diff --git a/source/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java b/source/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java
index 03f35951ad..e03ce6789b 100644
--- a/source/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java
+++ b/source/java/org/alfresco/opencmis/AlfrescoCmisServiceImpl.java
@@ -77,6 +77,8 @@ import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.search.ResultSet;
 import org.alfresco.service.cmr.search.SearchParameters;
 import org.alfresco.service.cmr.search.SearchService;
+import org.alfresco.service.cmr.security.AccessStatus;
+import org.alfresco.service.cmr.security.PermissionService;
 import org.alfresco.service.cmr.version.Version;
 import org.alfresco.service.cmr.version.VersionHistory;
 import org.alfresco.service.cmr.version.VersionType;
@@ -117,6 +119,7 @@ import org.apache.chemistry.opencmis.commons.exceptions.CmisConstraintException;
 import org.apache.chemistry.opencmis.commons.exceptions.CmisContentAlreadyExistsException;
 import org.apache.chemistry.opencmis.commons.exceptions.CmisInvalidArgumentException;
 import org.apache.chemistry.opencmis.commons.exceptions.CmisObjectNotFoundException;
+import org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException;
 import org.apache.chemistry.opencmis.commons.exceptions.CmisRuntimeException;
 import org.apache.chemistry.opencmis.commons.exceptions.CmisStorageException;
 import org.apache.chemistry.opencmis.commons.exceptions.CmisStreamNotSupportedException;
@@ -1767,6 +1770,11 @@ public class AlfrescoCmisServiceImpl extends AbstractCmisService implements Alfr
             }
 
             // handle versions
+            if (info.isVariant(CMISObjectVariant.VERSION))
+            {
+                nodeRef = info.getCurrentNodeNodeRef();
+            }
+
             if (allVersions)
             {
                 NodeRef workingCopy = connector.getCheckOutCheckInService().getWorkingCopy(nodeRef);
@@ -1777,16 +1785,16 @@ public class AlfrescoCmisServiceImpl extends AbstractCmisService implements Alfr
             }
             else if (info.isVariant(CMISObjectVariant.VERSION))
             {
+                // Check the DELETE permission since the version service has no restrictions. 
+                if (connector.getServiceRegistry().getPermissionService().hasPermission(nodeRef, PermissionService.DELETE) != AccessStatus.ALLOWED)
+                {
+                    throw new CmisPermissionDeniedException("Cannot delete the node version.");
+                }
                 Version version = ((CMISNodeInfoImpl) info).getVersion();
                 connector.getVersionService().deleteVersion(nodeRef, version);
                 break;      // Reason for do-while
             }
 
-            if (info.isVariant(CMISObjectVariant.VERSION))
-            {
-                nodeRef = info.getCurrentNodeNodeRef();
-            }
-
             // attempt to delete the node
             if (allVersions)
             {
@@ -1794,7 +1802,7 @@ public class AlfrescoCmisServiceImpl extends AbstractCmisService implements Alfr
             }
             else
             {
-                CMISNodeInfoImpl infoImpl = ((CMISNodeInfoImpl) info);
+                CMISNodeInfoImpl infoImpl = (CMISNodeInfoImpl) info;
                 Version version = infoImpl.getVersion();
 
                 if (infoImpl.getVersionHistory().getPredecessor(version) == null)
@@ -1803,6 +1811,10 @@ public class AlfrescoCmisServiceImpl extends AbstractCmisService implements Alfr
                 }
                 else
                 {
+                    if (connector.getServiceRegistry().getPermissionService().hasPermission(nodeRef, PermissionService.DELETE) != AccessStatus.ALLOWED)
+                    {
+                        throw new CmisPermissionDeniedException("Cannot delete the node version.");
+                    }
                     connector.getVersionService().deleteVersion(nodeRef, version);
                     // MNT-10032 revert node version to predecessor
                     connector.getVersionService().revert(nodeRef);
diff --git a/source/java/org/alfresco/opencmis/CMISConnector.java b/source/java/org/alfresco/opencmis/CMISConnector.java
index 78aef1b9c1..18773e976c 100644
--- a/source/java/org/alfresco/opencmis/CMISConnector.java
+++ b/source/java/org/alfresco/opencmis/CMISConnector.java
@@ -504,7 +504,15 @@ public class CMISConnector implements ApplicationContextAware, ApplicationListen
 	public void setServiceRegistry(ServiceRegistry serviceRegistry)
 	{
 		this.serviceRegistry = serviceRegistry;
-	}
+	}
+
+    /**
+     * Return the service registry
+     */
+    public final ServiceRegistry getServiceRegistry()
+    {
+    	return this.serviceRegistry;
+    }
 
 	/**
      * Sets the descriptor service.
diff --git a/source/java/org/alfresco/opencmis/PublicApiCallContextHandler.java b/source/java/org/alfresco/opencmis/PublicApiCallContextHandler.java
index 178bfe2238..74619bc1cc 100644
--- a/source/java/org/alfresco/opencmis/PublicApiCallContextHandler.java
+++ b/source/java/org/alfresco/opencmis/PublicApiCallContextHandler.java
@@ -38,9 +38,16 @@ public class PublicApiCallContextHandler extends BasicAuthCallContextHandler
 
     @Override
 	public Map<String, String> getCallContextMap(HttpServletRequest request)
-	{
-		Map<String, String> map = new HashMap<String, String>();
-		map.put("isPublicApi", "true");
-		return map;
+	{
+        Map<String, String> map = new HashMap<String, String>();
+        
+        Map<String, String> basicAuthMap = super.getCallContextMap(request);
+        if (basicAuthMap != null && !basicAuthMap.isEmpty()) 
+        {
+            map.putAll(basicAuthMap);
+        }
+        
+        map.put("isPublicApi", "true");
+        return map;
 	}
 }