Merged V3.2E to HEAD

17246: ETHREEOH-3208: User profiles for users authenticated by immutable subsystems are now read only - Introduced MutableAuthenticationService interface, only implemented by Alfresco native authentication service - Split out those methods from AuthenticationService that mutate the user store and added isAuthenticationMutable() - Now both Alfresco Explorer and Share user profile / password edit link rendering is conditional on isAuthenticationMutable - Works with authentication chain containing mixture of internally and externally authenticated users 17247: Fix failing unit tests - rm-public-services-security-context.xml needed to be brought in line with public-services-security-context.xml (and will forever more!) 17248: ETHREEOH-1593: alfUser cookie value should be base 64 encoded to allow for non-ASCII characters 17253: *RECORD ONLY* ETHREEOH-2885: web.xml must conform to the schema to work on JBoss git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18098 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2025-08-07 17:49:17 +00:00 · 2010-01-18 15:32:57 +00:00
parent 0399805772
commit 7f24c8c4e7
59 changed files with 742 additions and 349 deletions
--- a/source/java/org/alfresco/repo/security/authentication/subsystems/SubsystemChainingAuthenticationService.java
+++ b/source/java/org/alfresco/repo/security/authentication/subsystems/SubsystemChainingAuthenticationService.java
@@ -31,6 +31,7 @@ import org.alfresco.repo.management.subsystems.ActivateableBean;
 import org.alfresco.repo.management.subsystems.ChildApplicationContextManager;
 import org.alfresco.repo.security.authentication.AbstractChainingAuthenticationService;
 import org.alfresco.service.cmr.security.AuthenticationService;
+import org.alfresco.service.cmr.security.MutableAuthenticationService;
 import org.springframework.beans.factory.NoSuchBeanDefinitionException;
 import org.springframework.context.ApplicationContext;

@@ -77,7 +78,7 @@ public class SubsystemChainingAuthenticationService extends AbstractChainingAuth
     * org.alfresco.repo.security.authentication.AbstractChainingAuthenticationService#getMutableAuthenticationService()
     */
    @Override
-    public AuthenticationService getMutableAuthenticationService()
+    public MutableAuthenticationService getMutableAuthenticationService()
    {
        for (String instance : this.applicationContextManager.getInstanceIds())
        {
@@ -87,11 +88,12 @@ public class SubsystemChainingAuthenticationService extends AbstractChainingAuth
                AuthenticationService authenticationService = (AuthenticationService) context.getBean(sourceBeanName);
                // Only add active authentication services. E.g. we might have an ldap context that is only used for
                // synchronizing
-                if (!(authenticationService instanceof ActivateableBean)
-                        || ((ActivateableBean) authenticationService).isActive())
+                if (authenticationService instanceof MutableAuthenticationService
+                        && (!(authenticationService instanceof ActivateableBean) || ((ActivateableBean) authenticationService)
+                                .isActive()))
                {

-                    return authenticationService;
+                    return (MutableAuthenticationService) authenticationService;
                }
            }
            catch (NoSuchBeanDefinitionException e)