diff --git a/src/main/java/org/alfresco/repo/web/scripts/portlet/JSR168PortletAuthenticatorFactory.java b/src/main/java/org/alfresco/repo/web/scripts/portlet/JSR168PortletAuthenticatorFactory.java
deleted file mode 100644
index e935368d4e..0000000000
--- a/src/main/java/org/alfresco/repo/web/scripts/portlet/JSR168PortletAuthenticatorFactory.java
+++ /dev/null
@@ -1,186 +0,0 @@
-/*
- * #%L
- * Alfresco Remote API
- * %%
- * Copyright (C) 2005 - 2016 Alfresco Software Limited
- * %%
- * This file is part of the Alfresco software.
- * If the software was purchased under a paid Alfresco license, the terms of
- * the paid license agreement will prevail. Otherwise, the software is
- * provided under the following open source license terms:
- *
- * Alfresco is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * Alfresco is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with Alfresco. If not, see .
- * #L%
- */
-package org.alfresco.repo.web.scripts.portlet;
-
-import javax.portlet.RenderRequest;
-import javax.portlet.RenderResponse;
-import javax.servlet.http.HttpServletResponse;
-import javax.transaction.UserTransaction;
-
-import org.alfresco.error.AlfrescoRuntimeException;
-import org.alfresco.repo.security.authentication.AuthenticationUtil;
-import org.alfresco.service.cmr.security.AuthenticationService;
-import org.alfresco.service.transaction.TransactionService;
-import org.springframework.extensions.webscripts.Authenticator;
-import org.springframework.extensions.webscripts.WebScriptException;
-import org.springframework.extensions.webscripts.Description.RequiredAuthentication;
-import org.springframework.extensions.webscripts.portlet.PortletAuthenticatorFactory;
-import org.springframework.extensions.webscripts.portlet.WebScriptPortletRequest;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
-
-/**
- * Portlet authenticator
- *
- * @author davidc
- */
-public class JSR168PortletAuthenticatorFactory implements PortletAuthenticatorFactory
-{
- // Logger
- private static final Log logger = LogFactory.getLog(JSR168PortletAuthenticatorFactory.class);
-
- // dependencies
- private AuthenticationService unprotAuthenticationService;
- private TransactionService txnService;
-
- /**
- * @param authenticationService AuthenticationService
- */
- public void setUnprotAuthenticationService(AuthenticationService authenticationService)
- {
- this.unprotAuthenticationService = authenticationService;
- }
-
- /**
- * @param transactionService TransactionService
- */
- public void setTransactionService(TransactionService transactionService)
- {
- this.txnService = transactionService;
- }
-
- /* (non-Javadoc)
- * @see org.alfresco.web.scripts.portlet.PortletAuthenticatorFactory#create(javax.portlet.RenderRequest, javax.portlet.RenderResponse)
- */
- public Authenticator create(RenderRequest req, RenderResponse res)
- {
- return new JSR168PortletAuthenticator(req, res);
- }
-
-
- /**
- * Portlet authenticator
- *
- * @author davidc
- */
- public class JSR168PortletAuthenticator implements Authenticator
- {
- // dependencies
- private RenderRequest req;
-
- /**
- * Construct
- *
- * @param req RenderRequest
- * @param res RenderResponse
- */
- public JSR168PortletAuthenticator(RenderRequest req, RenderResponse res)
- {
- this.req = req;
- }
-
- /*(non-Javadoc)
- * @see org.alfresco.web.scripts.Authenticator#authenticate(org.alfresco.web.scripts.Description.RequiredAuthentication, boolean)
- */
- public boolean authenticate(RequiredAuthentication required, boolean isGuest)
- {
- // first look for the username key in the session - we add this by hand for some portals
- // when the WebScriptPortletRequest is created
- String portalUser = (String)req.getPortletSession().getAttribute(WebScriptPortletRequest.ALFPORTLETUSERNAME);
- if (portalUser == null)
- {
- portalUser = req.getRemoteUser();
- }
-
- if (logger.isDebugEnabled())
- {
- logger.debug("JSR-168 Remote user: " + portalUser);
- }
-
- if (isGuest || portalUser == null)
- {
- if (logger.isDebugEnabled())
- logger.debug("Authenticating as Guest");
-
- // authenticate as guest
- AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getGuestUserName());
- }
- else
- {
- if (logger.isDebugEnabled())
- logger.debug("Authenticating as user " + portalUser);
-
- UserTransaction txn = null;
- try
- {
- txn = txnService.getUserTransaction();
- txn.begin();
-
- if (!unprotAuthenticationService.authenticationExists(portalUser))
- {
- throw new WebScriptException(HttpServletResponse.SC_FORBIDDEN, "User " + portalUser + " is not a known Alfresco user");
- }
- AuthenticationUtil.setFullyAuthenticatedUser(portalUser);
- }
- catch (Throwable err)
- {
- throw new AlfrescoRuntimeException("Error authenticating user: " + portalUser, err);
- }
- finally
- {
- try
- {
- if (txn != null)
- {
- txn.rollback();
- }
- }
- catch (Exception tex)
- {
- // nothing useful we can do with this
- }
- }
- }
-
- return true;
- }
-
- /* (non-Javadoc)
- * @see org.alfresco.web.scripts.Authenticator#emptyCredentials()
- */
- public boolean emptyCredentials()
- {
- String portalUser = (String)req.getPortletSession().getAttribute(WebScriptPortletRequest.ALFPORTLETUSERNAME);
- if (portalUser == null)
- {
- portalUser = req.getRemoteUser();
- }
- return (portalUser == null);
- }
- }
-
-}
diff --git a/src/main/java/org/alfresco/web/app/servlet/AlfrescoX509ServletFilter.java b/src/main/java/org/alfresco/web/app/servlet/AlfrescoX509ServletFilter.java
new file mode 100644
index 0000000000..eaab3ba845
--- /dev/null
+++ b/src/main/java/org/alfresco/web/app/servlet/AlfrescoX509ServletFilter.java
@@ -0,0 +1,82 @@
+/*
+ * #%L
+ * Alfresco Repository WAR Community
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software.
