inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,296 Commits 324 Branches 2,170 Tags
a9eb35e67fd99137a83d2a54e2bb960ecc4d5428
Commit Graph

9 Commits

Author SHA1 Message Date
Dave Ward
9963da3d51 Merged V3.3 to HEAD 
20794: Merged DEV/V3.3-BUG-FIX to V3.3
      20792: Fix for unit test failures introduced by check in 20771
      20791: ALF-3568: Include axiom jars in WAS shared library to solve Quickr connector issues
      20785: Merged DEV/BELARUS/V3.3-BUG-FIX-2010_06_14 to DEV/V3.3-BUG-FIX
         20644: Function for the browser window closing was implemented. For IE browser the trick with window opener was used. Fixes ALF-1004: After closing Details Space, user doesn't return to his previous location
      20784: Fix for ALF-3516: Enterprise 3.X / Impossible to Create a Blog with Special Characters in the Title (?/!)
      20783: Fix for ALF-1087: Documents checked-out from Share do not have "Upload new version" action in Alfresco Explorer
      20782: Added multiday timed event handling to week view
      20775: Merged V3.3 to DEV/V3.3-BUG-FIX
         20670: Fix for ALF-3260: XSS attack is made in Wiki tab if First/Last user name contain xss. Also fixed double encoding errors found during regression testing.
      20772: Update to node browser to show namespace of attributes.
      20771: ALF-3591 - transferring rules.
         - also extends the behaviour filter.
      20770: ALF-3186 - action parameter values are not fully transferred - need to handle d:any
      20768: AVM - ALF-3611 (OrphanReaper + PurgeTestP + additional NPE fixes)
      20765: (RECORD ONLY) Merged BRANCHES/V3.3 to BRANCHES/DEV/V3.3-BUG-FIX:
         20708: DB2 build - add create/drop db ant targets (use DB2 cmdline - since not possible via JDBC/SQL)
         20722: DB2 build - run db2cmd in same window (follow-on to r20708)
      20764: Fix unreported JSON encoding issue with links components
      20762: Fix ALF-2599: Share - Cannot search for user currently logged on
      20759: DB2: fix FullNodeServiceTest.testLongMLTextValues (ALF-497)
         - TODO: fix create script when merging to HEAD
      20756: DB2: fix JBPMEngine*Test.* (ALF-3640) - follow-on (upgrade patch)
      20746: DB2: fix WebProjectServiceImplTest.testCreateWebProject (ALF-2300)
      20744: DB2: fix JBPMEngine*Test.* (ALF-3640) - missed file
      20743: DB2: fix JBPMEngine*Test.* (ALF-3640)
      20729: AVM - fix purge store so that root nodes are actually orphaned (ALF-3627)
         - also prelim for ALF-3611
      20720: (RECORD ONLY) ALF-3594: Merged HEAD to V3.3-BUGFIX
         20616: ALF-2265: Share 'Uber Filter' part 2
            - WebScriptNTLMAuthenticationFilter detached from its superclass and renamed to WebScriptSSOAuthenticationFilter
            - Now the filter simply chains to the downstream authentication filter rather than call its superclass
            - This means the same filter can be used for Kerberos-protected webscripts as well as NTLM
            - Wired globalAuthenticationFilter behind webscriptAuthenticationFilter in the filter chain in web.xml
            - Configured webscriptAuthenticationFilter for Kerberos subsystem
      20719: Merged DEV/TEMPORARY to V3.3-BUGFIX
         20696: ALF-3180: when using NTLM SSO, a user needs to log in first into the web UI before being able to mount alfresco using CIFS
            The absence of the missing person creation logic in “the org.alfresco.filesys.auth.cifs.PassthruCifsAuthenticator.authenticateUser()” method was fixed. 
      20718: Merged DEV/TEMPORARY to V3.3-BUGFIX
         20659: ALF-3216: Incomplete settings for Lotus Quickr
            The protocol,host,port and context are removed from properties and a dependency on the org.alfresco.repo.admin.SysAdminParams interface is introduced.
      20711: Latest SpringSurf libs - fix for ALF-3557
      20710: Merged HEAD to BRANCHES/DEV/V3.3-BUG-FIX:
         20705: Fix ALF-3585: AtomPub summary can render first part of binary content resulting in invalid XML
      20691: Merged DEV/TEMPORARY to V3.3-BUGFIX
         19404: ALF-220: Editor can't rename files and folders via WebDav
            The Rename method of FileFolderService was used in case of file renaming instead of move method in WebDAV MOVE command.
      20663: ALF-3208 RenderingEngine actions should no longer appear in the list of available actions that can be fired using rules.
      20656: ALF-2645: LDAP sync now logs 'dangling references' for debugging purposes
      20651: ALF-485: FTP passthru authenticator logs authentication failures at debug level to avoid noise in the logs
      20646: Merge V2.2 To V3.3
         14301 : RECORD ONLY - ETWOTWO-1227 - fix to serialize FSR deployments.
         14618 : RECORD ONLY - Merge HEAD to 2.2 13944 : After rename project deploy option disappears.
      20637: ALF-3123: Avoid NPE on Oracle when loading empty string values persisted through JMX and the attribute service
      20633: ALF-2057: LDAP synchronization lock now persists for a maximum of two minutes (instead of 24 hours!)
         - The exclusive lock gained for LDAP sync from the JobLockService is now refreshed at 1 minute intervals and never persists for more than 2 minutes
      20628: ALF-1905: Allow use of anonymous bind for LDAP synchronization (NOT authentication)
         - Previously synchronization AND authentication shared the same setting for java.naming.security.authentication, meaning that if you tried to use anonymous bind for the synchronization side, the authentication side would complain.
         - Now there are two independent environments declared for the 'default' synchronization connection and the authentication connection
         - A new property ldap.synchronization.java.naming.security.authentication declares the authentication type used by synchronization. Set to "none" for anonymous bind.
      20623: Fix for ALF-3188 : Access Denied when updating doc via CIFS
      20620: Merge DEV to V3.3-BUG-FIX
         20456 -  ALF-1824 : Setting alfresco.rmi.services.host on linux does not use specified host/IP
      20617: Merged DEV/BELARUS/V3.3-2010_06_08 to V3.3-BUG-FIX (with corrections)
         20606: ALF-651: Web Services client ContentUtils.convertToByteArray is broken
            - org.alfresco.webservice.util.ContentUtils.convertToByteArray() method has been updated to cover large Input Streams conversion.
            - org.alfresco.webservice.test.ContentUtilsTest is a test for the new functionality implemented in the ContentUtils class.
            - org.alfresco.webservice.test.resources.big-content.pdf is a large content for the ContentUtilsTest.testInputStreamToByteArrayConversion() test.
      20613: Fixed ALF-1746: Metadata extractors are unable to remove ALL aspect-related properties
         - putRawValue keeps hold of 'null' values
         - All policies keep hold of 'null' values
         - Only affects 'carryAspectProperties=false'
      20609: Merged HEAD to V3.3-BUG-FIX
         20578: ALF-3178 - Transfer Service - to transfer rule (ie. ruleFolder with it's children) the PathHelper should allow "-" (dash character)
         20608: ALF-3178 - fix r20578 (mis-applied patch)
      20594: WebDAV BitKinex compatibility fix - Let the XML Parser work out the body encoding if it is not declared in the Content-Type header
      20588: (RECORD ONLY) Merged V3.3 to V3.3-BUG-FIX
         - Merged across all differences from V3.3
   20778: Added revision to version label.
   20777: Fix for ALF-2451 - installer correctly configure Share port
   20722: DB2 build - run db2cmd in same window (follow-on to r20712)
   20721: DB2 build - fix create target and add "/c" to exit "db2cmd"
      - TODO: add wait/timeout target, ideally checking for created DB 


