17533: Fix for unreported issue for events with multiple days (secondary elements) aren't filtered correctly when view is filtered by tags
17535: ETHREEOH-3411 - Alert appears when loading My Dashboard when Documents I'm editing dashlet is aded and site name was edited with XSS text
17536: Fixes for various forms issues (ETHREEOH-3398, ETHREEOH-3273, ETHREEOH-3339 & ALFCOM-3587) and reverted accidentally checked in log4j.properties file
- Folders can now have tags applied in edit form
- Working copy nodes have their cm:name property set to protected
- Removed mandatory marker from checkbox control (if you have a boolean there is always a value so no need to mark as mandatory)
- Potential security issue
17537: ETHREEOH-1908 - .docx word documents are not displayed in 'Word Documents' category in 'Document List' component. Also fixed some i18n strings.
17538: Fix for ETHREEOH-3085 and ETHREEOH-3341.
- NTLM/Kerberos, Tomcat/JBoss5 and JSF client now play nicely on session timeout and display the correct configured page on first login.
- Tested Share NTLM works correctly with above changes.
17539: Fix for ETHREEOH-3368: UI does not show multi-valued MLText propertis as localisable
17543: Merged DEV_TEMPORARY to V3.2
17529: Fix for ETHREEOH-3186 & ETHREEOH-3187
17544: Fix for ETHREEOH-1509 - Manage action is not applied for task resources part from My Tasks tab in Office Addins if user already opens another task.
17547: Fix for ETHREEOH-1709 - AccessDeniedException - Download Servlet not re-directing user to login page.
- WebDav path now resolved to a noderef as system user - then the permission test for READ_CONTENT is performed directly on the resulting noderef.
17548: Fix for ETHREEOH-3137 - Tags created for All day event are not displayed in Tags pane.
17551: Final part of fix for ETHREEOH-2161 includes solution for ETHREEOH-3270.
- An admin user can now optionally disable the execute of Rules and the Archive of nodes during a folder delete operation.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18128 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
17475: ETHREEOH-3295: Fix to AuthorityMigrationPatch
- Forces transaction retry if worker thread reaches child authority before a parent authority
- Tested on Kev's 3.1.1 repository with ~20,000 bulk loaded users and ~2,000 Share sites
- Now completes in 5 minutes as opposed to 45
17461: ETHREEOH-3268: Added MutableAuthenticationService.isAuthenticationCreationAllowed () to allow conditional display of external user invitation UI
17450: ETHREEOH-2762: Correction to previous fix. Do not generate new name when working copy copied back on check in.
17440: ETHREEOH-3295: Fixed logging in FixNameCrcValuesPatch
17439: ETHREEOH-2762: Improved behaviour when a working copy is copied
- Working copy aspect already removed the working copy aspect on copy
- Now derives a new name from the node checked out from and a UUID, preserving the extension
17438: ETHREEOH-2690: Fix sequencing of jgroups system property setting
- declared dependency between internalEHCacheManager and jgroupsPropertySetter
17436: ETHREEOH-3295: Further performance improvements to AuthorityMigrationPatch
- authority created at same time as all its parent associations to save lots of reindexing, as per LDAP sync
- multi-threaded BatchProcessor (as used by LDAP sync, FixNameCrcValuesPatch) used to process work in 2 threads in batches of 20, report progress every 100 entries and handle transaction retries
- BatchProcessor now promoted to its own package
17394: Fix for license issue in local enterprise builds.
- Replace Community with Enterprise in version.properties during enterprise war building
17365: ETHREEOH-3229: Visited and fixed all SearchService result set leaks
17362: ETHREEOH-3254: Eliminate needless ping to LDAP server in LDAPAuthenticationComponentImpl.implementationAllowsGuestLogin()
17348: ETHREEOH-3003: Fix NPE in Hyperic when LicenseDescriptor has null fields
17316: Merged V3.1 to V3.2
17315: ETHREEOH-3092: PersonService won't let you create duplicate persons anymore.
17314: ETHREEOH-3158: Fix RepoServerMgmt to work with external authentication methods
- AuthenticationService.getCurrentTicket / getNewTicket now call pre authentication check before issuing a new ticket, thus still allowing ticket enforcement when external authentication is in use.
17312: ETHREEOH-3219: Enable resolution of JMX server password file path on JBoss 5
17299: Merged V3.2 to V3.1 (Record only)
17297: ETHREEOH-1593: Changed name of username cookie and fixed login.jsp to decode it properly
17248: ETHREEOH-1593: alfUser cookie value should be base 64 encoded to allow for non-ASCII characters
17297: ETHREEOH-1593: Changed name of username cookie and fixed login.jsp to decode it properly
- thanks Kev!
17292: ETHREEOH-1842: Ticket association with HttpSession IDs tracked so that we don't invalidate a ticket in use by multiple sessions prematurely
- AuthenticationService validate, getCurrentTicket, etc. methods now take optional sessionId arguments
17269: Fix failing unit test
- reinstate original behaviour of AbstractChainingAuthenticationService.getAuthenticationEnabled()
17268: Fix InvitationService
- Runs as system to do privileged AuthenticationService actions
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18105 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
17667: Branch for SpringSurf integration - from HEAD r17665
17668: Fix to ensure included scripts files are not loaded from a cached classpath loader.
