From 4634d889c8ffeb2c5ce012293cd49187da87ea53 Mon Sep 17 00:00:00 2001
From: Dave Ward <left@alfresco.com>
Date: Mon, 18 May 2009 15:42:47 +0000
Subject: [PATCH] MOB-820: IMAP as configurable subsystem + MOB-817: NFS RPC
 user mappings + MOB-816: File server domain and global ACL mappings - JLAN
 changes: revert previous changes and make AccessControl constructors public

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14353 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 config/alfresco/application-context.xml       |   5 +-
 config/alfresco/bootstrap-context.xml         |  54 ++-
 .../custom-imap-server-context.xml.sample     |  19 --
 .../custom-imap-server.properties.sample      |   2 -
 config/alfresco/imap-config.xml               |  14 -
 config/alfresco/imap-server-context.xml       |  91 ------
 config/alfresco/repository.properties         |  20 ++
 .../default/file-servers-context.xml          |  88 +++--
 .../default/file-servers.properties           |   3 +-
 .../imap/default/imap-server-context.xml      | 108 ++++++
 .../imap/default}/imap-server.properties      |   0
 .../filesys/auth/nfs/UserMapping.java         |  21 +-
 .../config/DomainMappingConfigBean.java       |  13 +-
 .../filesys/config/SecurityConfigBean.java    |  33 +-
 .../config/ServerConfigurationBean.java       | 107 +-----
 .../filesys/config/acl/AccessControlBean.java | 102 ++++++
 .../config/acl/AccessControlListBean.java     | 309 ++++++++++++++++++
 .../config/acl/DomainAccessControlBean.java   |  45 +++
 .../config/acl/GidAccessControlBean.java      |  69 ++++
 .../acl/IpAddressAccessControlBean.java       |  94 ++++++
 .../config/acl/ProtocolAccessControlBean.java |  69 ++++
 .../config/acl/UidAccessControlBean.java      |  70 ++++
 .../config/acl/UserAccessControlBean.java     |  45 +++
 .../alfresco/filesys/repo/ContentContext.java |  36 +-
 .../repo/imap/AlfrescoImapHostManager.java    |   4 +-
 .../org/alfresco/repo/imap/ImapHelper.java    |  56 ++--
 .../repo/imap/config/ImapConfigBean.java      | 129 ++++++++
 .../repo/imap/config/ImapConfigElement.java   | 143 --------
 .../repo/imap/config/ImapElementReader.java   |  81 -----
 29 files changed, 1235 insertions(+), 595 deletions(-)
 delete mode 100755 config/alfresco/extension/custom-imap-server-context.xml.sample
 delete mode 100755 config/alfresco/extension/custom-imap-server.properties.sample
 delete mode 100755 config/alfresco/imap-config.xml
 delete mode 100755 config/alfresco/imap-server-context.xml
 create mode 100755 config/alfresco/subsystems/imap/default/imap-server-context.xml
 rename config/alfresco/{ => subsystems/imap/default}/imap-server.properties (100%)
 create mode 100644 source/java/org/alfresco/filesys/config/acl/AccessControlBean.java
 create mode 100644 source/java/org/alfresco/filesys/config/acl/AccessControlListBean.java
 create mode 100644 source/java/org/alfresco/filesys/config/acl/DomainAccessControlBean.java
 create mode 100644 source/java/org/alfresco/filesys/config/acl/GidAccessControlBean.java
 create mode 100644 source/java/org/alfresco/filesys/config/acl/IpAddressAccessControlBean.java
 create mode 100644 source/java/org/alfresco/filesys/config/acl/ProtocolAccessControlBean.java
 create mode 100644 source/java/org/alfresco/filesys/config/acl/UidAccessControlBean.java
 create mode 100644 source/java/org/alfresco/filesys/config/acl/UserAccessControlBean.java
 create mode 100755 source/java/org/alfresco/repo/imap/config/ImapConfigBean.java
 delete mode 100755 source/java/org/alfresco/repo/imap/config/ImapConfigElement.java
 delete mode 100755 source/java/org/alfresco/repo/imap/config/ImapElementReader.java

diff --git a/config/alfresco/application-context.xml b/config/alfresco/application-context.xml
index e6d122e352..d8b605eedf 100644
--- a/config/alfresco/application-context.xml
+++ b/config/alfresco/application-context.xml
@@ -12,7 +12,7 @@
     <import resource="classpath:alfresco/model-specific-services-context.xml" />
     <import resource="classpath:alfresco/action-services-context.xml" />
     <import resource="classpath:alfresco/rule-services-context.xml" />
-    <import resource="classpath:alfresco/node-services-context.xml" />
+    <import resource="classpath:alfresco/node-services-context.xml" />
     <import resource="classpath:alfresco/scheduled-jobs-context.xml" />
     <import resource="classpath:alfresco/network-protocol-context.xml" />
     <import resource="classpath:alfresco/emailserver/email-service-context.xml" />
@@ -27,7 +27,7 @@
     <import resource="classpath:alfresco/script-services-context.xml" />
     <import resource="classpath:alfresco/index-recovery-context.xml" />
     <import resource="classpath:alfresco/authority-services-context.xml" />
-    <import resource="classpath:alfresco/authentication-services-context.xml" />
+    <import resource="classpath:alfresco/authentication-services-context.xml" />
     <import resource="classpath:alfresco/usage-services-context.xml" />
     <import resource="classpath:alfresco/policy-context.xml" />
     <import resource="classpath:alfresco/import-export-context.xml" />
@@ -52,7 +52,6 @@
     <import resource="classpath:alfresco/form-services-context.xml"/>
     <import resource="classpath:alfresco/invitation-service-context.xml"/>
     <import resource="classpath:alfresco/cmis-api-context.xml" />
-    <import resource="classpath:alfresco/imap-server-context.xml"/>
     <import resource="classpath*:alfresco/patch/*-context.xml" />
     <import resource="classpath*:alfresco/domain/*-context.xml" />
 
diff --git a/config/alfresco/bootstrap-context.xml b/config/alfresco/bootstrap-context.xml
index 28c52c5791..7217080d99 100644
--- a/config/alfresco/bootstrap-context.xml
+++ b/config/alfresco/bootstrap-context.xml
@@ -382,6 +382,39 @@
         <property name="autoStart">
             <value>true</value>
         </property>
+        <property name="compositePropertyTypes">
+            <map>
+                <entry key="nfs.user.mappings">
+                    <value>org.alfresco.filesys.auth.nfs.UserMapping</value>
+                </entry>
+                <entry key="filesystem.acl.global.domainAccessControls">
+                    <value>org.alfresco.filesys.config.acl.DomainAccessControlBean</value>
+                </entry>
+                <entry key="filesystem.acl.global.protocolAccessControls">
+                    <value>org.alfresco.filesys.config.acl.ProtocolAccessControlBean</value>
+                </entry>
+                <entry key="filesystem.acl.global.userAccessControls">
+                    <value>org.alfresco.filesys.config.acl.UserAccessControlBean</value>
+                </entry>
+                <entry key="filesystem.domainMappings">
+                    <value>org.alfresco.filesys.config.DomainMappingConfigBean</value>
+                </entry>
+            </map>
+        </property>
+    </bean>
+
+    <!-- IMAP Subsystem -->
+    <bean id="imap" class="org.alfresco.repo.management.subsystems.ChildApplicationContextFactory" parent="abstractPropertyBackedBean">
+        <property name="autoStart">
+            <value>true</value>
+        </property>
+        <property name="compositePropertyTypes">
+            <map>
+                <entry key="imap.server.mountPoints">
+                    <value>org.alfresco.repo.imap.config.ImapConfigBean</value>
+                </entry>
+            </map>
+        </property>
     </bean>
 
    <bean id="fileServerConfiguration" class="org.alfresco.repo.management.subsystems.SubsystemProxyFactory">
@@ -413,13 +446,20 @@
         </property>
     </bean>
 
-    <!-- Optional LDAP synchronization chain -->
-    <bean id="Synchronization" class="org.alfresco.repo.management.subsystems.DefaultChildApplicationContextManager"
-        parent="abstractPropertyBackedBean">
-        <property name="autoStart">
-            <value>true</value>
-        </property>
-    </bean>
+   <!-- Optional LDAP synchronization chain -->
+   <bean id="Synchronization" class="org.alfresco.repo.management.subsystems.DefaultChildApplicationContextManager"
+      parent="abstractPropertyBackedBean">
+      <property name="autoStart">
+         <value>true</value>
+      </property>
+      <property name="defaultChain">
+         <value>${synchronization.chain}</value>
+      </property>
+      <!-- LDAP is the default (and only) instance type -->
+      <property name="defaultTypeName">
+         <value>ldap</value>
+      </property>
+   </bean>
 
