diff --git a/.classpath b/.classpath
index d531303bd..d23c6b9fc 100644
--- a/.classpath
+++ b/.classpath
@@ -1,131 +1,104 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <classpath>
-	<classpathentry kind="src" output="target/classes" path="src/main/java">
-		<attributes>
-			<attribute name="optional" value="true"/>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="src" path="src/main/bugtraq"/>
-	<classpathentry kind="src" output="target/test-classes" path="src/test/java">
-		<attributes>
-			<attribute name="optional" value="true"/>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="src" output="bin/test-classes" path="src/test/bugtraq"/>
-	<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
-		<attributes>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="lib" path="ext/guice-4.0.jar" sourcepath="ext/src/guice-4.0.jar"/>
-	<classpathentry kind="lib" path="ext/javax.inject-1.jar" sourcepath="ext/src/javax.inject-1.jar"/>
-	<classpathentry kind="lib" path="ext/aopalliance-1.0.jar" sourcepath="ext/src/aopalliance-1.0.jar"/>
-	<classpathentry kind="lib" path="ext/guava-18.0.jar" sourcepath="ext/src/guava-18.0.jar"/>
-	<classpathentry kind="lib" path="ext/guice-servlet-4.0-gb2.jar" sourcepath="ext/src/guice-servlet-4.0-gb2.jar"/>
-	<classpathentry kind="lib" path="ext/annotations-12.0.jar" sourcepath="ext/src/annotations-12.0.jar"/>
-	<classpathentry kind="lib" path="ext/log4j-1.2.17.jar" sourcepath="ext/src/log4j-1.2.17.jar"/>
-	<classpathentry kind="lib" path="ext/slf4j-api-1.7.12.jar" sourcepath="ext/src/slf4j-api-1.7.12.jar"/>
-	<classpathentry kind="lib" path="ext/slf4j-log4j12-1.7.12.jar" sourcepath="ext/src/slf4j-log4j12-1.7.12.jar"/>
-	<classpathentry kind="lib" path="ext/javax.mail-1.5.1.jar" sourcepath="ext/src/javax.mail-1.5.1.jar"/>
-	<classpathentry kind="lib" path="ext/javax.servlet-api-3.1.0.jar" sourcepath="ext/src/javax.servlet-api-3.1.0.jar"/>
-	<classpathentry kind="lib" path="ext/jetty-all-9.2.13.v20150730.jar" sourcepath="ext/src/jetty-all-9.2.13.v20150730.jar"/>
-	<classpathentry kind="lib" path="ext/wicket-core-7.4.0.jar" sourcepath="ext/src/wicket-core-7.4.0.jar"/>
-	<classpathentry kind="lib" path="ext/commons-collections4-4.1.jar" sourcepath="ext/src/commons-collections4-4.1.jar"/>
-	<classpathentry kind="lib" path="ext/wicket-request-7.4.0.jar" sourcepath="ext/src/wicket-request-7.4.0.jar"/>
-	<classpathentry kind="lib" path="ext/wicket-util-7.4.0.jar" sourcepath="ext/src/wicket-util-7.4.0.jar"/>
-	<classpathentry kind="lib" path="ext/commons-fileupload-1.3.2.jar" sourcepath="ext/src/commons-fileupload-1.3.2.jar"/>
-	<classpathentry kind="lib" path="ext/commons-io-2.2.jar" sourcepath="ext/src/commons-io-2.2.jar"/>
-	<classpathentry kind="lib" path="ext/hamcrest-junit-2.0.0.0.jar" sourcepath="ext/src/hamcrest-junit-2.0.0.0.jar"/>
-	<classpathentry kind="lib" path="ext/junit-4.11.jar" sourcepath="ext/src/junit-4.11.jar"/>
-	<classpathentry kind="lib" path="ext/hamcrest-core-1.3.jar" sourcepath="ext/src/hamcrest-core-1.3.jar"/>
-	<classpathentry kind="lib" path="ext/java-hamcrest-2.0.0.0.jar" sourcepath="ext/src/java-hamcrest-2.0.0.0.jar"/>
-	<classpathentry kind="lib" path="ext/wicket-auth-roles-7.4.0.jar" sourcepath="ext/src/wicket-auth-roles-7.4.0.jar"/>
-	<classpathentry kind="lib" path="ext/wicket-extensions-7.4.0.jar" sourcepath="ext/src/wicket-extensions-7.4.0.jar"/>
-	<classpathentry kind="lib" path="ext/lucene-core-4.10.4.jar" sourcepath="ext/src/lucene-core-4.10.4.jar"/>
-	<classpathentry kind="lib" path="ext/lucene-analyzers-common-4.10.4.jar" sourcepath="ext/src/lucene-analyzers-common-4.10.4.jar"/>
-	<classpathentry kind="lib" path="ext/lucene-highlighter-4.10.4.jar" sourcepath="ext/src/lucene-highlighter-4.10.4.jar"/>
-	<classpathentry kind="lib" path="ext/lucene-memory-4.10.4.jar" sourcepath="ext/src/lucene-memory-4.10.4.jar"/>
-	<classpathentry kind="lib" path="ext/lucene-queries-4.10.4.jar" sourcepath="ext/src/lucene-queries-4.10.4.jar"/>
-	<classpathentry kind="lib" path="ext/lucene-queryparser-4.10.4.jar" sourcepath="ext/src/lucene-queryparser-4.10.4.jar"/>
-	<classpathentry kind="lib" path="ext/lucene-sandbox-4.10.4.jar" sourcepath="ext/src/lucene-sandbox-4.10.4.jar"/>
-	<classpathentry kind="lib" path="ext/jakarta-regexp-1.4.jar"/>
-	<classpathentry kind="lib" path="ext/pegdown-1.5.0.jar" sourcepath="ext/src/pegdown-1.5.0.jar"/>
-	<classpathentry kind="lib" path="ext/parboiled-java-1.1.7.jar" sourcepath="ext/src/parboiled-java-1.1.7.jar"/>
-	<classpathentry kind="lib" path="ext/parboiled-core-1.1.7.jar" sourcepath="ext/src/parboiled-core-1.1.7.jar"/>
-	<classpathentry kind="lib" path="ext/asm-5.0.3.jar" sourcepath="ext/src/asm-5.0.3.jar"/>
-	<classpathentry kind="lib" path="ext/asm-tree-5.0.3.jar" sourcepath="ext/src/asm-tree-5.0.3.jar"/>
-	<classpathentry kind="lib" path="ext/asm-analysis-5.0.3.jar" sourcepath="ext/src/asm-analysis-5.0.3.jar"/>
-	<classpathentry kind="lib" path="ext/asm-util-5.0.3.jar" sourcepath="ext/src/asm-util-5.0.3.jar"/>
