- synchronization.syncWhenMissingPeopleLogIn
- synchronization.autoCreatePeopleOnLogin
When both are false you can now cause users who your LDAP sync doesn't bring in to be rejected (seems to be a requirement)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14814 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- migration patch uses non-public authority service
- root authority query ignores deleted nodes
- avoid exception for getContainingAuthorities("System")
- update unit test to cope with corrected EMAIL_CONTRIBUTORS group and slight difference in behaviour with root authorities
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14609 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
14587: Added new node service method getNodesWithoutParentAssocsOfType to public-services-security-context.xml (or at least my best guess at it!)
14586: Use US spelling of synchronization in filenames for consistency
14585: Lower the default user registry sync frequency to daily instead of hourly. Now users and groups are pulled over incrementally on login of missing users.
14583: Unit test for ChainingUserRegistrySynchronizer
14571: Migration patch for existing authorities previously held in users store
- Uses AuthorityService to recreate authorities in spaces store with new structure
14555: Authority service changes for LDAP sync improvements
- Moved sys:authorities container to spaces store
- All authorities now stored directly under sys:authorities
- Authorities can now be looked up directly by node service
- Secondary child associations used to model group relationships
- 'Root' groups for UI navigation determined dynamically by node service query
- cm:member association used to relate both authority containers and persons to other authorities
- New cm:inZone association relates persons and authority containers to synchronization 'zones' stored under sys:zones
- Look up of authority zone and all authorities in a zone to enable multi-zone LDAP sync
14524: Dev branch for finishing LDAP zones and upgrade impact
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14588 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- An authentication chain of size 1 configured by default
- DefaultChildApplicationContextManager supports dynamic configuration of the authentication chain via Spring or JMX. Any number of instances of any type allowed in chain.
- SubsystemChainingAuthenticationComponent and SubsystemChainingAuthenticationService iterate across configured chain for Authentication
- SSO (NTLM / Kerberos) and CIFS authentication independently activatable for any component in chain (where supported).
- SubsystemChainingProxyFactory used to proxy directly to first active CIFS authenticator or SSO filter in the chain
- CIFS server knows not to bother starting if authentication chain doesn't have an active CIFS authenticator (e.g. LDAP only)
- Rationalization of subsystem configuration folder structure and JMX object naming
- Classpath based extension mechanism for community edition - alfresco/extension/subsystems/<category>/<typeName>/<id>/*.properties in classpath can be used to configure specific subsystem instances
- Simplification of JMX infrastructure. No longer Spring bean definition based, thus allowing dynamic creation/registration of new instances at runtime.
- New AuthenticationChainTest unit test
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@14030 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
- PassthruServerFactory created to allows PassthruServers singleton to be shared by CIFS, FTP and Alfresco passthru authenticators
- Also added NTLM + Alfresco (non-passthru) example. Doesn't seem to work yet!
- ExtendedServerConfigurationAccessor interface added BaseSSOAuthenticationFilter to get at local server name info from file server configuration
- toString() added to CIFSAuthenticator so that we can still properly log the authenticator type
- Fixed WebDAVServlet to go through ServerConfigurationAccessor interface to avoid ClassCastException
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13823 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
Bug fix invitation service was approving too many invitations!
Implemented security rules for who is allowed to cancel a moderated invitation.
Continuing implementation of group authority scripts.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13815 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
13659: Fix NTLMAuthenticationFilter to call super.afterPropertiesSet()
13658: MOB-424: Utility to Dump JMX Data
- new enterprise distributable jmx-dumper.jar
- command line invocation via "java -jar jmx-dumper.jar"
- admin web access via http://localhost:8080/alfresco/faces/jsp/admin/jmx-dumper.jsp
13575: Preconfigured authentication stacks for alfresco, LDAP, Kerberos and NTLM. TODO: file server config.
13493: Initial work to enable selection, configuration, testing and hot-swapping of different authentication subsystems via JMX or admin UI.