     <!-- Workflow Scheduler -->
     <bean id="workflowScheduler" class="org.alfresco.repo.workflow.jbpm.JBPMScheduler">
diff --git a/config/alfresco/extension/custom-imap-server-context.xml.sample b/config/alfresco/extension/custom-imap-server-context.xml.sample
deleted file mode 100755
index a706326c12..0000000000
--- a/config/alfresco/extension/custom-imap-server-context.xml.sample
+++ /dev/null
@@ -1,19 +0,0 @@
-<?xml version='1.0' encoding='UTF-8'?>
-<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
-
-<beans>
-
-    <bean id="imapServerConfigurationProperties" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
-        <property name="ignoreUnresolvablePlaceholders">
-            <value>true</value>
-        </property>
-        <property name="locations">
-            <list>
-                <value>classpath:alfresco/imap-server.properties</value>
-                <!-- Override -->
-                <value>classpath:alfresco/extension/custom-imap-server.properties</value>
-            </list>
-        </property>
-    </bean>
-   
-</beans>
diff --git a/config/alfresco/extension/custom-imap-server.properties.sample b/config/alfresco/extension/custom-imap-server.properties.sample
deleted file mode 100755
index c87cdff75c..0000000000
--- a/config/alfresco/extension/custom-imap-server.properties.sample
+++ /dev/null
@@ -1,2 +0,0 @@
-imap.server.enabled=true
-imap.server.port=143
diff --git a/config/alfresco/imap-config.xml b/config/alfresco/imap-config.xml
deleted file mode 100755
index 6ae9ec65fd..0000000000
--- a/config/alfresco/imap-config.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<alfresco-config>
-   <config>
-      <imapConfig>
-         <imap name="Repository_virtual" mode="virtual">
-              <store>workspace://SpacesStore</store>
-              <rootPath>/app:company_home</rootPath>
-         </imap>
-         <imap name="Repository_archive" mode="archive">
-              <store>workspace://SpacesStore</store>
-              <rootPath>/app:company_home</rootPath>
-         </imap>
-      </imapConfig>
-   </config>
-</alfresco-config> 
\ No newline at end of file
diff --git a/config/alfresco/imap-server-context.xml b/config/alfresco/imap-server-context.xml
deleted file mode 100755
index 88259243d2..0000000000
--- a/config/alfresco/imap-server-context.xml
+++ /dev/null
@@ -1,91 +0,0 @@
-<?xml version='1.0' encoding='UTF-8'?>
-<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
-
-<beans>
-
-   <bean id="imapResourceBundles" class="org.alfresco.i18n.ResourceBundleBootstrapComponent">
-        <property name="resourceBundles">
-            <list>
-                <value>alfresco.messages.imap-service</value>
-            </list>
-        </property>
-   </bean>
-   
-   <bean id="imapServerConfigurationProperties" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
-      <property name="ignoreUnresolvablePlaceholders">
-         <value>true</value>
-      </property>
-      <property name="locations">
-         <list>
-            <value>classpath:alfresco/imap-server.properties</value>
-         </list>
-      </property>
-   </bean>
-
-   <bean id="imapHelper" class="org.alfresco.repo.imap.ImapHelper">
-       <property name="nodeService" ref="NodeService" />
-       <property name="fileFolderService" ref="FileFolderService" />
-       <property name="searchService" ref="SearchService" />
-       <property name="namespaceService" ref="NamespaceService" />
-       <property name="templateService" ref="TemplateService" />
-       <property name="permissionService" ref="PermissionService" />
-       <property name="configService" ref="webClientConfigService" />
-       <property name="dictionaryService" ref="DictionaryService" />
-       <property name="preferenceService" ref="PreferenceService" />
-       <property name="siteService" ref="SiteService" />
-       <property name="patchService" ref="patchComponent" />
-       
-       
-       <property name="serviceRegistry" ref="ServiceRegistry" />
-       
-       <property name="defaultFromAddress">
-            <value>${mail.from.default}</value>
-        </property>
-
-       <property name="webApplicationContextUrl">
-            <value>${web.application.context.url}</value>
-        </property>
-       
-       <property name="imapRoot">
-             <value>${spaces.store}/${spaces.company_home.childname}/${spaces.imap_home.childname}</value> 
-        </property>
-        
-        <property name="repositoryTemplatePath">
-           <value>${spaces.store}/${spaces.company_home.childname}/${spaces.dictionary.childname}/${spaces.imapConfig.childname}/${spaces.imap_templates.childname}</value>
-        </property>
-    </bean>
-
-    <bean id="imapServer" class="org.alfresco.repo.imap.AlfrescoImapServer">
-        <property name="port">
-              <value>${imap.server.port}</value>
-        </property>
-        <property name="imapServerEnabled">
-             <value>${imap.server.enabled}</value>
-        </property>
-        <property name="imapHostManager">
-             <ref local="imapHostManager"/>
-        </property>
-        <property name="imapUserManager">
-             <ref local="imapUserManager"/>
-        </property>
-        <property name="imapHelper">
-             <ref local="imapHelper"/>
-        </property>
-    </bean>
-   
-    <bean id="imapHostManager" class="org.alfresco.repo.imap.AlfrescoImapHostManager" >
-       <property name="serviceRegistry" ref="ServiceRegistry" />
-       <property name="nodeService" ref="NodeService" />
-       <property name="fileFolderService" ref="FileFolderService" />
-       <property name="imapHelper" ref="imapHelper" />
-    </bean>
-
-    <bean id="imapUserManager" class="org.alfresco.repo.imap.AlfrescoImapUserManager">
-       <property name="imapHostManager">
-          <ref local="imapHostManager" />
-       </property>
-       <property name="authenticationService" ref="AuthenticationService" />
-       <property name="personService" ref="PersonService" />
-       <property name="nodeService" ref="NodeService" />
-    </bean>
-</beans>
diff --git a/config/alfresco/repository.properties b/config/alfresco/repository.properties
index 80d75769da..622474322d 100644
--- a/config/alfresco/repository.properties
+++ b/config/alfresco/repository.properties
@@ -325,6 +325,26 @@ V2.1-A.fixes.to.schema=0
 # The default authentication chain
 authentication.chain=alfrescoNtlm1:alfrescoNtlm
 
+# The default synchronization chain. Empty by default
+synchronization.chain=
+
+# Default NFS user mappings
+nfs.user.mappings=admin
+nfs.user.mappings.default.uid=0
+nfs.user.mappings.default.gid=0
+
+# IMAP
+imap.server.enabled=false
+imap.server.port=143
+
+# Default IMAP mount points
+imap.server.mountPoints=Repository_virtual,Repository_archive
+imap.server.mountPoints.default.store=${spaces.store}
+imap.server.mountPoints.default.rootPath=/${spaces.company_home.childname}
+imap.server.mountPoints.default.mode=virtual
+imap.server.mountPoints.value.Repository_virtual.mode=virtual
+imap.server.mountPoints.value.Repository_archive.mode=archive
+
 # Activity feed max size and max age (eg. 44640 mins = 31 days)
 activities.feed.max.size=100
 activities.feed.max.age.mins=44640
\ No newline at end of file
diff --git a/config/alfresco/subsystems/fileServers/default/file-servers-context.xml b/config/alfresco/subsystems/fileServers/default/file-servers-context.xml
index 55a76241ba..7820c91e21 100644
--- a/config/alfresco/subsystems/fileServers/default/file-servers-context.xml
+++ b/config/alfresco/subsystems/fileServers/default/file-servers-context.xml
@@ -215,6 +215,25 @@
 
    </bean>
 
+   <!--The configurable RPC user mappings - actually a post-processed composite property! -->
+   <bean id="nfs.user.mappings" class="org.springframework.beans.factory.config.ListFactoryBean">
+      <property name="sourceList">
+         <list>
+            <bean class="org.alfresco.filesys.auth.nfs.UserMapping">
+               <property name="beanName">
+                  <value>${alfresco_user_store.adminusername}</value>
+               </property>
+               <property name="uid">
+                  <value>0</value>
+               </property>
+               <property name="gid">
+                  <value>0</value>
+               </property>
+            </bean>
+         </list>
+      </property>
+   </bean>
+
    <bean id="nfsServerConfig" class="org.alfresco.filesys.config.NFSConfigBean">
       <property name="serverEnabled">
          <value>${nfs.enabled}</value>
@@ -224,19 +243,7 @@
       <property name="rpcAuthenticator">
          <bean class="org.alfresco.filesys.auth.nfs.AlfrescoRpcAuthenticator">
             <property name="userMappings">
-               <list>
-                  <bean class="org.alfresco.filesys.auth.nfs.UserMapping">
-                     <property name="name">
-                        <value>${alfresco_user_store.adminusername}</value>
-                     </property>
-                     <property name="uid">
-                        <value>0</value>
-                     </property>
-                     <property name="gid">
-                        <value>0</value>
-                     </property>
-                  </bean>
-               </list>
+               <ref bean="nfs.user.mappings" />
             </property>
          </bean>
       </property>
@@ -335,12 +342,8 @@
                <!-- Additional access control of the filesystem -->
                <!-- Access type of 'none' will stop the filesystem from showing up for that user/address/protocol -->
                <!--
-                  <property name="defaultAccessLevel"> <value>Write</value> </property> <property name="accessControl">
-                  <list> <bean class="org.alfresco.jlan.server.auth.acl.UserAccessControl"> <property name="name">
-                  <value>admin</value> </property> <property name="access"> <value>Write</value> </property> </bean>
-                  <bean class="org.alfresco.jlan.server.auth.acl.IpAddressAccessControl"> <property name="subNet">
-                  <value>192.168.1.0</value> </property> <property name="netMask"> <value>255.255.255.0</value>
-                  </property> <property name="access"> <value>Write</value> </property> </bean> </list> </property>
+                  <property name="accessControl"> <bean class="org.alfresco.filesys.config.acl.AccessControlListBean">
+                  <property name="defaultAccessLevel"> <value>Write</value> </property> </bean> </property>
                -->
             </bean>
             <!-- AVM virtualization view of all stores/versions for WCM -->
@@ -360,14 +363,21 @@
       </property>
    </bean>
 
+   <!--Configurable global ACLS - actually post-processed composite properties -->
+   <bean id="filesystem.acl.global.domainAccessControls" class="org.springframework.beans.factory.config.ListFactoryBean" />
+
+   <bean id="filesystem.acl.global.protocolAccessControls" class="org.springframework.beans.factory.config.ListFactoryBean" />
+
+   <bean id="filesystem.acl.global.userAccessControls" class="org.springframework.beans.factory.config.ListFactoryBean" />
+
+   <!-- Domain mappings used for passthru authentication routing -->
+   <!-- Used when the client does not provide a domain name in the NTLM logon -->
+   <bean id="filesystem.domainMappings" class="org.springframework.beans.factory.config.ListFactoryBean" />
+
    <bean id="fileSecurityConfig" class="org.alfresco.filesys.config.SecurityConfigBean">
-      <!-- Domain mappings used for passthru authentication routing -->
-      <!-- Used when the client does not provide a domain name in the NTLM logon -->
-      <!--
-         <property name="domainMappings"> <list> <bean class="org.alfresco.filesys.config.DomainMappingConfigBean">
-         <property name="name"> <value>ALFRESCO</value> </property> <property name="subnet"> <value>192.168.1.0</value>
-         </property> <property name="mask"> <value>192.168.1.255</value> </property> </bean> </list> </property>
-      -->
+      <property name="domainMappings">
+         <ref bean="filesystem.domainMappings" />
+      </property>
 
