Index: lams_central/web/WEB-INF/web.xml
===================================================================
diff -u -rec8852a3b210bda6bc32e99a177f4767dca7d8ee -rc5a709e4cb42d0729ad3fbd814714fb27dd844df
--- lams_central/web/WEB-INF/web.xml	(.../web.xml)	(revision ec8852a3b210bda6bc32e99a177f4767dca7d8ee)
+++ lams_central/web/WEB-INF/web.xml	(.../web.xml)	(revision c5a709e4cb42d0729ad3fbd814714fb27dd844df)
@@ -41,134 +41,130 @@
 		<param-name>parentContextKey</param-name>
 		<param-value>context.central</param-value>
 	</context-param>
+	<context-param>
+        <param-name>Owasp.CsrfGuard.Config</param-name>
+        <param-value>WEB-INF/Owasp.CsrfGuard.properties</param-value>
+    </context-param>
+    <context-param>
+        <param-name>Owasp.CsrfGuard.Config.Print</param-name>
+        <param-value>true</param-value>
+    </context-param>
 
 	<filter>
 		<filter-name>UrlRewriteFilter</filter-name>
 		<filter-class>org.tuckey.web.filters.urlrewrite.UrlRewriteFilter
 		</filter-class>
 	</filter>
-
 	<filter>
 		<filter-name>SystemSessionFilter</filter-name>
 		<filter-class>
 			org.lamsfoundation.lams.web.session.SystemSessionFilter
 		</filter-class>
 	</filter>
-
 	<filter>
 		<filter-name>hibernateFilter</filter-name>
 		<filter-class>
-			org.lamsfoundation.lams.util.CustomizedOpenSessionInViewFilter
+			org.springframework.orm.hibernate5.support.OpenSessionInViewFilter
 		</filter-class>
 		<init-param>
 			<param-name>sessionFactoryBeanName</param-name>
 			<param-value>coreSessionFactory</param-value>
 		</init-param>
 	</filter>
-
 	<filter>
 		<filter-name>LocaleFilter</filter-name>
 		<filter-class>
 			org.lamsfoundation.lams.web.filter.LocaleFilter
 		</filter-class>
 	</filter>
+	<filter>
+		<filter-name>CSRFGuard</filter-name>
+		<filter-class>org.owasp.csrfguard.CsrfGuardFilter</filter-class>
+	</filter>
 
 	<filter-mapping>
 		<filter-name>UrlRewriteFilter</filter-name>
 		<url-pattern>/signup/*</url-pattern>
 		<dispatcher>REQUEST</dispatcher>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>SystemSessionFilter</filter-name>
 		<url-pattern>*.do</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>SystemSessionFilter</filter-name>
 		<url-pattern>*.jsp</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>SystemSessionFilter</filter-name>
 		<url-pattern>*.xml</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>SystemSessionFilter</filter-name>
 		<url-pattern>/servlet/*</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>SystemSessionFilter</filter-name>
 		<url-pattern>/ckeditor/*</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>hibernateFilter</filter-name>
 		<url-pattern>*.do</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>hibernateFilter</filter-name>
 		<url-pattern>*.jsp</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>hibernateFilter</filter-name>
 		<url-pattern>*.xml</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>hibernateFilter</filter-name>
 		<url-pattern>/servlet/*</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>hibernateFilter</filter-name>
 		<url-pattern>/services/*</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>hibernateFilter</filter-name>
 		<url-pattern>/ckeditor/*</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>hibernateFilter</filter-name>
 		<url-pattern>/LoginRequest</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>hibernateFilter</filter-name>
 		<url-pattern>/ForgotPasswordRequest</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>LocaleFilter</filter-name>
 		<url-pattern>*.do</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>LocaleFilter</filter-name>
 		<url-pattern>*.jsp</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>LocaleFilter</filter-name>
 		<url-pattern>*.xml</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>LocaleFilter</filter-name>
 		<url-pattern>/servlet/*</url-pattern>
 	</filter-mapping>
-
 	<filter-mapping>
 		<filter-name>LocaleFilter</filter-name>
 		<url-pattern>/ckeditor/*</url-pattern>
 	</filter-mapping>
+	<filter-mapping>
+		<filter-name>CSRFGuard</filter-name> 
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
 
