17475: ETHREEOH-3295: Fix to AuthorityMigrationPatch
- Forces transaction retry if worker thread reaches child authority before a parent authority
- Tested on Kev's 3.1.1 repository with ~20,000 bulk loaded users and ~2,000 Share sites
- Now completes in 5 minutes as opposed to 45
17461: ETHREEOH-3268: Added MutableAuthenticationService.isAuthenticationCreationAllowed () to allow conditional display of external user invitation UI
17450: ETHREEOH-2762: Correction to previous fix. Do not generate new name when working copy copied back on check in.
17440: ETHREEOH-3295: Fixed logging in FixNameCrcValuesPatch
17439: ETHREEOH-2762: Improved behaviour when a working copy is copied
- Working copy aspect already removed the working copy aspect on copy
- Now derives a new name from the node checked out from and a UUID, preserving the extension
17438: ETHREEOH-2690: Fix sequencing of jgroups system property setting
- declared dependency between internalEHCacheManager and jgroupsPropertySetter
17436: ETHREEOH-3295: Further performance improvements to AuthorityMigrationPatch
- authority created at same time as all its parent associations to save lots of reindexing, as per LDAP sync
- multi-threaded BatchProcessor (as used by LDAP sync, FixNameCrcValuesPatch) used to process work in 2 threads in batches of 20, report progress every 100 entries and handle transaction retries
- BatchProcessor now promoted to its own package
17394: Fix for license issue in local enterprise builds.
- Replace Community with Enterprise in version.properties during enterprise war building
17365: ETHREEOH-3229: Visited and fixed all SearchService result set leaks
17362: ETHREEOH-3254: Eliminate needless ping to LDAP server in LDAPAuthenticationComponentImpl.implementationAllowsGuestLogin()
17348: ETHREEOH-3003: Fix NPE in Hyperic when LicenseDescriptor has null fields
17316: Merged V3.1 to V3.2
17315: ETHREEOH-3092: PersonService won't let you create duplicate persons anymore.
17314: ETHREEOH-3158: Fix RepoServerMgmt to work with external authentication methods
- AuthenticationService.getCurrentTicket / getNewTicket now call pre authentication check before issuing a new ticket, thus still allowing ticket enforcement when external authentication is in use.
17312: ETHREEOH-3219: Enable resolution of JMX server password file path on JBoss 5
17299: Merged V3.2 to V3.1 (Record only)
17297: ETHREEOH-1593: Changed name of username cookie and fixed login.jsp to decode it properly
17248: ETHREEOH-1593: alfUser cookie value should be base 64 encoded to allow for non-ASCII characters
17297: ETHREEOH-1593: Changed name of username cookie and fixed login.jsp to decode it properly
- thanks Kev!
17292: ETHREEOH-1842: Ticket association with HttpSession IDs tracked so that we don't invalidate a ticket in use by multiple sessions prematurely
- AuthenticationService validate, getCurrentTicket, etc. methods now take optional sessionId arguments
17269: Fix failing unit test
- reinstate original behaviour of AbstractChainingAuthenticationService.getAuthenticationEnabled()
17268: Fix InvitationService
- Runs as system to do privileged AuthenticationService actions
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18105 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
16662: LDAP sync: improved group association filtering, referential integrity checking, deletion strategy and performance tuning of batch sizes
16648: ETHREEOH-2752: Improved ticket validation fix
- Invalidate user's tickets during person deletion rather than validation or it can mess up chained validation
16647: ETHREEOH-2534: Fixed Sharepoint NTLM authentication
- user details were never getting cached in the session
16579: Small improvement to LDAP error reporting
- Committed errors counted before successes in a logging interval
16515: LDAP sync performance
- Improved full sync strategy - run differential queries to work out required updates/additions and full queries to work out required deletions. Saves updating unchanged nodes.
- Use a TreeSet rather than a HashSet to gather group associations in an attempt to avoid blowing the heap size
16498: More LDAP performance improvements
- Uses thread pool with 4 worker threads and blocking queue to process returned results. The number of worker threads can be controlled by the synchronization.workerThreads property.