-	<classpathentry kind="lib" path="ext/wikitext-core-1.4.jar" sourcepath="ext/src/wikitext-core-1.4.jar"/>
-	<classpathentry kind="lib" path="ext/twiki-core-1.4.jar" sourcepath="ext/src/twiki-core-1.4.jar"/>
-	<classpathentry kind="lib" path="ext/textile-core-1.4.jar" sourcepath="ext/src/textile-core-1.4.jar"/>
-	<classpathentry kind="lib" path="ext/tracwiki-core-1.4.jar" sourcepath="ext/src/tracwiki-core-1.4.jar"/>
-	<classpathentry kind="lib" path="ext/mediawiki-core-1.4.jar" sourcepath="ext/src/mediawiki-core-1.4.jar"/>
-	<classpathentry kind="lib" path="ext/confluence-core-1.4.jar" sourcepath="ext/src/confluence-core-1.4.jar"/>
-	<classpathentry kind="lib" path="ext/org.eclipse.jgit-4.1.1.201511131810-r.jar" sourcepath="ext/src/org.eclipse.jgit-4.1.1.201511131810-r.jar"/>
-	<classpathentry kind="lib" path="ext/jsch-0.1.53.jar" sourcepath="ext/src/jsch-0.1.53.jar"/>
-	<classpathentry kind="lib" path="ext/JavaEWAH-0.7.9.jar" sourcepath="ext/src/JavaEWAH-0.7.9.jar"/>
-	<classpathentry kind="lib" path="ext/httpclient-4.3.6.jar" sourcepath="ext/src/httpclient-4.3.6.jar"/>
-	<classpathentry kind="lib" path="ext/httpcore-4.3.3.jar" sourcepath="ext/src/httpcore-4.3.3.jar"/>
-	<classpathentry kind="lib" path="ext/commons-logging-1.1.3.jar" sourcepath="ext/src/commons-logging-1.1.3.jar"/>
-	<classpathentry kind="lib" path="ext/commons-codec-1.7.jar" sourcepath="ext/src/commons-codec-1.7.jar"/>
-	<classpathentry kind="lib" path="ext/org.eclipse.jdt.annotation-1.1.0.jar" sourcepath="ext/src/org.eclipse.jdt.annotation-1.1.0.jar"/>
-	<classpathentry kind="lib" path="ext/org.eclipse.jgit.http.server-4.1.1.201511131810-r.jar" sourcepath="ext/src/org.eclipse.jgit.http.server-4.1.1.201511131810-r.jar"/>
-	<classpathentry kind="lib" path="ext/bcprov-jdk15on-1.52.jar" sourcepath="ext/src/bcprov-jdk15on-1.52.jar"/>
-	<classpathentry kind="lib" path="ext/bcmail-jdk15on-1.52.jar" sourcepath="ext/src/bcmail-jdk15on-1.52.jar"/>
-	<classpathentry kind="lib" path="ext/bcpkix-jdk15on-1.52.jar" sourcepath="ext/src/bcpkix-jdk15on-1.52.jar"/>
-	<classpathentry kind="lib" path="ext/sshd-core-1.0.0.jar" sourcepath="ext/src/sshd-core-1.0.0.jar"/>
-	<classpathentry kind="lib" path="ext/mina-core-2.0.9.jar" sourcepath="ext/src/mina-core-2.0.9.jar"/>
-	<classpathentry kind="lib" path="ext/rome-0.9.jar" sourcepath="ext/src/rome-0.9.jar"/>
-	<classpathentry kind="lib" path="ext/jdom-1.0.jar" sourcepath="ext/src/jdom-1.0.jar"/>
-	<classpathentry kind="lib" path="ext/gson-2.3.1.jar" sourcepath="ext/src/gson-2.3.1.jar"/>
-	<classpathentry kind="lib" path="ext/groovy-all-2.4.4.jar" sourcepath="ext/src/groovy-all-2.4.4.jar"/>
-	<classpathentry kind="lib" path="ext/unboundid-ldapsdk-2.3.8.jar" sourcepath="ext/src/unboundid-ldapsdk-2.3.8.jar"/>
-	<classpathentry kind="lib" path="ext/ivy-2.2.0.jar" sourcepath="ext/src/ivy-2.2.0.jar"/>
-	<classpathentry kind="lib" path="ext/jcalendar-1.3.2.jar"/>
-	<classpathentry kind="lib" path="ext/commons-compress-1.4.1.jar" sourcepath="ext/src/commons-compress-1.4.1.jar"/>
-	<classpathentry kind="lib" path="ext/xz-1.0.jar" sourcepath="ext/src/xz-1.0.jar"/>
-	<classpathentry kind="lib" path="ext/force-partner-api-24.0.0.jar" sourcepath="ext/src/force-partner-api-24.0.0.jar"/>
-	<classpathentry kind="lib" path="ext/force-wsc-24.0.0.jar" sourcepath="ext/src/force-wsc-24.0.0.jar"/>
-	<classpathentry kind="lib" path="ext/js-1.7R2.jar" sourcepath="ext/src/js-1.7R2.jar"/>
-	<classpathentry kind="lib" path="ext/freemarker-2.3.22.jar" sourcepath="ext/src/freemarker-2.3.22.jar"/>
-	<classpathentry kind="lib" path="ext/waffle-jna-1.7.3.jar" sourcepath="ext/src/waffle-jna-1.7.3.jar"/>
-	<classpathentry kind="lib" path="ext/jna-4.1.0.jar" sourcepath="ext/src/jna-4.1.0.jar"/>
-	<classpathentry kind="lib" path="ext/jna-platform-4.1.0.jar" sourcepath="ext/src/jna-platform-4.1.0.jar"/>
-	<classpathentry kind="lib" path="ext/libpam4j-1.8.jar" sourcepath="ext/src/libpam4j-1.8.jar"/>
-	<classpathentry kind="lib" path="ext/args4j-2.0.29.jar" sourcepath="ext/src/args4j-2.0.29.jar"/>
-	<classpathentry kind="lib" path="ext/jedis-2.6.2.jar" sourcepath="ext/src/jedis-2.6.2.jar"/>
-	<classpathentry kind="lib" path="ext/commons-pool2-2.0.jar" sourcepath="ext/src/commons-pool2-2.0.jar"/>
-	<classpathentry kind="lib" path="ext/pf4j-0.9.0.jar" sourcepath="ext/src/pf4j-0.9.0.jar"/>
-	<classpathentry kind="lib" path="ext/tika-core-1.5.jar" sourcepath="ext/src/tika-core-1.5.jar"/>
-	<classpathentry kind="lib" path="ext/jsoup-1.7.3.jar" sourcepath="ext/src/jsoup-1.7.3.jar"/>
-	<classpathentry kind="lib" path="ext/selenium-java-2.28.0.jar" sourcepath="ext/src/selenium-java-2.28.0.jar"/>
-	<classpathentry kind="lib" path="ext/selenium-support-2.28.0.jar" sourcepath="ext/src/selenium-support-2.28.0.jar"/>
-	<classpathentry kind="lib" path="ext/selenium-firefox-driver-2.28.0.jar" sourcepath="ext/src/selenium-firefox-driver-2.28.0.jar"/>
-	<classpathentry kind="lib" path="ext/selenium-remote-driver-2.28.0.jar" sourcepath="ext/src/selenium-remote-driver-2.28.0.jar"/>