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@20796 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
 2010-06-24 15:47:38 +00:00
Dave Ward
e0f29a76e4 Merged V3.2 to HEAD 
18846: ETHREEOH-4233: LDAP sync now synchronizes group display names
      - New ldap.synchronization.groupDisplayNameAttributeName property provides name of LDAP attribute


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18856 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
 2010-02-25 17:17:04 +00:00
Dave Ward
bb3c8a1244 Merged V3.2 to HEAD 
18088: ETHREEOH-3787: Addition of liferay-display.xml to define category for demo portlet
   18053: Build fix: Re-enable log ins to Alfresco web app when not running in a portlet container
      - Removed direct dependencies between FacesHelper and portlet API
   18037: Merged DEV/DAVEW/SURFPORTLET to V3.2
      17669: Changes to enable surf rendering from a portlet
         - New DispatcherPortlet forwards portlet requests to the DispatcherServlet as servlet requests.
         - A new filter 'lazily' creates users' dashboard pages to avoid the need to have to redirect from site-index.jsp
         - Build against JSR 286 portlet 2.0 API jar
         - Exclude portlet API jar from war to avoid ClassCastExceptions
         - Lazily init portlet authenticators to avoid ClassNotFoundExceptions when not running in a portlet container
         - Fix web.xml schema validation problems
         - UserFactory session keys given unique prefix to avoid class with Liferay shared session attributes
         - Liferay deployment descriptor to enable user principal name resolution
         - Fixed subsystem problem that prevented the override of a property with the empty string in alfresco-global.properties. Stopped 'unprotected' external auth from working.
   18019: ETHREEOH-3770: LDAP sync now supports attribute range retrieval to get around limits imposed by Active Directory on multi-valued attributes
      - Meant that groups with more than 1000 members were getting truncated in Active Directory
      - Now switched on in ldap-ad and off in ldap subsystem
      - Also switched off result set paging in ldap subsystem by default for wider compatibility with non-AD systems
   17759: Merged DEV/BELARUS/V3.2-2009_11_24 to V3.2
      17755: ETHREEOH-3739: build 283: Upgrades from 3.1.1 and 3.1.2 fail on JBoss 5.1
         - The getFile method was created for ImapFoldersPatch to retrieve acp file for ACPImportPackageHandler.
         - This method tries to load ACP file from file location and if it is unsuccessful then creates temporary file from resource input stream. 
         - In other words we apply aproach from ImporterBootstrap.
   17600: ETHREEOH-1002: Avoid using HTTP 1.1 chunked transfer encoding to send heartbeat data because some proxy servers can't cope with it!
      - Unit test can now parse chunked and un-chunked HTTP requests
   17597: Further optimizations to authority caching
      - Don't invalidate entire user authority lookup cache when user added to or removed from an authority
   17588: Fix up authority caching
      - Need to include tenant domain in cache key
      - Also reinstated cache of user recursive group memberships for performance purposes
   17559: ETHREEOH-3440: Authority search performance improvements
      - AuthorityDAO now uses Lucene (again) to do wildcard style authority searches by name, type and zone
      - Retrieval by exact name, type and zone still performed by DB methods
      - DB methods now optimized to avoid having to load group child nodes to determine group membership
      - Authority cache now stores authority node refs by name to reduce authority resolution queries
      - ScriptGroup avoids hammering repository with multiple searches to determine group membership
   17545: ETHREEOH-3371: Fixed group searches to search within the default zone and thus hide 'invisible' WCM and Share groups.
   17527: ETHREEOH-3375: Use static inner class for cache key to avoid non serializable exceptions
   17523: ETHREEOH-3337: Fix NPEs in RepoServerMgmt operations
      - Transactional cache can have entries with non-null keys and null values
   17521: ETHREEOH-3158: Proper handling of user validation failures in Kerberos Authentication filters.
   17490: Fix failing HeartBeatTest
      - Prevent possibility of both test and non-test public keys being used at the same time
   17481: Fix build for Jan
     - Removed JDK 1.6 String.isEmpty() references
   17472: Follow-on for ETHREEOH-2648 - tighten guest login, eg. if no guest configured (in auth chain)