+ * If the software was purchased under a paid Alfresco license, the terms of
+ * the paid license agreement will prevail. Otherwise, the software is
+ * provided under the following open source license terms:
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ * #L%
+ */
+
+package org.alfresco.web.app.servlet;
+
+import java.io.IOException;
+import java.util.Properties;
+
+import javax.servlet.ServletContext;
+
+import org.alfresco.web.scripts.servlet.X509ServletFilterBase;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.web.context.WebApplicationContext;
+import org.springframework.web.context.support.WebApplicationContextUtils;
+
+/**
+ * The AlfrescoX509ServletFilter implements the checkEnforce method of the X509ServletFilterBase.
+ * This allows the configuration of X509 authentication to be toggled on/off through a
+ * configuration outside of the web.xml.
+ **/
+
+public class AlfrescoX509ServletFilter extends X509ServletFilterBase
+{
+ private static final String BEAN_GLOBAL_PROPERTIES = "global-properties";
+ private static final String SECURE_COMMS = "solr.secureComms";
+
+ private static Log logger = LogFactory.getLog(AlfrescoX509ServletFilter.class);
+
+ @Override
+ protected boolean checkEnforce(ServletContext servletContext) throws IOException
+ {
+ /*
+ * Get the secureComms setting from the global properties bean.
+ */
+
+ WebApplicationContext wc = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
+ Properties globalProperties = (Properties) wc.getBean(BEAN_GLOBAL_PROPERTIES);
+ String prop = globalProperties.getProperty(SECURE_COMMS);
+
+ if(logger.isDebugEnabled())
+ {
+ logger.debug("secureComms:"+prop);
+ }
+
+ /*
+ * Return true or false based on the property. This will switch on/off X509 enforcement in the X509ServletFilterBase.
+ */
+
+ if (prop == null || "none".equals(prop))
+ {
+ return false;
+ }
+ else
+ {
+ return true;
+ }
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/org/alfresco/web/app/servlet/CmisSecurityContextCleanerFilter.java b/src/main/java/org/alfresco/web/app/servlet/CmisSecurityContextCleanerFilter.java
new file mode 100644
index 0000000000..7c962950d8
--- /dev/null
+++ b/src/main/java/org/alfresco/web/app/servlet/CmisSecurityContextCleanerFilter.java
@@ -0,0 +1,63 @@
+/*
+ * #%L
+ * Alfresco Repository WAR Community
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software.
+ * If the software was purchased under a paid Alfresco license, the terms of
+ * the paid license agreement will prevail. Otherwise, the software is
+ * provided under the following open source license terms:
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ * #L%
+ */
+package org.alfresco.web.app.servlet;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+
+import net.sf.acegisecurity.context.ContextHolder;
+
+/**
+ * Clears security context. It should follow Authentication filters in the chain and should be mapped for CMIS requests only
+ *
+ * @author Dmitry Velichkevich
+ * @since 4.1.5
+ */
+public class CmisSecurityContextCleanerFilter implements Filter
+{
+ @Override
+ public void destroy()
+ {
+ }
+
+ @Override
+ public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException
+ {
+ ContextHolder.setContext(null);
+ chain.doFilter(servletRequest, servletResponse);
+ }
+
+ @Override
+ public void init(FilterConfig config) throws ServletException
+ {
+ }
+}
diff --git a/src/main/java/org/alfresco/web/app/servlet/GlobalLocalizationFilter.java b/src/main/java/org/alfresco/web/app/servlet/GlobalLocalizationFilter.java
new file mode 100644
index 0000000000..41dc64cb24
--- /dev/null
+++ b/src/main/java/org/alfresco/web/app/servlet/GlobalLocalizationFilter.java
@@ -0,0 +1,145 @@
+/*
+ * #%L
+ * Alfresco Repository WAR Community
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software.
+ * If the software was purchased under a paid Alfresco license, the terms of
+ * the paid license agreement will prevail. Otherwise, the software is
+ * provided under the following open source license terms:
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ * #L%
+ */
+package org.alfresco.web.app.servlet;
+
+import java.io.IOException;
+import java.util.Locale;
+import java.util.StringTokenizer;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpServletResponseWrapper;
+
+import org.springframework.extensions.surf.util.I18NUtil;
+
+/**
+ * @author Stas Sokolovsky
+ *
+ * Servlet filter responsible for setting a fallback default locale for ALL requests.
