mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-08-14 17:58:59 +00:00
Merged V3.3-BUG-FIX to HEAD
20954: Calendar Dashlet updates. Fixes: ALF-2907 (meeting workspace issue)
20968: Minor VersionableAspect fix to onDeleteNode policy firing (follow-on for r19507)
20981: Removed Install Jammer installers from V3.3.3
20982: AVMTestSuite - run PurgeTestP after AVMServiceTest (investigating ALF-3611)
20997: Fix for ALF-2605 - updated share-config-custom.xml.sample and removed obsolete extension files
21030: Pulled XAMConnector AMP into main 3.3SP3 codeline. Apart from build changes (incl. EOL), there are no repo changes.
21032: StoreSelector passes through NodeContentContext allowing stores access to node information
21036: Fix ALF-245: Can't delete space that contains "translation without content"
- Delete triggers 'unmakeTranslation'
- Empty translations are marked with sys:temporary before being deleted
21051: More on fix ALF-245. Reduced complexity by not deleting empty translations twice
21064: Merged V3.3 to V3.3-BUG_FIX
20898: Merged HEAD to V3.3
20724: AVMTestSuite - temporarily comment out PurgeTestP
- TODO: investigate intermittent test failure
20903: Incremented version revision
20921: AVM - fix purge store so that vr nodes are actually orphaned (ALF-3627)
20952: Fix for ALF-3704: Module conflict - Alfresco web client config property page missing metadata.
This is application of a fix made to the config service in a hotfix. The change provides a deterministic load order for config files loaded via the ConfigBootstrap spring bean. More importantly it means that config files loaded by modules on different machines in a cluster load in the same order.
The forms client and AWE config files have been updated to take advantage of the new loading order.
21061: Merged PATCHES/V3.1.2 to V3.3 (RECORD ONLY)
20890: ALF-3687: Apply LUCENE-1383 patch to Lucene 2.1.0 to reduce memory leaks from ThreadLocals
20891: ALF-3687: Build classpath fix
20892: Incremented version label
21062: Merged PATCHES/V3.2.1 to V3.3
20897: (RECORD ONLY) Incremented version label
20901: (RECORD ONLY) ALF-3740: Merged V3.3 to PATCHES/V3.2.1
20524: VersionMigrator - option to run as scheduled job (ALF-1000)
20904: (RECORD ONLY) ALF-3732: Merged PATCHES/V3.2.r to PATCHES/V3.2.1
19803: ALF-558: File servers (CIFS / FTP / NFS) can now handle concurrent write operations on Alfresco repository
- ContentDiskDriver / AVMDiskDriver now use retrying transactions for write operations
- Disable EagerContentStoreCleaner on ContentDiskDriver / AVMDiskDriver closeFile() operations so that they may be retried after rollback (Sony zero byte problem)
- Allow manual association of AVM ContentData with nodes so that closeFile() may be retried
- Propagation of new argument through AVM interfaces
20905: (RECORD ONLY) ALF-3732: Rolled back the now unnecessary reference()/dereference() stuff from ALF-558
20906: (RECORD ONLY) ALF-3732: Merged DEV/V3.3-BUG-FIX to PATCHES/V3.2.1
20623: Fix for ALF-3188 : Access Denied when updating doc via CIFS
20907: (RECORD ONLY) ALF-3732: Merged V3.3 to PATCHES/V3.2.1
20173: Propagate IOExceptions from retryable write transactions in AlfrescoDiskDriver
20950: ALF-3779: Upgrades on large repositories from v2.1 and v2.2 were failing on MySQL due to "The total number of locks exceeds the lock table size" errors
- Solution was to add support for new --BEGIN TXN and --END TXN comments and execute LOCK TABLES statements in the same transaction as large INSERT - SELECT statements.
20990: ALF-3789: Concurrency issues with InMemoryTicketComponentImpl
- Previous ETHREEOH-1842 method of caching web session 'ref counts' against tickets could cause tickets to unpredictably fall out of the transactional cache
- Rolled back original ETHREEOH-1842 fix. Would be too much overhead to keep these ref counts consistent across a cluster.
- Instead, avoid invalidating tickets on web session timeout and only do it on explicit log out.
- Now tickets maintained in non-transactional shared cache so they can't drop out unpredictably
- Logic for ticket inactivity timeout caching improved so that it should work across a cluster
20991: (RECORD ONLY) Incremented version label
20993: ALF-3789: Fixed Spring configuration backward compatibily issue with previous fix
- Ticket cache bean name restored to ticketsCache. This is actually now a non-transactional cache.