-	<classpathentry kind="lib" path="ext/cglib-nodep-2.1_3.jar" sourcepath="ext/src/cglib-nodep-2.1_3.jar"/>
-	<classpathentry kind="lib" path="ext/json-20080701.jar" sourcepath="ext/src/json-20080701.jar"/>
-	<classpathentry kind="lib" path="ext/selenium-api-2.28.0.jar" sourcepath="ext/src/selenium-api-2.28.0.jar"/>
-	<classpathentry kind="lib" path="ext/commons-exec-1.1.jar" sourcepath="ext/src/commons-exec-1.1.jar"/>
-	<classpathentry kind="lib" path="ext/platform-3.4.0.jar" sourcepath="ext/src/platform-3.4.0.jar"/>
-	<classpathentry kind="lib" path="ext/mockito-core-1.10.19.jar" sourcepath="ext/src/mockito-core-1.10.19.jar"/>
-	<classpathentry kind="lib" path="ext/objenesis-2.1.jar" sourcepath="ext/src/objenesis-2.1.jar"/>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER">
-		<attributes>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
-		<attributes>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
-		<attributes>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="output" path="target/classes"/>
+	<classpathentry kind="src" path="src/main/java" />
+	<classpathentry kind="src" path="src/main/bugtraq" />
+	<classpathentry kind="src" path="src/test/java" output="bin/test-classes" />
+	<classpathentry kind="src" path="src/test/bugtraq" output="bin/test-classes" />
+	<classpathentry kind="src" path="src/main/resources" />
+	<classpathentry kind="src" path="src/test/resources" output="bin/test-classes" />
+	<classpathentry kind="lib" path="ext/guice-4.0.jar" sourcepath="ext/src/guice-4.0.jar" />
+	<classpathentry kind="lib" path="ext/javax.inject-1.jar" sourcepath="ext/src/javax.inject-1.jar" />
+	<classpathentry kind="lib" path="ext/aopalliance-1.0.jar" sourcepath="ext/src/aopalliance-1.0.jar" />
+	<classpathentry kind="lib" path="ext/guava-18.0.jar" sourcepath="ext/src/guava-18.0.jar" />
+	<classpathentry kind="lib" path="ext/guice-servlet-4.0-gb2.jar" sourcepath="ext/src/guice-servlet-4.0-gb2.jar" />
+	<classpathentry kind="lib" path="ext/annotations-12.0.jar" sourcepath="ext/src/annotations-12.0.jar" />
+	<classpathentry kind="lib" path="ext/log4j-1.2.17.jar" sourcepath="ext/src/log4j-1.2.17.jar" />
+	<classpathentry kind="lib" path="ext/slf4j-api-1.7.12.jar" sourcepath="ext/src/slf4j-api-1.7.12.jar" />
+	<classpathentry kind="lib" path="ext/slf4j-log4j12-1.7.12.jar" sourcepath="ext/src/slf4j-log4j12-1.7.12.jar" />
+	<classpathentry kind="lib" path="ext/javax.mail-1.5.1.jar" sourcepath="ext/src/javax.mail-1.5.1.jar" />
+	<classpathentry kind="lib" path="ext/javax.servlet-api-3.1.0.jar" sourcepath="ext/src/javax.servlet-api-3.1.0.jar" />
+	<classpathentry kind="lib" path="ext/jetty-all-9.2.13.v20150730.jar" sourcepath="ext/src/jetty-all-9.2.13.v20150730.jar" />
+	<classpathentry kind="lib" path="ext/wicket-core-7.8.0.jar" sourcepath="ext/src/wicket-core-7.8.0.jar" />
+	<classpathentry kind="lib" path="ext/commons-collections4-4.1.jar" sourcepath="ext/src/commons-collections4-4.1.jar" />
+	<classpathentry kind="lib" path="ext/wicket-request-7.8.0.jar" sourcepath="ext/src/wicket-request-7.8.0.jar" />
+	<classpathentry kind="lib" path="ext/wicket-util-7.8.0.jar" sourcepath="ext/src/wicket-util-7.8.0.jar" />
+	<classpathentry kind="lib" path="ext/commons-fileupload-1.3.2.jar" sourcepath="ext/src/commons-fileupload-1.3.2.jar" />
+	<classpathentry kind="lib" path="ext/commons-io-2.2.jar" sourcepath="ext/src/commons-io-2.2.jar" />
+	<classpathentry kind="lib" path="ext/hamcrest-junit-2.0.0.0.jar" sourcepath="ext/src/hamcrest-junit-2.0.0.0.jar" />
+	<classpathentry kind="lib" path="ext/junit-4.12.jar" sourcepath="ext/src/junit-4.12.jar" />
+	<classpathentry kind="lib" path="ext/hamcrest-core-1.3.jar" sourcepath="ext/src/hamcrest-core-1.3.jar" />
+	<classpathentry kind="lib" path="ext/java-hamcrest-2.0.0.0.jar" sourcepath="ext/src/java-hamcrest-2.0.0.0.jar" />
+	<classpathentry kind="lib" path="ext/wicket-auth-roles-7.8.0.jar" sourcepath="ext/src/wicket-auth-roles-7.8.0.jar" />
+	<classpathentry kind="lib" path="ext/wicket-extensions-7.8.0.jar" sourcepath="ext/src/wicket-extensions-7.8.0.jar" />
+	<classpathentry kind="lib" path="ext/lucene-core-5.5.2.jar" sourcepath="ext/src/lucene-core-5.5.2.jar" />
+	<classpathentry kind="lib" path="ext/lucene-analyzers-common-5.5.2.jar" sourcepath="ext/src/lucene-analyzers-common-5.5.2.jar" />
+	<classpathentry kind="lib" path="ext/lucene-highlighter-5.5.2.jar" sourcepath="ext/src/lucene-highlighter-5.5.2.jar" />
+	<classpathentry kind="lib" path="ext/lucene-memory-5.5.2.jar" sourcepath="ext/src/lucene-memory-5.5.2.jar" />
+	<classpathentry kind="lib" path="ext/lucene-queries-5.5.2.jar" sourcepath="ext/src/lucene-queries-5.5.2.jar" />
+	<classpathentry kind="lib" path="ext/lucene-queryparser-5.5.2.jar" sourcepath="ext/src/lucene-queryparser-5.5.2.jar" />
+	<classpathentry kind="lib" path="ext/lucene-sandbox-5.5.2.jar" sourcepath="ext/src/lucene-sandbox-5.5.2.jar" />
+	<classpathentry kind="lib" path="ext/jakarta-regexp-1.4.jar" />
