String, Ticket> ticketsCache;
 
     private AuthenticationService authenticationService;
@@ -109,8 +108,6 @@ public class AuthenticationTest extends TestCase
 
     private AuthenticationComponent authenticationComponentImpl;
 
-    private AuthorityCapabilityRegistry authorityCapabilityRegistry;
-    
     public AuthenticationTest()
     {
         super();
@@ -134,7 +131,6 @@ public class AuthenticationTest extends TestCase
         pubAuthenticationService = (AuthenticationService) ctx.getBean("AuthenticationService");
         authenticationComponent = (AuthenticationComponent) ctx.getBean("authenticationComponent");
         authenticationComponentImpl = (AuthenticationComponent) ctx.getBean("authenticationComponent");
-        authorityCapabilityRegistry = (AuthorityCapabilityRegistry) ctx.getBean("authorityCapabilityRegistry");
         // permissionServiceSPI = (PermissionServiceSPI)
         // ctx.getBean("permissionService");
         ticketsCache = (SimpleCache<String, Ticket>) ctx.getBean("ticketsCache");
@@ -242,7 +238,7 @@ public class AuthenticationTest extends TestCase
     {
         authenticationService.authenticate("GUEST", "".toCharArray());
     }
-    
+
     public void testCreateUsers()
     {
         authenticationService.createAuthentication("GUEST", "".toCharArray());
@@ -265,7 +261,7 @@ public class AuthenticationTest extends TestCase
         {
             // TODO - could create tenant domain 'chocolate.chip.cookie.com'
         }
-        
+
         authenticationService.createAuthentication("Andy_Woof/Domain", "".toCharArray());
         authenticationService.authenticate("Andy_Woof/Domain", "".toCharArray());
         assertEquals("Andy_Woof/Domain", authenticationService.getCurrentUserName());
@@ -273,7 +269,7 @@ public class AuthenticationTest extends TestCase
         authenticationService.createAuthentication("Andy_ Woof/Domain", "".toCharArray());
         authenticationService.authenticate("Andy_ Woof/Domain", "".toCharArray());
         assertEquals("Andy_ Woof/Domain", authenticationService.getCurrentUserName());
-        
+
         if (! tenantService.isEnabled())
         {
             authenticationService.createAuthentication("Andy `\u00ac\u00a6!\u00a3$%^&*()-_=+\t\n\u0000[]{};'#:@~,./<>?\\|", "".toCharArray());
@@ -295,7 +291,6 @@ public class AuthenticationTest extends TestCase
         dao.setDictionaryService(dictionaryService);
         dao.setNamespaceService(getNamespacePrefixReolsver(""));
         dao.setPasswordEncoder(passwordEncoder);
-        dao.setAuthorityCapabilityRegistry(authorityCapabilityRegistry);
         dao.createUser("Andy", "cabbage".toCharArray());
         assertNotNull(dao.getUserOrNull("Andy"));
 
@@ -702,7 +697,7 @@ public class AuthenticationTest extends TestCase
 
         tc.validateTicket(ticket);
         assertEquals(ticketComponent.getCurrentTicket("Andy"), ticket);
-        
+
         dao.deleteUser("Andy");
         // assertNull(dao.getUserOrNull("Andy"));
 
diff --git a/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java b/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
index 6f8d0f87c4..2a8b828a39 100644
--- a/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
+++ b/source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java
@@ -15,11 +15,11 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
+ * As a special exception to the terms and conditions of version 2.0 of
+ * the GPL, you may redistribute this Program in connection with Free/Libre
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's
+ * FLOSS exception.  You should have recieved a copy of the text describing
+ * the FLOSS exception, and it is also available here:
  * http://www.alfresco.com/legal/licensing"
  */
 package org.alfresco.repo.security.authentication;
@@ -53,7 +53,6 @@ import org.alfresco.service.cmr.search.SearchService;
 import org.alfresco.service.namespace.NamespacePrefixResolver;
 import org.alfresco.service.namespace.QName;
 import org.alfresco.service.namespace.RegexQNamePattern;
-import org.alfresco.service.simple.permission.AuthorityCapabilityRegistry;
 import org.springframework.dao.DataAccessException;
 
 public class RepositoryAuthenticationDao implements MutableAuthenticationDao
@@ -71,8 +70,6 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
     private SearchService searchService;
 
     private PasswordEncoder passwordEncoder;
-    
-    private AuthorityCapabilityRegistry authorityCapabilityRegistry;
 
     private boolean userNamesAreCaseSensitive;
 
@@ -115,11 +112,6 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
     {
         this.searchService = searchService;
     }
-    
-    public void setAuthorityCapabilityRegistry(AuthorityCapabilityRegistry registry)
-    {
-        this.authorityCapabilityRegistry = registry;
-    }
 
     public UserDetails loadUserByUsername(String incomingUserName) throws UsernameNotFoundException,
             DataAccessException
@@ -156,11 +148,11 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
         {
             return null;
         }
-        
+
         SearchParameters sp = new SearchParameters();
         sp.setLanguage(SearchService.LANGUAGE_LUCENE);
         sp.setQuery("@usr\\:username:\"" + searchUserName + "\"");
-       
+
         try
         {
             sp.addStore(tenantService.getName(searchUserName, STOREREF_USERS));
@@ -219,7 +211,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
                     }
                 }
             }
-            
+
             return returnRef;
         }
         finally
@@ -252,7 +244,6 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
         properties.put(ContentModel.PROP_ACCOUNT_LOCKED, Boolean.valueOf(false));
         nodeService.createNode(typesNode, ContentModel.ASSOC_CHILDREN, ContentModel.TYPE_USER, ContentModel.TYPE_USER,
                 properties);
-        authorityCapabilityRegistry.addAuthority(caseSensitiveUserName, null);
     }
 
     private NodeRef getUserFolderLocation(String caseSensitiveUserName)
@@ -312,7 +303,6 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao
             throw new AuthenticationException("User name does not exist: " + userName);
         }
         nodeService.deleteNode(userRef);
-        authorityCapabilityRegistry.removeAuthority(userName);
     }
 
     public Object getSalt(UserDetails userDetails)
diff --git a/source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java b/source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java
index a0a3317d82..f441c0d3e7 100644
--- a/source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java
+++ b/source/java/org/alfresco/repo/security/authority/AuthorityDAOImpl.java
@@ -15,11 +15,11 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
+ * As a special exception to the terms and conditions of version 2.0 of
+ * the GPL, you may redistribute this Program in connection with Free/Libre
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's
+ * FLOSS exception.  You should have recieved a copy of the text describing
+ * the FLOSS exception, and it is also available here:
  * http://www.alfresco.com/legal/licensing"
  */
 package org.alfresco.repo.security.authority;
@@ -51,7 +51,6 @@ import org.alfresco.service.cmr.security.AuthorityType;
 import org.alfresco.service.namespace.NamespacePrefixResolver;
 import org.alfresco.service.namespace.QName;
 import org.alfresco.service.namespace.RegexQNamePattern;
-import org.alfresco.service.simple.permission.AuthorityCapabilityRegistry;
 import org.alfresco.util.ISO9075;
 
 public class AuthorityDAOImpl implements AuthorityDAO
@@ -71,8 +70,6 @@ public class AuthorityDAOImpl implements AuthorityDAO
     private DictionaryService dictionaryService;
 
     private SimpleCache<String, HashSet<String>> userToAuthorityCache;
-    
-    private AuthorityCapabilityRegistry authorityCapabilityRegistry;
 
     public AuthorityDAOImpl()
     {
@@ -106,11 +103,6 @@ public class AuthorityDAOImpl implements AuthorityDAO
         this.userToAuthorityCache = userToAuthorityCache;
     }
 