       <!-- Custom share mapper when multi-tenancy is enabled -->
       <!--
@@ -378,15 +388,23 @@
 
       <!-- Global access control list                                                                    -->
       <!-- Applied to all filesystems that do not have an accessControl property                         -->
-      <!-- Access type of 'none' will stop the filesystem from showing up for that user/address/protocol -->
-      <!--
-         <property name="globalDefaultAccessLevel"> <value>None</value> </property> <property
-         name="globalAccessControl"> <list> <bean class="org.alfresco.jlan.server.auth.acl.UserAccessControl"> <property
-         name="name"> <value>admin</value> </property> <property name="access"> <value>Write</value> </property> </bean>
-         <bean class="org.alfresco.jlan.server.auth.acl.IpAddressAccessControl"> <property name="subNet">
-         <value>192.168.1.2</value> </property> <property name="netMask"> <value>255.255.255.0</value> </property>
-         <property name="access"> <value>Write</value> </property> </bean> </list> </property>
-      -->
+      <property name="globalAccessControl">
+         <bean class="org.alfresco.filesys.config.acl.AccessControlListBean">
+            <!-- Access type of 'none' will stop the filesystem from showing up for that user/address/protocol -->
+            <property name="defaultAccessLevel">
+               <value>${filesystem.acl.global.defaultAccessLevel}</value>
+            </property>
+            <property name="domainAccessControls">
+               <ref bean="filesystem.acl.global.domainAccessControls" />
+            </property>
+            <property name="protocolAccessControls">
+               <ref bean="filesystem.acl.global.protocolAccessControls" />
+            </property>
+            <property name="userAccessControls">
+               <ref bean="filesystem.acl.global.userAccessControls" />
+            </property>
+         </bean>
+      </property>
    </bean>
 
 </beans>
\ No newline at end of file
diff --git a/config/alfresco/subsystems/fileServers/default/file-servers.properties b/config/alfresco/subsystems/fileServers/default/file-servers.properties
index b7a63d0ad7..ea9bb66fda 100644
--- a/config/alfresco/subsystems/fileServers/default/file-servers.properties
+++ b/config/alfresco/subsystems/fileServers/default/file-servers.properties
@@ -1,4 +1,5 @@
 filesystem.name=Alfresco
+filesystem.acl.global.defaultAccessLevel=
 
 cifs.enabled=true
 cifs.serverName=${localname}A
@@ -33,4 +34,4 @@ ftp.ipv6.enabled=false
 
 nfs.enabled=false
 
-cifs.urlfile.prefix=http://${localname}:8080/alfresco/
\ No newline at end of file
+cifs.urlfile.prefix=http://${localname}:8080/alfresco/
diff --git a/config/alfresco/subsystems/imap/default/imap-server-context.xml b/config/alfresco/subsystems/imap/default/imap-server-context.xml
new file mode 100755
index 0000000000..384c30c00b
--- /dev/null
+++ b/config/alfresco/subsystems/imap/default/imap-server-context.xml
@@ -0,0 +1,108 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
+
+<beans>
+
+    <bean id="imapResourceBundles" class="org.alfresco.i18n.ResourceBundleBootstrapComponent">
+        <property name="resourceBundles">
+            <list>
+                <value>alfresco.messages.imap-service</value>
+            </list>
+        </property>
+    </bean>
+
+    <bean id="imapServer" class="org.alfresco.repo.imap.AlfrescoImapServer">
+        <property name="port">
+            <value>${imap.server.port}</value>
+        </property>
+        <property name="imapServerEnabled">
+            <value>${imap.server.enabled}</value>
+        </property>
+        <property name="imapHostManager">
+            <ref local="imapHostManager" />
+        </property>
+        <property name="imapUserManager">
+            <ref local="imapUserManager" />
+        </property>
+    </bean>
+
+    <!--The configurable list of mount points - actually a post-processed composite property! -->
+    <bean id="imap.server.mountPoints" class="org.springframework.beans.factory.config.ListFactoryBean">
+        <property name="sourceList">
+            <list>
+                <bean id="Repository_virtual" class="org.alfresco.repo.imap.config.ImapConfigBean">
+                    <property name="mode">
+                        <value>virtual</value>
+                    </property>
+                    <property name="store">
+                        <value>${spaces.store}</value>
+                    </property>
+                    <property name="rootPath">
+                        <value>/${spaces.company_home.childname}</value>
+                    </property>
+                </bean>
+                <bean id="Repository_archive" class="org.alfresco.repo.imap.config.ImapConfigBean">
+                    <property name="mode">
+                        <value>archive</value>
+                    </property>
+                    <property name="store">
+                        <value>${spaces.store}</value>
+                    </property>
+                    <property name="rootPath">
+                        <value>/${spaces.company_home.childname}</value>
+                    </property>
+                </bean>
+            </list>
+        </property>
+    </bean>
+
+    <bean id="imapHelper" class="org.alfresco.repo.imap.ImapHelper">
+        <property name="nodeService" ref="NodeService" />
+        <property name="fileFolderService" ref="FileFolderService" />
+        <property name="searchService" ref="SearchService" />
+        <property name="namespaceService" ref="NamespaceService" />
+        <property name="templateService" ref="TemplateService" />
+        <property name="permissionService" ref="PermissionService" />
+        <property name="dictionaryService" ref="DictionaryService" />
+        <property name="preferenceService" ref="PreferenceService" />
+        <property name="siteService" ref="SiteService" />
+        <property name="patchService" ref="patchComponent" />
+        <property name="serviceRegistry" ref="ServiceRegistry" />
+
+        <property name="imapConfigBeans">
+            <ref bean="imap.server.mountPoints" />
+        </property>
+
+        <property name="defaultFromAddress">
+            <value>${mail.from.default}</value>
+        </property>
+
+        <property name="webApplicationContextUrl">
+            <value>${web.application.context.url}</value>
+        </property>
+
+        <property name="imapRoot">
+            <value>${spaces.store}/${spaces.company_home.childname}/${spaces.imap_home.childname}</value>
+        </property>
+
+        <property name="repositoryTemplatePath">
+            <value>${spaces.store}/${spaces.company_home.childname}/${spaces.dictionary.childname}/${spaces.imapConfig.childname}/${spaces.imap_templates.childname}</value>
+        </property>
+    </bean>
+
+    <bean id="imapHostManager" class="org.alfresco.repo.imap.AlfrescoImapHostManager">
+        <property name="serviceRegistry" ref="ServiceRegistry" />
+        <property name="nodeService" ref="NodeService" />
+        <property name="fileFolderService" ref="FileFolderService" />
+        <property name="imapHelper" ref="imapHelper" />
+    </bean>
+
+    <bean id="imapUserManager" class="org.alfresco.repo.imap.AlfrescoImapUserManager">
+        <property name="imapHostManager">
+            <ref local="imapHostManager" />
+        </property>
+        <property name="authenticationService" ref="AuthenticationService" />
+        <property name="personService" ref="PersonService" />
+        <property name="nodeService" ref="NodeService" />
+    </bean>
+</beans>
diff --git a/config/alfresco/imap-server.properties b/config/alfresco/subsystems/imap/default/imap-server.properties
similarity index 100%
rename from config/alfresco/imap-server.properties
rename to config/alfresco/subsystems/imap/default/imap-server.properties
diff --git a/source/java/org/alfresco/filesys/auth/nfs/UserMapping.java b/source/java/org/alfresco/filesys/auth/nfs/UserMapping.java
index 0f3c071c23..d8b42c45e6 100644
--- a/source/java/org/alfresco/filesys/auth/nfs/UserMapping.java
+++ b/source/java/org/alfresco/filesys/auth/nfs/UserMapping.java
@@ -24,12 +24,13 @@
  */
 package org.alfresco.filesys.auth.nfs;
 
+import org.springframework.beans.factory.BeanNameAware;
+
 /**
  * Represents a user mapping for the {@link AlfrescoRpcAuthenticator}.
  */
-public class UserMapping
+public class UserMapping implements BeanNameAware
 {
-
     /** The name. */
     private String name;
 
@@ -71,16 +72,14 @@ public class UserMapping
      */
     public String getName()
     {
-        return name;
+        return this.name;
     }
 
-    /**
-     * Sets the name.
-     * 
-     * @param name
-     *            the new name
+    /*
+     * (non-Javadoc)
+     * @see org.springframework.beans.factory.BeanNameAware#setBeanName(java.lang.String)
      */
-    public void setName(String name)
+    public void setBeanName(String name)
     {
         this.name = name;
     }
@@ -92,7 +91,7 @@ public class UserMapping
      */
     public int getUid()
     {
-        return uid;
+        return this.uid;
     }
 
     /**
@@ -113,7 +112,7 @@ public class UserMapping
      */
     public int getGid()
     {
-        return gid;
+        return this.gid;
     }
 
     /**
diff --git a/source/java/org/alfresco/filesys/config/DomainMappingConfigBean.java b/source/java/org/alfresco/filesys/config/DomainMappingConfigBean.java
index ef8f9d4f1f..796b2992dc 100644
--- a/source/java/org/alfresco/filesys/config/DomainMappingConfigBean.java
+++ b/source/java/org/alfresco/filesys/config/DomainMappingConfigBean.java
@@ -24,13 +24,15 @@
  */
 package org.alfresco.filesys.config;
 
+import org.springframework.beans.factory.BeanNameAware;
+
 // TODO: Auto-generated Javadoc
 /**
  * The Class DomainMappingConfigBean.
  * 
  * @author dward
  */
-public class DomainMappingConfigBean
+public class DomainMappingConfigBean implements BeanNameAware
 {
 