+	<classpathentry kind="lib" path="ext/pegdown-1.5.0.jar" sourcepath="ext/src/pegdown-1.5.0.jar" />
+	<classpathentry kind="lib" path="ext/parboiled-java-1.1.7.jar" sourcepath="ext/src/parboiled-java-1.1.7.jar" />
+	<classpathentry kind="lib" path="ext/parboiled-core-1.1.7.jar" sourcepath="ext/src/parboiled-core-1.1.7.jar" />
+	<classpathentry kind="lib" path="ext/asm-5.0.3.jar" sourcepath="ext/src/asm-5.0.3.jar" />
+	<classpathentry kind="lib" path="ext/asm-tree-5.0.3.jar" sourcepath="ext/src/asm-tree-5.0.3.jar" />
+	<classpathentry kind="lib" path="ext/asm-analysis-5.0.3.jar" sourcepath="ext/src/asm-analysis-5.0.3.jar" />
+	<classpathentry kind="lib" path="ext/asm-util-5.0.3.jar" sourcepath="ext/src/asm-util-5.0.3.jar" />
+	<classpathentry kind="lib" path="ext/wikitext-core-1.4.jar" sourcepath="ext/src/wikitext-core-1.4.jar" />
+	<classpathentry kind="lib" path="ext/twiki-core-1.4.jar" sourcepath="ext/src/twiki-core-1.4.jar" />
+	<classpathentry kind="lib" path="ext/textile-core-1.4.jar" sourcepath="ext/src/textile-core-1.4.jar" />
+	<classpathentry kind="lib" path="ext/tracwiki-core-1.4.jar" sourcepath="ext/src/tracwiki-core-1.4.jar" />
+	<classpathentry kind="lib" path="ext/mediawiki-core-1.4.jar" sourcepath="ext/src/mediawiki-core-1.4.jar" />
+	<classpathentry kind="lib" path="ext/confluence-core-1.4.jar" sourcepath="ext/src/confluence-core-1.4.jar" />
+	<classpathentry kind="lib" path="ext/org.eclipse.jgit-4.1.1.201511131810-r.jar" sourcepath="ext/src/org.eclipse.jgit-4.1.1.201511131810-r.jar" />
+	<classpathentry kind="lib" path="ext/jsch-0.1.53.jar" sourcepath="ext/src/jsch-0.1.53.jar" />
+	<classpathentry kind="lib" path="ext/JavaEWAH-0.7.9.jar" sourcepath="ext/src/JavaEWAH-0.7.9.jar" />
+	<classpathentry kind="lib" path="ext/httpclient-4.3.6.jar" sourcepath="ext/src/httpclient-4.3.6.jar" />
+	<classpathentry kind="lib" path="ext/httpcore-4.3.3.jar" sourcepath="ext/src/httpcore-4.3.3.jar" />
+	<classpathentry kind="lib" path="ext/commons-logging-1.1.3.jar" sourcepath="ext/src/commons-logging-1.1.3.jar" />
+	<classpathentry kind="lib" path="ext/commons-codec-1.7.jar" sourcepath="ext/src/commons-codec-1.7.jar" />
+	<classpathentry kind="lib" path="ext/org.eclipse.jdt.annotation-1.1.0.jar" sourcepath="ext/src/org.eclipse.jdt.annotation-1.1.0.jar" />
+	<classpathentry kind="lib" path="ext/org.eclipse.jgit.http.server-4.1.1.201511131810-r.jar" sourcepath="ext/src/org.eclipse.jgit.http.server-4.1.1.201511131810-r.jar" />
+	<classpathentry kind="lib" path="ext/bcprov-jdk15on-1.52.jar" sourcepath="ext/src/bcprov-jdk15on-1.52.jar" />
+	<classpathentry kind="lib" path="ext/bcmail-jdk15on-1.52.jar" sourcepath="ext/src/bcmail-jdk15on-1.52.jar" />
+	<classpathentry kind="lib" path="ext/bcpkix-jdk15on-1.52.jar" sourcepath="ext/src/bcpkix-jdk15on-1.52.jar" />
+	<classpathentry kind="lib" path="ext/sshd-core-1.0.0.jar" sourcepath="ext/src/sshd-core-1.0.0.jar" />
+	<classpathentry kind="lib" path="ext/mina-core-2.0.9.jar" sourcepath="ext/src/mina-core-2.0.9.jar" />
+	<classpathentry kind="lib" path="ext/rome-0.9.jar" sourcepath="ext/src/rome-0.9.jar" />
+	<classpathentry kind="lib" path="ext/jdom-1.0.jar" sourcepath="ext/src/jdom-1.0.jar" />
+	<classpathentry kind="lib" path="ext/gson-2.3.1.jar" sourcepath="ext/src/gson-2.3.1.jar" />
+	<classpathentry kind="lib" path="ext/groovy-all-2.4.4.jar" sourcepath="ext/src/groovy-all-2.4.4.jar" />
+	<classpathentry kind="lib" path="ext/unboundid-ldapsdk-2.3.8.jar" sourcepath="ext/src/unboundid-ldapsdk-2.3.8.jar" />
+	<classpathentry kind="lib" path="ext/ivy-2.2.0.jar" sourcepath="ext/src/ivy-2.2.0.jar" />
+	<classpathentry kind="lib" path="ext/jcalendar-1.3.2.jar" />
+	<classpathentry kind="lib" path="ext/commons-compress-1.4.1.jar" sourcepath="ext/src/commons-compress-1.4.1.jar" />
+	<classpathentry kind="lib" path="ext/xz-1.0.jar" sourcepath="ext/src/xz-1.0.jar" />
+	<classpathentry kind="lib" path="ext/force-partner-api-24.0.0.jar" sourcepath="ext/src/force-partner-api-24.0.0.jar" />
+	<classpathentry kind="lib" path="ext/force-wsc-24.0.0.jar" sourcepath="ext/src/force-wsc-24.0.0.jar" />
+	<classpathentry kind="lib" path="ext/js-1.7R2.jar" sourcepath="ext/src/js-1.7R2.jar" />
+	<classpathentry kind="lib" path="ext/freemarker-2.3.22.jar" sourcepath="ext/src/freemarker-2.3.22.jar" />
+	<classpathentry kind="lib" path="ext/waffle-jna-1.7.3.jar" sourcepath="ext/src/waffle-jna-1.7.3.jar" />
+	<classpathentry kind="lib" path="ext/jna-4.1.0.jar" sourcepath="ext/src/jna-4.1.0.jar" />
+	<classpathentry kind="lib" path="ext/jna-platform-4.1.0.jar" sourcepath="ext/src/jna-platform-4.1.0.jar" />
+	<classpathentry kind="lib" path="ext/libpam4j-1.8.jar" sourcepath="ext/src/libpam4j-1.8.jar" />
+	<classpathentry kind="lib" path="ext/args4j-2.0.29.jar" sourcepath="ext/src/args4j-2.0.29.jar" />
+	<classpathentry kind="lib" path="ext/jedis-2.6.2.jar" sourcepath="ext/src/jedis-2.6.2.jar" />
+	<classpathentry kind="lib" path="ext/commons-pool2-2.0.jar" sourcepath="ext/src/commons-pool2-2.0.jar" />