-    public void setAuthorityCapabilityRegistry(AuthorityCapabilityRegistry registry)
-    {
-        this.authorityCapabilityRegistry = registry;
-    }
-    
     public boolean authorityExists(String name)
     {
         NodeRef ref = getAuthorityOrNull(name);
@@ -150,7 +142,6 @@ public class AuthorityDAOImpl implements AuthorityDAO
             throw new AlfrescoRuntimeException("Authorities of the type "
                     + AuthorityType.getAuthorityType(childName) + " may not be added to other authorities");
         }
-        authorityCapabilityRegistry.addAuthority(childName, parentName);
     }
 
     public void createAuthority(String parentName, String name)
@@ -173,7 +164,6 @@ public class AuthorityDAOImpl implements AuthorityDAO
             nodeService.createNode(authorityContainerRef, ContentModel.ASSOC_CHILDREN, QName.createQName("usr", name,
                     namespacePrefixResolver), ContentModel.TYPE_AUTHORITY_CONTAINER, props);
         }
-        authorityCapabilityRegistry.addAuthority(name, parentName);   
     }
 
     public void deleteAuthority(String name)
@@ -185,7 +175,6 @@ public class AuthorityDAOImpl implements AuthorityDAO
         }
         nodeService.deleteNode(nodeRef);
         userToAuthorityCache.clear();
-        authorityCapabilityRegistry.removeAuthority(name);
     }
 
     public Set<String> getAllRootAuthorities(AuthorityType type)
@@ -256,7 +245,6 @@ public class AuthorityDAOImpl implements AuthorityDAO
             nodeService.removeChild(parentRef, childRef);
             userToAuthorityCache.clear();
         }
-        authorityCapabilityRegistry.removeAuthorityChild(parentName, childName);
     }
 