+ */
+public class GlobalLocalizationFilter implements Filter
+{
+ /**
+ * Run the filter
+ *
+ * @param request ServletRequest
+ * @param response ServletResponse
+ * @param chain FilterChain
+ * @exception IOException
+ * @exception ServletException
+ */
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
+ {
+ // Clear content locale from this thread (it may be set later)
+ I18NUtil.setContentLocale(null);
+
+ setLanguageFromRequestHeader((HttpServletRequest) request);
+
+ // continue filter chaining
+ chain.doFilter(request, new HttpServletResponseWrapper((HttpServletResponse) response){
+
+ /* (non-Javadoc)
+ * @see javax.servlet.ServletResponseWrapper#setContentType(java.lang.String)
+ */
+ @Override
+ public void setContentType(String type)
+ {
+ super.setContentType(type);
+
+ // Parse the parameters of the media type, since some app servers (Websphere) refuse to pay attention if the
+ // character encoding isn't explicitly set
+ int startIndex = type.indexOf(';') + 1;
+ int length = type.length();
+ while (startIndex != 0 && startIndex < length)
+ {
+ int endIndex = type.indexOf(';', startIndex);
+ if (endIndex == -1)
+ {
+ endIndex = length;
+ }
+ String param = type.substring(startIndex, endIndex);
+ int sepIndex = param.indexOf('=');
+ if (sepIndex != -1)
+ {
+ String name = param.substring(0, sepIndex).trim();
+ if (name.equalsIgnoreCase("charset"))
+ {
+ String charset = param.substring(sepIndex + 1).trim();
+ if ((null != charset) && ((charset.startsWith("\"") && charset.endsWith("\"")) || (charset.startsWith("'") && charset.endsWith("'"))))
+ {
+ charset = charset.substring(1, (charset.length() - 1));
+ }
+ setCharacterEncoding(charset);
+ break;
+ }
+ }
+ startIndex = endIndex + 1;
+ }
+ }
+ });
+
+ }
+
+ /**
+ * Apply Client and Repository language locale based on the 'Accept-Language' request header
+ *
+ * @param req HttpServletRequest
+ */
+ public void setLanguageFromRequestHeader(HttpServletRequest req)
+ {
+ Locale locale = null;
+
+ String acceptLang = req.getHeader("Accept-Language");
+ if (acceptLang != null && acceptLang.length() > 0)
+ {
+ StringTokenizer tokenizer = new StringTokenizer(acceptLang, ",; ");
+ // get language and convert to java locale format
+ String language = tokenizer.nextToken().replace('-', '_');
+ locale = I18NUtil.parseLocale(language);
+ I18NUtil.setLocale(locale);
+ }
+ else
+ {
+ I18NUtil.setLocale(Locale.getDefault());
+ }
+ }
+
+ public void init(FilterConfig filterConfig) throws ServletException
+ {
+ // Nothing to do
+ }
+
+ public void destroy()
+ {
+ // Nothing to do
+ }
+}
diff --git a/src/main/java/org/alfresco/web/app/servlet/KerberosAuthenticationFilter.java b/src/main/java/org/alfresco/web/app/servlet/KerberosAuthenticationFilter.java
new file mode 100644
index 0000000000..b0e9bce098
--- /dev/null
+++ b/src/main/java/org/alfresco/web/app/servlet/KerberosAuthenticationFilter.java
@@ -0,0 +1,120 @@
+/*
+ * #%L
+ * Alfresco Repository WAR Community
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software.
+ * If the software was purchased under a paid Alfresco license, the terms of
+ * the paid license agreement will prevail. Otherwise, the software is
+ * provided under the following open source license terms:
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ * #L%
+ */
+package org.alfresco.web.app.servlet;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.alfresco.repo.web.auth.WebCredentials;
+import org.alfresco.repo.webdav.auth.AuthenticationDriver;
+import org.alfresco.repo.webdav.auth.BaseKerberosAuthenticationFilter;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+/**
+ * Kerberos Authentication Filter Class
+ *
+ * @author GKSpencer
+ */
+public class KerberosAuthenticationFilter extends BaseKerberosAuthenticationFilter
+{
+ // Debug logging
+
+ private static Log logger = LogFactory.getLog(KerberosAuthenticationFilter.class);
+
+
+ /* (non-Javadoc)
+ * @see org.alfresco.repo.webdav.auth.BaseKerberosAuthenticationFilter#init()
+ */
+ @Override
+ protected void init() throws ServletException
+ {
+ // Call the base Kerberos filter initialization
+ super.init();
+
+ // Use the web client user attribute name
+ setUserAttributeName(AuthenticationDriver.AUTHENTICATION_USER);
+ }
+
+ /* (non-Javadoc)
+ * @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#onValidateFailed(javax.servlet.ServletContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, javax.servlet.http.HttpSession)
+ */
+ @Override
+ protected void onValidateFailed(ServletContext sc, HttpServletRequest req, HttpServletResponse res, HttpSession session, WebCredentials credentials)
+ throws IOException
+ {
+ super.onValidateFailed(sc, req, res, session, credentials);
+
+ // Redirect to the login page if user validation fails
+ redirectToLoginPage(req, res);
+ }
+
+ /* (non-Javadoc)
+ * @see org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter#onLoginComplete(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ protected boolean onLoginComplete(ServletContext sc, HttpServletRequest req, HttpServletResponse res, boolean userInit)
+ throws IOException
+ {
+ String requestURI = req.getRequestURI();
+ return true;
+ }
+
+ /* (non-Javadoc)
+ * @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#writeLoginPageLink(javax.servlet.ServletContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ protected void writeLoginPageLink(ServletContext context, HttpServletRequest req, HttpServletResponse resp)
+ throws IOException
+ {
+ String redirectURL = req.getRequestURI();
+ resp.setContentType("text/html; charset=UTF-8");
+ resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+
+ final PrintWriter out = resp.getWriter();
+ out.println("");
+ // Remove the auto refresh to avoid refresh loop, MNT-16931
+// out.println("");
+ out.println("Please log in.
");
+ out.println("");
+ out.close();
+ }
+
+ /* (non-Javadoc)
+ * @see org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter#getLogger()
+ */
+ @Override
+ final protected Log getLogger()
+ {
+ return logger;
+ }
+}
diff --git a/src/main/java/org/alfresco/web/app/servlet/NTLMAuthenticationFilter.java b/src/main/java/org/alfresco/web/app/servlet/NTLMAuthenticationFilter.java
new file mode 100644
index 0000000000..4251204977
--- /dev/null
+++ b/src/main/java/org/alfresco/web/app/servlet/NTLMAuthenticationFilter.java
@@ -0,0 +1,119 @@
+/*
+ * #%L
+ * Alfresco Repository WAR Community
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software.