     /** The name. */
@@ -58,13 +60,10 @@ public class DomainMappingConfigBean
         return name;
     }
 
-    /**
-     * Sets the name.
-     * 
-     * @param name
-     *            the new name
+    /* (non-Javadoc)
+     * @see org.springframework.beans.factory.BeanNameAware#setBeanName(java.lang.String)
      */
-    public void setName(String name)
+    public void setBeanName(String name)
     {
         this.name = name;
     }
diff --git a/source/java/org/alfresco/filesys/config/SecurityConfigBean.java b/source/java/org/alfresco/filesys/config/SecurityConfigBean.java
index 04858e27b8..7cf08efe9c 100644
--- a/source/java/org/alfresco/filesys/config/SecurityConfigBean.java
+++ b/source/java/org/alfresco/filesys/config/SecurityConfigBean.java
@@ -26,7 +26,7 @@ package org.alfresco.filesys.config;
 
 import java.util.List;
 
-import org.alfresco.jlan.server.auth.acl.AccessControl;
+import org.alfresco.filesys.config.acl.AccessControlListBean;
 import org.alfresco.jlan.server.core.ShareMapper;
 
 // TODO: Auto-generated Javadoc
@@ -37,12 +37,8 @@ import org.alfresco.jlan.server.core.ShareMapper;
  */
 public class SecurityConfigBean
 {
-
-    /** The global default access level. */
-    private String globalDefaultAccessLevel;
-
     /** The global access control. */
-    private List<AccessControl> globalAccessControl;
+    private AccessControlListBean globalAccessControl;
 
     /** The jce provider. */
     private String jceProvider;
@@ -53,33 +49,12 @@ public class SecurityConfigBean
     /** The domain mappings. */
     private List<DomainMappingConfigBean> domainMappings;
 
-    /**
-     * Gets the global default access level.
-     * 
-     * @return the global default access level
-     */
-    public String getGlobalDefaultAccessLevel()
-    {
-        return globalDefaultAccessLevel;
-    }
-
-    /**
-     * Sets the global default access level.
-     * 
-     * @param globalDefaultAccessLevel
-     *            the new global default access level
-     */
-    public void setGlobalDefaultAccessLevel(String globalDefaultAccessLevel)
-    {
-        this.globalDefaultAccessLevel = globalDefaultAccessLevel;
-    }
-
     /**
      * Gets the global access control.
      * 
      * @return the global access control
      */
-    public List<AccessControl> getGlobalAccessControl()
+    public AccessControlListBean getGlobalAccessControl()
     {
         return globalAccessControl;
     }
@@ -90,7 +65,7 @@ public class SecurityConfigBean
      * @param globalAccessControl
      *            the new global access control
      */
-    public void setGlobalAccessControl(List<AccessControl> globalAccessControl)
+    public void setGlobalAccessControl(AccessControlListBean globalAccessControl)
     {
         this.globalAccessControl = globalAccessControl;
     }
diff --git a/source/java/org/alfresco/filesys/config/ServerConfigurationBean.java b/source/java/org/alfresco/filesys/config/ServerConfigurationBean.java
index c37da5f286..c1607f17d5 100644
--- a/source/java/org/alfresco/filesys/config/ServerConfigurationBean.java
+++ b/source/java/org/alfresco/filesys/config/ServerConfigurationBean.java
@@ -45,6 +45,7 @@ import org.alfresco.filesys.AbstractServerConfigurationBean;
 import org.alfresco.filesys.alfresco.ExtendedDiskInterface;
 import org.alfresco.filesys.avm.AVMContext;
 import org.alfresco.filesys.avm.AVMDiskDriver;
+import org.alfresco.filesys.config.acl.AccessControlListBean;
 import org.alfresco.filesys.repo.ContentContext;
 import org.alfresco.jlan.ftp.FTPAuthenticator;
 import org.alfresco.jlan.ftp.FTPConfigSection;
@@ -56,11 +57,7 @@ import org.alfresco.jlan.netbios.win32.Win32NetBIOS;
 import org.alfresco.jlan.oncrpc.RpcAuthenticator;
 import org.alfresco.jlan.oncrpc.nfs.NFSConfigSection;
 import org.alfresco.jlan.server.auth.ICifsAuthenticator;
-import org.alfresco.jlan.server.auth.acl.ACLParseException;
-import org.alfresco.jlan.server.auth.acl.AccessControl;
 import org.alfresco.jlan.server.auth.acl.AccessControlList;
-import org.alfresco.jlan.server.auth.acl.AccessControlParser;
-import org.alfresco.jlan.server.auth.acl.InvalidACLTypeException;
 import org.alfresco.jlan.server.auth.passthru.DomainMapping;
 import org.alfresco.jlan.server.auth.passthru.RangeDomainMapping;
 import org.alfresco.jlan.server.auth.passthru.SubnetDomainMapping;
@@ -1537,21 +1534,16 @@ public class ServerConfigurationBean extends AbstractServerConfigurationBean
                         // Check if an access control list has been specified
 
                         AccessControlList acls = null;
-                        String defaultAccessLevel = filesysContext.getDefaultAccessLevel();
-                        List<AccessControl> accessControls = filesysContext.getAccessControl();
-
-                        if ((defaultAccessLevel != null && defaultAccessLevel.length() > 0) ||
-                                (accessControls != null && !accessControls.isEmpty()))
+                        AccessControlListBean accessControls = filesysContext.getAccessControlList();
+                        if (accessControls != null)
                         {
                             // Parse the access control list
-
-                            acls = processAccessControlList(secConfig, defaultAccessLevel, accessControls);
+                            acls = accessControls.toAccessControlList(secConfig);
                         }
                         else if (secConfig.hasGlobalAccessControls())
                         {
 
                             // Use the global access control list for this disk share
-
                             acls = secConfig.getGlobalAccessControls();
                         }
 
@@ -1576,6 +1568,10 @@ public class ServerConfigurationBean extends AbstractServerConfigurationBean
                 {
                     throw new AlfrescoRuntimeException("Error creating filesystem " + filesystem.getDeviceName(), ex);
                 }
+                catch (InvalidConfigurationException ex)
+                {
+                    throw new AlfrescoRuntimeException(ex.getMessage(), ex);
+                }
             }
         }
         else
@@ -1642,22 +1638,19 @@ public class ServerConfigurationBean extends AbstractServerConfigurationBean
         {
             // Check if global access controls have been specified
 
-            String defaultAccessLevel = securityConfigBean.getGlobalDefaultAccessLevel();
-            List<AccessControl> accessControls = securityConfigBean.getGlobalAccessControl();
-            
-            if ((defaultAccessLevel != null && defaultAccessLevel.length() > 0) ||
-                    (accessControls != null && !accessControls.isEmpty()))
+            AccessControlListBean accessControls = securityConfigBean.getGlobalAccessControl();
+
+            if (accessControls != null)
             {
                 // Parse the access control list
-
-                AccessControlList acls = processAccessControlList(secConfig, defaultAccessLevel, accessControls);
+                AccessControlList acls = accessControls.toAccessControlList(secConfig);
                 if (acls != null)
                     secConfig.setGlobalAccessControls(acls);
             }
            