     public Set<String> getContainingAuthorities(AuthorityType type, String name, boolean immediate)
diff --git a/source/java/org/alfresco/repo/simple/permission/ACLImpl.java b/source/java/org/alfresco/repo/simple/permission/ACLImpl.java
deleted file mode 100644
index 6b904fc32f..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/ACLImpl.java
+++ /dev/null
@@ -1,425 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.repo.simple.permission;
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.alfresco.repo.avm.util.RawServices;
-import org.alfresco.service.cmr.security.AuthorityType;
-import org.alfresco.service.simple.permission.ACL;
-import org.alfresco.service.simple.permission.AuthorityCapabilityRegistry;
-
-/**
- * Basic implementation of a simple ACL.
- * @author britt
- */
-public class ACLImpl implements ACL
-{
-    private static final long serialVersionUID = -8720314753104805631L;
-    
-    /**
-     * Map of capabilities to authorities allowed.
-     */
-    private Map<String, Set<String>> fAllowed;
-    
-    /**
-     * Map of capabilities to authorities denied.
-     */
-    private Map<String, Set<String>> fDenied;
-
-    /**
-     * Should this ACL be inherited.
-     */
-    private boolean fInherit;
-    
-    /**
-     * String (compact) representation of ACL.
-     */
-    private String fStringRep;
-    
-    /**
-     * Reference to the capability registry.
-     */
-    private transient AuthorityCapabilityRegistry fCapabilityRegistry;
-    
-    /**
-     * Initialize a brand new one.
-     * @param inherit Should this ACL be inherited.
-     */
-    public ACLImpl(boolean inherit)
-    {
-        fInherit = inherit;
-        fCapabilityRegistry = RawServices.Instance().getAuthorityCapabilityRegistry();
-        fAllowed = new HashMap<String, Set<String>>();
-        fDenied = new HashMap<String, Set<String>>();
-        fStringRep = null;
-    }
-    
-    /**
-     * Initialize from an external string representation.
-     * @param rep
-     */
-    public ACLImpl(String rep)
-    {
-        this(true);
-        fStringRep = rep;
-    }
-    
-    public ACLImpl(ACL other)
-    {
-        this(true);
-        fStringRep = other.getStringRepresentation();
-    }
-    
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.ACL#allow(java.lang.String, java.lang.String[])
-     */
-    public void allow(String capability, String... authorities)
-    {
-        capability = capability.toLowerCase();
-        List<String> auths = new ArrayList<String>();
-        for (String auth : authorities)
-        {
-            auths.add(fCapabilityRegistry.normalizeAuthority(auth));
-        }
-        digest();
-        // First remove any explicit denies.
-        Set<String> denied = fDenied.get(capability);
-        if (denied != null)
-        {
-            for (String authority : auths)
-            {
-                denied.remove(authority);
-            }
-        }
-        // Add the authorities to the allowed list.
-        Set<String> allowed = fAllowed.get(capability);
-        if (allowed == null)
-        {
-            allowed = new HashSet<String>();
-            fAllowed.put(capability, allowed);
-        }
-        for (String authority : auths)
-        {
-            allowed.add(authority);
-        }
-    }
-
-    /**
-     * Helper to decode from the string representation.
-     */
-    private void digest()
-    {
-        if (fStringRep == null)
-        {
-            return;
-        }
-        String[] segments = fStringRep.split("\\|");
-        fInherit = segments[0].equals("i");
-        digestMap(segments[1], fAllowed);
-        digestMap(segments[2], fDenied);
-        fStringRep = null;
-    }
-
-    /**
-     * Sub helper for decoding string representation.
-     * @param string The partial string representation.
-     * @param map The map to update.
-     */
-    private void digestMap(String rep, Map<String, Set<String>> map)
-    {
-        String[] segments = rep.split(":");
-        if (segments.length == 0 || segments[0].equals(""))
-        {
-            // This means there are no explicit entries.
-            return;
-        }
-        for (String entryRep : segments)
-        {
-            String[] entryRegs = entryRep.split(";");
-            String capability = fCapabilityRegistry.getCapabilityName(Integer.parseInt(entryRegs[0], 32));
-            if (capability == null)
-            {
-                continue;
-            }
-            Set<String> authorities = new HashSet<String>();
-            map.put(capability, authorities);
-            for (int i = 1; i < entryRegs.length; ++i)
-            {
-                String authority = fCapabilityRegistry.getAuthorityName(Integer.parseInt(entryRegs[i], 32));
-                if (authority == null)
-                {
-                    continue;
-                }
-                authorities.add(authority);
-            }
-        }
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.ACL#can(java.lang.String, boolean, java.lang.String)
-     */
-    public boolean can(String authority, boolean isOwner, String capability)
-    {
-        authority = fCapabilityRegistry.normalizeAuthority(authority);
-        capability = capability.toLowerCase();
-        digest();
-        AuthorityType type = AuthorityType.getAuthorityType(authority);
-        // Admin trumps.
-        if (type == AuthorityType.ADMIN)
-        {
-            return true;
-        }
-        // Look for denies first.
-        Set<String> denied = fDenied.get(capability);
-        if (denied != null)
-        {
-            if (denied.contains(authority))
-            {
-                return false;
-            }
-            for (String auth : denied)
-            {
-                if (fCapabilityRegistry.getContainedAuthorities(auth).contains(authority))
-                {
-                    return false;
-                }
-            }
-        }
-        // Now look for allows.
-        Set<String> allowed = fAllowed.get(capability);
-        if (allowed != null)
-        {
-            if (allowed.contains(authority))
-            {
-                return true;
-            }
-            for (String auth : allowed)
-            {
-                if (fCapabilityRegistry.getContainedAuthorities(auth).contains(authority))
-                {
-                    return true;
-                }
-            }
-        }
-        return false;
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.ACL#deny(java.lang.String, java.lang.String[])
-     */
-    public void deny(String capability, String ... authorities)
-    {
-        capability = capability.toLowerCase();
-        List<String> auths = new ArrayList<String>();
-        for (String auth : authorities)
-        {
-            auths.add(fCapabilityRegistry.normalizeAuthority(auth));
-        }
-        digest();
-        // Remove corresponding explicit allows.
-        Set<String> allowed = fAllowed.get(capability);
-        if (allowed != null)
-        {
-            for (String authority : auths)
-            {
-                allowed.remove(authority);
-            }
-        }
-        // Now add denies.
-        Set<String> denied = fDenied.get(capability);
-        if (denied == null)
-        {
-            denied = new HashSet<String>();
-            fDenied.put(capability, denied);
-        }
-        for (String authority : auths)
-        {
-            if (AuthorityType.getAuthorityType(authority) == AuthorityType.ADMIN)
-            {
-                continue;
-            }
-            denied.add(authority);
-        }
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.ACL#getAllowed(java.lang.String)
-     */
-    public Set<String> getAllowed(String capability)
-    {
-        capability = capability.toLowerCase();
-        digest();
-        Set<String> allowed = new HashSet<String>();
-        allowed.add(AuthorityType.ADMIN.getFixedString());
-        // Add the explicitly allowed.
-        Set<String> expAllowed = fAllowed.get(capability);
-        if (expAllowed == null)
-        {
-            return allowed;
-        }
-        allowed.addAll(expAllowed);
-        for (String authority : expAllowed)
-        {
-            allowed.addAll(fCapabilityRegistry.getContainedAuthorities(authority));
-        }
-        // Now remove based on denials.
-        Set<String> denied = fDenied.get(capability);
-        if (denied == null)
-        {
-            return allowed;
-        }
-        allowed.removeAll(denied);
-        // Now those that are indirectly denied.
-        for (String authority : denied)
-        {
-            allowed.removeAll(fCapabilityRegistry.getContainedAuthorities(authority));
-        }
-        return allowed;
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.ACL#getCapabilities(java.lang.String, boolean)
-     */
-    public Set<String> getCapabilities(String authority, boolean isOwner)
-    {
-        authority = fCapabilityRegistry.normalizeAuthority(authority);
-        digest();
-        AuthorityType type = AuthorityType.getAuthorityType(authority);
-        if (type == AuthorityType.ADMIN)
-        {
-            return fCapabilityRegistry.getAllCapabilities();
-        }
-        Set<String> capabilities = new HashSet<String>();
-        // First run through the allowed entries.
-        Set<String> containers = null;
-        for (Map.Entry<String, Set<String>> entry : fAllowed.entrySet())
-        {
-            if (entry.getValue().contains(authority))
-            {
-                capabilities.add(entry.getKey());
-                continue;
-            }
-            if (containers == null)
-            {
-                containers = fCapabilityRegistry.getContainerAuthorities(authority);
-            }
-            for (String auth : containers)
-            {
-                if (entry.getValue().contains(auth))
-                {
-                    capabilities.add(entry.getKey());
-                    break;
-                }
-            }
-        }
-        // Now go through the denials.
-        for (Map.Entry<String, Set<String>> entry : fDenied.entrySet())
-        {
-            if (!capabilities.contains(entry.getKey()))
-            {
-                continue;
-            }
