I am having trouble setting up a FilterSecurityInterceptor that is supposed to match a URL with parameters. Our application is built using the mach-ii framework, and as such all URL's are of the form:

http://glast/index.cfm?event=upload.satellite.command

(internally the mach-ii framework uses a look-up table to find the actual page associated with the string "upload.satellite.command", similiar to hiding jsp pages in /WEB-INF/jsp/ and using Spring MVC to render the view).

I want to protect my "upload.satellite.command" URL using Acegi, but the equal sign "=" used to pass the "event" parameter is causing me grief when I try to match it using a regexp. This was my attempt:

Code:
<bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor">
	<property name="authenticationManager"><ref local="authenticationManager"/></property>
	<property name="accessDecisionManager"><ref local="httpRequestAccessDecisionManager"/></property>
	<property name="runAsManager"><ref local="runAsManager"/></property>
	<property name="objectDefinitionSource">
		<value>
			CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
			\A/index\.cfm\?event\=upload\.satellite\.command.*\Z=ROLE_GLAST_ADMINISTRATOR
		</value>
	</property>
</bean>
Even though I try to escape the "=" using "\=", Acegi seems to think that everything after the "\=" is the list of roles, and I get this exception in the logs on application startup:

Code:
java.lang.IllegalArgumentException&#58; Malformed regular expression&#58; \A/index\.cfm\?event\
It looks like the problem is in FilterInvocationDefinitionSourceEditor.setAsText(S tring) since it is tokenizing my regexp expression using "=" without regard to the context of where "=" is used in the string.

How do I match a literal "=" in the regexp so that I can protect URL's based on parameters? It seems like matching URL parameters would be generally useful to for Acegi programmers.

Warmest reagrds, Matt