+
 	<listener>
 		<listener-class>
 			org.springframework.web.context.ContextLoaderListener
@@ -181,6 +177,13 @@
 		</listener-class>
 	</listener>
 
+	<listener>
+        <listener-class>org.owasp.csrfguard.CsrfGuardServletContextListener</listener-class>
+    </listener>
+     <listener>
+        <listener-class>org.owasp.csrfguard.CsrfGuardHttpSessionListener</listener-class>
+    </listener>
+
 	<servlet>
 		<servlet-name>GetRecordingServlet</servlet-name>
 		<servlet-class>org.lamsfoundation.lams.webservice.GetRecordingServlet
@@ -206,7 +209,7 @@
 
 	<servlet>
 		<servlet-name>RegisterServlet</servlet-name>
-		<servlet-class>org.lamsfoundation.lams.webservice.RegisterAction
+		<servlet-class>org.lamsfoundation.lams.webservice.RegisterServlet
 		</servlet-class>
 	</servlet>
 
@@ -256,26 +259,10 @@
 	</servlet>
 	
 	<servlet>
-		<servlet-name>action</servlet-name>
+		<servlet-name>spring</servlet-name>
 		<servlet-class>
-			org.apache.struts.action.ActionServlet
+			org.springframework.web.servlet.DispatcherServlet
 		</servlet-class>
-		<init-param>
-			<param-name>config</param-name>
-			<param-value>/WEB-INF/struts-config.xml</param-value>
-		</init-param>
-		<init-param>
-			<param-name>debug</param-name>
-			<param-value>999</param-value>
-		</init-param>
-		<init-param>
-			<param-name>detail</param-name>
-			<param-value>2</param-value>
-		</init-param>
-		<init-param>
-			<param-name>validate</param-name>
-			<param-value>true</param-value>
-		</init-param>
 		<load-on-startup>1</load-on-startup>
 	</servlet>
 
@@ -397,7 +384,14 @@
 		</servlet-class>
 	</servlet>
 	
+	<servlet>
+		<servlet-name>SPEnrolmentServlet</servlet-name>
+		<servlet-class>
+			org.lamsfoundation.lams.webservice.SPEnrolmentServlet
+		</servlet-class>
+	</servlet>
 	
+	
 	<servlet-mapping>
 		<servlet-name>LearningDesignRestServlet</servlet-name>
 		<url-pattern>/rest/LearningDesign</url-pattern>
@@ -410,7 +404,7 @@
 	<!-- Optional Module Placeholder - do not remove -->
 
 	<servlet-mapping>
-		<servlet-name>action</servlet-name>
+		<servlet-name>spring</servlet-name>
 		<url-pattern>*.do</url-pattern>
 	</servlet-mapping>
 
@@ -522,8 +516,14 @@
 		<servlet-name>OrganisationGroupServlet</servlet-name>
 		<url-pattern>/services/xml/CourseGroupManager</url-pattern>
 	</servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>SPEnrolmentServlet</servlet-name>
+		<url-pattern>/services/SPEnrolment</url-pattern>
+	</servlet-mapping>
 	
+
 	
+	
 	<mime-mapping>
 		<extension>csv</extension>
 		<mime-type>text/plain</mime-type>
@@ -550,49 +550,6 @@
 	<jsp-config>
 