-            Set<String> denied = entry.getValue();
-            if (denied.contains(authority))
-            {
-                capabilities.remove(entry.getKey());
-                continue;
-            }
-            if (containers == null)
-            {
-                containers = fCapabilityRegistry.getContainerAuthorities(authority);
-            }
-            for (String auth : containers)
-            {
-                if (denied.contains(auth))
-                {
-                    capabilities.remove(entry.getKey());
-                    break;
-                }
-            }
-        }
-        return capabilities;
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.ACL#getStringRepresentation()
-     */
-    public String getStringRepresentation()
-    {
-        if (fStringRep != null)
-        {
-            return fStringRep;
-        }
-        StringBuilder builder = new StringBuilder();
-        builder.append(fInherit ? 'i' : 'n');
-        builder.append('|');
-        int count = 0;
-        for (Map.Entry<String, Set<String>> entry : fAllowed.entrySet())
-        {
-            builder.append(Integer.toString(fCapabilityRegistry.getCapabilityID(entry.getKey()), 32));
-            for (String authority : entry.getValue())
-            {
-                builder.append(';');
-                builder.append(Integer.toString(fCapabilityRegistry.getAuthorityID(authority), 32));
-            }
-            if (count++ < fAllowed.size() - 1)
-            {
-                builder.append(':');
-            }
-        }
-        builder.append('|');
-        count = 0;
-        for (Map.Entry<String, Set<String>> entry : fDenied.entrySet())
-        {
-            builder.append(Integer.toString(fCapabilityRegistry.getCapabilityID(entry.getKey()), 32));
-            for (String authority : entry.getValue())
-            {
-                builder.append(';');
-                builder.append(Integer.toString(fCapabilityRegistry.getAuthorityID(authority), 32));
-            }
-            if (count++ < fDenied.size() - 1)
-            {
-                builder.append(':');
-            }
-        }
-        return builder.toString();
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.ACL#inherits()
-     */
-    public boolean inherits()
-    {
-        digest();
-        return fInherit;
-    }
-}
diff --git a/source/java/org/alfresco/repo/simple/permission/ACLTest.java b/source/java/org/alfresco/repo/simple/permission/ACLTest.java
deleted file mode 100644
index 4f0bfd2066..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/ACLTest.java
+++ /dev/null
@@ -1,175 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.repo.simple.permission;
-
-import java.util.HashSet;
-import java.util.Set;
-
-import org.alfresco.repo.security.authentication.AuthenticationComponent;
-import org.alfresco.service.cmr.security.AuthenticationService;
-import org.alfresco.service.cmr.security.AuthorityService;
-import org.alfresco.service.cmr.security.AuthorityType;
-import org.alfresco.service.cmr.security.PersonService;
-import org.alfresco.service.simple.permission.ACL;
-import org.alfresco.service.simple.permission.AuthorityCapabilityRegistry;
-import org.springframework.context.support.FileSystemXmlApplicationContext;
-
-import junit.framework.TestCase;
-
-/**
- * Rudimentary test of ACLs.
- * @author britt
- */
-public class ACLTest extends TestCase
-{
-    private static FileSystemXmlApplicationContext fContext = null;
-    
-    private static PersonService fPersonService;
-    
-    private static AuthorityService fAuthorityService;
-    
-    private static AuthenticationService fAuthenticationService;
-    
-    private static AuthenticationComponent fAuthenticationComponent;
-    
-    private static AuthorityCapabilityRegistry fCapabilityRegistry;
-    
-    /* (non-Javadoc)
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception
-    {
-        if (fContext == null)
-        {
-            fContext = new FileSystemXmlApplicationContext("config/alfresco/application-context.xml");
-            fPersonService = (PersonService)fContext.getBean("PersonService");
-            fAuthorityService = (AuthorityService)fContext.getBean("AuthorityService");
-            fAuthenticationService = (AuthenticationService)fContext.getBean("AuthenticationService");
-            fAuthenticationComponent = (AuthenticationComponent)fContext.getBean("AuthenticationComponent");
-            fAuthenticationComponent.setSystemUserAsCurrentUser();
-            fCapabilityRegistry = (AuthorityCapabilityRegistry)fContext.getBean("authorityCapabilityRegistry");
-        }
-        // Set up sample users groups and roles.
-        try
-        {
-            fAuthenticationService.createAuthentication("Buffy", "Buffy".toCharArray());
-            fPersonService.getPerson("Buffy");
-            fAuthorityService.createAuthority(AuthorityType.GROUP, null, "Scoobies");
-            fAuthorityService.addAuthority("GROUP_Scoobies", "Buffy");
-            fAuthenticationService.createAuthentication("Willow", "Willow".toCharArray());
-            fPersonService.getPerson("Willow");
-            fAuthorityService.addAuthority("GROUP_Scoobies", "Willow");
-            fAuthenticationService.createAuthentication("Xander", "Xander".toCharArray());
-            fPersonService.getPerson("Xander");
-            fAuthorityService.addAuthority("GROUP_Scoobies", "Xander");
-            fAuthenticationService.createAuthentication("Tara", "Tara".toCharArray());
-            fPersonService.getPerson("Tara");
-            fAuthenticationService.createAuthentication("Spike", "Spike".toCharArray());
-            fPersonService.getPerson("Spike");
-            fAuthorityService.createAuthority(AuthorityType.GROUP, null, "vampires");
-            fAuthorityService.addAuthority("GROUP_vampires", "Spike");
-            fAuthorityService.createAuthority(AuthorityType.GROUP, null, "soulless");
-            fAuthorityService.addAuthority("GROUP_soulless", "Spike");
-        }
-        catch (Exception e)
-        {
-            tearDown();
-            setUp();
-        }
-    }
-
-    /* (non-Javadoc)
-     * @see junit.framework.TestCase#tearDown()
-     */
-    protected void tearDown() throws Exception
-    {
-        fAuthenticationService.deleteAuthentication("Buffy");
-        fAuthenticationService.deleteAuthentication("Willow");
-        fAuthenticationService.deleteAuthentication("Xander");
-        fAuthenticationService.deleteAuthentication("Tara");
-        fAuthenticationService.deleteAuthentication("Spike");
-        fPersonService.deletePerson("Buffy");
-        fPersonService.deletePerson("Willow");
-        fPersonService.deletePerson("Tara");
-        fPersonService.deletePerson("Xander");
-        fPersonService.deletePerson("Spike");
-        fAuthorityService.deleteAuthority("GROUP_Scoobies");
-        fAuthorityService.deleteAuthority("GROUP_vampires");
-        fAuthorityService.deleteAuthority("GROUP_soulless");
-    }
-    
-    public void testBasic()
-    {
-        try
-        {
-            Set<String> allCaps = fCapabilityRegistry.getAllCapabilities();
-            System.out.println(allCaps);
-            System.out.println(fCapabilityRegistry.getAllAuthorities());
-            ACL acl = new ACLImpl(true);
-            acl.allow("read", "GROUP_Scoobies", "GROUP_vampires");
-            acl.allow("write", "GROUP_Scoobies", "GROUP_vampires");
-            acl.allow("delete", "GROUP_Scoobies", "GROUP_vampires");
-            acl.allow("shimmy", "GROUP_Scoobies", "GROUP_vampires");
-            acl.allow("shake", "GROUP_vampires", "Tara");
-            acl.deny("delete", "Xander", "GROUP_soulless");
-            acl.deny("shake", "Spike");
-            checkEvaluation(allCaps, acl, "Spike");
-            checkEvaluation(allCaps, acl, "Tara");
-            checkEvaluation(allCaps, acl, "Xander");
-            checkEvaluation(allCaps, acl, "Buffy");
-            String stringRep = acl.getStringRepresentation();
-            System.out.println(stringRep);
-            ACL acl2 = new ACLImpl(stringRep);
-            System.out.println(acl2.getStringRepresentation());
-            checkEvaluation(allCaps, acl2, "Spike");
-            checkEvaluation(allCaps, acl2, "Tara");
-            checkEvaluation(allCaps, acl2, "Xander");
-            checkEvaluation(allCaps, acl2, "Buffy");
-            System.out.println(acl2.getStringRepresentation());
-        }
-        catch (Exception e)
-        {
-            e.printStackTrace();
-            fail();
-        }
-    }
-
-    private void checkEvaluation(Set<String> allCaps, ACL acl, String authority)
-    {
-        Set<String> caps = acl.getCapabilities(authority, false);
-        System.out.println(caps);
-        for (String cap : caps)
-        {
-            assertTrue(acl.can(authority, false, cap));
-        }
-        Set<String> inverse = new HashSet<String>(allCaps);
-        inverse.removeAll(caps);
-        for (String cap : inverse)
-        {
-            assertFalse(acl.can(authority, false, cap));
-        }
-    }
-}
diff --git a/source/java/org/alfresco/repo/simple/permission/AuthorityCapability.hbm.xml b/source/java/org/alfresco/repo/simple/permission/AuthorityCapability.hbm.xml
deleted file mode 100644
index 5a731883c1..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/AuthorityCapability.hbm.xml
+++ /dev/null
@@ -1,29 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE hibernate-mapping PUBLIC "-//Hibernate/Hibernate Mapping DTD 3.0//EN" 
-          "http://hibernate.sourceforge.net/hibernate-mapping-3.0.dtd">
-          
-<hibernate-mapping package="org.alfresco.repo.simple.permission">
-    <!-- All the authorities and their containment relationships. -->
-    <class name="AuthorityEntryImpl" proxy="AuthorityEntry" optimistic-lock="version"
-           table="alf_authority_entries">
-        <id name="id" column="id" type="int">
-            <generator class="native"/>
-        </id>
-        <version name="version" type="long" column="version"/>
-        <property name="name" type="string" length="100" column="name" unique="true"/>
-        <set name="children" table="alf_auth_children" optimistic-lock="true" 
-             sort="unsorted">
-            <key column="parent_id" foreign-key="fk_child_auth"/>