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18108 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
 2010-01-18 19:47:40 +00:00
Dave Ward
85c1b71826 Merged V3.2 to HEAD 
16662: LDAP sync: improved group association filtering, referential integrity checking, deletion strategy and performance tuning of batch sizes
   16648: ETHREEOH-2752: Improved ticket validation fix
      - Invalidate user's tickets during person deletion rather than validation or it can mess up chained validation
   16647: ETHREEOH-2534: Fixed Sharepoint NTLM authentication
      - user details were never getting cached in the session
   16579: Small improvement to LDAP error reporting
      - Committed errors counted before successes in a logging interval
   16515: LDAP sync performance
      - Improved full sync strategy - run differential queries to work out required updates/additions and full queries to work out required deletions. Saves updating unchanged nodes.
      - Use a TreeSet rather than a HashSet to gather group associations in an attempt to avoid blowing the heap size
   16498: More LDAP performance improvements
      - Uses thread pool with 4 worker threads and blocking queue to process returned results. The number of worker threads can be controlled by the synchronization.workerThreads property.
      - Switched LDAP connection pooling back on again
      - Group Associations processsed individually so that errors are collated and we get a better idea of their throughput
      - Fixed potential bug. Group membership resolution done with isolated LDAP context to avoid cookies from paging creeping in.
   16424: Try switching off LDAP connection pooling to see if it works better with our flaky server.
   16414: Further LDAP fault tolerance
      - Log causes of group member resolution failures where possible
   16413: More fault tolerance for LDAP sync
      - Always commit last sync times before overall sync is complete to avoid the 'forgetting' of differential sync information
      - DN comparisons should be case insensitive to avoid issues resolving DNs to user and group IDs
   16398: Improved monitoring and fault tolerance for LDAP sync
      - When the batch is complete a summary of the number of errors and the last error stack trace will be logged at ERROR level
      - Each individual error is logged at WARN level and progress information (including % complete) is collated and logged at INFO level after a configurable interval
      - In the Enterprise Edition all metrics can be monitored in real time through JMX
      - Sanity testing to be performed by Mike!
   16319: Merged HEAD to V3.2
      16316: ALFCOM-3397: JBoss 5 compatibility fix
         - Relative paths used by LDAP subsystem configuration weren't being resolved correctly
         - See also https://jira.jboss.org/jira/browse/JBAS-6548 and https://jira.springsource.org/browse/SPR-5120
   16272: ETHREEOH-2752: Once more with feeling!
   16261: ETHREEOH-2752: Correct exception propagation.
   16260: ETHREEOH-2752: Fix ticket validation
      - Current ticket was getting forgotten by previous fix
      - Person validation in CHECK mode now done AFTER the current user is set, so that the current ticket is remembered
   16243: ETHREEOH-2752: Improve ticket validation used by all authentication filters
      - Now takes into account whether person actually exists or not
      - Tickets for non-nonexistent persons are now considered invalid and cached session information is invalidated
      - New BaseAuthenticationFilter superclass for all authentication filters
      - Improved fix to ETHREEOH-2839: WebDAV user is cached consistently using a different session attribute from the Web Client
   16233: ETHREEOH-2754: Correction to previous checkin.
      - relogin for SSO authentication, logout for normal login page
      - logout is default
   16232: ETHREEOH-2754: Log Out Action outcome passed as a parameter
      - relogin for SSO authentication, login for normal login page
      - Means the log out link always leads to the correct place, even when the session has expired
      - Also lowered ticket validation error logging to DEBUG level to avoid unnecessary noise in the logs from expired sessions
   16220: ETHREEOH-2839: Fixed potential ClassCastExceptions when Alfresco accessed via WebDAV and Web Client links in same browser
      - WebDAV side no longer directly casts session user to a WebDAVUser
      - ContextListener no longer casts session user to web client user
      - Web client side will 'promote' session user to a web client User if necessary via AuthenticationHelper
      - All authentication filters made to use appropriate AuthenticationHelper methods
   16211: ETHREEOH-2835: LDAP sync batches user and group deletions as well as creations
      - Also improved logging of sync failures
   16197: ETHREEOH-2782: LDAP subsystems now support search-based user DN resolution
      - When ldap.authentication.userNameFormat isn't set (now the default) converts a user ID to a DN by running ldap.synchronization.personQuery with an extra condition tacked on the end to find the user by ID
      - Structured directories and authentication by attributes not in the DN such as email address now supported
   16189: ALFCOM-3283: Prevent errors when user accepts an invite when not logged in
      - new isGuest attribute propagated to user object
      - header component (used by accept-invite page) needs to avoid calling prefs and site webscripts for guest user
      - Conditional stuff in header template changed to use user.isGuest


