Merged V4.0-BUG-FIX to HEAD

37586: ALF-14309: Cannot run project using Alfresco SDK
      - sdk-common target now depends on sdk-extras target
   37604: Merged V3.4-BUG-FIX to V4.0-BUG-FIX
      37573: Merged DEV to V3.4-BUG-FIX (with improvements)
         37547: ALF-13621: Encoding issue in passwords for webscript and webdav authentication
            Validation of BASIC username, password using following encoding in a sequence, ignoring duplicate decodings
            1. UTF-8 (skip if fails to decode) 
            2. System.getProperty("file.encoding") (platform default encoding) 
            3. ISO-8859-1
            It succeeds if one of them succeeds.
      37591: ALF-14457: Merged PATCHES/V3.4.8 to V3.4-BUG-FIX
         37288: ALF-14315: Localname is too long when upgrading from 3.1 to 3.4.8 or 3.4.9
         - Truncate migrated group names within QName.MAX_LENGTH whilst maintaining uniqueness
         37392: ALF-14315: Localname is too long when upgrading from 3.1 to 3.4.8 or 3.4.9
         - Prevent NPE when re-parenting exising users
      37593: (RECORD ONLY) Incremented version revision for 3.4.11
      37599: Make this class compile so I can import all projects into Eclipse!
      37601: ALF-14462: Stop Kerberos authentication from barfing when it comes across a NegoEx SPNEGO request from Windows 7 / 2008
         http://blogs.msdn.com/b/openspecification/archive/2011/07/01/a-quick-look-at-the-new-negotiation-mechanism-negoex-used-with-spnego-in-windows-7.aspx
      37602: ALF-10785: Locale not forwarded in webscripts when using Kerberos SSO
      - Previous solution didn't work when failover manual login form was used (as Accept-Language header wasn't always sent by all Surf machinery) and would also mean Share wasn't responsive to browser locale changes, unlike when using the /s endpoint.
      - Now we use a more foolproof solution on the /wcs endpoint
      - Session initiation (as detected by an authentication filter) sets an attribute that decides whether a session 'sticky' locale should be used for the rest of the session
      - It's set to false if a webscript is the first to access it or the session was established by a ticket. This means the Accept-Language header will drive the rest of the session.
      - This also means Explorer can still control the locale of a session initiated by it
      - Glad to see the back of this long-running bug. The good news is I now have a Kerberos EC2 image!
      37603: ALF-14462: Fixed same potential NegoEx problem in Share SSOAuthenticationFilter (although not observed)
   37605: Merged V3.4-BUG-FIX to V4.0-BUG-FIX (RECORD ONLY)
      37590: Merged V4.0-BUG-FIX to V3.4-BUG-FIX
         37586: ALF-14309: Cannot run project using Alfresco SDK


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@37606 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261

source/java/org/alfresco/repo/admin/patch/impl/AuthorityMigrationPatch.java

@@ -212,6 +212,59 @@ public class AuthorityMigrationPatch extends AbstractPatch
         return assocCount;
     }
 
+    /**
+     * Truncates authority names so that they are within {@link QName#MAX_LENGTH} characters.
+     * 
+     * @param authoritiesToCreate
+     *            the original, untruncated authorities to create
+     * @param parentAssocs
+     *            the original parent associations to create
+     * @param targetAuthoritiesToCreate
+     *            the authorities to create with names shortened to QName.MAX_LENGTH
+     * @param targetParentAssocs
+     *            the parent associations modified to match targetAuthoritiesToCreate
+     */
+    private void truncateAuthorities(final Map<String, String> authoritiesToCreate,
+            Map<String, Set<String>> parentAssocs, Map<String, String> targetAuthoritiesToCreate,
+            Map<String, Set<String>> targetParentAssocs)
+    {
+        // Work through each authority, creating a unique truncated name where necessary and populating a map of old to
+        // new names
+        Map<String, String> targetLookup = new TreeMap<String, String>();        
+        for (Map.Entry<String, String> entry : authoritiesToCreate.entrySet())
+        {
+            String sourceName = entry.getKey();
+            int sourceLength = sourceName.length();
+            String targetName = sourceLength > QName.MAX_LENGTH ? sourceName.substring(0, QName.MAX_LENGTH) : sourceName;
+            int i=0;
+            while (targetAuthoritiesToCreate.containsKey(targetName))
+            {
+                String suffix = String.valueOf(++i);
+                int prefixLength = QName.MAX_LENGTH - suffix.length();
+                if (prefixLength < 0)
+                {
+                    break;
+                }
+                targetName = (sourceLength > prefixLength ? sourceName.substring(0, prefixLength) : sourceName) + suffix;
+            }
+            targetLookup.put(sourceName, targetName);
+            targetAuthoritiesToCreate.put(targetName, entry.getValue());
+        }
+        // Apply the name mapping to the parent associations
+        for (Map.Entry<String, Set<String>> entry: parentAssocs.entrySet())
+        {
+            Set<String> parents = new TreeSet<String>();
+            for (String parent : entry.getValue())
+            {
+                String targetParent = targetLookup.get(parent);
+                parents.add(targetParent == null ? parent : targetParent);
+            }
+            String sourceChild = entry.getKey();
+            String targetChild = targetLookup.get(sourceChild);
+            targetParentAssocs.put(targetChild == null ? sourceChild : targetChild, parents);
+        }
+    }
+    
     /**
      * Migrates the authorities and their associations.
      * 
@@ -358,19 +411,24 @@ public class AuthorityMigrationPatch extends AbstractPatch
             Map<String, Set<String>> parentAssocs = new TreeMap<String, Set<String>>();
             assocs = retrieveAuthorities(null, authorityContainer, authoritiesToCreate, parentAssocs);
 
+            // Truncate names to an acceptable length
+            Map<String, String> targetAuthoritiesToCreate = new TreeMap<String, String>();
+            Map<String, Set<String>> targetParentAssocs = new TreeMap<String, Set<String>>();
+            truncateAuthorities(authoritiesToCreate, parentAssocs, targetAuthoritiesToCreate, targetParentAssocs);
+            
             // Sort the group associations in parent-first order (root groups first)
             Map<String, Set<String>> sortedParentAssocs = new LinkedHashMap<String, Set<String>>(
                     parentAssocs.size() * 2);
             List<String> authorityPath = new ArrayList<String>(5);
-            for (String authority : parentAssocs.keySet())
+            for (String authority : targetParentAssocs.keySet())
             {
                 authorityPath.add(authority);
-                visitGroupAssociations(authorityPath, parentAssocs, sortedParentAssocs);
+                visitGroupAssociations(authorityPath, targetParentAssocs, sortedParentAssocs);
                 authorityPath.clear();
             }
 
             // Recreate the authorities and their associations in parent-first order
-            migrateAuthorities(authoritiesToCreate, sortedParentAssocs);
+            migrateAuthorities(targetAuthoritiesToCreate, sortedParentAssocs);
             authorities = authoritiesToCreate.size();
         }
         // build the result message