+ * If the software was purchased under a paid Alfresco license, the terms of
+ * the paid license agreement will prevail. Otherwise, the software is
+ * provided under the following open source license terms:
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ * #L%
+ */
+package org.alfresco.web.app.servlet;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.alfresco.repo.web.auth.WebCredentials;
+import org.alfresco.repo.webdav.auth.AuthenticationDriver;
+import org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+/**
+ * Web-client NTLM Authentication Filter Class
+ *
+ * @author GKSpencer
+ */
+public class NTLMAuthenticationFilter extends BaseNTLMAuthenticationFilter
+{
+ // Debug logging
+ private static Log logger = LogFactory.getLog(NTLMAuthenticationFilter.class);
+
+
+ /* (non-Javadoc)
+ * @see org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter#init()
+ */
+ @Override
+ protected void init() throws ServletException
+ {
+ // Call the base NTLM filter initialization
+ super.init();
+
+ // Use the web client user attribute name
+ setUserAttributeName(AuthenticationDriver.AUTHENTICATION_USER);
+ }
+
+ /* (non-Javadoc)
+ * @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#onValidateFailed(javax.servlet.ServletContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, javax.servlet.http.HttpSession)
+ */
+ @Override
+ protected void onValidateFailed(ServletContext sc, HttpServletRequest req, HttpServletResponse res, HttpSession session, WebCredentials credentials)
+ throws IOException
+ {
+ super.onValidateFailed(sc, req, res, session, credentials);
+
+ // Redirect to the login page if user validation fails
+ redirectToLoginPage(req, res);
+ }
+
+ /* (non-Javadoc)
+ * @see org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter#onLoginComplete(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ protected boolean onLoginComplete(ServletContext sc, HttpServletRequest req, HttpServletResponse res, boolean userInit)
+ throws IOException
+ {
+ String requestURI = req.getRequestURI();
+ return true;
+ }
+
+ /* (non-Javadoc)
+ * @see org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter#writeLoginPageLink(javax.servlet.ServletContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ protected void writeLoginPageLink(ServletContext context, HttpServletRequest req, HttpServletResponse resp)
+ throws IOException
+ {
+ String redirectURL = req.getRequestURI();
+ resp.setContentType("text/html; charset=UTF-8");
+ resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+
+ final PrintWriter out = resp.getWriter();
+ out.println("");
+ // Remove the auto refresh to avoid refresh loop, MNT-16931
+// out.println("");
+ out.println("Please log in.
");
+ out.println("");
+ out.close();
+ }
+
+ /* (non-Javadoc)
+ * @see org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter#getLogger()
+ */
+ @Override
+ final protected Log getLogger()
+ {
+ return logger;
+ }
+}
diff --git a/src/main/java/org/alfresco/web/app/servlet/WebScriptSSOAuthenticationFilter.java b/src/main/java/org/alfresco/web/app/servlet/WebScriptSSOAuthenticationFilter.java
new file mode 100644
index 0000000000..9aca0463c5
--- /dev/null
+++ b/src/main/java/org/alfresco/web/app/servlet/WebScriptSSOAuthenticationFilter.java
@@ -0,0 +1,132 @@
+/*
+ * #%L
+ * Alfresco Repository WAR Community
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software.
+ * If the software was purchased under a paid Alfresco license, the terms of
+ * the paid license agreement will prevail. Otherwise, the software is
+ * provided under the following open source license terms:
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ * #L%
+ */
+package org.alfresco.web.app.servlet;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+
+import org.alfresco.repo.management.subsystems.ActivateableBean;
+import org.alfresco.repo.web.filter.beans.DependencyInjectedFilter;
+import org.alfresco.repo.webdav.auth.BaseAuthenticationFilter;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.springframework.extensions.surf.util.URLDecoder;
+import org.springframework.extensions.webscripts.Description.RequiredAuthentication;
+import org.springframework.extensions.webscripts.Match;
+import org.springframework.extensions.webscripts.RuntimeContainer;
+
+/**
+ * WebScript aware Authentication Filter Class. Takes into account the authentication setting in the descriptor for the
+ * webscript before chaining to the downstream authentication filters. If authentication is not required then chains
+ * with the NO_AUTH_REQUIRED request attribute set, which should cause any downstream authentication filter to bypass
+ * authentication checks.
+ *
+ * @author Kevin Roast
+ * @author dward
+ */
+public class WebScriptSSOAuthenticationFilter extends BaseAuthenticationFilter implements DependencyInjectedFilter,
+ ActivateableBean
+{
+ private static final Log logger = LogFactory.getLog(WebScriptSSOAuthenticationFilter.class);
+ private RuntimeContainer container;
+ private boolean isActive = true;
+
+ /**
+ * @param container the container to set
+ */
+ public void setContainer(RuntimeContainer container)
+ {
+ this.container = container;
+ }
+
+ /**
+ * Activates or deactivates the bean
+ *
+ * @param active
+ * true if the bean is active and initialization should complete
+ */
+ public final void setActive(boolean active)
+ {
+ this.isActive = active;
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see org.alfresco.repo.management.subsystems.ActivateableBean#isActive()
+ */
+ public final boolean isActive()
+ {
+ return isActive;
+ }
+
+ /* (non-Javadoc)
+ * @see org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter#doFilter(javax.servlet.ServletContext, javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
+ */
+ public void doFilter(ServletContext context, ServletRequest sreq, ServletResponse sresp, FilterChain chain)
+ throws IOException, ServletException
+ {
+ // Get the HTTP request/response
+ HttpServletRequest req = (HttpServletRequest)sreq;
+
+ // find a webscript match for the requested URI
+ String requestURI = req.getRequestURI();
+ String pathInfo = requestURI.substring((req.getContextPath() + req.getServletPath()).length());
+
+ if (getLogger().isDebugEnabled())
+ getLogger().debug("Processing request: " + requestURI + " SID:" +
+ (req.getSession(false) != null ? req.getSession().getId() : null));
+
+ Match match = container.getRegistry().findWebScript(req.getMethod(), URLDecoder.decode(pathInfo));
+ if (match != null && match.getWebScript() != null)
+ {
+ // check the authentication required - if none then we don't want any of
+ // the filters down the chain to require any authentication checks
+ if (RequiredAuthentication.none == match.getWebScript().getDescription().getRequiredAuthentication())
+ {
+ if (getLogger().isDebugEnabled())
+ getLogger().debug("Found webscript with no authentication - set NO_AUTH_REQUIRED flag.");
+ req.setAttribute(NO_AUTH_REQUIRED, Boolean.TRUE);
+ }
+ }
+
+ chain.doFilter(sreq, sresp);
+ }
+
+ /* (non-Javadoc)
+ * @see org.alfresco.repo.webdav.auth.BaseAuthenticationFilter#getLogger()
+ */
+ @Override
+ protected Log getLogger()
+ {
+ return logger;
+ }
+}
diff --git a/src/main/java/org/alfresco/web/app/servlet/WebscriptCookieAuthenticationFilter.java b/src/main/java/org/alfresco/web/app/servlet/WebscriptCookieAuthenticationFilter.java
new file mode 100644
index 0000000000..2f5111f4a3
--- /dev/null
+++ b/src/main/java/org/alfresco/web/app/servlet/WebscriptCookieAuthenticationFilter.java
@@ -0,0 +1,87 @@
+/*
+ * #%L
+ * Alfresco Repository WAR Community
+ * %%
+ * Copyright (C) 2005 - 2016 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software.