+	<classpathentry kind="lib" path="ext/pf4j-0.9.0.jar" sourcepath="ext/src/pf4j-0.9.0.jar" />
+	<classpathentry kind="lib" path="ext/tika-core-1.5.jar" sourcepath="ext/src/tika-core-1.5.jar" />
+	<classpathentry kind="lib" path="ext/jsoup-1.7.3.jar" sourcepath="ext/src/jsoup-1.7.3.jar" />
+	<classpathentry kind="lib" path="ext/selenium-java-2.28.0.jar" sourcepath="ext/src/selenium-java-2.28.0.jar" />
+	<classpathentry kind="lib" path="ext/selenium-support-2.28.0.jar" sourcepath="ext/src/selenium-support-2.28.0.jar" />
+	<classpathentry kind="lib" path="ext/selenium-firefox-driver-2.28.0.jar" sourcepath="ext/src/selenium-firefox-driver-2.28.0.jar" />
+	<classpathentry kind="lib" path="ext/selenium-remote-driver-2.28.0.jar" sourcepath="ext/src/selenium-remote-driver-2.28.0.jar" />
+	<classpathentry kind="lib" path="ext/cglib-nodep-2.1_3.jar" sourcepath="ext/src/cglib-nodep-2.1_3.jar" />
+	<classpathentry kind="lib" path="ext/json-20080701.jar" sourcepath="ext/src/json-20080701.jar" />
+	<classpathentry kind="lib" path="ext/selenium-api-2.28.0.jar" sourcepath="ext/src/selenium-api-2.28.0.jar" />
+	<classpathentry kind="lib" path="ext/commons-exec-1.1.jar" sourcepath="ext/src/commons-exec-1.1.jar" />
+	<classpathentry kind="lib" path="ext/platform-3.4.0.jar" sourcepath="ext/src/platform-3.4.0.jar" />
+	<classpathentry kind="lib" path="ext/mockito-core-1.10.19.jar" sourcepath="ext/src/mockito-core-1.10.19.jar" />
+	<classpathentry kind="lib" path="ext/objenesis-2.1.jar" sourcepath="ext/src/objenesis-2.1.jar" />
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER" />
+	<classpathentry kind="output" path="bin/classes" />
 </classpath>
diff --git a/.project b/.project
index f2e777550..90c747bcb 100644
--- a/.project
+++ b/.project
@@ -15,14 +15,8 @@
 			<arguments>
 			</arguments>
 		</buildCommand>
-		<buildCommand>
-			<name>org.eclipse.m2e.core.maven2Builder</name>
-			<arguments>
-			</arguments>
-		</buildCommand>
 	</buildSpec>
 	<natures>
-		<nature>org.eclipse.m2e.core.maven2Nature</nature>
 		<nature>org.eclipse.jdt.core.javanature</nature>
 		<nature>net.sf.eclipsecs.core.CheckstyleNature</nature>
 	</natures>
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 000000000..a98b76035
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,2 @@
+language: java
+
diff --git a/build.moxie b/build.moxie
index 65ad9535e..0d07194ef 100644
--- a/build.moxie
+++ b/build.moxie
@@ -10,7 +10,7 @@ name: Gitblit
 description: pure Java Git solution
 groupId: com.gitblit
 artifactId: gitblit
-version: 1.8.1-SNAPSHOT
+version: 1.9.0-SNAPSHOT
 inceptionYear: 2011
 
 # Current stable release
@@ -66,14 +66,15 @@ sourceDirectories:
 
 resourceDirectories:
 - compile 'src/main/resources'
+- test 'src/test/resources'
 - site 'src/site/resources'
 
-# compile for Java 8 class format
+# compile for Java 7 class format
 tasks: {
 	'mx:javac' : {
-        source: 1.8
-        target: 1.8
-        compiler: javac1.8
+        source: 1.7
+        target: 1.7
+        compiler: javac1.7
         encoding: UTF-8
         # stop complaints about bootstrap classpath when compiling with Java 8
         compilerArgs: '-Xlint:-options'
@@ -104,8 +105,8 @@ repositories: central, eclipse-snapshots, eclipse, gitblit
 properties: {
   jetty.version  : 9.2.13.v20150730
   slf4j.version  : 1.7.12
-  wicket.version : 8.0.0-M2
-  lucene.version : 4.10.4
+  wicket.version : 7.8.0
+  lucene.version : 5.5.2
   jgit.version   : 4.1.1.201511131810-r
   groovy.version : 2.4.4
   bouncycastle.version : 1.52
@@ -145,9 +146,9 @@ dependencies:
 - compile 'org.apache.wicket:wicket-extensions:${wicket.version}' :war !org.mockito
 - compile 'org.apache.lucene:lucene-core:${lucene.version}' :war :fedclient
 - compile 'org.apache.lucene:lucene-analyzers-common:${lucene.version}' :war :fedclient
-- compile 'org.apache.lucene:lucene-highlighter:${lucene.version}' :war :fedclient
+- compile 'org.apache.lucene:lucene-highlighter:${lucene.version}' :war :fedclient !org.apache.lucene:lucene-join
 - compile 'org.apache.lucene:lucene-memory:${lucene.version}' :war :fedclient
-- compile 'org.apache.lucene:lucene-queryparser:${lucene.version}' :war :fedclient
+- compile 'org.apache.lucene:lucene-queryparser:${lucene.version}' :war :fedclient !org.apache.lucene:lucene-spatial
 - compile 'org.pegdown:pegdown:1.5.0' :war
 - compile 'org.fusesource.wikitext:wikitext-core:${wikitext.version}' :war
 - compile 'org.fusesource.wikitext:twiki-core:${wikitext.version}' :war
@@ -180,7 +181,7 @@ dependencies:
 - compile 'ro.fortsoft.pf4j:pf4j:0.9.0' :war
 - compile 'org.apache.tika:tika-core:1.5' :war
 - compile 'org.jsoup:jsoup:1.7.3' :war
-- test 'junit'
+- test 'junit:junit:4.12'
 # Dependencies for Selenium web page testing
 - test 'org.seleniumhq.selenium:selenium-java:${selenium.version}' @jar
 - test 'org.seleniumhq.selenium:selenium-support:${selenium.version}' @jar
@@ -188,4 +189,4 @@ dependencies:
 - test 'org.mockito:mockito-core:1.10.19'
 # Dependencies with the "build" scope are retrieved
 # and injected into the Ant runtime classpath
-- build 'jacoco'