 
             // Check if a JCE provider class has been specified
-
+            
             String jceProvider = securityConfigBean.getJCEProvider();
             if (jceProvider != null && jceProvider.length() > 0)
             {
@@ -1949,78 +1942,4 @@ public class ServerConfigurationBean extends AbstractServerConfigurationBean
             coreConfig.setMemoryPool(DefaultMemoryPoolBufSizes, DefaultMemoryPoolInitAlloc, DefaultMemoryPoolMaxAlloc);
         }
     }
-
-    /**
-     * Process an access control sub-section and return the access control list
-     * 
-     * @param secConfig
-     *            SecurityConfigSection
-     * @param aclsElem
-     *            ConfigElement
-     */
-    protected AccessControlList processAccessControlList(SecurityConfigSection secConfig, String defaultAccessLevel,
-            List<AccessControl> accessControls)
-    {
-
-        // Check if there is an access control manager configured
-
-        if (secConfig.getAccessControlManager() == null)
-            throw new AlfrescoRuntimeException("No access control manager configured");
-
-        // Create the access control list
-
-        AccessControlList acls = new AccessControlList();
-
-        // Check if there is a default access level for the ACL group
-
-        if (defaultAccessLevel != null && defaultAccessLevel.length() > 0)
-        {
-
-            // Get the access level and validate
-
-            try
-            {
-
-                // Parse the access level name
-
-                int access = AccessControlParser.parseAccessTypeString(defaultAccessLevel);
-
-                // Set the default access level for the access control list
-
-                acls.setDefaultAccessLevel(access);
-            }
-            catch (InvalidACLTypeException ex)
-            {
-                throw new AlfrescoRuntimeException("Default access level error", ex);
-            }
-            catch (ACLParseException ex)
-            {
-                throw new AlfrescoRuntimeException("Default access level error", ex);
-            }
-        }
-
-        // Parse each access control element
-        if (accessControls != null && accessControls.size() > 0)
-        {
-
-            // Create the access controls
-
-            for (AccessControl accessControl : accessControls)
-            {
-
-                acls.addControl(accessControl);
-            }
-        }
-
-        // Check if there are no access control rules but the default access level is set to 'None',
-        // this is not allowed as the share would not be accessible or visible.
-
-        if (acls.getDefaultAccessLevel() == AccessControl.NoAccess && acls.numberOfControls() == 0)
-            throw new AlfrescoRuntimeException("Empty access control list and default access 'None' not allowed");
-
-        // Return the access control list
-
-        return acls;
-    }
-
 }
diff --git a/source/java/org/alfresco/filesys/config/acl/AccessControlBean.java b/source/java/org/alfresco/filesys/config/acl/AccessControlBean.java
new file mode 100644
index 0000000000..d43bd4caac
--- /dev/null
+++ b/source/java/org/alfresco/filesys/config/acl/AccessControlBean.java
@@ -0,0 +1,102 @@
+/*
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have received a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+
+package org.alfresco.filesys.config.acl;
+
+import org.alfresco.jlan.server.auth.acl.ACLParseException;
+import org.alfresco.jlan.server.auth.acl.AccessControl;
+import org.alfresco.jlan.server.auth.acl.AccessControlParser;
+import org.springframework.beans.factory.BeanNameAware;
+
+/**
+ * Simple description of a JLAN Access control that can be configured via JMX or a Spring bean definition.
+ */
+public abstract class AccessControlBean implements BeanNameAware
+{
+
+    /** The name. */
+    private String name;
+
+    /** The access type. */
+    private int accessType = AccessControl.ReadWrite;
+
+    /*
+     * (non-Javadoc)
+     * @see org.springframework.beans.factory.BeanNameAware#setBeanName(java.lang.String)
+     */
+    public void setBeanName(String name)
+    {
+        this.name = name;
+    }
+
+    /**
+     * Return the access control name.
+     * 
+     * @return the access control name
+     */
+    public final String getName()
+    {
+        return this.name;
+    }
+
+    /**
+     * Return the access control check type.
+     * 
+     * @return the access control check type
+     */
+    public final String getAccessType()
+    {
+        return AccessControl.asAccessString(this.accessType);
+    }
+
+    /**
+     * Set the the access control check type.
+     * 
+     * @param accessType
+     *            the access type
+     * @throws ACLParseException
+     */
+    public void setAccessType(String accessType) throws ACLParseException
+    {
+        this.accessType = AccessControlParser.parseAccessTypeString(accessType);
+    }
+
+    /**
+     * Converts this object to a JLAN access control
+     * 
+     * @return the access control
+     */
+    public abstract AccessControl toAccessControl();
+
+    /**
+     * Gets the access level as an integer.
+     * 
+     * @return the access level as an integer
+     */
+    protected int getAccessLevel()
+    {
+        return this.accessType;
+    }
+}
diff --git a/source/java/org/alfresco/filesys/config/acl/AccessControlListBean.java b/source/java/org/alfresco/filesys/config/acl/AccessControlListBean.java
new file mode 100644
index 0000000000..a0f846f595
--- /dev/null
+++ b/source/java/org/alfresco/filesys/config/acl/AccessControlListBean.java
@@ -0,0 +1,309 @@
+/*
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have received a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+package org.alfresco.filesys.config.acl;
+
+import java.util.Collections;
+import java.util.List;
+
+import org.alfresco.error.AlfrescoRuntimeException;
+import org.alfresco.jlan.server.auth.acl.ACLParseException;
+import org.alfresco.jlan.server.auth.acl.AccessControl;
+import org.alfresco.jlan.server.auth.acl.AccessControlList;
+import org.alfresco.jlan.server.auth.acl.AccessControlParser;
+import org.alfresco.jlan.server.auth.acl.DefaultAccessControlManager;
+import org.alfresco.jlan.server.auth.acl.InvalidACLTypeException;
+import org.alfresco.jlan.server.config.InvalidConfigurationException;
+import org.alfresco.jlan.server.config.SecurityConfigSection;
+
+/**
+ * Simple description of a JLAN Access Control List that can be configured via JMX or a Spring bean definition. The
+ * lists are partitioned by type to aid in the UI mapping.
+ */
+public class AccessControlListBean
+{
+    /** The default access level. */
+    private int defaultAccessLevel = AccessControl.Default;
+
+    /** The domain access controls. */
+    private List<DomainAccessControlBean> domainAccessControls = Collections.emptyList();
+
+    /** The gid access controls. */
+    private List<GidAccessControlBean> gidAccessControls = Collections.emptyList();
+
+    /** The ip address access controls. */
+    private List<IpAddressAccessControlBean> ipAddressAccessControls = Collections.emptyList();
+
+    /** The protocol access controls. */
+    private List<ProtocolAccessControlBean> protocolAccessControls = Collections.emptyList();
+
+    /** The uid access controls. */
+    private List<UidAccessControlBean> uidAccessControls = Collections.emptyList();
+
+    /** The user access controls. */
+    private List<UserAccessControlBean> userAccessControls = Collections.emptyList();
+
+    /**
+     * Gets the default access level.
+     * 
+     * @return the default access level
+     */
+    public String getDefaultAccessLevel()
+    {
+        return AccessControl.asAccessString(defaultAccessLevel);
+    }
+
+    /**
+     * Sets the default access level.
+     * 
+     * @param defaultAccessLevel
+     *            the new default access level
+     * @throws ACLParseException
+     */
+    public void setDefaultAccessLevel(String defaultAccessLevel) throws ACLParseException
+    {
+        if (defaultAccessLevel != null && defaultAccessLevel.length() > 0)
+        {
+            this.defaultAccessLevel = AccessControlParser.parseAccessTypeString(defaultAccessLevel);
+        }
+    }
+
+    /**
+     * Gets the domain access controls.
+     * 
+     * @return the domain access controls
+     */
+    public List<DomainAccessControlBean> getDomainAccessControls()
+    {
+        return this.domainAccessControls;
+    }
+
+    /**
+     * Sets the domain access controls.
+     * 
+     * @param domainAccessControls
+     *            the new domain access controls
+     */
+    public void setDomainAccessControls(List<DomainAccessControlBean> domainAccessControls)
+    {
+        this.domainAccessControls = domainAccessControls;
+    }
+
+    /**
+     * Gets the gid access controls.
+     * 
+     * @return the gid access controls
+     */
+    public List<GidAccessControlBean> getGidAccessControls()
+    {
+        return this.gidAccessControls;
+    }
+
+    /**
+     * Sets the gid access controls.
+     * 
+     * @param gidAccessControls
+     *            the new gid access controls
+     */
+    public void setGidAccessControls(List<GidAccessControlBean> gidAccessControls)
+    {
+        this.gidAccessControls = gidAccessControls;
+    }
+
+    /**
+     * Gets the ip address access controls.
+     * 
+     * @return the ip address access controls
+     */
+    public List<IpAddressAccessControlBean> getIpAddressAccessControls()
+    {
+        return this.ipAddressAccessControls;
+    }
+
+    /**
+     * Sets the ip address access controls.
+     * 
+     * @param ipAddressAccessControls
+     *            the new ip address access controls
+     */
+    public void setIpAddressAccessControls(List<IpAddressAccessControlBean> ipAddressAccessControls)
+    {
+        this.ipAddressAccessControls = ipAddressAccessControls;
+    }
+
+    /**
+     * Gets the protocol access controls.
+     * 
+     * @return the protocol access controls
+     */
+    public List<ProtocolAccessControlBean> getProtocolAccessControls()
+    {
+        return this.protocolAccessControls;
+    }
+
+    /**
+     * Sets the protocol access controls.
+     * 
+     * @param protocolAccessControls
+     *            the new protocol access controls
+     */
+    public void setProtocolAccessControls(List<ProtocolAccessControlBean> protocolAccessControls)
+    {
+        this.protocolAccessControls = protocolAccessControls;
+    }
+
+    /**
+     * Gets the uid access controls.
+     * 
+     * @return the uid access controls
+     */
+    public List<UidAccessControlBean> getUidAccessControls()
+    {
+        return this.uidAccessControls;
+    }
+
+    /**
+     * Sets the uid access controls.
+     * 
+     * @param uidAccessControls
+     *            the new uid access controls
+     */
+    public void setUidAccessControls(List<UidAccessControlBean> uidAccessControls)
+    {
+        this.uidAccessControls = uidAccessControls;
+    }
+
+    /**
+     * Gets the user access controls.
+     * 
+     * @return the user access controls
+     */
+    public List<UserAccessControlBean> getUserAccessControls()
+    {
+        return this.userAccessControls;
+    }
+
+    /**
+     * Sets the user access controls.
+     * 
+     * @param userAccessControls
+     *            the new user access controls
+     */
+    public void setUserAccessControls(List<UserAccessControlBean> userAccessControls)
+    {
+        this.userAccessControls = userAccessControls;
+    }
+
+    /**
+     * Converts the description to a JLAN ACL
+     * 
+     * @param secConfig
+     *            the security config
+     * @return the access control list
+     * @throws InvalidConfigurationException
+     */
+    public AccessControlList toAccessControlList(SecurityConfigSection secConfig) throws InvalidConfigurationException
+    {