+ * If the software was purchased under a paid Alfresco license, the terms of
+ * the paid license agreement will prevail. Otherwise, the software is
+ * provided under the following open source license terms:
+ *
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see .
+ * #L%
+ */
+package org.alfresco.web.app.servlet;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.alfresco.repo.web.filter.beans.DependencyInjectedFilter;
+import org.alfresco.repo.webdav.auth.AuthenticationDriver;
+import org.alfresco.repo.webdav.auth.BaseAuthenticationFilter;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+/**
+ * WebScript aware Authentication Filter. Directly handles login script calls, allowing Surf to establish a cookie
+ * for a manual login, rather than the usual stateless ticket based logins.
+ *
+ * This functionality has been extracted from the WebScriptSSOAuthenticationFilter so that they can work independently.
+ *
+ * @author Gethin James
+ */
+public class WebscriptCookieAuthenticationFilter extends BaseAuthenticationFilter implements DependencyInjectedFilter
+{
+ private static final Log logger = LogFactory.getLog(WebscriptCookieAuthenticationFilter.class);
+ private static final String API_LOGIN = "/api/login";
+
+ public WebscriptCookieAuthenticationFilter()
+ {
+ setUserAttributeName(AuthenticationDriver.AUTHENTICATION_USER);
+ }
+
+
+ @Override
+ public void doFilter(ServletContext context, ServletRequest sreq, ServletResponse sresp, FilterChain chain) throws IOException, ServletException
+ {
+ // Get the HTTP request/response
+ HttpServletRequest req = (HttpServletRequest)sreq;
+ HttpServletResponse res = (HttpServletResponse)sresp;
+
+ // Allow propagation of manual logins to the session user
+ if (API_LOGIN.equals(req.getPathInfo()) && req.getMethod().equalsIgnoreCase("POST"))
+ {
+ handleLoginForm(req, res);
+ }
+ else
+ {
+ chain.doFilter(sreq, sresp);
+ }
+ }
+
+ @Override
+ protected Log getLogger()
+ {
+ return logger;
+ }
+
+}
diff --git a/src/main/resources/alfresco/messages/rest-framework-messages_de.properties b/src/main/resources/alfresco/messages/rest-framework-messages_de.properties
index fe6b2c7437..f397629585 100755
--- a/src/main/resources/alfresco/messages/rest-framework-messages_de.properties
+++ b/src/main/resources/alfresco/messages/rest-framework-messages_de.properties
@@ -12,6 +12,6 @@ framework.exception.PermissionDenied=Berechtigung verweigert
framework.exception.StaleEntity=Versuch, eine gegenstandslose Entity zu aktualisieren
framework.exception.UnsupportedResourceOperation=Der Vorgang wird nicht unterst\u00fctzt
framework.exception.DeletedResource=In dieser Version der REST-API wurde die Ressource {0} gel\u00f6scht
-framework.exception.RequestEntityTooLarge=Anfrage-Entity zu gro\u00df
-framework.exception.InsufficientStorage=Content-Speicherkontingent \u00fcberschritten
+framework.exception.RequestEntityTooLarge=Die Datei kann nicht hochgeladen werden da sie die maximale Upload-Gr\u00f6\u00dfe \u00fcberschreitet
+framework.exception.InsufficientStorage=Der Datei-Upload \u00fcberschreitet das erlaubte Speicherkontingent
framework.no.stacktrace=Aus Sicherheitsgr\u00fcnden wird die Stapelverfolgung nicht mehr angezeigt. Die Eigenschaft wird jedoch f\u00fcr \u00e4ltere Versionen beibehalten
diff --git a/src/main/resources/alfresco/messages/rest-framework-messages_es.properties b/src/main/resources/alfresco/messages/rest-framework-messages_es.properties
index 388fff0dd2..c4b797990e 100755
--- a/src/main/resources/alfresco/messages/rest-framework-messages_es.properties
+++ b/src/main/resources/alfresco/messages/rest-framework-messages_es.properties
@@ -12,6 +12,6 @@ framework.exception.PermissionDenied=Se ha denegado el permiso
framework.exception.StaleEntity=Intento de actualizar una entidad obsoleta
framework.exception.UnsupportedResourceOperation=No se admite la operaci\u00f3n
framework.exception.DeletedResource=En esta versi\u00f3n de la API REST, se ha eliminado el recurso {0}
-framework.exception.RequestEntityTooLarge=Entidad de solicitud demasiado grande
-framework.exception.InsufficientStorage=Se ha excedido la cuota de almacenamiento de contenido
+framework.exception.RequestEntityTooLarge=No se puede cargar el fichero porque excede el tama\u00f1o m\u00e1ximo de carga permitido
+framework.exception.InsufficientStorage=El fichero cargado excede la cuota de almacenamiento de contenido
framework.no.stacktrace=Por motivos de seguridad, ya no se muestra el seguimiento de la pila, pero se guarda la propiedad para versiones anteriores
diff --git a/src/main/resources/alfresco/messages/rest-framework-messages_fr.properties b/src/main/resources/alfresco/messages/rest-framework-messages_fr.properties
index 2d5ec5ca00..16ab6a6f8b 100755
--- a/src/main/resources/alfresco/messages/rest-framework-messages_fr.properties
+++ b/src/main/resources/alfresco/messages/rest-framework-messages_fr.properties