+- build 'org.jacoco:org.jacoco.ant:0.7.8'
diff --git a/circle.yml b/circle.yml
new file mode 100644
index 000000000..fcf878675
--- /dev/null
+++ b/circle.yml
@@ -0,0 +1,22 @@
+machine:
+  java:
+    version: openjdk7
+
+compile:
+  pre:
+    - java -version
+    - javac -version
+  override:
+    - ant
+
+test:
+  override:
+    - ant test
+  post:
+    - mkdir -p $CIRCLE_TEST_REPORTS/junit/
+    - cp -a build/tests/TEST-*.xml $CIRCLE_TEST_REPORTS/junit/
+
+general:
+  artifacts:
+    - "build/target/reports"
+
diff --git a/gitblit.iml b/gitblit.iml
index ec6dc5e16..2c7254951 100644
--- a/gitblit.iml
+++ b/gitblit.iml
@@ -11,6 +11,7 @@
       <sourceFolder url="file://$MODULE_DIR$/src/test/java" isTestSource="true" />
       <sourceFolder url="file://$MODULE_DIR$/src/test/bugtraq" isTestSource="true" />
       <sourceFolder url="file://$MODULE_DIR$/src/main/resources" isTestSource="false" />
+      <sourceFolder url="file://$MODULE_DIR$/src/test/resources" isTestSource="true" />
     </content>
     <orderEntry type="sourceFolder" forTests="false" />
     <orderEntry type="module-library">
@@ -146,13 +147,13 @@
       </library>
     </orderEntry>
     <orderEntry type="module-library">
-      <library name="wicket-core-7.4.0.jar">
+      <library name="wicket-core-7.8.0.jar">
         <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/wicket-core-7.4.0.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/wicket-core-7.8.0.jar!/" />
         </CLASSES>
         <JAVADOC />
         <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/wicket-core-7.4.0.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/src/wicket-core-7.8.0.jar!/" />
         </SOURCES>
       </library>
     </orderEntry>
@@ -168,24 +169,24 @@
       </library>
     </orderEntry>
     <orderEntry type="module-library">
-      <library name="wicket-request-7.4.0.jar">
+      <library name="wicket-request-7.8.0.jar">
         <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/wicket-request-7.4.0.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/wicket-request-7.8.0.jar!/" />
         </CLASSES>
         <JAVADOC />
         <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/wicket-request-7.4.0.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/src/wicket-request-7.8.0.jar!/" />
         </SOURCES>
       </library>
     </orderEntry>
     <orderEntry type="module-library">
-      <library name="wicket-util-7.4.0.jar">
+      <library name="wicket-util-7.8.0.jar">
         <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/wicket-util-7.4.0.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/wicket-util-7.8.0.jar!/" />
         </CLASSES>
         <JAVADOC />
         <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/wicket-util-7.4.0.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/src/wicket-util-7.8.0.jar!/" />
         </SOURCES>
       </library>
     </orderEntry>
@@ -222,6 +223,17 @@
         </SOURCES>
       </library>
     </orderEntry>
+    <orderEntry type="module-library">
+      <library name="junit-4.12.jar">
+        <CLASSES>
+          <root url="jar://$MODULE_DIR$/ext/junit-4.12.jar!/" />
+        </CLASSES>
+        <JAVADOC />
+        <SOURCES>
+          <root url="jar://$MODULE_DIR$/ext/src/junit-4.12.jar!/" />
+        </SOURCES>
+      </library>
+    </orderEntry>
     <orderEntry type="module-library">
       <library name="hamcrest-core-1.3.jar">
         <CLASSES>
@@ -245,101 +257,101 @@
       </library>
     </orderEntry>
     <orderEntry type="module-library">
-      <library name="wicket-auth-roles-7.4.0.jar">
+      <library name="wicket-auth-roles-7.8.0.jar">
         <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/wicket-auth-roles-7.4.0.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/wicket-auth-roles-7.8.0.jar!/" />
         </CLASSES>
         <JAVADOC />
         <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/wicket-auth-roles-7.4.0.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/src/wicket-auth-roles-7.8.0.jar!/" />
         </SOURCES>
       </library>
     </orderEntry>
     <orderEntry type="module-library">
-      <library name="wicket-extensions-7.4.0.jar">
+      <library name="wicket-extensions-7.8.0.jar">
         <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/wicket-extensions-7.4.0.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/wicket-extensions-7.8.0.jar!/" />
         </CLASSES>
         <JAVADOC />
         <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/wicket-extensions-7.4.0.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/src/wicket-extensions-7.8.0.jar!/" />
         </SOURCES>
       </library>
     </orderEntry>
     <orderEntry type="module-library">
-      <library name="lucene-core-4.10.4.jar">
+      <library name="lucene-core-5.5.2.jar">
         <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/lucene-core-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/lucene-core-5.5.2.jar!/" />
