Merged V3.2 to HEAD

17475: ETHREEOH-3295: Fix to AuthorityMigrationPatch
      - Forces transaction retry if worker thread reaches child authority before a parent authority
      - Tested on Kev's 3.1.1 repository with ~20,000 bulk loaded users and ~2,000 Share sites
      - Now completes in 5 minutes as opposed to 45
   17461: ETHREEOH-3268: Added MutableAuthenticationService.isAuthenticationCreationAllowed () to allow conditional display of external user invitation UI
   17450: ETHREEOH-2762: Correction to previous fix. Do not generate new name when working copy copied back on check in.
   17440: ETHREEOH-3295: Fixed logging in FixNameCrcValuesPatch
   17439: ETHREEOH-2762: Improved behaviour when a working copy is copied
      - Working copy aspect already removed the working copy aspect on copy
      - Now derives a new name from the node checked out from and a UUID, preserving the extension
   17438: ETHREEOH-2690: Fix sequencing of jgroups system property setting
      - declared dependency between internalEHCacheManager and jgroupsPropertySetter
   17436: ETHREEOH-3295: Further performance improvements to AuthorityMigrationPatch
      - authority created at same time as all its parent associations to save lots of reindexing, as per LDAP sync
      - multi-threaded BatchProcessor (as used by LDAP sync, FixNameCrcValuesPatch) used to process work in 2 threads in batches of 20, report progress every 100 entries and handle transaction retries
      - BatchProcessor now promoted to its own package
   17394: Fix for license issue in local enterprise builds.
      - Replace Community with Enterprise in version.properties during enterprise war building
   17365: ETHREEOH-3229: Visited and fixed all SearchService result set leaks
   17362: ETHREEOH-3254: Eliminate needless ping to LDAP server in LDAPAuthenticationComponentImpl.implementationAllowsGuestLogin()
   17348: ETHREEOH-3003: Fix NPE in Hyperic when LicenseDescriptor has null fields
   17316: Merged V3.1 to V3.2
      17315: ETHREEOH-3092: PersonService won't let you create duplicate persons anymore.
      17314: ETHREEOH-3158: Fix RepoServerMgmt to work with external authentication methods
         - AuthenticationService.getCurrentTicket / getNewTicket now call pre authentication check before issuing a new ticket, thus still allowing ticket enforcement when external authentication is in use.
      17312: ETHREEOH-3219: Enable resolution of JMX server password file path on JBoss 5
      17299: Merged V3.2 to V3.1 (Record only)
         17297: ETHREEOH-1593: Changed name of username cookie and fixed login.jsp to decode it properly
         17248: ETHREEOH-1593: alfUser cookie value should be base 64 encoded to allow for non-ASCII characters
   17297: ETHREEOH-1593: Changed name of username cookie and fixed login.jsp to decode it properly
      - thanks Kev!
   17292: ETHREEOH-1842: Ticket association with HttpSession IDs tracked so that we don't invalidate a ticket in use by multiple sessions prematurely
      - AuthenticationService validate, getCurrentTicket, etc. methods now take optional sessionId arguments
   17269: Fix failing unit test
      - reinstate original behaviour of AbstractChainingAuthenticationService.getAuthenticationEnabled()
   17268: Fix InvitationService
      - Runs as system to do privileged AuthenticationService actions


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18105 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

source/java/org/alfresco/repo/security/authentication/AbstractChainingAuthenticationService.java

@@ -38,7 +38,8 @@ import org.alfresco.service.cmr.security.MutableAuthenticationService;
  * 
  * @author dward
  */
-public abstract class AbstractChainingAuthenticationService extends AbstractAuthenticationService implements MutableAuthenticationService
+public abstract class AbstractChainingAuthenticationService extends AbstractAuthenticationService implements
+        MutableAuthenticationService
 {
     /**
      * Instantiates a new abstract chaining authentication service.
@@ -62,7 +63,8 @@ public abstract class AbstractChainingAuthenticationService extends AbstractAuth
      */
     protected abstract List<AuthenticationService> getUsableAuthenticationServices();
 