- Also externalized parameters so that they can now be controlled by alfresco-global.properties without any bean overrides
authentication.ticket.ticketsExpire=false
authentication.ticket.expiryMode=AFTER_FIXED_TIME
authentication.ticket.validDuration=PT1H
20994: Eclipse classpath fixes for unit testing after ant build
21057: ALF-3592: PassthruCifsAuthenticator now auto-creates / imports users who do not already exist in Alfresco
- At least one of the following properties must be true for this to happen
synchronization.autoCreatePeopleOnLogin
synchronization.syncWhenMissingPeopleLogIn
- Also improved debug logging of unknown passthru domains
21063: Merged PATCHES/V3.2.r to V3.3
21037: ALF-3793: Final attempt at realigning saved XForm data with a modified Schema
- removeRemovedNodes / insertUpdatedNodes / insertPrototypeNodes replaced by a one stop recursive process that builds a new instance tree from scratch
- Nodes copied over in correct order
- Missing nodes added in and extra nodes discarded
- Prototype nodes appended at appropriate points
21038: (RECORD ONLY) Incremented version label
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@21065 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Dave Ward
@@ -190,7 +190,7 @@ public class TestWebScriptRepoServer extends TestWebScriptServer
|
||||
{
|
||||
public Object execute() throws Exception
|
||||
{
|
||||
authenticationService.validate(username, null);
|
||||
authenticationService.validate(username);
|
||||
return null;
|
||||
}
|
||||
});
|
||||
|
||||
@@ -70,7 +70,7 @@ public class LoginTicket extends DeclarativeWebScript
|
||||
|
||||
try
|
||||
{
|
||||
String ticketUser = ticketComponent.validateTicket(ticket, null);
|
||||
String ticketUser = ticketComponent.validateTicket(ticket);
|
||||
|
||||
String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
|
||||
|
||||
|
||||
@@ -80,7 +80,7 @@ public class LoginTicketDelete extends DeclarativeWebScript
|
||||
|
||||
try
|
||||
{
|
||||
String ticketUser = ticketComponent.validateTicket(ticket, null);
|
||||
String ticketUser = ticketComponent.validateTicket(ticket);
|
||||
|
||||
// do not go any further if tickets are different
|
||||
if (!AuthenticationUtil.getFullyAuthenticatedUser().equals(ticketUser))
|
||||
@@ -91,7 +91,7 @@ public class LoginTicketDelete extends DeclarativeWebScript
|
||||
else
|
||||
{
|
||||
// delete the ticket
|
||||
authenticationService.invalidateTicket(ticket, null);
|
||||
authenticationService.invalidateTicket(ticket);
|
||||
status.setMessage("Deleted Ticket " + ticket);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -134,7 +134,7 @@ public class BasicHttpAuthenticatorFactory implements ServletAuthenticatorFactor
|
||||
logger.debug("Authenticating (URL argument) ticket " + ticket);
|
||||
|
||||
// assume a ticket has been passed
|
||||
authenticationService.validate(ticket, null);
|
||||
authenticationService.validate(ticket);
|
||||
authorized = true;
|
||||
}
|
||||
catch(AuthenticationException e)
|
||||
@@ -162,7 +162,7 @@ public class BasicHttpAuthenticatorFactory implements ServletAuthenticatorFactor
|
||||
logger.debug("Authenticating (BASIC HTTP) ticket " + parts[0]);
|
||||
|
||||
// assume a ticket has been passed
|
||||
authenticationService.validate(parts[0], null);
|
||||
authenticationService.validate(parts[0]);
|
||||
authorized = true;
|
||||
}
|
||||
else
|
||||
|
||||
@@ -28,7 +28,6 @@ import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.alfresco.repo.SessionUser;
|
||||
import org.alfresco.repo.security.authentication.AuthenticationException;
|
||||
@@ -110,9 +109,8 @@ public class AuthenticationFilter extends BaseAuthenticationFilter implements De
|
||||
// Authenticate the user
|
||||
|
||||
authenticationService.authenticate(username, password.toCharArray());
|
||||
HttpSession session = httpReq.getSession();
|
||||
user = createUserEnvironment(session, authenticationService.getCurrentUserName(),