-            <many-to-many class="AuthorityEntryImpl" column="child_id" foreign-key="fk_auth_child"/>
-        </set>
-    </class>
-    <!-- All the capabilities. -->
-    <class name="CapabilityEntryImpl" proxy="CapabilityEntry" optimistic-lock="version"
-           table="alf_capability_entries">
-        <id name="id" column="id" type="int">
-            <generator class="native"/>
-        </id>
-        <version name="version" type="long" column="version"/>
-        <property name="name" type="string" length="100" column="name" unique="true"/>
-    </class>
-</hibernate-mapping>
diff --git a/source/java/org/alfresco/repo/simple/permission/AuthorityCapabilityBootstrap.java b/source/java/org/alfresco/repo/simple/permission/AuthorityCapabilityBootstrap.java
deleted file mode 100644
index 1ec03921c3..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/AuthorityCapabilityBootstrap.java
+++ /dev/null
@@ -1,64 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.repo.simple.permission;
-
-import org.alfresco.util.AbstractLifecycleBean;
-import org.springframework.context.ApplicationEvent;
-
-/**
- * Bootstrapping for the AuthorityCapabilityRegistry.
- * @author britt
- */
-public class AuthorityCapabilityBootstrap extends AbstractLifecycleBean
-{
-    private AuthorityCapabilityRegistryImpl fRegistry;
-    
-    public AuthorityCapabilityBootstrap()
-    {
-    }
-    
-    public void setAuthorityCapabilityRegistry(AuthorityCapabilityRegistryImpl registry)
-    {
-        fRegistry = registry;
-    }
-    
-    /* (non-Javadoc)
-     * @see org.alfresco.util.AbstractLifecycleBean#onBootstrap(org.springframework.context.ApplicationEvent)
-     */
-    @Override
-    protected void onBootstrap(ApplicationEvent event)
-    {
-        fRegistry.bootstrap();
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.util.AbstractLifecycleBean#onShutdown(org.springframework.context.ApplicationEvent)
-     */
-    @Override
-    protected void onShutdown(ApplicationEvent event)
-    {
-    }
-}
diff --git a/source/java/org/alfresco/repo/simple/permission/AuthorityCapabilityRegistryImpl.java b/source/java/org/alfresco/repo/simple/permission/AuthorityCapabilityRegistryImpl.java
deleted file mode 100644
index f0839628af..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/AuthorityCapabilityRegistryImpl.java
+++ /dev/null
@@ -1,588 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.repo.simple.permission;
-
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
-import org.alfresco.repo.transaction.RetryingTransactionHelper;
-import org.alfresco.repo.transaction.TransactionListener;
-import org.alfresco.service.cmr.security.AuthorityService;
-import org.alfresco.service.cmr.security.AuthorityType;
-import org.alfresco.service.cmr.security.PermissionService;
-import org.alfresco.service.simple.permission.AuthorityCapabilityRegistry;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-/**
- * Implementation of a registry for Authorities and Capabilities.
- * @author britt
- */
-public class AuthorityCapabilityRegistryImpl implements
-        AuthorityCapabilityRegistry, TransactionListener
-{
-    private static Log fgLogger = LogFactory.getLog(AuthorityCapabilityRegistryImpl.class);
-
-    private Map<String, Integer> fAuthorityToID;
-    
-    private Map<Integer, String> fIDToAuthority;
-    
-    private Map<String, Set<String>> fAuthorityToChild;
-    
-    private Map<String, Set<String>> fChildToAuthority;
-    
-    private Map<String, Integer> fCapabilityToID;
-    
-    private Map<Integer, String> fIDToCapability;
-    
-    private AuthorityEntryDAO fAuthorityEntryDAO;
-    
-    private CapabilityEntryDAO fCapabilityEntryDAO;
-    
-    private Set<String> fInitialCapabilities;
-    
-    private RetryingTransactionHelper fTransactionHelper;
-    
-    private AuthorityService fAuthorityService;
-    
-    public AuthorityCapabilityRegistryImpl()
-    {
-        fAuthorityToID = new HashMap<String, Integer>();
-        fIDToAuthority = new HashMap<Integer, String>();
-        fAuthorityToChild = new HashMap<String, Set<String>>();
-        fChildToAuthority = new HashMap<String, Set<String>>();
-        fCapabilityToID = new HashMap<String, Integer>();
-        fIDToCapability = new HashMap<Integer, String>();
-    }
-    
-    public void setAuthorityEntryDAO(AuthorityEntryDAO dao)
-    {
-        fAuthorityEntryDAO = dao;
-    }
-    
-    public void setCapabilityEntryDAO(CapabilityEntryDAO dao)
-    {
-        fCapabilityEntryDAO = dao;
-    }
-    
-    public void setCapabilities(Set<String> capabilities)
-    {
-        fInitialCapabilities = capabilities;
-    }
-    
-    public void setRetryingTransactionHelper(RetryingTransactionHelper helper)
-    {
-        fTransactionHelper = helper;
-    }
-    
-    public void setAuthorityService(AuthorityService service)
-    {
-        fAuthorityService = service;
-    }
-
-    public void bootstrap()
-    {
-        fTransactionHelper.doInTransaction(
-        new RetryingTransactionHelper.RetryingTransactionCallback<Object>()
-        {
-            public Object execute()
-            {
-                init();
-                return null;
-            }
-        });    
-    }
-    
-    public void init()
-    {
-        List<CapabilityEntry> entries = fCapabilityEntryDAO.getAll();
-        for (CapabilityEntry entry : entries)
-        {
-            String capability = entry.getName().toLowerCase();
-            fCapabilityToID.put(capability, entry.getId());
-            fIDToCapability.put(entry.getId(), capability);
-        }
-        for (String entry : fInitialCapabilities)
-        {
-            entry = entry.toLowerCase();
-            if (!fCapabilityToID.containsKey(entry))
-            {
-                CapabilityEntry newEntry = new CapabilityEntryImpl(entry);
-                fCapabilityEntryDAO.save(newEntry);
-                fCapabilityToID.put(entry, newEntry.getId());
-                fIDToCapability.put(newEntry.getId(), entry);
-            }
-        }
-        List<AuthorityEntry> authorities = fAuthorityEntryDAO.get();
-        for (AuthorityEntry entry : authorities)
-        {
-            String name = normalizeAuthority(entry.getName());
-            Integer id = entry.getId();
-            fAuthorityToID.put(name, id);
-            fIDToAuthority.put(id, name);
-            for (AuthorityEntry child : entry.getChildren())
-            {
-                String childName = normalizeAuthority(child.getName());
-                Set<String> children = fAuthorityToChild.get(name);
-                if (children == null)
-                {
-                    children = new HashSet<String>();
-                    fAuthorityToChild.put(name, children);
-                }
-                children.add(childName);
-                Set<String> parents = fChildToAuthority.get(childName);
-                if (parents == null)
-                {
-                    parents = new HashSet<String>();
-                    fChildToAuthority.put(childName, parents);
-                }
-                parents.add(name);
-            }
-        }
-        // Now go to AuthorityService to fill anything that might be missing.
-        AuthorityType[] types = AuthorityType.values();
-        for (AuthorityType type : types)
-        {
-            Set<String> auths = fAuthorityService.getAllAuthorities(type);
-            for (String auth : auths)
-            {
-                auth = normalizeAuthority(auth);
-                if (fAuthorityToID.containsKey(auth))
-                {
-                    continue;
-                }
-                AuthorityEntry entry = new AuthorityEntryImpl(auth);
-                fAuthorityEntryDAO.save(entry);
-                fAuthorityToID.put(auth, entry.getId());
-                fIDToAuthority.put(entry.getId(), auth);
-            }
-        }
-        for (AuthorityType type : types)
-        {
-            Set<String> auths = fAuthorityService.getAllAuthorities(type);
-            for (String auth : auths)
-            {
-                AuthorityType aType = AuthorityType.getAuthorityType(auth);
-                if (aType == AuthorityType.ROLE || aType == AuthorityType.EVERYONE ||
-                    aType == AuthorityType.GUEST)
-                {
-                    continue;
-                }
-                Set<String> children = fAuthorityService.getContainedAuthorities(null, auth, true);
-                auth = normalizeAuthority(auth);
-                Set<String> found = fAuthorityToChild.get(auth);
-                if (found == null)
-                {
-                    found = new HashSet<String>();
-                    fAuthorityToChild.put(auth, found);
-                }
-                AuthorityEntry entry = null;
-                if (!fAuthorityToID.containsKey(auth))
-                {
-                    entry = new AuthorityEntryImpl(auth);
-                    fAuthorityEntryDAO.save(entry);
-                    fAuthorityToID.put(auth, entry.getId());
-                    fIDToAuthority.put(entry.getId(), auth);
-                }
-                else
-                {
-                    entry = fAuthorityEntryDAO.get(fAuthorityToID.get(auth));
-                }
-                for (String child : children)
-                {
-                    child = normalizeAuthority(child);
-                    if (found.contains(child))
-                    {
-                        continue;
-                    }
-                    AuthorityEntry childEntry = null;
-                    if (!fAuthorityToID.containsKey(child))
-                    {
-                        childEntry = new AuthorityEntryImpl(child);
-                        fAuthorityEntryDAO.save(childEntry);
-                        fAuthorityToID.put(child, childEntry.getId());
-                        fIDToAuthority.put(childEntry.getId(), child);
-                    }
-                    else
-                    {
-                        childEntry = fAuthorityEntryDAO.get(fAuthorityToID.get(child));
-                    }
-                    entry.getChildren().add(childEntry);
-                    found.add(child);
-                    Set<String> parents = fChildToAuthority.get(child);
-                    if (parents == null)