+        // Create the access control list
+
+        AccessControlList acls = new AccessControlList();
+
+        // Check if there is a default access level for the ACL group
+        if (defaultAccessLevel != AccessControl.Default)
+        {
+            try
+            {
+                // Set the default access level for the access control list
+
+                acls.setDefaultAccessLevel(defaultAccessLevel);
+            }
+            catch (InvalidACLTypeException ex)
+            {
+                throw new AlfrescoRuntimeException("Default access level error", ex);
+            }
+        }
+
+        // Create the access controls
+        for (AccessControlBean accessControlBean : getDomainAccessControls())
+        {
+            acls.addControl(accessControlBean.toAccessControl());
+        }
+
+        // Create the access controls
+        for (AccessControlBean accessControlBean : getGidAccessControls())
+        {
+            acls.addControl(accessControlBean.toAccessControl());
+        }
+
+        // Create the access controls
+        for (AccessControlBean accessControlBean : getIpAddressAccessControls())
+        {
+            acls.addControl(accessControlBean.toAccessControl());
+        }
+
+        // Create the access controls
+        for (AccessControlBean accessControlBean : getProtocolAccessControls())
+        {
+            acls.addControl(accessControlBean.toAccessControl());
+        }
+
+        // Create the access controls
+        for (AccessControlBean accessControlBean : getUidAccessControls())
+        {
+            acls.addControl(accessControlBean.toAccessControl());
+        }
+
+        // Create the access controls
+        for (AccessControlBean accessControlBean : getUserAccessControls())
+        {
+            acls.addControl(accessControlBean.toAccessControl());
+        }
+
+        // Check if there are no access control rules but the default access level is set to 'None',
+        // this is not allowed as the share would not be accessible or visible.
+
+        if (acls.numberOfControls() == 0)
+        {
+            if (defaultAccessLevel == AccessControl.Default)
+            {
+                // No access level or controls set. No need to enforce ACLs
+                return null;
+            }
+            else if (acls.getDefaultAccessLevel() == AccessControl.NoAccess)
+            {
+                throw new AlfrescoRuntimeException("Empty access control list and default access 'None' not allowed");
+            }
+        }
+
+        // Check if there is an access control manager configured
+        if (secConfig.getAccessControlManager() == null)
+        {
+            secConfig.setAccessControlManager(new DefaultAccessControlManager());
+        }
+
+        // Return the access control list
+        return acls;
+    }
+
+}
diff --git a/source/java/org/alfresco/filesys/config/acl/DomainAccessControlBean.java b/source/java/org/alfresco/filesys/config/acl/DomainAccessControlBean.java
new file mode 100644
index 0000000000..6507ce9ef7
--- /dev/null
+++ b/source/java/org/alfresco/filesys/config/acl/DomainAccessControlBean.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright (C) 2006-2008 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have recieved a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+
+package org.alfresco.filesys.config.acl;
+
+import org.alfresco.jlan.server.auth.acl.AccessControl;
+import org.alfresco.jlan.server.auth.acl.DomainAccessControl;
+
+/**
+ * Simple description of a JLAN Domain Access control that can be configured via JMX or a Spring bean definition.
+ */
+public class DomainAccessControlBean extends AccessControlBean
+{
+    /*
+     * (non-Javadoc)
+     * @see org.alfresco.filesys.config.acl.AccessControlBean#toAccessControl()
+     */
+    @Override
+    public AccessControl toAccessControl()
+    {
+        return new DomainAccessControl(getName(), "domain", getAccessLevel());
+    }
+}
diff --git a/source/java/org/alfresco/filesys/config/acl/GidAccessControlBean.java b/source/java/org/alfresco/filesys/config/acl/GidAccessControlBean.java
new file mode 100644
index 0000000000..e6b17a9df7
--- /dev/null
+++ b/source/java/org/alfresco/filesys/config/acl/GidAccessControlBean.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have received a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+
+package org.alfresco.filesys.config.acl;
+
+import org.alfresco.jlan.server.auth.acl.AccessControl;
+import org.alfresco.jlan.server.auth.acl.GidAccessControl;
+
+/**
+ * Simple description of a JLAN Group ID Access control that can be configured via JMX or a Spring bean definition.
+ */
+public class GidAccessControlBean extends AccessControlBean
+{
+    /** The group id to check for. */
+    private int gid;
+
+    /**
+     * Sets the group id to check for
+     * 
+     * @param gid
+     *            the group id to check for
+     */
+    public final void setGid(int gid)
+    {
+        this.gid = gid;
+    }
+
+    /**
+     * Gets the group id to check for.
+     * 
+     * @return the group id to check for
+     */
+    public final int getGid()
+    {
+        return this.gid;
+    }
+
+    /*
+     * (non-Javadoc)
+     * @see org.alfresco.filesys.config.acl.AccessControlBean#toAccessControl()
+     */
+    @Override
+    public AccessControl toAccessControl()
+    {
+        return new GidAccessControl(getName(), getGid(), "gid", getAccessLevel());
+    }
+}
diff --git a/source/java/org/alfresco/filesys/config/acl/IpAddressAccessControlBean.java b/source/java/org/alfresco/filesys/config/acl/IpAddressAccessControlBean.java
new file mode 100644
index 0000000000..3119b37f18
--- /dev/null
+++ b/source/java/org/alfresco/filesys/config/acl/IpAddressAccessControlBean.java
@@ -0,0 +1,94 @@
+/*
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have received a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+
+package org.alfresco.filesys.config.acl;
+
+import org.alfresco.jlan.server.auth.acl.AccessControl;
+import org.alfresco.jlan.server.auth.acl.IpAddressAccessControl;
+
+/**
+ * Simple description of a JLAN IP Address Access control that can be configured via JMX or a Spring bean definition.
+ */
+public class IpAddressAccessControlBean extends AccessControlBean
+{
+    /** The subnet. */
+    private String subnet;
+
+    /** The network mask. */
+    private String netMask;
+
+    /**
+     * Sets the subnet.
+     * 
+     * @param subnet
+     *            the subnet
+     */
+    public void setSubnet(String subnet)
+    {
+        this.subnet = subnet;
+    }
+
+    /**
+     * Sets the network mask.
+     * 
+     * @param mask
+     *            the network mask
+     */
+    public void setNetMask(String mask)
+    {
+        this.netMask = mask;
+    }
+
+    /**
+     * Gets the subnet.
+     * 
+     * @return the subnet
+     */
+    public String getSubnet()
+    {
+        return this.subnet;
+    }
+
+    /**
+     * Gets the network mask.
+     * 
+     * @return the network mask
+     */
+    public String getNetMask()
+    {
+        return this.netMask;
+    }
+
+    /*
+     * (non-Javadoc)
+     * @see org.alfresco.filesys.config.acl.AccessControlBean#toAccessControl()
+     */
+    @Override
+    public AccessControl toAccessControl()
+    {
+        return new IpAddressAccessControl(getSubnet(), getNetMask(), "address", getAccessLevel());
+    }
+
+}
diff --git a/source/java/org/alfresco/filesys/config/acl/ProtocolAccessControlBean.java b/source/java/org/alfresco/filesys/config/acl/ProtocolAccessControlBean.java
new file mode 100644
index 0000000000..5c3e590211
--- /dev/null
+++ b/source/java/org/alfresco/filesys/config/acl/ProtocolAccessControlBean.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have received a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+
+package org.alfresco.filesys.config.acl;
+
+import org.alfresco.jlan.server.auth.acl.AccessControl;
+import org.alfresco.jlan.server.auth.acl.ProtocolAccessControl;
+
+/**
+ * Simple description of a JLAN Protocol Access control that can be configured via JMX or a Spring bean definition.
+ */
+public class ProtocolAccessControlBean extends AccessControlBean
+{
+    /** The list of protocol types. */
+    private String checkList;
+
+    /**
+     * Sets the list of protocol types.
+     * 
+     * @param protList
+     *            the list of protocol types
+     */
+    public void setCheckList(String protList)
+    {
+        this.checkList = protList;
+    }
+
+    /**
+     * Gets the list of protocol types
+     * 
+     * @return the list of protocol types
+     */
+    public String getCheckList()
+    {
+        return this.checkList;
+    }
+
+    /*
+     * (non-Javadoc)
+     * @see org.alfresco.filesys.config.acl.AccessControlBean#toAccessControl()
+     */
+    @Override
+    public AccessControl toAccessControl()
+    {
+        return new ProtocolAccessControl(getCheckList(), "protocol", getAccessLevel());
+    }
+}
diff --git a/source/java/org/alfresco/filesys/config/acl/UidAccessControlBean.java b/source/java/org/alfresco/filesys/config/acl/UidAccessControlBean.java
new file mode 100644
index 0000000000..c948d53bda
--- /dev/null
+++ b/source/java/org/alfresco/filesys/config/acl/UidAccessControlBean.java
@@ -0,0 +1,70 @@
+/*
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have received a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+
+package org.alfresco.filesys.config.acl;
+
+import org.alfresco.jlan.server.auth.acl.AccessControl;
+import org.alfresco.jlan.server.auth.acl.UidAccessControl;
+
+/**
+ * Simple description of a JLAN User ID Access control that can be configured via JMX or a Spring bean definition.
+ */
+public class UidAccessControlBean extends AccessControlBean
+{
+
+    /** The user id. */
+    private int uid;
+
+    /**
+     * Sets the user id.
+     * 
+     * @param uid
+     *            the user id
+     */
+    public void setUid(int uid)
+    {
+        this.uid = uid;
+    }
+
+    /**
+     * Gets the user id.
+     * 
+     * @return the user id
+     */
+    public int getUid()
+    {
+        return this.uid;
+    }
+
+    /*
+     * (non-Javadoc)
+     * @see org.alfresco.filesys.config.acl.AccessControlBean#toAccessControl()
+     */
+    @Override
+    public AccessControl toAccessControl()
+    {
+        return new UidAccessControl(getName(), getUid(), "uid", getAccessLevel());
+    }
+}
diff --git a/source/java/org/alfresco/filesys/config/acl/UserAccessControlBean.java b/source/java/org/alfresco/filesys/config/acl/UserAccessControlBean.java
new file mode 100644
index 0000000000..7b53d90193
--- /dev/null
+++ b/source/java/org/alfresco/filesys/config/acl/UserAccessControlBean.java
@@ -0,0 +1,45 @@
+/*
+ * Copyright (C) 2006-2008 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have recieved a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+
+package org.alfresco.filesys.config.acl;
+
+import org.alfresco.jlan.server.auth.acl.AccessControl;
+import org.alfresco.jlan.server.auth.acl.UserAccessControl;
+
+/**
+ * Simple description of a JLAN User Access control that can be configured via JMX or a Spring bean definition.
+ */
+public class UserAccessControlBean extends AccessControlBean
+{
+    /*
+     * (non-Javadoc)
+     * @see org.alfresco.filesys.config.acl.AccessControlBean#toAccessControl()
+     */
+    @Override
+    public AccessControl toAccessControl()
+    {
+        return new UserAccessControl(getName(), "user", getAccessLevel());
+    }
+}
diff --git a/source/java/org/alfresco/filesys/repo/ContentContext.java b/source/java/org/alfresco/filesys/repo/ContentContext.java
index 6b84bc4f36..888cb87923 100644
--- a/source/java/org/alfresco/filesys/repo/ContentContext.java
+++ b/source/java/org/alfresco/filesys/repo/ContentContext.java
@@ -24,13 +24,11 @@
  */
 package org.alfresco.filesys.repo;
 