|
||||
authenticationService.getCurrentTicket(session.getId()), false);
|
||||
|
||||
user = createUserEnvironment(httpReq.getSession(), authenticationService.getCurrentUserName(), authenticationService.getCurrentTicket(), false);
|
||||
}
|
||||
catch ( AuthenticationException ex)
|
||||
{
|
||||
@@ -145,14 +143,13 @@ public class AuthenticationFilter extends BaseAuthenticationFilter implements De
|
||||
|
||||
// Validate the ticket
|
||||
|
||||
HttpSession session = httpReq.getSession();
|
||||
authenticationService.validate(ticket, session.getId());
|
||||
authenticationService.validate(ticket);
|
||||
|
||||
// Need to create the User instance if not already available
|
||||
|
||||
String currentUsername = authenticationService.getCurrentUserName();
|
||||
|
||||
user = createUserEnvironment(session, currentUsername, ticket, false);
|
||||
user = createUserEnvironment(httpReq.getSession(), currentUsername, ticket, false);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -201,7 +201,7 @@ public abstract class BaseAuthenticationFilter
|
||||
{
|
||||
try
|
||||
{
|
||||
authenticationService.validate(sessionUser.getTicket(), session.getId());
|
||||
authenticationService.validate(sessionUser.getTicket());
|
||||
setExternalAuth(session, externalAuth);
|
||||
}
|
||||
catch (AuthenticationException e)
|
||||
@@ -227,11 +227,10 @@ public abstract class BaseAuthenticationFilter
|
||||
// If we have been authenticated by other means, just propagate through the user identity
|
||||
authenticationComponent.setCurrentUser(userId);
|
||||
session = httpServletRequest.getSession();
|
||||
String sessionId = session.getId();
|
||||
|
||||
try
|
||||
{
|
||||
sessionUser = createUserEnvironment(session, authenticationService.getCurrentUserName(), authenticationService.getCurrentTicket(sessionId), true);
|
||||
sessionUser = createUserEnvironment(session, authenticationService.getCurrentUserName(), authenticationService.getCurrentTicket(), true);
|
||||
}
|
||||
catch (Throwable e)
|
||||
{
|
||||
@@ -374,7 +373,7 @@ public abstract class BaseAuthenticationFilter
|
||||
public SessionUser execute() throws Throwable
|
||||
{
|
||||
authenticationComponent.setCurrentUser(userName);
|
||||
return createUserEnvironment(session, userName, authenticationService.getCurrentTicket(session.getId()), true);
|
||||
return createUserEnvironment(session, userName, authenticationService.getCurrentTicket(), true);
|
||||
}
|
||||
});
|
||||
}
|
||||
@@ -437,7 +436,7 @@ public abstract class BaseAuthenticationFilter
|
||||
|
||||
authenticationService.authenticate(username, password.toCharArray());
|
||||
session = req.getSession();
|
||||
createUserEnvironment(session, username, authenticationService.getCurrentTicket(session.getId()), false);
|
||||
createUserEnvironment(session, username, authenticationService.getCurrentTicket(), false);
|
||||
res.setStatus(HttpServletResponse.SC_NO_CONTENT);
|
||||
}
|
||||
catch (AuthenticationException e)
|
||||
|
||||
@@ -220,36 +220,36 @@ public abstract class BaseSSOAuthenticationFilter extends BaseAuthenticationFilt
|
||||
|
||||
if (ticket != null && ticket.length() != 0)
|
||||
{
|
||||
if (getLogger().isDebugEnabled())
|
||||
getLogger().debug("Logon via ticket from " + req.getRemoteHost() + " (" +
|
||||
req.getRemoteAddr() + ":" + req.getRemotePort() + ")" + " ticket=" + ticket);
|
||||
if (getLogger().isDebugEnabled())
|
||||
getLogger().debug(
|
||||
"Logon via ticket from " + req.getRemoteHost() + " (" + req.getRemoteAddr() + ":"
|
||||
+ req.getRemotePort() + ")" + " ticket=" + ticket);
|
||||
|
||||
UserTransaction tx = null;
|
||||
try
|
||||
{
|
||||
// Get a cached user with a valid ticket
|
||||
SessionUser user = getSessionUser(servletContext, req, resp, true);
|
||||
UserTransaction tx = null;
|
||||
try
|
||||
{
|
||||
// Get a cached user with a valid ticket
|
||||
