Merged 5.1-MC1 (5.1.0) to HEAD (5.1)

119052 adavis: Merged 5.1.N (5.1.1) to 5.1-MC1 (5.1.0)
      117334 adavis: Merged 5.0.2-CLOUD42 (Cloud ) to 5.1.N (5.1.1)
         117242 adavis: Merged 5.0.2-CLOUD (Cloud ) to 5.0.2-CLOUD42 (Cloud )
            114511 adavis: Merged BCRYPT to 5.0.2-CLOUD
               113774 gjames: Better updateUser and test MNT-14892


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@119890 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

source/java/org/alfresco/repo/security/authentication/RepositoryAuthenticationDao.java

@@ -177,10 +177,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
                     userDetails.isAccountNonLocked(), userDetails.getAuthorities(), repoUser.getHashIndicator(), repoUser.getSalt());
         }
 
-        // If the credentials have expired, we must return a copy with the flag set
+        throw new AlfrescoRuntimeException("Unable to retrieve a compatible UserDetails object (requires RepositoryAuthenticatedUser)");
-        return new User(userDetails.getUsername(), userDetails.getPassword(), userDetails.isEnabled(),
-                userDetails.isAccountNonExpired(), false,
-                userDetails.isAccountNonLocked(), userDetails.getAuthorities());
     }
     
     /**
@@ -443,7 +440,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
         properties.remove(ContentModel.PROP_SALT);
         properties.put(ContentModel.PROP_SALT, salt);
         properties.put(ContentModel.PROP_PASSWORD_HASH,  compositePasswordEncoder.encodePreferred(new String(rawPassword), salt));
-        properties.put(ContentModel.PROP_HASH_INDICATOR, (Serializable) Arrays.asList(compositePasswordEncoder.getPreferredEncoding()));
+        properties.put(ContentModel.PROP_HASH_INDICATOR, compositePasswordEncoder.getPreferredEncoding());
         properties.remove(ContentModel.PROP_PASSWORD);
         properties.remove(ContentModel.PROP_PASSWORD_SHA256);
         nodeService.setProperties(userRef, properties);

source/test-java/org/alfresco/repo/security/authentication/AuthenticationTest.java

@@ -519,6 +519,8 @@ public class AuthenticationTest extends TestCase
         assertEquals(1, newDetails.getAuthorities().length);
 
         assertNotSame(AndyDetails.getPassword(), newDetails.getPassword());
+        RepositoryAuthenticatedUser rau = (RepositoryAuthenticatedUser) newDetails;
+        assertTrue(compositePasswordEncoder.matchesPassword("carrot", newDetails.getPassword(), null, rau.getHashIndicator()));
         // assertNotSame(oldSalt, dao.getSalt(newDetails));
 
         //Update again
@@ -526,7 +528,8 @@ public class AuthenticationTest extends TestCase
         newDetails = (UserDetails) dao.loadUserByUsername("Andy");
         assertNotNull(newDetails);
         assertEquals("Andy", newDetails.getUsername());
-        assertTrue(compositePasswordEncoder.matches(compositePasswordEncoder.getPreferredEncoding(),"potato", newDetails.getPassword(), null));
+        rau = (RepositoryAuthenticatedUser) newDetails;
+        assertTrue(compositePasswordEncoder.matchesPassword("potato", newDetails.getPassword(), null, rau.getHashIndicator()));
 
         dao.deleteUser("Andy");
         assertFalse("Should not be a cache entry for 'Andy'.", authenticationCache.contains("Andy"));