-                    {
-                        parents = new HashSet<String>();
-                        fChildToAuthority.put(child, parents);
-                    }
-                    parents.add(auth);
-                }
-            }
-        }
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#addAuthority(java.lang.String, java.lang.String)
-     */
-    public synchronized void addAuthority(String authority, String parent)
-    {
-        authority = normalizeAuthority(authority);
-        parent = normalizeAuthority(parent);
-        AlfrescoTransactionSupport.bindListener(this);
-        AuthorityEntry entry = null;
-        if (!fAuthorityToID.containsKey(authority))
-        {
-            entry = new AuthorityEntryImpl(authority);
-            fAuthorityEntryDAO.save(entry);
-            fAuthorityToID.put(authority, entry.getId());
-            fIDToAuthority.put(entry.getId(), authority);
-        }
-        if (parent != null)
-        {
-            if (entry == null)
-            {
-                Integer id = fAuthorityToID.get(authority);
-                if (id == null)
-                {
-                    fgLogger.error("Authority Doesn't exist: " + authority, new Exception());
-                    return;
-                }
-                entry = fAuthorityEntryDAO.get(id);
-            }
-            Integer id = fAuthorityToID.get(parent);
-            if (id == null)
-            {
-                fgLogger.error("Authority Doesn't exist: " + authority, new Exception());
-                return;
-            }
-            AuthorityEntry pEntry = fAuthorityEntryDAO.get(id);
-            pEntry.getChildren().add(entry);
-            Set<String> children = fAuthorityToChild.get(parent);
-            if (children == null)
-            {
-                children = new HashSet<String>();
-                fAuthorityToChild.put(parent, children);
-            }
-            children.add(authority);
-            Set<String> parents = fChildToAuthority.get(authority);
-            if (parents == null)
-            {
-                parents = new HashSet<String>();
-                fChildToAuthority.put(authority, parents);
-            }
-            parents.add(parent);
-        }
-    }
-
-    /**
-     * Get case normalized authority.
-     */
-    public String normalizeAuthority(String authority)
-    {
-        if (authority == null)
-        {
-            return null;
-        }
-        AuthorityType type = AuthorityType.getAuthorityType(authority);
-        switch (type)
-        {
-            case ADMIN :
-            {
-                return authority;
-            }
-            case EVERYONE :
-            {
-                return PermissionService.ALL_AUTHORITIES;   
-            }
-            case GROUP :
-            {
-                return PermissionService.GROUP_PREFIX + authority.substring(PermissionService.GROUP_PREFIX.length()).toLowerCase();
-            }
-            case USER :
-            case GUEST :
-            {
-                return authority.toLowerCase();
-            }
-            case OWNER :
-            {
-                return PermissionService.OWNER_AUTHORITY;
-            }
-            case ROLE :
-            {
-                return PermissionService.ROLE_PREFIX + authority.substring(PermissionService.ROLE_PREFIX.length()).toLowerCase();
-            }
-            default :
-            {
-                return null;
-            }
-        }
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#removeAuthority(java.lang.String)
-     */
-    public synchronized void removeAuthority(String authority)
-    {
-        authority = normalizeAuthority(authority);
-        AlfrescoTransactionSupport.bindListener(this);
-        Integer id = fAuthorityToID.get(authority);
-        if (id == null)
-        {
-            return;
-        }
-        AuthorityEntry entry = fAuthorityEntryDAO.get(id);
-        if (entry == null)
-        {
-            fgLogger.error("Authority Doesn't exist: " + authority, new Exception());
-            return;
-        }
-        List<AuthorityEntry> parents = fAuthorityEntryDAO.getParents(entry);
-        for (AuthorityEntry parent : parents)
-        {
-            parent.getChildren().remove(entry);
-        }
-        fAuthorityEntryDAO.delete(entry);
-        Set<String> pNames = fChildToAuthority.get(authority);
-        if (pNames != null)
-        {
-            for (String parent : pNames)
-            {
-                fAuthorityToChild.get(parent).remove(authority);
-            }
-        }
-        fChildToAuthority.remove(authority);
-        id = fAuthorityToID.remove(authority);
-        fIDToAuthority.remove(id);
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#removeAuthorityChild(java.lang.String, java.lang.String)
-     */
-    public synchronized void removeAuthorityChild(String parent, String child)
-    {
-        parent = normalizeAuthority(parent);
-        child = normalizeAuthority(child);
-        AlfrescoTransactionSupport.bindListener(this);
-        Integer id = fAuthorityToID.get(child);
-        if (id == null)
-        {
-            return;
-        }
-        AuthorityEntry cEntry = fAuthorityEntryDAO.get(id);
-        id = fAuthorityToID.get(parent);
-        if (id == null)
-        {
-            return;
-        }
-        AuthorityEntry cParent = fAuthorityEntryDAO.get(parent);
-        cParent.getChildren().remove(cEntry);
-        fAuthorityToChild.get(parent).remove(child);
-        fChildToAuthority.get(child).remove(parent);
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#addCapability(java.lang.String)
-     */
-    public synchronized void addCapability(String capability)
-    {
-        capability = capability.toLowerCase();
-        AlfrescoTransactionSupport.bindListener(this);
-        CapabilityEntry entry = fCapabilityEntryDAO.get(capability);
-        if (entry != null)
-        {
-            return;
-        }
-        entry = new CapabilityEntryImpl(capability);
-        fCapabilityEntryDAO.save(entry);
-        entry = fCapabilityEntryDAO.get(capability);
-        fCapabilityToID.put(capability, entry.getId());
-        fIDToCapability.put(entry.getId(), capability);
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#getAllAuthorities()
-     */
-    public synchronized Set<String> getAllAuthorities()
-    {
-        return new HashSet<String>(fAuthorityToID.keySet());
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#getAllCapabilities()
-     */
-    public synchronized Set<String> getAllCapabilities()
-    {
-        return new HashSet<String>(fCapabilityToID.keySet());
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#getAuthorityID(java.lang.String)
-     */
-    public synchronized int getAuthorityID(String authority)
-    {
-        authority = normalizeAuthority(authority);
-        Integer id = fAuthorityToID.get(authority);
-        if (id == null)
-        {
-            return -1;
-        }
-        return id;
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#getAuthorityName(int)
-     */
-    public synchronized String getAuthorityName(int id)
-    {
-        return fIDToAuthority.get(id);
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#getCapabilityID(java.lang.String)
-     */
-    public synchronized int getCapabilityID(String capability)
-    {
-        capability = capability.toLowerCase();
-        Integer id = fCapabilityToID.get(capability);
-        if (id == null)
-        {
-            return -1;
-        }
-        return id;
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#getCapabilityName(int)
-     */
-    public synchronized String getCapabilityName(int id)
-    {
-        return fIDToCapability.get(id);
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#getContainedAuthorities(java.lang.String)
-     */
-    public synchronized Set<String> getContainedAuthorities(String authority)
-    {
-        authority = normalizeAuthority(authority);
-        Set<String> contained = new HashSet<String>();
-        contained.add(authority);
-        int count = 1;
-        int oldCount = -1;
-        while (count != oldCount)
-        {
-            Set<String> more = new HashSet<String>();
-            for (String auth : contained)
-            {
-                Set<String> children = fAuthorityToChild.get(auth);
-                if (children != null)
-                {
-                    more.addAll(children);
-                }
-            }
-            contained.addAll(more);
-            oldCount = count;
-            count = contained.size();
-        }
-        contained.remove(authority);
-        return contained;
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.service.simple.permission.AuthorityCapabilityRegistry#getContainerAuthorities(java.lang.String)
-     */
-    public Set<String> getContainerAuthorities(String authority)
-    {
-        authority = normalizeAuthority(authority);
-        Set<String> containers = new HashSet<String>();
-        containers.add(authority);
-        int count = 1;
-        int oldCount = -1;
-        while (count != oldCount)
-        {
-            Set<String> more = new HashSet<String>();
-            for (String auth : containers)
-            {
-                Set<String> parents = fChildToAuthority.get(auth);
-                if (parents != null)
-                {
-                    more.addAll(parents);
-                }
-            }
-            containers.addAll(more);
-            oldCount = count;
-            count = containers.size();
-        }
-        containers.remove(authority);
-        return containers;
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.transaction.TransactionListener#afterCommit()
-     */
-    public void afterCommit()
-    {
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.transaction.TransactionListener#afterRollback()
-     */
-    public synchronized void afterRollback()
-    {
-        fAuthorityToID.clear();
-        fIDToAuthority.clear();
-        fAuthorityToChild.clear();
-        fChildToAuthority.clear();
-        fCapabilityToID.clear();
-        fIDToCapability.clear();
-        bootstrap();
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.transaction.TransactionListener#beforeCommit(boolean)
