permissions for moyaterminalweb, now there is examble of how we do basic permissions in there

code/MoyaBeans/ejbModule/fi/codecrew/moya/beans/PermissionBean.java

@@ -81,9 +81,9 @@ import fi.codecrew.moya.model.User;
 		SpecialPermission.S_USER,
 		SpecialPermission.S_ANONYMOUS,
 
-		TerminalPermission.S_CASHIER_TERMINAL,
-		TerminalPermission.S_CUSTOMER_TERMINAL,
-		TerminalPermission.S_SELFHELP_TERMINAL,
+		TerminalPermission.S_INFO_TERMINAL,
+		TerminalPermission.S_USER_TERMINAL,
+		TerminalPermission.S_ADMIN_TERMINAL,
 
 		CompoPermission.S_MANAGE,
 		CompoPermission.S_VOTE,

code/MoyaTerminalWeb/WebContent/WEB-INF/web.xml

@@ -5,10 +5,12 @@
 		<param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name>
 		<param-value>true</param-value>
 	</context-param>
+	
   <welcome-file-list>
     <welcome-file>index.html</welcome-file>
     <welcome-file>index.jsf</welcome-file>
   </welcome-file-list>
+  
   <session-config>
     <session-timeout>30</session-timeout>
   </session-config>
@@ -17,11 +19,12 @@
     <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
     <load-on-startup>1</load-on-startup>
   </servlet>
+  
   <servlet-mapping>
     <servlet-name>Faces Servlet</servlet-name>
     <url-pattern>*.jsf</url-pattern>
-    <url-pattern>/faces/*</url-pattern>
   </servlet-mapping>
+  
   <context-param>
     <param-name>javax.faces.PROJECT_STAGE</param-name>
     <param-value>Development</param-value>
@@ -47,6 +50,40 @@
     <auth-method>CLIENT-CERT</auth-method>
     <realm-name>certificate</realm-name>
   </login-config>
+  
+  
+  <security-constraint>
+		<display-name>Forbidden resource</display-name>
+		<web-resource-collection>
+			<web-resource-name>Forbidden</web-resource-name>
+			<url-pattern>*.xhtml</url-pattern>
+			<url-pattern>/layout/*</url-pattern>
+			<url-pattern>/resources/tools/*</url-pattern>
+		</web-resource-collection>
+		<auth-constraint>
+			<description>Thou shall not read the sources or use utils directly
+			</description>
+		</auth-constraint>
+		<user-data-constraint>
+			<transport-guarantee>CONFIDENTIAL</transport-guarantee>
+		</user-data-constraint>
+	</security-constraint>
+	
+  <security-constraint>
+    <display-name>Resource that needs cert auth</display-name>
+    <web-resource-collection>
+      <web-resource-name>Forbidden</web-resource-name>
+      <url-pattern>/info/*</url-pattern>
+    </web-resource-collection>
+    <auth-constraint>
+      <role-name>TERMINAL/INFO</role-name>
+    </auth-constraint>
+    <user-data-constraint>
+      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
+    </user-data-constraint>
+  </security-constraint>
+  
+  <!-- 
   <security-constraint>
     <display-name>Resource that needs cert auth</display-name>
     <web-resource-collection>
@@ -60,7 +97,9 @@
     <user-data-constraint>
       <transport-guarantee>CONFIDENTIAL</transport-guarantee>
     </user-data-constraint>
-  </security-constraint>
+  </security-constraint> -->
+  
+  
   <persistence-unit-ref>
     <persistence-unit-ref-name>BortalEMF</persistence-unit-ref-name>
   </persistence-unit-ref>

code/MoyaUtilities/src/main/java/fi/codecrew/moya/enums/apps/TerminalPermission.java

@@ -11,16 +11,16 @@ import fi.codecrew.moya.enums.BortalApplication;
  */
 public enum TerminalPermission implements IAppPermission {
 
-	CASHIER, // ("Access cashier terminal functions"),
-	CUSTOMER, // ("Access client terminal functions"),
-	SELFHELP, // ("Self help terminal")
+	INFO,
+	USER, 
+	ADMIN, 
 
 	;
 
 	// public static final String S_TERMINAL = "TERMINAL";
-	public static final String S_CASHIER_TERMINAL = "TERMINAL/CASHIER";
-	public static final String S_CUSTOMER_TERMINAL = "TERMINAL/CUSTOMER";
-	public static final String S_SELFHELP_TERMINAL = "TERMINAL/SELFHELP";
+	public static final String S_INFO_TERMINAL = "TERMINAL/INFO";
+	public static final String S_USER_TERMINAL = "TERMINAL/USER";
+	public static final String S_ADMIN_TERMINAL = "TERMINAL/ADMIN";
 
 	private final String fullName;
 	private final String key;