17670: Part 1 of SpringSurf integration - changes relating to spring-surf-core-1.0.0.CI-SNAPSHOT.jar
17674: Part 2 of SpringSurf integration - changes relating to spring-surf-core-configservice-1.0.0.CI-SNAPSHOT.jar
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@17788 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
16662: LDAP sync: improved group association filtering, referential integrity checking, deletion strategy and performance tuning of batch sizes
16648: ETHREEOH-2752: Improved ticket validation fix
- Invalidate user's tickets during person deletion rather than validation or it can mess up chained validation
16647: ETHREEOH-2534: Fixed Sharepoint NTLM authentication
- user details were never getting cached in the session
16579: Small improvement to LDAP error reporting
- Committed errors counted before successes in a logging interval
16515: LDAP sync performance
- Improved full sync strategy - run differential queries to work out required updates/additions and full queries to work out required deletions. Saves updating unchanged nodes.
- Use a TreeSet rather than a HashSet to gather group associations in an attempt to avoid blowing the heap size
16498: More LDAP performance improvements
- Uses thread pool with 4 worker threads and blocking queue to process returned results. The number of worker threads can be controlled by the synchronization.workerThreads property.
- Switched LDAP connection pooling back on again
- Group Associations processsed individually so that errors are collated and we get a better idea of their throughput
- Fixed potential bug. Group membership resolution done with isolated LDAP context to avoid cookies from paging creeping in.
16424: Try switching off LDAP connection pooling to see if it works better with our flaky server.
16414: Further LDAP fault tolerance
- Log causes of group member resolution failures where possible
16413: More fault tolerance for LDAP sync
- Always commit last sync times before overall sync is complete to avoid the 'forgetting' of differential sync information
- DN comparisons should be case insensitive to avoid issues resolving DNs to user and group IDs
16398: Improved monitoring and fault tolerance for LDAP sync
- When the batch is complete a summary of the number of errors and the last error stack trace will be logged at ERROR level
- Each individual error is logged at WARN level and progress information (including % complete) is collated and logged at INFO level after a configurable interval
- In the Enterprise Edition all metrics can be monitored in real time through JMX
- Sanity testing to be performed by Mike!
16319: Merged HEAD to V3.2
16316: ALFCOM-3397: JBoss 5 compatibility fix
- Relative paths used by LDAP subsystem configuration weren't being resolved correctly
- See also https://jira.jboss.org/jira/browse/JBAS-6548 and https://jira.springsource.org/browse/SPR-5120
16272: ETHREEOH-2752: Once more with feeling!
16261: ETHREEOH-2752: Correct exception propagation.
16260: ETHREEOH-2752: Fix ticket validation
- Current ticket was getting forgotten by previous fix
- Person validation in CHECK mode now done AFTER the current user is set, so that the current ticket is remembered
16243: ETHREEOH-2752: Improve ticket validation used by all authentication filters
- Now takes into account whether person actually exists or not
- Tickets for non-nonexistent persons are now considered invalid and cached session information is invalidated
- New BaseAuthenticationFilter superclass for all authentication filters
- Improved fix to ETHREEOH-2839: WebDAV user is cached consistently using a different session attribute from the Web Client
16233: ETHREEOH-2754: Correction to previous checkin.
- relogin for SSO authentication, logout for normal login page
- logout is default
16232: ETHREEOH-2754: Log Out Action outcome passed as a parameter
- relogin for SSO authentication, login for normal login page
- Means the log out link always leads to the correct place, even when the session has expired
- Also lowered ticket validation error logging to DEBUG level to avoid unnecessary noise in the logs from expired sessions
16220: ETHREEOH-2839: Fixed potential ClassCastExceptions when Alfresco accessed via WebDAV and Web Client links in same browser
- WebDAV side no longer directly casts session user to a WebDAVUser
- ContextListener no longer casts session user to web client user
- Web client side will 'promote' session user to a web client User if necessary via AuthenticationHelper
- All authentication filters made to use appropriate AuthenticationHelper methods
16211: ETHREEOH-2835: LDAP sync batches user and group deletions as well as creations
- Also improved logging of sync failures
16197: ETHREEOH-2782: LDAP subsystems now support search-based user DN resolution
- When ldap.authentication.userNameFormat isn't set (now the default) converts a user ID to a DN by running ldap.synchronization.personQuery with an extra condition tacked on the end to find the user by ID
- Structured directories and authentication by attributes not in the DN such as email address now supported
16189: ALFCOM-3283: Prevent errors when user accepts an invite when not logged in
- new isGuest attribute propagated to user object
- header component (used by accept-invite page) needs to avoid calling prefs and site webscripts for guest user
- Conditional stuff in header template changed to use user.isGuest
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16896 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
6435: AR-1644 Web Scripts do not provide any control over caching
6469: Replaced EUPL licence with standard license header
6526: AR-1685 Error creating workflow with no document associated
6565: Fix for issue with file Upload in main web-client portlet for JBoss/Liferay portal integration.
6578: AR-1620: Upgraded One-Jar to 0.96-RC4
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@6581 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
svn merge svn://svn.alfresco.com:3691/alfresco/BRANCHES/V2.0@5141 svn://svn.alfresco.com:3691/alfresco/BRANCHES/V2.0@51352 .
- FLOSS
- Some files will need a follow-up
-root/projects/repository/source/java/org/alfresco/repo/avm/wf/AVMRemoveWFStoreHandler.java (not yet on HEAD: 5094)
-root/projects/repository/source/java/org/alfresco/filesys/server/state/FileStateLockManager.java (not yet on HEAD: 5093)
-onContentUpdateRecord (not on HEAD)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@5167 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- an out-of-date ticket could be used by the client to call repo services
- after failing to validate an out-of-date ticket, the User object was not being removed from the Session
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2029 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