13309: Changes to allow datasource and property configuration via JNDI
- Move AVM catalina .jars into 3rd-party/lib/virtual-tomcat so that they don't get automatically included in the .war file and hence stop JNDI lookups from working
- Allow JNDI lookup of datasource – use standard app server mechanisms for managing it but still fall back to 'normal' one
- Allow properties to be overridden by JNDI env-entries as well as system properties. Including hibernate dialect ones. Web.xml can then declare required env-entries and these can be defined on deployment.
- Rewire iBatis so that no config file edits are necessary when dialect is changed
- Use proxy around datasource so that auto-commit is always activated for iBatis
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13668 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
13424: ETHREEOH-1242: Sample LDAP authentication config breaks site invites in Share
13427: Fixes for ETHREEOH-1157: Propagate exceptions using ReportedException
13428: Fix ETHREEOH-1493: Upgrade from 2.1-A to 3.1 uses incorrect patch id and fixes_to_schema
13429: Specific fix for ETHREEOH-1157: duplicate/triplicate users not properly prohibited
13436: Merged V2.2 to V3.1
13435: Merged V2.1 to V2.2
12307: Merged DEV/V2.1SP7 to 2.1
11927: ETWOONE-396
12112: ETWOONE-396
13437: Fixed ETHREEOH-1498: Mismatched closing XML tag in ehcache-custom.xml.sample.cluster
13439: Fix for ETHREEOH-1157: JSF Dialogs Absorbing Exceptions
13456: Fixed ETHREEOH-1472: Changes to systemBootstrap cause bootstrapping ACP's not to work
13469: Upgrade patch to update internal version2Store counter (follow-on fix for ETHREEOH-1540)
13491: Chaining example for DOC-84
13492: Fixed paths in zip file
13494: Fixed GenericBootstrapPatch when overriding bootstrap views
13495: Added @version javadoc
13496: Minor logging updates
13497: Fixed ETHREEOH-1431: Authentication case sensitivity switch doesn't work
13500: Temporary fix for Sharepoint issue raised last week
13502: ETHREEOH-1575: It's impossible to create Change Request task
13511: Fix for ETHREEOH-1549: Impossible to create HTML web content
13529: Fix for ETHREEOH-1595
13531: Fix for ETHREEOH-1607: Error on chaining example xml - malformed comment
13537: Build fix ... exclude the system user from auto creation
13538: Build Fix - further contraints to aviod auto-creation of guest
___________________________________________________________________
Modified: svn:mergeinfo
Merged /alfresco/BRANCHES/V2.1:r12307
Merged /alfresco/BRANCHES/V2.2:r13435
Merged /alfresco/BRANCHES/V3.1:r
13424,13427-13429,13436-13437,13439,13442-13450,13452,13454-13456,
13469-13473,13475-13476,13479-13480,13491-13500,13502,13511,13529-13538
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13619 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
13218: Partial fix for ETHREEOH-1259 - the null pointer exceptions are gone to be replaced by sensible error messages.
13220: Merged V3.0 to V3.1
13219: Build Fix for error in hand merge of r13141 from V2.2 to V3.0
13226: Clearer debugging of exceptions during NodeService cleanup
13228: ETHREEOH-1250
13229: Fix for ETHREEOH-1184: Share webscript configuration does not support international chars as values
13235: Add support to exclude admin and guest from person permission fix ups. Tidy up for ETHREEOH-1239
13239: Build Fix
13243: ETHREEOH-1308: Update AMPs to indicate unsupported status
13247: Build fix - do not delete admin :-)
13248: Fix build
13254: Fix for ETHREEOH-1351: Schemas containing an enumeration with an empty string ...
