diff --git a/config/alfresco/action-services-context.xml b/config/alfresco/action-services-context.xml
index eb985bbc28..3372a9f89c 100644
--- a/config/alfresco/action-services-context.xml
+++ b/config/alfresco/action-services-context.xml
@@ -178,6 +178,7 @@
    
    <bean id="action-constraint" abstract="true" init-method="init">
       <property name="actionService" ref="actionService"/>
+      <property name="cacheAllowableValues" value="false"/>
    </bean>
    
    <bean id="ac-compare-operations" class="org.alfresco.repo.action.constraint.EnumParameterConstraint" parent="action-constraint">
diff --git a/config/alfresco/subsystems/thirdparty/default/imagemagick-transform-context.xml b/config/alfresco/subsystems/thirdparty/default/imagemagick-transform-context.xml
index 0b44032a2e..6e37fbb827 100644
--- a/config/alfresco/subsystems/thirdparty/default/imagemagick-transform-context.xml
+++ b/config/alfresco/subsystems/thirdparty/default/imagemagick-transform-context.xml
@@ -25,6 +25,15 @@
                   <entry key="MAGICK_HOME">
                      <value>${img.root}</value>
                   </entry>
+                  <entry key="MAGICK_CODER_MODULE_PATH">
+                     <value>${img.coders}</value>
+                  </entry>
+                  <entry key="MAGICK_CONFIGURE_PATH">
+                     <value>${img.config}</value>
+                  </entry>
+                  <entry key="GS_LIB">
+                     <value>${img.gslib}</value>
+                  </entry>
                   <entry key="DYLD_LIBRARY_PATH">
                      <value>${img.dyn}</value>
                   </entry>
diff --git a/source/java/org/alfresco/repo/security/authentication/AuthenticationContextImpl.java b/source/java/org/alfresco/repo/security/authentication/AuthenticationContextImpl.java
index 87298c9957..67d0b36099 100644
--- a/source/java/org/alfresco/repo/security/authentication/AuthenticationContextImpl.java
+++ b/source/java/org/alfresco/repo/security/authentication/AuthenticationContextImpl.java
@@ -18,9 +18,13 @@
  */
 package org.alfresco.repo.security.authentication;
 
+import net.sf.acegisecurity.AccountExpiredException;
 import net.sf.acegisecurity.Authentication;
+import net.sf.acegisecurity.CredentialsExpiredException;
+import net.sf.acegisecurity.DisabledException;
 import net.sf.acegisecurity.GrantedAuthority;
 import net.sf.acegisecurity.GrantedAuthorityImpl;
+import net.sf.acegisecurity.LockedException;
 import net.sf.acegisecurity.UserDetails;
 import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
 import net.sf.acegisecurity.providers.dao.User;
@@ -51,6 +55,24 @@ public class AuthenticationContextImpl implements AuthenticationContext
     {
         try
         {
+            // Apply the same validation that ACEGI would have to the user details - we may be going through a 'back
+            // door'.
+            if (!ud.isEnabled())
+            {
+                throw new DisabledException("User is disabled");
+            }
+            if (!ud.isAccountNonExpired())
+            {
+                throw new AccountExpiredException("User account has expired");
+            }
+            if (!ud.isAccountNonLocked())
+            {
+                throw new LockedException("User account is locked");
+            }
+            if (!ud.isCredentialsNonExpired())
+            {
+                throw new CredentialsExpiredException("User credentials have expired");
+            }
             UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(ud, "", ud
                     .getAuthorities());
             auth.setDetails(ud);
diff --git a/source/java/org/alfresco/repo/site/SiteServiceImpl.java b/source/java/org/alfresco/repo/site/SiteServiceImpl.java
index f20ddd9597..921b72fd28 100644
--- a/source/java/org/alfresco/repo/site/SiteServiceImpl.java
+++ b/source/java/org/alfresco/repo/site/SiteServiceImpl.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2005-2011 Alfresco Software Limited.
+ * Copyright (C) 2005-2012 Alfresco Software Limited.
  *
  * This file is part of Alfresco
  *
@@ -31,6 +31,8 @@ import java.util.SortedSet;
 import java.util.StringTokenizer;
 import java.util.TreeSet;
 import java.util.concurrent.ConcurrentHashMap;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
 import org.alfresco.error.AlfrescoRuntimeException;
 import org.alfresco.model.ContentModel;
@@ -1578,7 +1580,7 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic
                             if (nameFilter != null && nameFilter.length() != 0)
                             {
                                 // found a filter - does it match Group name part?
-                                if (authority.substring(GROUP_PREFIX_LENGTH).toLowerCase().contains(nameFilterLower))
+                                if (matchByFilter(authority.substring(GROUP_PREFIX_LENGTH).toLowerCase(), nameFilterLower))
                                 {
                                     members.put(authority, permission);
                                 }
@@ -1586,7 +1588,7 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic
                                 {
                                    // Does it match on the Group Display Name part instead?
                                    String displayName = authorityService.getAuthorityDisplayName(authority);
-                                   if(displayName != null && displayName.toLowerCase().contains(nameFilterLower))
+                                   if(displayName != null && matchByFilter(displayName.toLowerCase(), nameFilterLower))
                                    {
                                       members.put(authority, permission);
                                    }
@@ -1657,21 +1659,20 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic
            NodeRef person = personService.getPerson(username, false);
            String firstName = (String)directNodeService.getProperty(person, ContentModel.PROP_FIRSTNAME);
            String lastName = (String)directNodeService.getProperty(person, ContentModel.PROP_LASTNAME);
+           String userName = (String)directNodeService.getProperty(person, ContentModel.PROP_USERNAME);
 