@@ -3,7 +3,7 @@ framework.exception.ApiDefault=Erreur inconnue lors de l'appel de l'API Rest
framework.exception.ConstraintViolated=Une contrainte n'a pas \u00e9t\u00e9 respect\u00e9e
framework.exception.InvalidArgument=Un argument non valide a \u00e9t\u00e9 re\u00e7u : {0}
framework.exception.InvalidProperty=La propri\u00e9t\u00e9 ''{0}'' avec la valeur ''{1}'' n''est pas valide pour la comparaison {2}
-framework.exception.InvalidQuery=Une requ\u00eate WHERE non valide a \u00e9t\u00e9 re\u00e7ue: {0}
+framework.exception.InvalidQuery=Une requ\u00eate WHERE non valide a \u00e9t\u00e9 re\u00e7ue : {0}
framework.exception.InvalidSelect=Une requ\u00eate {1} non valide a \u00e9t\u00e9 re\u00e7ue. {0}
framework.exception.NotFound={0} introuvable
framework.exception.EntityNotFound=L''entit\u00e9 associ\u00e9e \u00e0 l''id : {0} est introuvable
@@ -12,6 +12,6 @@ framework.exception.PermissionDenied=Droit d'acc\u00e8s refus\u00e9
framework.exception.StaleEntity=Tentative de mise \u00e0 jour d'une entit\u00e9 hors service
framework.exception.UnsupportedResourceOperation=L'op\u00e9ration n'est pas prise en charge
framework.exception.DeletedResource=Dans cette version de l''API REST, la ressource {0} a \u00e9t\u00e9 supprim\u00e9e
-framework.exception.RequestEntityTooLarge=Entit\u00e9 de requ\u00eate trop volumineuse
-framework.exception.InsufficientStorage=Quota de stockage de contenu d\u00e9pass\u00e9
+framework.exception.RequestEntityTooLarge=Impossible d'importer le fichier car il d\u00e9passe la taille maximale de t\u00e9l\u00e9chargement
+framework.exception.InsufficientStorage=La taille du fichier\u00e0 importer d\u00e9passe la limite de stockage autoris\u00e9e
framework.no.stacktrace=Pour des raisons de s\u00e9curit\u00e9, le tra\u00e7age de la pile n'est plus affich\u00e9, mais la propri\u00e9t\u00e9 est conserv\u00e9e dans les versions pr\u00e9c\u00e9dente
diff --git a/src/main/resources/alfresco/messages/rest-framework-messages_it.properties b/src/main/resources/alfresco/messages/rest-framework-messages_it.properties
index 46298cecdc..ffd1237d87 100755
--- a/src/main/resources/alfresco/messages/rest-framework-messages_it.properties
+++ b/src/main/resources/alfresco/messages/rest-framework-messages_it.properties
@@ -12,6 +12,6 @@ framework.exception.PermissionDenied=Permesso negato
framework.exception.StaleEntity=Si \u00e8 tentato di aggiornare un'entit\u00e0 obsoleta
framework.exception.UnsupportedResourceOperation=Questa operazione non \u00e8 supportata
framework.exception.DeletedResource={0} \u00e8 stato eliminato in questa versione della risorsa REST API
-framework.exception.RequestEntityTooLarge=Entit\u00e0 della richiesta troppo grande
-framework.exception.InsufficientStorage=Quota di archiviazione dei contenuti superata
+framework.exception.RequestEntityTooLarge=Impossibile caricare il file perch\u00e9 \u00e8 pi\u00f9 grande della dimensione massima consentita
+framework.exception.InsufficientStorage=Il caricamento del file supera la quota massima di archiviazione
framework.no.stacktrace=Per motivi di sicurezza l'analisi dello stack non viene pi\u00f9 visualizzata, ma viene mantenuta la propriet\u00e0 per le versioni precedenti
diff --git a/src/main/resources/alfresco/messages/rest-framework-messages_ja.properties b/src/main/resources/alfresco/messages/rest-framework-messages_ja.properties
index 2ff003216a..1dd733b359 100755
--- a/src/main/resources/alfresco/messages/rest-framework-messages_ja.properties
+++ b/src/main/resources/alfresco/messages/rest-framework-messages_ja.properties
@@ -12,6 +12,6 @@ framework.exception.PermissionDenied=\u6a29\u9650\u304c\u62d2\u5426\u3055\u308c\
framework.exception.StaleEntity=\u53e4\u3044\u30a8\u30f3\u30c6\u30a3\u30c6\u30a3\u3092\u66f4\u65b0\u3057\u3088\u3046\u3068\u3057\u307e\u3057\u305f
framework.exception.UnsupportedResourceOperation=\u3053\u306e\u64cd\u4f5c\u306f\u30b5\u30dd\u30fc\u30c8\u3055\u308c\u3066\u3044\u307e\u305b\u3093
framework.exception.DeletedResource=REST API \u30ea\u30bd\u30fc\u30b9 ''{0}'' \u306e\u3053\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u306f\u524a\u9664\u3055\u308c\u3066\u3044\u307e\u3059
-framework.exception.RequestEntityTooLarge=\u30ea\u30af\u30a8\u30b9\u30c8\u30a8\u30f3\u30c6\u30a3\u30c6\u30a3\u304c\u5927\u304d\u3059\u304e\u307e\u3059
-framework.exception.InsufficientStorage=\u30b3\u30f3\u30c6\u30f3\u30c4\u30b9\u30c8\u30ec\u30fc\u30b8\u306e\u30af\u30a9\u30fc\u30bf\u304c\u8d85\u3048\u3066\u3044\u307e\u3059
+framework.exception.RequestEntityTooLarge=\u30d5\u30a1\u30a4\u30eb\u304c\u6700\u5927\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u30b5\u30a4\u30ba\u3088\u308a\u5927\u304d\u3044\u305f\u3081\u3001\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u3067\u304d\u307e\u305b\u3093