- Switched LDAP connection pooling back on again
- Group Associations processsed individually so that errors are collated and we get a better idea of their throughput
- Fixed potential bug. Group membership resolution done with isolated LDAP context to avoid cookies from paging creeping in.
16424: Try switching off LDAP connection pooling to see if it works better with our flaky server.
16414: Further LDAP fault tolerance
- Log causes of group member resolution failures where possible
16413: More fault tolerance for LDAP sync
- Always commit last sync times before overall sync is complete to avoid the 'forgetting' of differential sync information
- DN comparisons should be case insensitive to avoid issues resolving DNs to user and group IDs
16398: Improved monitoring and fault tolerance for LDAP sync
- When the batch is complete a summary of the number of errors and the last error stack trace will be logged at ERROR level
- Each individual error is logged at WARN level and progress information (including % complete) is collated and logged at INFO level after a configurable interval
- In the Enterprise Edition all metrics can be monitored in real time through JMX
- Sanity testing to be performed by Mike!
16319: Merged HEAD to V3.2
16316: ALFCOM-3397: JBoss 5 compatibility fix
- Relative paths used by LDAP subsystem configuration weren't being resolved correctly
- See also https://jira.jboss.org/jira/browse/JBAS-6548 and https://jira.springsource.org/browse/SPR-5120
16272: ETHREEOH-2752: Once more with feeling!
16261: ETHREEOH-2752: Correct exception propagation.
16260: ETHREEOH-2752: Fix ticket validation
- Current ticket was getting forgotten by previous fix
- Person validation in CHECK mode now done AFTER the current user is set, so that the current ticket is remembered
16243: ETHREEOH-2752: Improve ticket validation used by all authentication filters
- Now takes into account whether person actually exists or not
- Tickets for non-nonexistent persons are now considered invalid and cached session information is invalidated
- New BaseAuthenticationFilter superclass for all authentication filters
- Improved fix to ETHREEOH-2839: WebDAV user is cached consistently using a different session attribute from the Web Client
16233: ETHREEOH-2754: Correction to previous checkin.
- relogin for SSO authentication, logout for normal login page
- logout is default
16232: ETHREEOH-2754: Log Out Action outcome passed as a parameter
- relogin for SSO authentication, login for normal login page
- Means the log out link always leads to the correct place, even when the session has expired
- Also lowered ticket validation error logging to DEBUG level to avoid unnecessary noise in the logs from expired sessions
16220: ETHREEOH-2839: Fixed potential ClassCastExceptions when Alfresco accessed via WebDAV and Web Client links in same browser
- WebDAV side no longer directly casts session user to a WebDAVUser
- ContextListener no longer casts session user to web client user
- Web client side will 'promote' session user to a web client User if necessary via AuthenticationHelper
- All authentication filters made to use appropriate AuthenticationHelper methods
16211: ETHREEOH-2835: LDAP sync batches user and group deletions as well as creations
- Also improved logging of sync failures
16197: ETHREEOH-2782: LDAP subsystems now support search-based user DN resolution
- When ldap.authentication.userNameFormat isn't set (now the default) converts a user ID to a DN by running ldap.synchronization.personQuery with an extra condition tacked on the end to find the user by ID
- Structured directories and authentication by attributes not in the DN such as email address now supported
16189: ALFCOM-3283: Prevent errors when user accepts an invite when not logged in
- new isGuest attribute propagated to user object
- header component (used by accept-invite page) needs to avoid calling prefs and site webscripts for guest user
- Conditional stuff in header template changed to use user.isGuest
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16896 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
13084: Merged V2.1-A to V3.1
7984: *RECORD-ONLY* Final part of fix for ACT 819, by default the web-client now generates WebScript content download API based URLs to allow relative paths to be resolved in HTML content files
13086: Merged V2.1-A to V3.1
7986: *RECORD-ONLY* Additional for ACT 819, View In Browser details page links and cm:link objects to content now output Content API webscript urls
13090: Merged V2.1-A to V3.1
7986: Language locale auto-selection based on browser locale - see ACT 1053
NOTE: a web-client-config setting has been added to enable this - it is off by default.