            final String lowFirstName = (firstName != null ? firstName.toLowerCase() : "");
            final String lowLastName = (lastName != null ? lastName.toLowerCase() : "");
+           final String lowUserName = (userName != null ? userName.toLowerCase() : "");
            for (int i=0; i<nameFilters.length; i++)
            {
-              if (lowFirstName.indexOf(nameFilters[i]) != -1)
-              {
-                 addUser = true;
-                 break;
-              }
-              else if (lowLastName.indexOf(nameFilters[i]) != -1)
-              {
-                 addUser = true;
-                 break;
-              }
+               if (matchByFilter(lowUserName, nameFilters[i]) ||
+                   matchByFilter(lowFirstName, nameFilters[i]) ||
+                   matchByFilter(lowLastName, nameFilters[i]))
+               {
+                  addUser = true;
+                  break;
+               }
            }
         }
         catch(NoSuchPersonException e)
@@ -1682,6 +1683,39 @@ public class SiteServiceImpl extends AbstractLifecycleBean implements SiteServic
         return addUser;
     }
 
+    private boolean matchByFilter(String compareString, String patternString)
+    {
+        if (compareString==null || compareString.isEmpty())
+        {
+            return false;
+        }
+        if (patternString==null || patternString.isEmpty())
+        {
+            return true;
+        }
+        StringBuilder paternStr=new StringBuilder();
+        for (char c: patternString.toCharArray())
+        {
+            if (c=='*')
+            {
+                paternStr.append(".*");
+            }
+            else if (c=='(' || c==')')
+            {
+                paternStr.append("\\"+c);
+            }
+            else if (Character.isLetterOrDigit(c) || c=='*')
+            {
+                paternStr.append(c);
+            }
+            else paternStr.append("\\"+c);
+
+        }
+        Pattern p=Pattern.compile(paternStr.toString(), Pattern.CASE_INSENSITIVE);
+        Matcher matcher=p.matcher(compareString);
+        return matcher.matches();
+    }
+
     /**
      * @see org.alfresco.service.cmr.site.SiteService#getMembersRole(java.lang.String,
      *      java.lang.String)
diff --git a/source/java/org/alfresco/repo/site/SiteServiceImplTest.java b/source/java/org/alfresco/repo/site/SiteServiceImplTest.java
index cec0837e80..05de7c6770 100644
--- a/source/java/org/alfresco/repo/site/SiteServiceImplTest.java
+++ b/source/java/org/alfresco/repo/site/SiteServiceImplTest.java
@@ -1322,14 +1322,14 @@ public class SiteServiceImplTest extends BaseAlfrescoSpringTest
         assertEquals(SiteModel.SITE_CONSUMER, members.get(USER_THREE));
         
         //    - filter by name - person name
-        members = this.siteService.listMembers("testMembership", "UserOne", null, 0, true);
+        members = this.siteService.listMembers("testMembership", "UserOne*", null, 0, true);
         assertNotNull(members);
         assertEquals(1, members.size());
         assertTrue(members.containsKey(USER_ONE));
         assertEquals(SiteModel.SITE_MANAGER, members.get(USER_ONE));
         
         //    - filter by name - person name as part of group
-        members = this.siteService.listMembers("testMembership", "UserTwo", null, 0, true);
+        members = this.siteService.listMembers("testMembership", "UserTwo*", null, 0, true);
         assertNotNull(members);
         assertEquals(1, members.size());
         assertTrue(members.containsKey(USER_TWO));
@@ -1337,7 +1337,7 @@ public class SiteServiceImplTest extends BaseAlfrescoSpringTest
         
         //    - filter by name - person name without group expansion
         // (won't match as the group name doesn't contain the user's name) 
-        members = this.siteService.listMembers("testMembership", "UserTwo", null, 0, false);
+        members = this.siteService.listMembers("testMembership", "UserTwo*", null, 0, false);
         assertNotNull(members);
         assertEquals(0, members.size());
         
