From ab8fb3979d55bfae43c0498131eab717113458ab Mon Sep 17 00:00:00 2001
From: Alan Davis <alan.davis@alfresco.com>
Date: Sat, 31 Jan 2015 15:28:06 +0000
Subject: [PATCH] Merged HEAD-BUG-FIX (5.1/Cloud) to HEAD (5.1/Cloud)    93984:
 Merged 5.0.N (5.0.1) to HEAD-BUG-FIX (5.1/Cloud)       93857: Merged
 V4.2-BUG-FIX (4.2.5) to 5.0.N (5.0.1)          93852: Merged V4.1-BUG-FIX
 (4.1.10) to V4.2-BUG-FIX (4.2.5)             93669: Merged DEV to
 V4.1-BUG-FIX              93636 : MNT-11041 : Share SSOAuthenticationFilter
 and non-ascii username strings               "X-Alfresco-Remote-User" and
 userHeader for alfrescoHeader connector is now base64 encoded to support
 non-ASCII symbols.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@95024 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
---
 .../authentication/external/DefaultRemoteUserMapper.java | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/source/java/org/alfresco/repo/security/authentication/external/DefaultRemoteUserMapper.java b/source/java/org/alfresco/repo/security/authentication/external/DefaultRemoteUserMapper.java
index ef7c0536a9..15363ebe2b 100644
--- a/source/java/org/alfresco/repo/security/authentication/external/DefaultRemoteUserMapper.java
+++ b/source/java/org/alfresco/repo/security/authentication/external/DefaultRemoteUserMapper.java
@@ -18,6 +18,7 @@
  */
 package org.alfresco.repo.security.authentication.external;
 
+import java.nio.charset.Charset;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
@@ -29,6 +30,7 @@ import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork;
 import org.alfresco.service.cmr.security.PersonService;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.springframework.extensions.surf.util.Base64;
 /**
  * A default {@link RemoteUserMapper} implementation. Extracts a user ID using
  * {@link HttpServletRequest#getRemoteUser()} and optionally from a configured request header. If there is no configured
@@ -219,6 +221,13 @@ public class DefaultRemoteUserMapper implements RemoteUserMapper, ActivateableBe
         {
             return null;
         }
+        
+        // MNT-11041 Share SSOAuthenticationFilter and non-ascii username strings
+        if (!Charset.forName("US-ASCII").newEncoder().canEncode(userId))
+        {
+            userId = new String(Base64.decode(userId.getBytes()));
+        }
+       
         if (this.userIdPattern == null)
         {
             userId = userId.trim();