13093: Merged V2.1-A to V3.1
8255: Filetypes and PanelGenerator enhancements
13094: Merged V2.1-A to V3.1
8547: Branding changes from Mike [just filetypes merged]
13095: Merged V2.1-A to V3.1
8555: Webdav path support for ExternalAccessServlet browse navigation
13103: Merged V2.1-A to V3.1
8592: Fix for login page issue with language locale auto-selection - see ACT 1053
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13559 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
12083: Fix for ETHREEOH-790 - when using external auth such as NTLM the Change Password and Logout features are no longer available in the Share UI.
12085: ETHREEOH-565: Failure to generate flash preview for PPT file
12086: ETHREEOH-903 Sites drop-down Favorites UI improvements
ETHREEOH-904 My Sites dashlet Favorites UI improvements
ETHREEOH-547 User who is not a site manager can delete sites: my sites dashlet and sites page
12093: ETHREEOH-861, ETHREEOH-928
12094: Remove __MACOSX folder that has appeared in Share webapp
12096: Removed spurious files from YUI 2.6.0 distribution
12100: ETHREEOH-929 Tightening up transport adapters field (should never be shown for ASR)
12104: Fix for ETHREEOH-944. Admin now able to reset user home location again ((regression).
12105: Fixed: ETHREEOH-934 Multi-clicking Site favoriate icons can cause multiple requests before others finish and effectively cause a browser lock-up until page refresh
12106: Exception needs to be rethrown after releasing packet to the memory pool on a Winsock NetBIOS receive. ETHREEOH-628.
12110: An i18n message didn't work for failures. Related to ETHREEOH-934 Multi-clicking Site favoriate icons can cause multiple requests before others finish and effectively cause a browser lock-up until page refresh
12115: Added unit test to check for cm:folder-derived type support
12116: Removed unused, old patch-related query
12117: Merged V2.2 to V3.0
11454: Fixed ASH-7: QName fetching is inefficient when run without L2 cache
12118: Fixed compilation error after merge
12119: DM User Usages - 2nd pass (fix ETHREEOH-677)
12122: UserUsage does nothing if system is READ-ONLY.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@12500 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
11943: Fix for ETHREEOH-879 & ETHREEOH-783: Multi-valued properties not allowed in Alfresco 3.0 (due to java.lang.UnsupportedOperationException)
11944: Fix for ETHREEOH-865
11947: Build fix for site service unit test failures. This will be reviewed since it works round the issue rather than tackle why runAs is now failing.
11952: ETHREEOH-845, ETHREEOH-871, ETHREEOH-853, ETHREEOH-839
11953: ETHREEOH-483 Unable to upload files [with Flash 10 installed] Fixed to fit into yui 2.6.0
11954: Added missing 'protocolOrder' configuration value.
11956: Fix for ETHREEOH-895
11957: Fix for ETHREEOH-891.
11958: Readded generated source line for RemoteAPI project.
11959: ETHREEOH-483 Unable to upload files [with Flash 10 installed] Missed to add this image
11960: Removed JDK6 specific method.
11962: Fixed missing setup of the share mapper class name when the <class> config tag is used. ALFCOM-2060.
11964: fix for ETHREEOH-266 - restrict length of webapp to 150 chars.
11965: Merged 2.2 to 3.0
11926: Fox for ETHREEOH-725 User doesn't receive email to his box when rule 'Send an Email to specified users' is created
11966: ETHREEOH-872: Editing Email-notify-rules fails w/ ClassCastException
11967: MT - test fixes (post runAs merge)
11968: Changed Windows x64 NetBIOS warning message to be a debug message. ETHREEOH-897.
11971: ETHREEOH-829 Case issue when inserting Document Share links into a discussion using richtext editor
11973: Fix for ETHREEOH-890 - users with apostrophe in their login name can now login to Alfresco Explorer (and Share).