___________________________________________________________________
Modified: svn:mergeinfo
Merged /alfresco/BRANCHES/V3.0:r13219
Merged /alfresco/BRANCHES/V3.1:r13218-13220,13224,13226-13229,13231-13232,13234-13237,13239,13241,13243-13248,13250,13252-13254
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13612 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
13171: Fix for ETHREEOH-1239: User needs to have owner on their person
___________________________________________________________________
Modified: svn:mergeinfo
Merged /alfresco/BRANCHES/V3.1:r13171
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13609 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
13249: Fix for ETHREEOH-1064 and ETHREEOH-1286 and fix for issue where New Page action not activated in Share Wiki page list.
13251: Final part of fix for ETHREEOH-1270 - Group pickers in JSF client now use new findAuthorities() API to find groups for user searches - over 10x quicker for installations with many groups.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13580 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
13207: Rhino JAR update (System.out warning removal patch applied)
13240: Part of fix for ETHREEOH-1270
- Authority service has an API to search for groups by name patterns (not other authority types)
- it uses lucene so relies on the index
13242: Fix for ETHREEOH-1303 - Calendar events now only retrieved for the current site when rendering a site specific calendar component.
Some code tidy up and related fixes.
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13573 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
12994: Merged V3.0 to V3.1
12931: Merged V2.2 to V3.0
12635: Fix for ETWOTWO-995: Diff performance degrades on large data sets
12742: Fix for ETWOTWO-981: WCM - regression - revert fails (eg. for content publisher)
12743: AVM - add missing tests to test suite & fix existing tests (including base setup)
12759: AVM - build/test fix - follow-on to r12742
12781: Fix PersonDAO - fixes AuthorityServiceTest which failed after adding AVMServicePermissionsTest
12932: Merged V2.2 to V3.0
12763: Support for ETWOTWO-975: AVMDifference now implements Comparable<AVMDifference>
12782: Fix for ETWOTWO-939: Content Contributor cannot edit their own items
12809: Test fixes after r 12782
12818: ETWOTWO-977 (Orphan Reaper) - removal of comment questioning cache interaction.
12933: Merged V2.2 to V3.0
12306: (record-only) Final set of XSS and HTML encoding fixes for ETWOONE-90 - already merged (see r12310)
12934: Merged V2.2 to V3.0
12311: (record-only) Fix for ETWOONE-389 - Current page number not always visible on the browse screen - already merged (see r12312)
12935: Merged V2.2 to V3.0
12320: (record-only) Fix for ETWOONE-87: Behavior of delete cascade - already merged (see r12324)
12322: (record-only) Fix merge issue (marked as Do Not Merge - see CHK-5607)
12936: Merged V2.2 to V3.0
12775: (record-only) ETHREEOH-872: Editing Email-notify-rules fails w/ ClassCastException (back-port of r11966)
12937: Merged V2.2 to V3.0
12780: Fixed ETWOTWO-1003: DuplicateChildNameException not generated correctly (on Oracle)
12820: Update to ETWOTWO-926 (WCM Form Inline callouts to Web Scripts)
12825: Further ETWOTWO-926 update: provide compatibility with old token scheme as the original patch has already made its way into 3.0.1
12850: ETWOTWO-975 - Show Conflicts in Modified Items List
12938: Fix merge typo (follow on from r12931)
12941: Fix merge typo (follow on from r12931)
12998: Cleaned up svn:mergeinfo entries
___________________________________________________________________
Modified: svn:mergeinfo
Merged /alfresco/BRANCHES/V3.0:r12931-12938,12941
Merged /alfresco/BRANCHES/V2.2:r12306,12311,12320,12322,12635,12742-12743,12759,12763,12775,12780-12782,12809,12818,12820,12825,12850
Merged /alfresco/BRANCHES/V3.1:r12994,12998
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13549 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
12943: Port of support for ADB-47 from V2.1-A to 3.1
12948: Port of tests from CHK-2235 for ADB-20 from V2.1-A to 3.1
12965: Activated index tracker Quartz job by default