-     */
-    public void beforeCommit(boolean readOnly)
-    {
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.transaction.TransactionListener#beforeCompletion()
-     */
-    public void beforeCompletion()
-    {
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.transaction.TransactionListener#flush()
-     */
-    public void flush()
-    {
-    }
-}
diff --git a/source/java/org/alfresco/repo/simple/permission/AuthorityEntry.java b/source/java/org/alfresco/repo/simple/permission/AuthorityEntry.java
deleted file mode 100644
index ba7e8d18f6..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/AuthorityEntry.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.repo.simple.permission;
-
-import java.io.Serializable;
-import java.util.Set;
-
-/**
- * Interface for an Authority entry, an aggregate of an authority name, id, 
- * and a set of children.
- * @author britt
- */
-public interface AuthorityEntry extends Serializable
-{
-    /**
-     * Get the Primary Key.
-     * @return The id.
-     */
-    public int getId();
-    
-    /**
-     * Get the name of the authority.
-     * @return The name.
-     */
-    public String getName();
-    
-    /**
-     * Get the children of this entry.
-     * @return The set of children.
-     */
-    public Set<AuthorityEntry> getChildren();
-}
diff --git a/source/java/org/alfresco/repo/simple/permission/AuthorityEntryDAO.java b/source/java/org/alfresco/repo/simple/permission/AuthorityEntryDAO.java
deleted file mode 100644
index e2d8e56d3f..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/AuthorityEntryDAO.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.repo.simple.permission;
-
-import java.util.List;
-
-/**
- * DAO interface for Authority Entries.
- * @author britt
- */
-public interface AuthorityEntryDAO
-{
-    /**
-     * Save one. Recursive.
-     * @param entry The one to save.
-     */
-    public void save(AuthorityEntry entry);
-    
-    /**
-     * Get all the entries.
-     * @return What you asked for.
-     */
-    public List<AuthorityEntry> get();
-    
-    /**
-     * Get the parents of an authority.
-     * @param entry The child.
-     * @return The parents.
-     */
-    public List<AuthorityEntry> getParents(AuthorityEntry entry);
-
-    /**
-     * Get one by name.
-     * @param name The authority name.
-     * @return The entry or null if not found.
-     */
-    public AuthorityEntry get(String name);
-    
-    /**
-     * Get one by primary key.
-     * @param id
-     * @return The entry or null if not found.
-     */
-    public AuthorityEntry get(int id);
-    
-    /**
-     * Delete an authority.
-     * @param entry The authority.
-     */
-    public void delete(AuthorityEntry entry);
-}
diff --git a/source/java/org/alfresco/repo/simple/permission/AuthorityEntryDAOHibernate.java b/source/java/org/alfresco/repo/simple/permission/AuthorityEntryDAOHibernate.java
deleted file mode 100644
index 6ab227e503..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/AuthorityEntryDAOHibernate.java
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.repo.simple.permission;
-
-import java.util.List;
-
-import org.hibernate.Query;
-import org.springframework.orm.hibernate3.support.HibernateDaoSupport;
-
-/**
- * Hibernate DAO for Authority Entries.
- * @author britt
- */
-public class AuthorityEntryDAOHibernate extends HibernateDaoSupport implements
-        AuthorityEntryDAO
-{
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.AuthorityEntryDAO#get(java.lang.String)
-     */
-    public AuthorityEntry get(String name)
-    {
-        Query query = getSession().createQuery("from AuthorityEntryImpl ae where ae.name = :name");
-        query.setString("name", name);
-        return (AuthorityEntry)query.uniqueResult();
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.AuthorityEntryDAO#get(int)
-     */
-    public AuthorityEntry get(int id)
-    {
-        return (AuthorityEntry)getSession().get(AuthorityEntryImpl.class, id);
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.AuthorityEntryDAO#getRoots()
-     */
-    @SuppressWarnings("unchecked")
-    public List<AuthorityEntry> get()
-    {
-        Query query = getSession().createQuery("from AuthorityEntryImpl ae");
-        return (List<AuthorityEntry>)query.list();
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.AuthorityEntryDAO#save(org.alfresco.repo.simple.permission.AuthorityEntry)
-     */
-    public void save(AuthorityEntry entry)
-    {
-        getSession().save(entry);
-        getSession().flush();
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.AuthorityEntryDAO#getParents(org.alfresco.repo.simple.permission.AuthorityEntry)
-     */
-    @SuppressWarnings("unchecked")
-    public List<AuthorityEntry> getParents(AuthorityEntry entry)
-    {
-        Query query = getSession().createQuery("from AuthorityEntryImpl ae where :child in elements(ae.children)");
-        query.setEntity("child", entry);
-        return (List<AuthorityEntry>)query.list();
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.AuthorityEntryDAO#delete(org.alfresco.repo.simple.permission.AuthorityEntry)
-     */
-    public void delete(AuthorityEntry entry)
-    {
-        getSession().delete(entry);
-    }
-}
diff --git a/source/java/org/alfresco/repo/simple/permission/AuthorityEntryImpl.java b/source/java/org/alfresco/repo/simple/permission/AuthorityEntryImpl.java
deleted file mode 100644
index 1f6426e6a0..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/AuthorityEntryImpl.java
+++ /dev/null
@@ -1,140 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.repo.simple.permission;
-
-import java.util.HashSet;
-import java.util.Set;
-
-/**
- * Persistent Hibernate implementation of an AuthorityEntry.
- * @author britt
- */
-public class AuthorityEntryImpl implements AuthorityEntry
-{
-    private static final long serialVersionUID = -3265592070954983948L;
-
-    private int fID;
-    
-    private long fVersion;
-    
-    private String fName;
-    
-    private Set<AuthorityEntry> fChildren;
-    
-    public AuthorityEntryImpl()
-    {
-    }
-    
-    public AuthorityEntryImpl(String name)
-    {
-        fName = name;
-        fChildren = new HashSet<AuthorityEntry>();
-    }
-    
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.AuthorityEntry#getChildren()
-     */
-    public Set<AuthorityEntry> getChildren()
-    {
-        return fChildren;
-    }
-
-    public void setChildren(Set<AuthorityEntry> children)
-    {
-        fChildren = children;
-    }
-    
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.AuthorityEntry#getId()
-     */
-    public int getId()
-    {
-        return fID;
-    }
-
-    public void setId(int id)
-    {
-        fID = id;
-    }
-    
-    public long getVersion()
-    {
-        return fVersion;
-    }
-    
-    public void setVersion(long version)
-    {
-        fVersion = version;
-    }
-    
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.AuthorityEntry#getName()
-     */
-    public String getName()
-    {
-        return fName;
-    }
-    
-    public void setName(String name)
-    {
-        fName = name;
-    }
-
-    /* (non-Javadoc)
-     * @see java.lang.Object#equals(java.lang.Object)
-     */
-    @Override
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        if (!(obj instanceof AuthorityEntry))
-        {
-            return false;
-        }
-        return fID == ((AuthorityEntry)obj).getId();
-    }
-
-    /* (non-Javadoc)
-     * @see java.lang.Object#hashCode()
-     */
-    @Override
-    public int hashCode()
-    {
-        return fID;
-    }
-
-    /* (non-Javadoc)
-     * @see java.lang.Object#toString()
-     */
-    @Override
-    public String toString()
-    {
-        return "[AuthorityEntry:" + fName + ":" + fID + "]"; 
-    }
-}
diff --git a/source/java/org/alfresco/repo/simple/permission/CapabilityEntry.java b/source/java/org/alfresco/repo/simple/permission/CapabilityEntry.java
deleted file mode 100644
index 132b8d34ee..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/CapabilityEntry.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.repo.simple.permission;
-
-import java.io.Serializable;
-
-/**
- * Interface for a capability entry.
- * @author britt
- */
-public interface CapabilityEntry extends Serializable
-{
-    /**
-     * Get the primary key.
-     * @return The id.
-     */
-    public int getId();
-    
-    /**
-     * Get the name of the Capability.
-     * @return The name of the Capability.
-     */
-    public String getName();
-}
diff --git a/source/java/org/alfresco/repo/simple/permission/CapabilityEntryDAO.java b/source/java/org/alfresco/repo/simple/permission/CapabilityEntryDAO.java
deleted file mode 100644
index fc1ee6db6b..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/CapabilityEntryDAO.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.repo.simple.permission;
-
-import java.util.List;
-
-/**
- * DAO Interface for capability entries.
- * @author britt
- */
-public interface CapabilityEntryDAO
-{
-    /**
-     * Save one.
-     * @param entry The one to save.
-     */
-    public void save(CapabilityEntry entry);
-    
-    /**
-     * Get all the CapabilityEntries.
-     * @return All of them.
-     */
-    public List<CapabilityEntry> getAll();
-    
-    /**
-     * Get an entry by name.
-     * @param name The name of the entry.
-     * @return The entry or null if it doesn't exist.
-     */
-    public CapabilityEntry get(String name);
-}
diff --git a/source/java/org/alfresco/repo/simple/permission/CapabilityEntryDAOHibernate.java b/source/java/org/alfresco/repo/simple/permission/CapabilityEntryDAOHibernate.java
deleted file mode 100644
index 41b1b42a25..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/CapabilityEntryDAOHibernate.java
+++ /dev/null
@@ -1,67 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.repo.simple.permission;
-
-import java.util.List;
-
-import org.hibernate.Query;
-import org.springframework.orm.hibernate3.support.HibernateDaoSupport;
-
-/**
- * Hibernate implementation of a CapabilityEntryDAO.
- * @author britt
- */
-public class CapabilityEntryDAOHibernate extends HibernateDaoSupport implements CapabilityEntryDAO
-{
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.CapabilityEntryDAO#get(java.lang.String)