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@12490 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
7276: Add specific login error messages (as opposed to "unknown username...') in cases where users are disallowed and/or max users exceeded
7277: Update to JMX-based admin: option to disable (and re-enable) link validation service
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@8254 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
6486: Fix for AWC-1134 (Made minimum length for username and password configurable)
6487: Added "copy.verbose" property to build script to list all files being copied in the 'deploy-tomcat-exploded' and 'deploy-webclient-changes' targets
6488: Changed default CIFS server to remove underscore as it can cause problems with OpenOffice.
6489: Fix for WCM-498 (Expired items that are deleted are not represented as such in the change request dialog or submit dialog)
6490: Fix for WCM-446 and WCM-624. Multi-select and All operations in Modified Files list respect items in workflow and ignore them.
6491: Fixes profoundly brain dead behavior in AVMLockingService.init().
6492: Refactoring of LookupCache to be clustering compatible
6493: Staging and locking changes
6494: WCM Revert action moved to end of all action lists to avoid accidently clicking it (as it has no confirmation screen!)
6496: Fixes for WCM-746 and WCM-747 - Edit File Properties and Edit Folder Properties working correctly again for AVM objects.
6497: Enable virtualization server to be (re)started at any point prior or during the startup of the alfresco webapp (fixes WCM-750).
6498: WCM-742 - moving locks from the preview sandbox to the main user sandbox.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@6739 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
svn merge svn://svn.alfresco.com:3691/alfresco/BRANCHES/V2.0@5141 svn://svn.alfresco.com:3691/alfresco/BRANCHES/V2.0@51352 .
- FLOSS
- Some files will need a follow-up
-root/projects/repository/source/java/org/alfresco/repo/avm/wf/AVMRemoveWFStoreHandler.java (not yet on HEAD: 5094)
-root/projects/repository/source/java/org/alfresco/filesys/server/state/FileStateLockManager.java (not yet on HEAD: 5093)
-onContentUpdateRecord (not on HEAD)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@5167 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- Web Client support for changing content filter language
- I18NUtil support for contentLocale
- MLPropertyInterceptor handling of properties inbound and outbound
TODO:
- Is new Locale("") valid?
- Some more tests to ensure property interceptor is working
- Move interceptor into .sample config file
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@5003 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- so new users see the helpful Getting Started page when logging in
- this client config value can be changed if the sys admin does not want the MyAlfresco to be the default page
. Add User Preference to change the default view after login
- so users familiar with the system can change their default view back to Home Space or similar
. Added client config to allow Guest user access to Configure Dashboard action (set to 'false' by default)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@3652 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- the External Access servlet now supports jumping to the My Alfresco dashboard for a user
- pages other than the default are supported
- URL is of the form /alfresco/navigate/myalfresco or /alfresco/navigate/myalfresco?page=id
. Added configuration so that the web-client can be configured to jump to any of the following start locations:
My Home (current defaut), Company Home, Guest Home or My Alfresco dashboard
see the <initial-location> web-client-config element
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@3398 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- Storing of "inPortal" flag in a Threadlocal
- No longer invalidate portlet session on logout - clear session by hand instead
- Makes it easier to integrate with other JSR-168 vendors such as Liferay
. Added the current template NodeRef to the default templating model
- Accessable as an object in the root of the templating model called "template"
. Added the current script NodeRef to the default scripting model
- Accessable as a root scope object called "script"
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2934 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
. Fix of UserTransaction handling in AuthenticationHelper - very noticable when Guest access fails on older (pre 1.2) databases
. Refactoring of all servlet authentication patterns to be consistent and use a helper so all support Guest and Ticket arguments
. Fix to external URL generation on Document and Space Details pages
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2214 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
. Fixes to document/space details screen when expanding/collapsing the Links panel
. Fix to Saved Searches to handle AuthenticationException for Guest user access to saved searches folder
. Fix to New User and Edit Password dialogs to fire text changed events when paste is used to fill in form fields
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2164 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