 		<!-- ======================================================== -->
-		<!-- Struts Tag Library Descriptors -->
-		<!-- ======================================================== -->
-		<taglib>
-			<taglib-uri>tags-bean</taglib-uri>
-			<taglib-location>/WEB-INF/tlds/struts/struts-bean.tld
-			</taglib-location>
-		</taglib>
-		<taglib>
-			<taglib-uri>tags-html</taglib-uri>
-			<taglib-location>/WEB-INF/tlds/struts/struts-html.tld
-			</taglib-location>
-		</taglib>
-		<taglib>
-			<taglib-uri>tags-logic</taglib-uri>
-			<taglib-location>/WEB-INF/tlds/struts/struts-logic.tld
-			</taglib-location>
-		</taglib>
-		<taglib>
-			<taglib-uri>tags-tiles</taglib-uri>
-			<taglib-location>/WEB-INF/tlds/struts/struts-tiles.tld
-			</taglib-location>
-		</taglib>
-		<taglib>
-			<taglib-uri>tags-bean-el</taglib-uri>
-			<taglib-location>/WEB-INF/tlds/struts/struts-bean-el.tld
-			</taglib-location>
-		</taglib>
-		<taglib>
-			<taglib-uri>tags-html-el</taglib-uri>
-			<taglib-location>/WEB-INF/tlds/struts/struts-html-el.tld
-			</taglib-location>
-		</taglib>
-		<taglib>
-			<taglib-uri>tags-logic-el</taglib-uri>
-			<taglib-location>/WEB-INF/tlds/struts/struts-logic-el.tld
-			</taglib-location>
-		</taglib>
-		<taglib>
-			<taglib-uri>tags-tiles-el</taglib-uri>
-			<taglib-location>/WEB-INF/tlds/struts/struts-tiles-el.tld
-			</taglib-location>
-		</taglib>
-		<!-- ======================================================== -->
 		<!-- JSTL 1.2 Tag Library -->
 		<!-- ======================================================== -->
 		<taglib>
@@ -630,6 +587,11 @@
 			<taglib-uri>tags-lams</taglib-uri>
 			<taglib-location>/WEB-INF/tlds/lams/lams.tld</taglib-location>
 		</taglib>
+		
+		<taglib>
+			<taglib-uri>csrfguard</taglib-uri>
+			<taglib-location>/WEB-INF/tlds/security/csrfguard.tld</taglib-location>
+		</taglib>
 
 	</jsp-config>
 
@@ -648,7 +610,6 @@
 			<role-name>MONITOR</role-name>
 			<role-name>AUTHOR</role-name>
 			<role-name>GROUP MANAGER</role-name>
-			<role-name>GROUP ADMIN</role-name>
 			<role-name>SYSADMIN</role-name>
 		</auth-constraint>
 	</security-constraint>
@@ -669,6 +630,7 @@
 			<url-pattern>/services/xml/NotificationManager</url-pattern>
 			<url-pattern>/services/UserRoleManager</url-pattern>
 			<url-pattern>/services/xml/CourseGroupManager</url-pattern>
+			<url-pattern>/services/SPEnrolment</url-pattern>
 			<url-pattern>/ForgotPasswordRequest</url-pattern>
 			<url-pattern>/forgotPasswordChange.jsp</url-pattern>
 			<url-pattern>/forgotPasswordProc.jsp</url-pattern>
@@ -715,7 +677,6 @@
 			<role-name>AUTHOR</role-name>
 			<role-name>MONITOR</role-name>
 			<role-name>GROUP MANAGER</role-name>
-			<role-name>GROUP ADMIN</role-name>
 			<role-name>SYSADMIN</role-name>
 		</auth-constraint>
 	</security-constraint>
@@ -777,10 +738,6 @@
 		<role-name>GROUP MANAGER</role-name>
 	</security-role>
 	<security-role>
-		<description>Group Administrator</description>
-		<role-name>GROUP ADMIN</role-name>
-	</security-role>
-	<security-role>
 		<description>LAMS System Adminstrator</description>
 		<role-name>SYSADMIN</role-name>
 	</security-role>