         </CLASSES>
         <JAVADOC />
         <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/lucene-core-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/src/lucene-core-5.5.2.jar!/" />
         </SOURCES>
       </library>
     </orderEntry>
     <orderEntry type="module-library">
-      <library name="lucene-analyzers-common-4.10.4.jar">
+      <library name="lucene-analyzers-common-5.5.2.jar">
         <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/lucene-analyzers-common-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/lucene-analyzers-common-5.5.2.jar!/" />
         </CLASSES>
         <JAVADOC />
         <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/lucene-analyzers-common-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/src/lucene-analyzers-common-5.5.2.jar!/" />
         </SOURCES>
       </library>
     </orderEntry>
     <orderEntry type="module-library">
-      <library name="lucene-highlighter-4.10.4.jar">
+      <library name="lucene-highlighter-5.5.2.jar">
         <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/lucene-highlighter-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/lucene-highlighter-5.5.2.jar!/" />
         </CLASSES>
         <JAVADOC />
         <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/lucene-highlighter-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/src/lucene-highlighter-5.5.2.jar!/" />
         </SOURCES>
       </library>
     </orderEntry>
     <orderEntry type="module-library">
-      <library name="lucene-memory-4.10.4.jar">
+      <library name="lucene-memory-5.5.2.jar">
         <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/lucene-memory-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/lucene-memory-5.5.2.jar!/" />
         </CLASSES>
         <JAVADOC />
         <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/lucene-memory-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/src/lucene-memory-5.5.2.jar!/" />
         </SOURCES>
       </library>
     </orderEntry>
     <orderEntry type="module-library">
-      <library name="lucene-queries-4.10.4.jar">
+      <library name="lucene-queries-5.5.2.jar">
         <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/lucene-queries-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/lucene-queries-5.5.2.jar!/" />
         </CLASSES>
         <JAVADOC />
         <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/lucene-queries-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/src/lucene-queries-5.5.2.jar!/" />
         </SOURCES>
       </library>
     </orderEntry>
     <orderEntry type="module-library">
-      <library name="lucene-queryparser-4.10.4.jar">
+      <library name="lucene-queryparser-5.5.2.jar">
         <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/lucene-queryparser-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/lucene-queryparser-5.5.2.jar!/" />
         </CLASSES>
         <JAVADOC />
         <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/lucene-queryparser-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/src/lucene-queryparser-5.5.2.jar!/" />
         </SOURCES>
       </library>
     </orderEntry>
     <orderEntry type="module-library">
-      <library name="lucene-sandbox-4.10.4.jar">
+      <library name="lucene-sandbox-5.5.2.jar">
         <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/lucene-sandbox-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/lucene-sandbox-5.5.2.jar!/" />
         </CLASSES>
         <JAVADOC />
         <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/lucene-sandbox-4.10.4.jar!/" />
+          <root url="jar://$MODULE_DIR$/ext/src/lucene-sandbox-5.5.2.jar!/" />
         </SOURCES>
       </library>
     </orderEntry>
@@ -900,17 +912,6 @@
         </SOURCES>
       </library>
     </orderEntry>
-    <orderEntry type="module-library" scope="TEST">
-      <library name="junit-4.11.jar">
-        <CLASSES>
-          <root url="jar://$MODULE_DIR$/ext/junit-4.11.jar!/" />
-        </CLASSES>
-        <JAVADOC />
-        <SOURCES>
-          <root url="jar://$MODULE_DIR$/ext/src/junit-4.11.jar!/" />
-        </SOURCES>
-      </library>
-    </orderEntry>
     <orderEntry type="module-library" scope="TEST">
       <library name="selenium-java-2.28.0.jar">
         <CLASSES>
diff --git a/src/main/distrib/data/certs/instructions.tmpl_zh_TW b/src/main/distrib/data/certs/instructions.tmpl_zh_TW
new file mode 100644
index 000000000..72b99e0da
--- /dev/null
+++ b/src/main/distrib/data/certs/instructions.tmpl_zh_TW
@@ -0,0 +1,111 @@
+********************************************************************************
+ Gitblit 伺服器 $serverHostname 所需之 SSL 用戶端憑證
+********************************************************************************
+
+ $userDisplayname 您好,
+
+ 伺服器 $serverHostname 所需要的私鑰,公鑰以及Gitblit簽證檔案(CA)存放於 $username.p12, PKCS#12 certificate store[1] 以及 $username.pem.