SessionUser user = getSessionUser(servletContext, req, resp, true);
|
||||
|
||||
// If this isn't the same ticket, invalidate the session
|
||||
if (user != null && !ticket.equals(user.getTicket()))
|
||||
{
|
||||
invalidateSession(req);
|
||||
user = null;
|
||||
}
|
||||
// If this isn't the same ticket, invalidate the session
|
||||
if (user != null && !ticket.equals(user.getTicket()))
|
||||
{
|
||||
invalidateSession(req);
|
||||
user = null;
|
||||
}
|
||||
|
||||
// If we don't yet have a valid cached user, validate the ticket and create one
|
||||
if ( user == null )
|
||||
{
|
||||
HttpSession session = req.getSession();
|
||||
String sessionId = session.getId();
|
||||
authenticationService.validate(ticket, sessionId);
|
||||
user = createUserEnvironment(session, authenticationService.getCurrentUserName(), authenticationService.getCurrentTicket(sessionId), true);
|
||||
}
|
||||
// If we don't yet have a valid cached user, validate the ticket and create one
|
||||
if (user == null)
|
||||
{
|
||||
authenticationService.validate(ticket);
|
||||
user = createUserEnvironment(req.getSession(), authenticationService.getCurrentUserName(),
|
||||
authenticationService.getCurrentTicket(), true);
|
||||
}
|
||||
|
||||
// Indicate the ticket parameter was specified, and valid
|
||||
// Indicate the ticket parameter was specified, and valid
|
||||
|
||||
ticketValid = true;
|
||||
}
|
||||
ticketValid = true;
|
||||
}
|
||||
catch (AuthenticationException authErr)
|
||||
{
|
||||
if (getLogger().isDebugEnabled())
|
||||
|
||||
@@ -33,7 +33,6 @@ import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.alfresco.repo.SessionUser;
|
||||
import org.alfresco.repo.security.authentication.AuthenticationComponent;
|
||||
@@ -214,9 +213,8 @@ public class HTTPRequestAuthenticationFilter extends BaseAuthenticationFilter im
|
||||
m_authComponent.clearCurrentSecurityContext();
|
||||
m_authComponent.setCurrentUser(userName);
|
||||
|
||||
HttpSession session = httpReq.getSession();
|
||||
return createUserEnvironment(session, userName, authenticationService
|
||||
.getCurrentTicket(session.getId()), true);
|
||||
return createUserEnvironment(httpReq.getSession(), userName, authenticationService
|
||||
.getCurrentTicket(), true);
|
||||
}
|
||||
catch (AuthenticationException ex)
|
||||
{
|
||||
@@ -247,12 +245,12 @@ public class HTTPRequestAuthenticationFilter extends BaseAuthenticationFilter im
|
||||
|
||||
try
|
||||
{
|
||||
HttpSession session = httpReq.getSession();
|
||||
// Validate the ticket
|
||||
authenticationService.validate(ticket, session.getId());
|
||||
authenticationService.validate(ticket);
|
||||
|
||||
// Need to create the User instance if not already available
|
||||
user = createUserEnvironment(session, authenticationService.getCurrentUserName(), ticket, true);
|
||||
user = createUserEnvironment(httpReq.getSession(), authenticationService.getCurrentUserName(),
|
||||
ticket, true);
|
||||
}
|
||||
catch (AuthenticationException authErr)
|
||||
{
|
||||
|
||||
@@ -110,7 +110,7 @@ public class AuthenticationWebService implements AuthenticationServiceSoapPort
|
||||
public Object execute() throws Throwable
|
||||
{
|
||||
AuthenticationWebService.this.authenticationComponent.setSystemUserAsCurrentUser();
|
||||
AuthenticationWebService.this.authenticationService.invalidateTicket(ticket, null);
|
||||
AuthenticationWebService.this.authenticationService.invalidateTicket(ticket);
|
||||
AuthenticationWebService.this.authenticationService.clearCurrentSecurityContext();
|
||||
|
||||
if (logger.isDebugEnabled())
|
||||
|
||||
@@ -74,7 +74,7 @@ public class TicketCallbackHandler implements CallbackHandler
|
||||
// ensure the ticket is valid
|
||||
try
|
||||
{
|
||||
this.authenticationService.validate(ticket, null);
|
||||
this.authenticationService.validate(ticket);
|
||||
}
|
||||
catch (AuthenticationException ae)
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user