-     */
-    public CapabilityEntry get(String name)
-    {
-        Query query = getSession().createQuery("from CapabilityEntryImpl ce where ce.name = :name");
-        query.setString("name", name);
-        return (CapabilityEntry)query.uniqueResult();
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.CapabilityEntryDAO#getAll()
-     */
-    @SuppressWarnings("unchecked")
-    public List<CapabilityEntry> getAll()
-    {
-        Query query = getSession().createQuery("from CapabilityEntryImpl ce");
-        return (List<CapabilityEntry>)query.list();
-    }
-
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.CapabilityEntryDAO#save(org.alfresco.repo.simple.permission.CapabilityEntry)
-     */
-    public void save(CapabilityEntry entry)
-    {
-        getSession().save(entry);
-        getSession().flush();
-    }
-}
diff --git a/source/java/org/alfresco/repo/simple/permission/CapabilityEntryImpl.java b/source/java/org/alfresco/repo/simple/permission/CapabilityEntryImpl.java
deleted file mode 100644
index a9d0a1576a..0000000000
--- a/source/java/org/alfresco/repo/simple/permission/CapabilityEntryImpl.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.repo.simple.permission;
-
-/**
- * Implementation of Capability Entry.
- * @author britt
- */
-public class CapabilityEntryImpl implements CapabilityEntry
-{
-    private static final long serialVersionUID = 7235803886625308634L;
-
-    private int fID;
-    
-    private String fName;
-    
-    private long fVersion;
-    
-    public CapabilityEntryImpl()
-    {
-    }
-    
-    public CapabilityEntryImpl(String name)
-    {
-        fName = name;
-    }
-    
-    public long getVersion()
-    {
-        return fVersion;
-    }
-
-    public void setVersion(long version)
-    {
-        fVersion = version;
-    }
-    
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.CapabilityEntry#getId()
-     */
-    public int getId()
-    {
-        return fID;
-    }
-
-    public void setId(int id)
-    {
-        fID = id;
-    }
-    
-    /* (non-Javadoc)
-     * @see org.alfresco.repo.simple.permission.CapabilityEntry#getName()
-     */
-    public String getName()
-    {
-        return fName;
-    }
-    
-    public void setName(String name)
-    {
-        fName = name;
-    }
-}
diff --git a/source/java/org/alfresco/service/simple/permission/ACL.java b/source/java/org/alfresco/service/simple/permission/ACL.java
deleted file mode 100644
index f8a7da7daf..0000000000
--- a/source/java/org/alfresco/service/simple/permission/ACL.java
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.service.simple.permission;
-
-import java.io.Serializable;
-import java.util.Set;
-
-/**
- * Interface for ACLs. ACLs express the capabilities granted to 
- * different authorities (users, groups, or roles (one hopes that roles can go away as they are 
- * operationally just another name for a group)).  ACLs contain explicit entries made of
- * a capability and a list of agents plus an indication of whether the entry denies or allows
- * the capability. Entries that deny override any entries that allow. 
- * @author britt
- */
-public interface ACL extends Serializable
-{
-    /**
-     * Insert an allow entry.
-     * Removes any denials explicitly for the authorities and capability given.
-     * @param capability The capability to grant.
-     * @param authorities The authorities granted the capability.
-     */
-    public void allow(String capability, String ... authorities);
-    
-    /**
-     * Insert a deny entry.
-     * Removes any allows explicitly for the authorities and capability given.
-     * @param capability The capability to deny.
-     * @param authorities The authorities to deny.
-     */
-    public void deny(String capability, String ... authorities);
-    
-    /**
-     * Does the given authority have the given capability
-     * @param authority The authority (user)
-     * @param isOwner Is the authority the owner of the controlled entity.
-     * @param capability The capability.
-     * @return Whether the authority can.
-     */
-    public boolean can(String authority, boolean isOwner, String capability);
-    
-    /**
-     * Get the capabilities for the given authority.
-     * @param authority The authority.
-     * @param isOwner is the authority the owner of the controlled entity.
-     * @return A set of capabilities.
-     */
-    public Set<String> getCapabilities(String authority, boolean isOwner);
-    
-    /**
-     * Get the authorities with the given capability.
-     * @param capability The capability under consideration.
-     * @return The set of authorities.
-     */
-    public Set<String> getAllowed(String capability);
-    
-    /**
-     * Get a string representation of this ACL, suitable for persistence.
-     * @return The string representation.
-     */
-    public String getStringRepresentation();
-    
-    /**
-     * Should this ACL be inherited.
-     * @return Whether it should.
-     */
-    public boolean inherits();
-}
diff --git a/source/java/org/alfresco/service/simple/permission/AuthorityCapabilityRegistry.java b/source/java/org/alfresco/service/simple/permission/AuthorityCapabilityRegistry.java
deleted file mode 100644
index d262011759..0000000000
--- a/source/java/org/alfresco/service/simple/permission/AuthorityCapabilityRegistry.java
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.service.simple.permission;
-
-import java.util.Set;
-
-/**
- * Interface for a registry of capabilities.
- * @author britt
- */
-public interface AuthorityCapabilityRegistry
-{
-    /**
-     * Get all known capabilities.
-     * @return A list of all the capabilities.
-     */
-    public Set<String> getAllCapabilities();
-    
-    /**
-     * Get all authorities know to the system.
-     * @return
-     */
-    public Set<String> getAllAuthorities();
-    
-    /**
-     * Get the integer id corresponding to the given capability.
-     * @return The id.
-     */
-    public int getCapabilityID(String capability);
-    
-    /**
-     * Get the name of a capability from it's unique id.
-     * @param id
-     * @return The capability name or null if the id is invalid.
-     */
-    public String getCapabilityName(int id);
-    
-    /**
-     * Add a capability.
-     * @param capability
-     */
-    public void addCapability(String capability);
-    
-    /**
-     * Get the id for an authority.
-     * @param authority
-     * @return The id for the authority.
-     */
-    public int getAuthorityID(String authority);
-    
-    /**
-     * Get the name from an authority id.
-     * @param id The authority id.
-     * @return The authority name.
-     */
-    public String getAuthorityName(int id);
-    
-    /**
-     * Add a new authority.
-     * @param authority The authority name.
-     * @param parent The parent authority. May be null.
-     */
-    public void addAuthority(String authority, String parent);
-    
-    /**
-     * Remove an authority completely from the system.
-     * @param authority The authority to move.
-     */
-    public void removeAuthority(String authority);
-    
-    /**
-     * Remove a containment relationship.
-     * @param parent The parent.
-     * @param child The child.
-     */
-    public void removeAuthorityChild(String parent, String child);
-    
-    /**
-     * Get all authorities which are contained directly or transitively by the given authority.
-     * @param authority The authority to check.
-     * @return The contained authorities.
-     */
-    public Set<String> getContainedAuthorities(String authority);
-    
-    /**
-     * Get all authorities which directly or indirectly contain the given authority.
-     * @param authority The authority to check.
-     * @return The container authorities.
-     */
-    public Set<String> getContainerAuthorities(String authority);
-    
-    /**
-     * Get the case normalized version of authority.
-     * @param authority The authority.
-     * @return The case normalized version.
-     */
-    public String normalizeAuthority(String authority);
-}
diff --git a/source/java/org/alfresco/service/simple/permission/SimplePermissionService.java b/source/java/org/alfresco/service/simple/permission/SimplePermissionService.java
deleted file mode 100644
index d15d72a68b..0000000000
--- a/source/java/org/alfresco/service/simple/permission/SimplePermissionService.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * Copyright (C) 2005-2007 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing
- */
-
-package org.alfresco.service.simple.permission;
-
-import java.util.List;
-
-/**
- * Interface for a simple permission mechanism.
- * Nothing but String valued capabilities, and ACLs.
- * @author britt
- */
-public interface SimplePermissionService
-{
-    /**
-     * Can the current user perform the action indicated by the capability.
-     * @param capability The capability: marker for an ability to perform an action
-     * governed by an ACL.
-     * @param acl The ACL. If this is null then the permission is granted.
-     * @param owner The owner. The owner can always has the "changepermission" capability.
-     * @return Whether permission is granted.
-     */
-    boolean can(String capability, ACL acl, String owner);
-    
-    /**
-     * Can the user (agent) specified perform the action indicated by the capability.
-     * @param agent The agent (user) to check.
-     * @param capability The capability to check.
-     * @param acl The ACL. If this is null then the permission is granted.
-     * @param owner The owner.
-     * @return Whether permission is granted.
-     */
-    boolean can(String agent, String capability, ACL acl, String owner);
-    
-    /**
-     * Get the capabilities that this acl grants the current user.
-     * @param acl The ACL.
-     * @param owner The owner of the controlled entity.
-     * @return A list of capabilities.
-     */
-    List<String> getCapabilities(ACL acl, String owner);
-    
-    /**
-     * Get the capabilities that this agent grants the specifiec agent.
-     * @param agent The agent (user).
-     * @param acl The ACL.
-     * @param owner The owner of the controlled entity.
-     * @return A list of capabilities.
-     */
-    List<String> getCapabilities(String agent, ACL acl, String owner);
-}