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16896 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
 2009-10-14 09:24:13 +00:00
Dave Ward
1d1516f4cf Merged V3.2 to HEAD 
15737: ETHREEOH-2535: Home folders for LDAP imported users appear in wrong place
      - Changed the default for ldap.synchronization.defaultHomeFolderProvider to be userHomesHomeFolderProvider


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@15738 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
 2009-08-13 15:54:22 +00:00
Dave Ward
5443afbdd0 ETHREEOH-2242: New ldap-ad Authentication subsystem with defaults for Active Directory 
- Fixed parsing of timestamps
- Fixed resolution of group members
- Shared Spring configuration with ldap subsystem
- Authentication still only supported with DIGEST-MD5 binding enabled - chain with passthru authentication otherwise

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14934 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
 2009-06-25 18:16:26 +00:00
Dave Ward
a4b283068c MOB-710: LDAP queries now performed with RFC 2696 paging and a configurable page size, defaulting to 1000 (the AD default maximum) 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14648 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
 2009-06-11 09:04:24 +00:00
Dave Ward
d5e0432589 Merged BRANCHES/DEV/DAVEW/LDAP to HEAD 
14587: Added new node service method getNodesWithoutParentAssocsOfType to public-services-security-context.xml (or at least my best guess at it!)
   14586: Use US spelling of synchronization in filenames for consistency
   14585: Lower the default user registry sync frequency to daily instead of hourly. Now users and groups are pulled over incrementally on login of missing users.
   14583: Unit test for ChainingUserRegistrySynchronizer
   14571: Migration patch for existing authorities previously held in users store
      - Uses AuthorityService to recreate authorities in spaces store with new structure
   14555: Authority service changes for LDAP sync improvements
      - Moved sys:authorities container to spaces store
      - All authorities now stored directly under sys:authorities
      - Authorities can now be looked up directly by node service
      - Secondary child associations used to model group relationships
      - 'Root' groups for UI navigation determined dynamically by node service query
      - cm:member association used to relate both authority containers and persons to other authorities
      - New cm:inZone association relates persons and authority containers to synchronization 'zones' stored under sys:zones
      - Look up of authority zone and all authorities in a zone to enable multi-zone LDAP sync
   14524: Dev branch for finishing LDAP zones and upgrade impact

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14588 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
 2009-06-08 16:16:32 +00:00
Dave Ward
d2180c5eaa Refactor subsystems for authentication chaining 
- An authentication chain of size 1 configured by default
- DefaultChildApplicationContextManager supports dynamic configuration of the authentication chain via Spring or JMX. Any number of instances of any type allowed in chain.
- SubsystemChainingAuthenticationComponent and SubsystemChainingAuthenticationService iterate across configured chain for Authentication
- SSO (NTLM / Kerberos) and CIFS authentication independently activatable for any component in chain (where supported).
- SubsystemChainingProxyFactory used to proxy directly to first active CIFS authenticator or SSO filter in the chain
- CIFS server knows not to bother starting if authentication chain doesn't have an active CIFS authenticator (e.g. LDAP only)
- Rationalization of subsystem configuration folder structure and JMX object naming
- Classpath based extension mechanism for community edition - alfresco/extension/subsystems/<category>/<typeName>/<id>/*.properties in classpath can be used to configure specific subsystem instances
- Simplification of JMX infrastructure. No longer Spring bean definition based, thus allowing dynamic creation/registration of new instances at runtime.
- New AuthenticationChainTest unit test

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14030 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
 2009-04-21 13:29:08 +00:00