Auto-reformat added 20 minutes of work!
17456: Fix for: ETHREEOH-1465: It's impossible to get the login history for a given user (Audit)
17463: Fixed ETHREEOH-3363: CLONE -Regression: readOnly settings causing bootstrap to fail
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18144 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
17246: ETHREEOH-3208: User profiles for users authenticated by immutable subsystems are now read only
- Introduced MutableAuthenticationService interface, only implemented by Alfresco native authentication service
- Split out those methods from AuthenticationService that mutate the user store and added isAuthenticationMutable()
- Now both Alfresco Explorer and Share user profile / password edit link rendering is conditional on isAuthenticationMutable
- Works with authentication chain containing mixture of internally and externally authenticated users
17247: Fix failing unit tests
- rm-public-services-security-context.xml needed to be brought in line with public-services-security-context.xml (and will forever more!)
17248: ETHREEOH-1593: alfUser cookie value should be base 64 encoded to allow for non-ASCII characters
17253: *RECORD ONLY* ETHREEOH-2885: web.xml must conform to the schema to work on JBoss
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18098 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
16062: ETHREEOH-2792: Support login via external SSO systems (such as CAS) in Alfresco Share
- In Alfresco, new "external" authentication subsystem maps user identity from HttpServletRequest.getRemoteUser() or configured header
- In Share, the UserFactory also recognizes HttpServletRequest.getRemoteUser() - no special filters required
- User ID propagated to Alfresco through X-Alfresco-Remote-User HTTP header
- This can be done securely via the use of an SSL client certificate that identifies the Share application to Alfresco as a special 'proxy' user
- New <keystore> section added to webscript-framework-config that allows specification of the keystore holding the client certificate and trusted CAs
- Support for SSL authentication and propagation of Cookies through redirects added to RemoteClient so that initial redirects through sign on pages are supported
- TODO: Wiki
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16065 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