-import java.util.List;
-
 import org.alfresco.error.AlfrescoRuntimeException;
 import org.alfresco.filesys.alfresco.AlfrescoContext;
 import org.alfresco.filesys.alfresco.AlfrescoDiskDriver;
 import org.alfresco.filesys.alfresco.IOControlHandler;
-import org.alfresco.jlan.server.auth.acl.AccessControl;
+import org.alfresco.filesys.config.acl.AccessControlListBean;
 import org.alfresco.jlan.server.core.DeviceContextException;
 import org.alfresco.jlan.server.filesys.DiskInterface;
 import org.alfresco.jlan.server.filesys.DiskSharedDevice;
@@ -61,10 +59,9 @@ public class ContentContext extends AlfrescoContext
     private boolean m_offlineFiles;
     
     private boolean m_disableNodeMonitor;
+    
+    private AccessControlListBean m_accessControlList;
         
-    private String m_defaultAccessLevel;
-
-    private List<AccessControl> m_accessControl;
     
     // Node monitor
     
@@ -129,14 +126,9 @@ public class ContentContext extends AlfrescoContext
         m_disableNodeMonitor = disableNodeMonitor;
     }        
 
-    public void setDefaultAccessLevel(String defaultAccessLevel)
+    public void setAccessControlList(AccessControlListBean accessControlList)
     {
-        m_defaultAccessLevel = defaultAccessLevel;
-    }
-
-    public void setAccessControl(List<AccessControl> accessControl)
-    {
-        m_accessControl = accessControl;
+        m_accessControlList = accessControlList;
     }
 
     public void setRootNodeRef(NodeRef nodeRef)
@@ -224,23 +216,13 @@ public class ContentContext extends AlfrescoContext
     }
 
     /**
-     * Return the default access level
+     * Gets the access control list.
      * 
-     * @return String
+     * @return the access control list
      */
-    public String getDefaultAccessLevel()
+    public AccessControlListBean getAccessControlList()
     {
-        return m_defaultAccessLevel;
-    }
-
-    /**
-     * Return the access control list
-     * 
-     * @return List<AccessControl>
-     */
-    public List<AccessControl> getAccessControl()
-    {
-        return m_accessControl;
+        return m_accessControlList;
     }
 
     /**
diff --git a/source/java/org/alfresco/repo/imap/AlfrescoImapHostManager.java b/source/java/org/alfresco/repo/imap/AlfrescoImapHostManager.java
index 314595ac73..d158c1bf4a 100755
--- a/source/java/org/alfresco/repo/imap/AlfrescoImapHostManager.java
+++ b/source/java/org/alfresco/repo/imap/AlfrescoImapHostManager.java
@@ -33,7 +33,7 @@ import java.util.StringTokenizer;
 
 import org.alfresco.model.ContentModel;
 import org.alfresco.model.ImapModel;
-import org.alfresco.repo.imap.config.ImapConfigElement.ImapConfig;
+import org.alfresco.repo.imap.config.ImapConfigBean;
 import org.alfresco.repo.imap.exception.AlfrescoImapFolderException;
 import org.alfresco.repo.model.filefolder.FileFolderServiceImpl;
 import org.alfresco.service.ServiceRegistry;
@@ -139,7 +139,7 @@ public class AlfrescoImapHostManager implements ImapHostManager
         Collection<MailFolder> result = new LinkedList<MailFolder>();
 
         Map<String, NodeRef> mountPoints = imapHelper.getMountPoints();
-        Map<String, ImapConfig> imapConfigs = imapHelper.getImapConfigs();
+        Map<String, ImapConfigBean> imapConfigs = imapHelper.getImapConfig();
 
         NodeRef mountPoint;
 
diff --git a/source/java/org/alfresco/repo/imap/ImapHelper.java b/source/java/org/alfresco/repo/imap/ImapHelper.java
index 4b66126e94..7e493e825a 100755
--- a/source/java/org/alfresco/repo/imap/ImapHelper.java
+++ b/source/java/org/alfresco/repo/imap/ImapHelper.java
@@ -29,8 +29,10 @@ import static org.alfresco.repo.imap.AlfrescoImapConst.CLASSPATH_TEXT_PLAIN_TEMP
 import static org.alfresco.repo.imap.AlfrescoImapConst.DICTIONARY_TEMPLATE_PREFIX;
 
 import java.io.Serializable;
+import java.util.Collections;
 import java.util.Date;
 import java.util.HashMap;
+import java.util.LinkedHashMap;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
@@ -38,18 +40,13 @@ import java.util.Map;
 import javax.mail.Flags;
 import javax.mail.Flags.Flag;
 
-import org.alfresco.config.Config;
-import org.alfresco.config.ConfigService;
 import org.alfresco.error.AlfrescoRuntimeException;
 import org.alfresco.model.ContentModel;
 import org.alfresco.model.ImapModel;
 import org.alfresco.repo.admin.patch.PatchInfo;
 import org.alfresco.repo.admin.patch.PatchService;
-import org.alfresco.repo.imap.config.ImapConfigElement;
-import org.alfresco.repo.imap.config.ImapConfigElement.ImapConfig;
+import org.alfresco.repo.imap.config.ImapConfigBean;
 import org.alfresco.repo.security.authentication.AuthenticationUtil;
-import org.alfresco.service.cmr.site.SiteInfo;
-import org.alfresco.service.cmr.site.SiteService;
 import org.alfresco.repo.template.TemplateNode;
 import org.alfresco.service.ServiceRegistry;
 import org.alfresco.service.cmr.dictionary.DictionaryService;
@@ -64,6 +61,8 @@ import org.alfresco.service.cmr.search.ResultSet;
 import org.alfresco.service.cmr.search.SearchService;
 import org.alfresco.service.cmr.security.AccessStatus;
 import org.alfresco.service.cmr.security.PermissionService;
+import org.alfresco.service.cmr.site.SiteInfo;
+import org.alfresco.service.cmr.site.SiteService;
 import org.alfresco.service.namespace.NamespaceService;
 import org.alfresco.service.namespace.QName;
 import org.alfresco.util.AbstractLifecycleBean;
@@ -72,8 +71,9 @@ import org.apache.commons.logging.LogFactory;
 import org.springframework.context.ApplicationEvent;
 
 /**
- * Helper class to access repository services by IMAP components. Also contains a common helper methods to search and manage IMAP content and other usefull methods. Configured as
- * {@code <bean id="imapHelper" class="org.alfresco.repo.imap.ImapHelper">} in the {@code imap-server-context.xml} file.
+ * Helper class to access repository services by IMAP components. Also contains a common helper methods to search and
+ * manage IMAP content and other usefull methods. Configured as {@code <bean id="imapHelper"
+ * class="org.alfresco.repo.imap.ImapHelper">} in the {@code imap-server-context.xml} file.
  * 
  * @author Dmitry Vaserin
  */
@@ -89,7 +89,6 @@ import org.springframework.context.ApplicationEvent;
     private TemplateService templateService;
     private NamespaceService namespaceService;
     private PermissionService permissionService;
-    private ConfigService configService;
     private DictionaryService dictionaryService;
     private PreferenceService preferenceService;
     private SiteService siteService;
@@ -111,6 +110,8 @@ import org.springframework.context.ApplicationEvent;
     private final static Map<QName, Flags.Flag> qNameToFlag;
     private final static Map<Flags.Flag, QName> flagToQname;
 
+    private Map<String, ImapConfigBean> imapConfigBeans = Collections.emptyMap();
+
     static
     {
         qNameToFlag = new HashMap<QName, Flags.Flag>();
@@ -370,7 +371,7 @@ import org.springframework.context.ApplicationEvent;
             rootFolder = mailboxName;
         }
 
-        Map<String, ImapConfig> imapConfigs = getImapConfigs();
+        Map<String, ImapConfigBean> imapConfigs = getImapConfig();
         if (imapConfigs.keySet().contains(rootFolder))
         {
             Map<String, NodeRef> mountPoints = getMountPoints();
@@ -620,10 +621,10 @@ import org.springframework.context.ApplicationEvent;
      */
     public Map<String, NodeRef> getMountPoints()
     {
-        Map<String, ImapConfig> imapConfigs = getImapConfigs();
+        Map<String, ImapConfigBean> imapConfigs = getImapConfig();
         Map<String, NodeRef> mountPoints = new HashMap<String, NodeRef>();
 
-        for (ImapConfig config : imapConfigs.values())
+        for (ImapConfigBean config : imapConfigs.values())
         {
             // Get node reference
             StoreRef store = new StoreRef(config.getStore());
@@ -642,16 +643,23 @@ import org.springframework.context.ApplicationEvent;
         return mountPoints;
     }
 
+    public void setImapConfigBeans(ImapConfigBean[] imapConfigBeans)
+    {
+        this.imapConfigBeans = new LinkedHashMap<String, ImapConfigBean>(imapConfigBeans.length * 2);
+        for (ImapConfigBean bean : imapConfigBeans)
+        {
+            this.imapConfigBeans.put(bean.getName(), bean);
+        }
+    }
+
     /**
      * Return map of imap configs. Name of config == key in the map
      * 
      * @return map of imap configs.
      */
-    public Map<String, ImapConfig> getImapConfigs()
+    public Map<String, ImapConfigBean> getImapConfig()
     {
-        Config imapConfig = configService.getConfig("imapConfig");
-        ImapConfigElement imapConfigElement = (ImapConfigElement) imapConfig.getConfigElement(ImapConfigElement.CONFIG_ELEMENT_ID);
-        return imapConfigElement.getImapConfigs();
+        return this.imapConfigBeans;
     }
 