+framework.exception.InsufficientStorage=\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u3059\u308b\u30d5\u30a1\u30a4\u30eb\u304c\u3001\u30b3\u30f3\u30c6\u30f3\u30c4\u306e\u30b9\u30c8\u30ec\u30fc\u30b8\u8a31\u5bb9\u7bc4\u56f2\u3092\u8d85\u3048\u3066\u3044\u307e\u3059
framework.no.stacktrace=\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56\u306e\u305f\u3081\u30b9\u30bf\u30c3\u30af\u30c8\u30ec\u30fc\u30b9\u306f\u8868\u793a\u3055\u308c\u306a\u304f\u306a\u308a\u307e\u3057\u305f\u304c\u3001\u30d7\u30ed\u30d1\u30c6\u30a3\u306f\u4ee5\u524d\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u306e\u305f\u3081\u306b\u6b8b\u3063\u3066\u3044\u307e\u3059
diff --git a/src/main/resources/alfresco/messages/rest-framework-messages_nb.properties b/src/main/resources/alfresco/messages/rest-framework-messages_nb.properties
index b6dd031f74..a0e2fa7b01 100644
--- a/src/main/resources/alfresco/messages/rest-framework-messages_nb.properties
+++ b/src/main/resources/alfresco/messages/rest-framework-messages_nb.properties
@@ -12,6 +12,6 @@ framework.exception.PermissionDenied=Tillatelse avvist
framework.exception.StaleEntity=Fors\u00f8ker \u00e5 oppdatere en foreldet enhet
framework.exception.UnsupportedResourceOperation=Handlingen st\u00f8ttes ikke
framework.exception.DeletedResource=I denne versjonen av REST har API-ressursen {0} blitt slettet
-framework.exception.RequestEntityTooLarge=Den forespurte enheten er for stor
-framework.exception.InsufficientStorage=Kvoten for innholdslagring er overskredet
+framework.exception.RequestEntityTooLarge=Filen kan ikke lastes opp fordi den er st\u00f8rre enn maksimum opplastingsst\u00f8rrelse
+framework.exception.InsufficientStorage=Filopplastingen overskrider tillatt innholdslagring
framework.no.stacktrace=Av sikkerhetsmessige \u00e5rsaker vises ikke stakksporing lenger, men egenskapen beholdes for tidlige versjoner
diff --git a/src/main/resources/alfresco/messages/rest-framework-messages_nl.properties b/src/main/resources/alfresco/messages/rest-framework-messages_nl.properties
index d1b8607d55..ca35dd6c42 100644
--- a/src/main/resources/alfresco/messages/rest-framework-messages_nl.properties
+++ b/src/main/resources/alfresco/messages/rest-framework-messages_nl.properties
@@ -12,6 +12,6 @@ framework.exception.PermissionDenied=Toegang is geweigerd
framework.exception.StaleEntity=Poging tot het bijwerken van een oude entiteit
framework.exception.UnsupportedResourceOperation=De bewerking wordt niet ondersteund
framework.exception.DeletedResource=De resource {0} is verwijderd uit deze versie van de REST API
-framework.exception.RequestEntityTooLarge=Aanvraag-entiteit te groot
-framework.exception.InsufficientStorage=Limiet contentopslag overschreden
+framework.exception.RequestEntityTooLarge=Het bestand kan niet worden ge\u00fcpload omdat het groter is dan de maximale grootte voor uploads
+framework.exception.InsufficientStorage=Bij het uploaden van het bestand wordt de toegestane contentopslag overschreden
framework.no.stacktrace=Om veiligheidsredenen wordt de stacktracering niet meer weergegeven, maar de eigenschap wordt bewaard voor vorige versies
diff --git a/src/main/resources/alfresco/messages/rest-framework-messages_pt_BR.properties b/src/main/resources/alfresco/messages/rest-framework-messages_pt_BR.properties
index 4bfac52e75..c3381ed394 100644
--- a/src/main/resources/alfresco/messages/rest-framework-messages_pt_BR.properties
+++ b/src/main/resources/alfresco/messages/rest-framework-messages_pt_BR.properties
@@ -12,6 +12,6 @@ framework.exception.PermissionDenied=Permiss\u00e3o negada
framework.exception.StaleEntity=Tentativa de atualizar uma entidade obsoleta
framework.exception.UnsupportedResourceOperation=A opera\u00e7\u00e3o n\u00e3o \u00e9 suportada
framework.exception.DeletedResource=Nesta vers\u00e3o do recurso REST API, {0} foi exclu\u00eddo
-framework.exception.RequestEntityTooLarge=Entidade de solicita\u00e7\u00e3o muito grande
+framework.exception.RequestEntityTooLarge=O arquivo n\u00e3o pode ser carregado pois \u00e9 maior do que o tamanho m\u00e1ximo permitido para carregamento
framework.exception.InsufficientStorage=Cota de conte\u00fado de armazenamento excedida
framework.no.stacktrace=Por motivos de seguran\u00e7a, o rastreamento de pilha n\u00e3o \u00e9 mais exibido, mas a propriedade foi mantida para as vers\u00f5es anteriores
diff --git a/src/main/resources/alfresco/messages/rest-framework-messages_ru.properties b/src/main/resources/alfresco/messages/rest-framework-messages_ru.properties
index c2cc45a223..96008edb2d 100644
--- a/src/main/resources/alfresco/messages/rest-framework-messages_ru.properties
+++ b/src/main/resources/alfresco/messages/rest-framework-messages_ru.properties
@@ -12,6 +12,6 @@ framework.exception.PermissionDenied=\u0412 \u0440\u0430\u0437\u0440\u0435\u0448
framework.exception.StaleEntity=\u041f\u043e\u043f\u044b\u0442\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0443\u044e \u0441\u0443\u0449\u043d\u043e\u0441\u0442\u044c