-    /* (non-Javadoc)
+    /*
+     * (non-Javadoc)
      * @see org.alfresco.service.cmr.security.AuthenticationService#createAuthentication(java.lang.String, char[])
      */
     public void createAuthentication(String userName, char[] password) throws AuthenticationException
@@ -75,8 +77,10 @@ public abstract class AbstractChainingAuthenticationService extends AbstractAuth
         getMutableAuthenticationService().createAuthentication(userName, password);
     }
 
-    /* (non-Javadoc)
-     * @see org.alfresco.service.cmr.security.AuthenticationService#updateAuthentication(java.lang.String, char[], char[])
+    /*
+     * (non-Javadoc)
+     * @see org.alfresco.service.cmr.security.AuthenticationService#updateAuthentication(java.lang.String, char[],
+     * char[])
      */
     public void updateAuthentication(String userName, char[] oldPassword, char[] newPassword)
             throws AuthenticationException
@@ -140,6 +144,17 @@ public abstract class AbstractChainingAuthenticationService extends AbstractAuth
                 .isAuthenticationMutable(userName);
     }
 
+    
+    /**
+     * {@inheritDoc}
+     */
+    public boolean isAuthenticationCreationAllowed()
+    {
+        MutableAuthenticationService mutableAuthenticationService = getMutableAuthenticationService();
+        return mutableAuthenticationService == null ? false : mutableAuthenticationService
+                .isAuthenticationCreationAllowed();
+    }
+
     /**
      * {@inheritDoc}
      */
@@ -159,7 +174,7 @@ public abstract class AbstractChainingAuthenticationService extends AbstractAuth
                 // Ignore and chain
             }
         }
-        return true;
+        return false;
     }
 
     /**
@@ -236,7 +251,7 @@ public abstract class AbstractChainingAuthenticationService extends AbstractAuth
         // it doesn't exist in any of the authentication components
         return false;
     }
-    
+
     /**
      * {@inheritDoc}
      */
@@ -280,13 +295,13 @@ public abstract class AbstractChainingAuthenticationService extends AbstractAuth
     /**
      * {@inheritDoc}
      */
-    public void invalidateTicket(String ticket) throws AuthenticationException
+    public void invalidateTicket(String ticket, String sessionId) throws AuthenticationException
     {
         for (AuthenticationService authService : getUsableAuthenticationServices())
         {
             try
             {
-                authService.invalidateTicket(ticket);
+                authService.invalidateTicket(ticket, sessionId);
                 return;
             }
             catch (AuthenticationException e)
@@ -301,13 +316,13 @@ public abstract class AbstractChainingAuthenticationService extends AbstractAuth
     /**
      * {@inheritDoc}
      */
-    public void validate(String ticket) throws AuthenticationException
+    public void validate(String ticket, String sessionId) throws AuthenticationException
     {
         for (AuthenticationService authService : getUsableAuthenticationServices())
         {
             try
             {
-                authService.validate(ticket);
+                authService.validate(ticket, sessionId);
                 return;
             }
             catch (AuthenticationException e)
@@ -322,13 +337,13 @@ public abstract class AbstractChainingAuthenticationService extends AbstractAuth
     /**
      * {@inheritDoc}
      */
-    public String getCurrentTicket()
+    public String getCurrentTicket(String sessionId)
     {
         for (AuthenticationService authService : getUsableAuthenticationServices())
         {
             try
             {
-                return authService.getCurrentTicket();
+                return authService.getCurrentTicket(sessionId);
             }
             catch (AuthenticationException e)
             {
@@ -341,13 +356,13 @@ public abstract class AbstractChainingAuthenticationService extends AbstractAuth
     /**
      * {@inheritDoc}
      */
-    public String getNewTicket()
+    public String getNewTicket(String sessionId)
     {
         for (AuthenticationService authService : getUsableAuthenticationServices())
         {
             try
             {
-                return authService.getNewTicket();
+                return authService.getNewTicket(sessionId);
             }
             catch (AuthenticationException e)
             {
@@ -539,7 +554,5 @@ public abstract class AbstractChainingAuthenticationService extends AbstractAuth
         }
         return defaultGuestUserNames;
     }
-    
-    
 
 }