     /**
@@ -672,7 +680,7 @@ import org.springframework.context.ApplicationEvent;
         {
             rootFolder = mailboxName;
         }
-        Map<String, ImapConfig> imapConfigs = getImapConfigs();
+        Map<String, ImapConfigBean> imapConfigs = getImapConfig();
         if (imapConfigs.keySet().contains(rootFolder))
         {
             return imapConfigs.get(rootFolder).getMode();
@@ -701,7 +709,7 @@ import org.springframework.context.ApplicationEvent;
         {
             rootFolder = mailboxName;
         }
-        Map<String, ImapConfig> imapConfigs = getImapConfigs();
+        Map<String, ImapConfigBean> imapConfigs = getImapConfig();
         if (imapConfigs.keySet().contains(rootFolder))
         {
             return rootFolder;
@@ -734,7 +742,7 @@ import org.springframework.context.ApplicationEvent;
         {
             rootFolder = mailPath;
         }
-        Map<String, ImapConfig> imapConfigs = getImapConfigs();
+        Map<String, ImapConfigBean> imapConfigs = getImapConfig();
         if (imapConfigs.keySet().contains(rootFolder))
         {
             Map<String, NodeRef> mountPoints = getMountPoints();
@@ -933,16 +941,6 @@ import org.springframework.context.ApplicationEvent;
         this.permissionService = permissionService;
     }
 
-    public ConfigService getConfigService()
-    {
-        return configService;
-    }
-
-    public void setConfigService(ConfigService configService)
-    {
-        this.configService = configService;
-    }
-
     public DictionaryService getDictionaryService()
     {
         return dictionaryService;
diff --git a/source/java/org/alfresco/repo/imap/config/ImapConfigBean.java b/source/java/org/alfresco/repo/imap/config/ImapConfigBean.java
new file mode 100755
index 0000000000..4301e247da
--- /dev/null
+++ b/source/java/org/alfresco/repo/imap/config/ImapConfigBean.java
@@ -0,0 +1,129 @@
+/*
+ * Copyright (C) 2005-2009 Alfresco Software Limited.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+ * As a special exception to the terms and conditions of version 2.0 of 
+ * the GPL, you may redistribute this Program in connection with Free/Libre 
+ * and Open Source Software ("FLOSS") applications as described in Alfresco's 
+ * FLOSS exception.  You should have received a copy of the text describing 
+ * the FLOSS exception, and it is also available here: 
+ * http://www.alfresco.com/legal/licensing"
+ */
+package org.alfresco.repo.imap.config;
+
+import org.springframework.beans.factory.BeanNameAware;
+
+/**
+ * Provides the parameters for an IMAP mount point (a mapping from an Alfresco node path to an IMAP folder name).
+ */
+public class ImapConfigBean implements BeanNameAware
+{
+
+    /** The IMAP folder name. */
+    private String name;
+
+    /** The mode (virtual or archive). */
+    private String mode;
+
+    /** The Alfresco store name. */
+    private String store;
+
+    /** The path within the store to the root node. */
+    private String rootPath;
+
+    /**
+     * Gets the IMAP folder name.
+     * 
+     * @return the IMAP folder name
+     */
+    public String getName()
+    {
+        return this.name;
+    }
+
+    /*
+     * (non-Javadoc)
+     * @see org.springframework.beans.factory.BeanNameAware#setBeanName(java.lang.String)
+     */
+    public void setBeanName(String name)
+    {
+        this.name = name;
+    }
+
+    /**
+     * Gets the mode.
+     * 
+     * @return the mode (virtual or archive)
+     */
+    public String getMode()
+    {
+        return this.mode;
+    }
+
+    /**
+     * Sets the mode.
+     * 
+     * @param mode
+     *            the new mode (virtual or archive)
+     */
+    public void setMode(String mode)
+    {
+        this.mode = mode;
+    }
+
+    /**
+     * Gets the Alfresco store name.
+     * 
+     * @return the Alfresco store name
+     */
+    public String getStore()
+    {
+        return this.store;
+    }
+
+    /**
+     * Sets the Alfresco store name.
+     * 
+     * @param store
+     *            the Alfresco store name
+     */
+    public void setStore(String store)
+    {
+        this.store = store;
+    }
+
+    /**
+     * Gets the path within the store to the root node.
+     * 
+     * @return the path within the store to the root node
+     */
+    public String getRootPath()
+    {
+        return this.rootPath;
+    }
+
+    /**
+     * Sets the path within the store to the root node.
+     * 
+     * @param rootPath
+     *            the path within the store to the root node
+     */
+    public void setRootPath(String rootPath)
+    {
+        this.rootPath = rootPath;
+    }
+
+}
diff --git a/source/java/org/alfresco/repo/imap/config/ImapConfigElement.java b/source/java/org/alfresco/repo/imap/config/ImapConfigElement.java
deleted file mode 100755
index 5d7762c7d7..0000000000
--- a/source/java/org/alfresco/repo/imap/config/ImapConfigElement.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Copyright (C) 2005-2009 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing"
- */
-package org.alfresco.repo.imap.config;
-
-import java.io.Serializable;
-import java.util.LinkedHashMap;
-import java.util.Map;
-
-import org.alfresco.config.ConfigElement;
-import org.alfresco.config.element.ConfigElementAdapter;
-
-public class ImapConfigElement extends ConfigElementAdapter
-{
-    private static final long serialVersionUID = -6911139959296875159L;
-
-    public static final String CONFIG_ELEMENT_ID = "imapConfig";
-
-    private Map<String, ImapConfig> imapConfigs = new LinkedHashMap<String, ImapConfig>(8, 10f);
-
-    public ImapConfigElement()
-    {
-        super(CONFIG_ELEMENT_ID);
-    }
-
-    public ImapConfigElement(String name)
-    {
-        super(name);
-    }
-
-    @Override
-    public ConfigElement combine(ConfigElement configElement)
-    {
-        ImapConfigElement combined = new ImapConfigElement();
-
-        // add all the imapConfigs from this element
-        for (ImapConfig imapConfig : getImapConfigs().values())
-        {
-            combined.addImapConfig(imapConfig);
-        }
-
-        // add all the imapConfigs from the given element
-        for (ImapConfig imapConfig : ((ImapConfigElement) configElement).getImapConfigs().values())
-        {
-            combined.addImapConfig(imapConfig);
-        }
-
-        return combined;
-    }
-
-    public Map<String, ImapConfig> getImapConfigs()
-    {
-        return imapConfigs;
-    }
-
-    public ImapConfig getImapConfig(String name)
-    {
-        return imapConfigs.get(name);
-    }
-
-    void addImapConfig(ImapConfig imapConfig)
-    {
-        imapConfigs.put(imapConfig.getName(), imapConfig);
-    }
-
-    public static class ImapConfig implements Serializable
-    {
-        private static final long serialVersionUID = 424330549937129149L;
-
-        private String name;
-        private String mode;
-        private String store;
-        private String rootPath;
-
-        public String getName()
-        {
-            return name;
-        }
-
-        public void setName(String name)
-        {
-            this.name = name;
-        }
-
-        public String getMode()
-        {
-            return mode;
-        }
-
-        public void setMode(String mode)
-        {
-            this.mode = mode;
-        }
-
-        public String getStore()
-        {
-            return store;
-        }
-
-        public void setStore(String store)
-        {
-            this.store = store;
-        }
-
-        public String getRootPath()
-        {
-            return rootPath;
-        }
-
-        public void setRootPath(String rootPath)
-        {
-            this.rootPath = rootPath;
-        }
-
-        public static long getSerialVersionUID()
-        {
-            return serialVersionUID;
-        }
-
-    }
-
-}
diff --git a/source/java/org/alfresco/repo/imap/config/ImapElementReader.java b/source/java/org/alfresco/repo/imap/config/ImapElementReader.java
deleted file mode 100755
index 2e0e64b302..0000000000
--- a/source/java/org/alfresco/repo/imap/config/ImapElementReader.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * Copyright (C) 2005-2009 Alfresco Software Limited.
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
-
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
-
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
- * As a special exception to the terms and conditions of version 2.0 of 
- * the GPL, you may redistribute this Program in connection with Free/Libre 
- * and Open Source Software ("FLOSS") applications as described in Alfresco's 
- * FLOSS exception.  You should have recieved a copy of the text describing 
- * the FLOSS exception, and it is also available here: 
- * http://www.alfresco.com/legal/licensing"
- */
-package org.alfresco.repo.imap.config;
-
-import java.util.Iterator;
-
-import org.alfresco.config.ConfigElement;
-import org.alfresco.config.ConfigException;
-import org.alfresco.config.xml.elementreader.ConfigElementReader;
-import org.alfresco.repo.imap.config.ImapConfigElement.ImapConfig;
-import org.dom4j.Element;
-
-public class ImapElementReader implements ConfigElementReader
-{
-
-    private static final String ELEMENT_IMAP_CONFIG = "imapConfig";
-    private static final String ELEMENT_IMAP = "imap";
-    private static final String ELEMENT_STORE = "store";
-    private static final String ELEMENT_ROOTPATH = "rootPath";
-
-    private static final String ATTR_NAME = "name";
-    private static final String ATTR_MODE = "mode";
-
-    public ConfigElement parse(Element element)
-    {
-        ImapConfigElement configElement = null;
-
-        if (element != null)
-        {
-            String elementName = element.getName();
-            if (elementName.equals(ELEMENT_IMAP_CONFIG) == false)
-            {
-                throw new ConfigException("ImapElementReader can parse '" + ELEMENT_IMAP_CONFIG + "' elements only, the element passed is '" + elementName + "'");
-            }
-
-            configElement = new ImapConfigElement();
-
-            for (Iterator<Element> items = element.elementIterator(ELEMENT_IMAP); items.hasNext();)
-            {
-                Element item = items.next();
-
-                String name = item.attributeValue(ATTR_NAME);
-                String mode = item.attributeValue(ATTR_MODE);
-                String store = item.element(ELEMENT_STORE).getStringValue();
-                String rootPath = item.element(ELEMENT_ROOTPATH).getStringValue();
-
-                ImapConfig imapConfig = new ImapConfig();
-                imapConfig.setName(name);
-                imapConfig.setMode(mode);
-                imapConfig.setStore(store);
-                imapConfig.setRootPath(rootPath);
-
-                configElement.addImapConfig(imapConfig);
-            }
-        }
-        return configElement;
-    }
-
-}