framework.exception.UnsupportedResourceOperation=\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u044f \u043d\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f
framework.exception.DeletedResource=\u0412 \u044d\u0442\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 REST API \u0440\u0435\u0441\u0443\u0440\u0441 {0} \u0443\u0434\u0430\u043b\u0435\u043d
-framework.exception.RequestEntityTooLarge=\u0421\u043b\u0438\u0448\u043a\u043e\u043c \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441
-framework.exception.InsufficientStorage=\u041f\u0440\u0435\u0432\u044b\u0448\u0435\u043d\u0430 \u043a\u0432\u043e\u0442\u0430 \u043d\u0430 \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430
+framework.exception.RequestEntityTooLarge=\u041d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0444\u0430\u0439\u043b, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u043e\u043d \u043f\u0440\u0435\u0432\u044b\u0448\u0430\u0435\u0442 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u0439 \u0440\u0430\u0437\u043c\u0435\u0440
+framework.exception.InsufficientStorage=\u0417\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b \u043f\u0440\u0435\u0432\u044b\u0448\u0430\u0435\u0442 \u043a\u0432\u043e\u0442\u0443 \u043d\u0430 \u0440\u0430\u0437\u043c\u0435\u0440 \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430
framework.no.stacktrace=\u0418\u0437 \u0441\u043e\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0442\u0440\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u043a\u0430 \u043f\u0430\u043a\u0435\u0442\u0430 \u0431\u043e\u043b\u0435\u0435 \u043d\u0435 \u043e\u0442\u043e\u0431\u0440\u0430\u0436\u0430\u0435\u0442\u0441\u044f, \u043d\u043e \u0441\u0432\u043e\u0439\u0441\u0442\u0432\u043e \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043e \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439
diff --git a/src/main/resources/alfresco/messages/rest-framework-messages_zh_CN.properties b/src/main/resources/alfresco/messages/rest-framework-messages_zh_CN.properties
index fd84ef75ab..38c6784206 100644
--- a/src/main/resources/alfresco/messages/rest-framework-messages_zh_CN.properties
+++ b/src/main/resources/alfresco/messages/rest-framework-messages_zh_CN.properties
@@ -12,6 +12,6 @@ framework.exception.PermissionDenied=\u6743\u9650\u88ab\u62d2\u7edd
framework.exception.StaleEntity=\u5c1d\u8bd5\u66f4\u65b0\u8fc7\u671f\u7684\u5b9e\u4f53
framework.exception.UnsupportedResourceOperation=\u4e0d\u652f\u6301\u6b64\u64cd\u4f5c
framework.exception.DeletedResource=\u5728\u6b64\u7248\u672c\u7684 REST API \u4e2d\uff0c\u5df2\u5220\u9664\u8d44\u6e90 {0}
-framework.exception.RequestEntityTooLarge=\u8bf7\u6c42\u5b9e\u4f53\u592a\u5927
-framework.exception.InsufficientStorage=\u8d85\u8fc7\u5185\u5bb9\u5b58\u50a8\u989d\u5ea6
+framework.exception.RequestEntityTooLarge=\u6587\u4ef6\u65e0\u6cd5\u88ab\u4e0a\u4f20\uff0c\u56e0\u4e3a\u5b83\u8d85\u8fc7\u4e86\u6700\u5927\u53ef\u4e0a\u4f20\u7684\u5927\u5c0f
+framework.exception.InsufficientStorage=\u4e0a\u4f20\u6587\u4ef6\u8d85\u8fc7\u5185\u5bb9\u5b58\u50a8\u9650\u989d
framework.no.stacktrace=\u51fa\u4e8e\u5b89\u5168\u539f\u56e0\uff0c\u4e0d\u518d\u663e\u793a\u5806\u6808\u8f68\u8ff9\uff0c\u4f46\u4e3a\u5148\u524d\u7248\u672c\u4fdd\u7559\u4e86\u8be5\u5c5e\u6027
diff --git a/src/main/resources/alfresco/subsystems.Authentication/alfrescoNtlm/ntlm-filter-context.xml b/src/main/resources/alfresco/subsystems.Authentication/alfrescoNtlm/ntlm-filter-context.xml
new file mode 100644
index 0000000000..1a78ceeee2
--- /dev/null
+++ b/src/main/resources/alfresco/subsystems.Authentication/alfrescoNtlm/ntlm-filter-context.xml
@@ -0,0 +1,127 @@
+
+
+
+
+
+
+ ${ntlm.authentication.sso.enabled}
+
+
+
+
+
+
<#else>
diff --git a/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/site/roles/roles.get.js b/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/site/roles/roles.get.js
index e6136019fc..b8e8f18f64 100644
--- a/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/site/roles/roles.get.js
+++ b/src/main/resources/alfresco/templates/webscripts/org/alfresco/repository/site/roles/roles.get.js
@@ -11,8 +11,15 @@ function main()
}
// calculate the available "roles" and permissions groups for this site
+ var siteRoles = [];
+ var rolesList = siteService.listSiteRoles();
+ for (var i in rolesList)
+ {
+ siteRoles.push(rolesList[i]);
+ }
// add the "None" pseudo role
- var siteRoles = siteService.listSiteRoles().concat(["None"]);
+ siteRoles.push("None");
+
var sitePermissionGroups = site.sitePermissionGroups;
sitePermissionGroups["everyone"] = "GROUP_EVERYONE";
diff --git a/src/main/resources/alfresco/web-scripts-application-context.xml b/src/main/resources/alfresco/web-scripts-application-context.xml
index abf4654c5e..d11b2e79bf 100644
--- a/src/main/resources/alfresco/web-scripts-application-context.xml
+++ b/src/main/resources/alfresco/web-scripts-application-context.xml
@@ -218,12 +218,6 @@
-
-
-
-
-
-