12974: Port for lazy creation of home folders with configuration from V2.1-A to V3.1: original CHK-2619, CHK-2716
12976: Merged V2.1A to V3.1
8562: (record-only) Fix to lazily create home folders - DO NOT MERGE
8694: (record-only) Added configuration for lazy or eager creation of home folders
12978: Merged V3.0 to V3.1
12920: Merged V2.2 to V3.0
12456: Wire up AVM locking service by interface to allow for potential over-ride
12457: Make AVM ChildKey case insensitive
12470: Merged V2.2.1-NBC-FIXES to V2.2
12156: Optimizations to WCMWorkflowEvaluator and WCMWorkflowDeletedEvaluator
12605: Hide annoying "Virtualisation Server not started" warnings (by making them debug)
12707: AVM console - "snap" also allows tag and description to be specified
12979: Build/test fix
___________________________________________________________________
Modified: svn:mergeinfo
Merged /alfresco/BRANCHES/DEV/V2.2.1-NBC-FIXES:r12156
Merged /alfresco/BRANCHES/V2.1-A:r8562,8694
Merged /alfresco/BRANCHES/V3.0:r12920
Merged /alfresco/BRANCHES/V2.2:r12456-12457,12470,12605,12707
Merged /alfresco/BRANCHES/V3.1:r12943,12948,12965,12974,12976,12978-12979
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13544 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
13484: ETHREEOH-1547: Do not set requiresNew flag and propagate exceptions in BaseDialogBean
13383: ETHREEOH-1220: Update LDAP-authentication-context to include allowGetEnabled entry to support Share
13381: ETHREEOH-1181: NTLM authentication periodically fails over CIFS - "Read-Write transaction started within read-only transaction"
13376: ETHREEOH-279: Friendly error message when cm:filename regular expression constraint is violated
13364: ETHREEOH-814: Correct character encoding issues in LDAP synchronization
13353: ETHREEOH-1444: Ability to run Alfresco from unexploded .war file with embedded license
13328: ETHREEOH-1400: Prevent TLD warnings on Weblogic startup
13183: Follow up to 13177: Fixes for Weblogic compatibility
13177: Fixes for Weblogic compatibility
13109: Build/test fix (to avoid unintentional import via application-context.xml)
13100: Checkpoint for new DM index check (enterprise-only)
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13525 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
13037: PostgreSQL upgrade scripts from 2.1.6, 2.2.0, and 2.2.1
12995: Fix build: account for change of path to log4j jar in 3rd party project
12981: Added support for monitoring of installed modules via JMX
12971: Correction to 12970 - better handle case when log4j not available.
12970: Work around log4j bug to allow editing of the "threshold" property of HierarchyDynamicBean through JMX
12926: Merged V3.0 to V3.1
Merged V2.2 to V3.0
12861: ETHREEOH-19, ETHREEOH-24, ETHREEOH-113, ETHREEOH-115, ETHREEOH-449, ETHREEOH-537, ETHREEOH-561, ETHREEOH-566, ETHREEOH-572, ETHREEOH-1072: Retry failed transactions from MS SQL Server in snapshot mode
12924: Avoid direct log4j dependencies
12918: Avoided Log4J imports by using introspection
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13516 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
12923: New Enterprise Examples project containing hyperic plugin and README.txt
12908: A few fixes to improve consistency in JMX object naming
12889: Fix failing unit tests. Include linkvalidation in unit test classpath.
12885: Merged DEV/DAVEW_POST3D to V3.1
12881: Changes to allow monitoring of authentication configuration
12862: Merged DEV/3.1_ENTERPRISE_ONLY to DEV/DAVEW_POST3D
12797: Changes to allow persistence of changes made by JMX.
12852: Review comment from Derek: remove dependencies of descriptor service (serverDescriptorDAO, currentRepoDescriptorDAO and installedRepoDescriptorDAO) out of bootstrap-context.xml
12849: Correction to JAWS-221: dbscripts directory must be directly under config/alfresco in enterprise project.
12847: JAWS-221: Move proprietary DB create/upgrade scripts into Enterprise Only project
12845: Avoid NullPointerExceptions in status templates when no codeName or description exists for the status code
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@13513 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