+
+ 兩種證書皆受密碼保護. 
+ 密碼提示: $storePasswordHint
+
+
+Git 憑證匯入步驟
+=============================================
+
+ 附件之 PEM 檔案可以直接匯入至您的git程式裡.
+ 
+    git config [--global] http.sslCert path/to/$username.pem
+    
+ PEM檔案受密碼保護,因此匯入過程會提示多次.  如果您偏好不使用密碼,您需要另外匯出無密碼之私鑰後,再匯入git程式裡.
+ 
+    openssl rsa -in path/to/$username.pem -out path/to/$username.key    
+    git config [--global] http.sslKey path/to/$username.key
+
+ 此外,您應該妥善保管已經解除密碼保護之私鑰.
+ 
+ 註:
+ 如果沒有匯出私鑰, 有些早期git版本將會發生匯入失敗問題,例如:Ubuntu 12.04 with git 1.7.9.5.
+
+
+Firefox 憑證匯入步驟
+=============================================
+
+ Firefox 有自己的證書管理介面.
+
+ 1. 點選 "選項->進階->憑證"
+ 2. 點選 "檢視憑證清單"
+ 3. 切換至 "您的憑證"
+ 4. 點選 "匯入(M)"
+ 5. 選擇電腦中的憑證檔案 $username.p12
+ 6. 輸入憑證檔案所需的密碼    
+ 7. 切換至"憑證機構"
+ 8. 找到 "Gitblit Certificate Authority" 憑證
+ 9. 點選"編輯信任(E)"
+ 10.選擇信任網站.
+
+
+Chrome/IE (Windows) 憑證匯入步驟
+=============================================
+
+ 在Windows作業系統下, Chrome 與 IE 共用相同的憑證設定.
+
+ IE
+ ------------------------------------
+ 1. 選擇 "網際網路選項->內容"
+ 2. 點選"憑證"
+
+ Chrome
+ ------------------------------------
+ 1. 選擇 "設定->顯示進階設定->HTTP/SSL"
+ 2. 點選"管理憑證"
+
+ 共同步驟 (Windows)
+ ------------------------------------
+ 3. 切換至 "個人"
+ 4. 點選"匯入(I)" 
+ 5. 依照指示匯入.
+    請切換匯入檔案類型為p12並且找到 $username.p12 這個憑證檔案
+ 6. 輸入憑證檔案保護密碼
+ 7. 由於主要發放憑證單位(CA)與個人憑證檔案皆儲存於 $username.p12, 因此匯入時候,必須選擇 "自動根據憑證類型來選擇憑證存放區".
+    如果選擇預設值匯入, 將不會安裝主要發放憑證單位(CA)
+
+
+Chrome (Linux) Installation Instructions
+=============================================
+ 
+ On Linux, Chrome maintains it's own certificate store.
+ 
+ 1. Navigate to Settings->Show Advanced Settings->HTTP/SSL
+ 2. Click the "Manage Certificates..." button
+ 3. Navigate your filesystem and select $username.p12
+ 4. At the password prompt enter the certificate store password
+    You have now imported your private key, public certificate, and the CA certificate
+    but now we must manually set the trust settings of the CA certificate.
+ 5. Switch to the "Authorities" tab
+ 6. Scroll down and find "Gitblit-> Gitblit Certificate Authority"
+ 7. Select it and click "Edit Trust..."
+ 8. Check "This certificate can identify websites" and click OK.
+
+
+Chrome/Safari (Mac OS X) Installation Instructions
+=============================================
+
+On Mac OS X, Chrome and Safari both use Keychain Access to store certificates
+so configuring one will automatically apply for both.
+
+ 1. Double-click $username.pem
+ 2. At the password prompt enter the certificate store password
+    You have now imported your private key, public certificate, and the CA certificate
+    but now we must manually set the trust settings of the CA certificate.
+ 3. Find the Gitblit Certificate Authority certificate, it should have a red
+    indicator meaning untrusted, and double-click it.
+ 4. Open the "Trust" disclosure triangle and change "When using this certificate"
+    to "Always Trust".
+ 5. Close the certificate view and enter your system password to save the changes
+    to your keychain. 
+  
+    
+[1] PKCS#12 is one of the standard container formats for sharing private keys and
+    public certificates.
+[2] http://www.openssl.org
diff --git a/src/main/distrib/data/certs/mail.tmpl_zh_TW b/src/main/distrib/data/certs/mail.tmpl_zh_TW
new file mode 100644
index 000000000..20eb5183c
--- /dev/null
+++ b/src/main/distrib/data/certs/mail.tmpl_zh_TW
@@ -0,0 +1,5 @@
+$userDisplayname 您好
+
+ 伺服器 $serverHostname 所需要的私鑰,公鑰以及Gitblit簽證檔案(CA)已經全部打包並且以zip壓縮檔方式寄給您.
+
+ 此外,檔案還附上各瀏覽器設定步驟供您參考.
\ No newline at end of file
diff --git a/src/main/distrib/data/defaults.properties b/src/main/distrib/data/defaults.properties
index 04166342c..51fa1253a 100644
--- a/src/main/distrib/data/defaults.properties
+++ b/src/main/distrib/data/defaults.properties
@@ -138,10 +138,25 @@ git.sshKeysManager = com.gitblit.transport.ssh.FileKeyManager
 # SINCE 1.5.0
 git.sshKeysFolder= ${baseFolder}/ssh
 
-# Use Kerberos5 (GSS) authentication
+
+# Authentication methods offered by the SSH server.
+# Space separated list of authentication method names that the
+# server shall offer. The default is "publickey password".
 #
-# SINCE 1.7.0
-git.sshWithKrb5 = false
+# Valid authentication method names are:
+#   publickey             - authenticate with SSH public key
+#   password              - authenticate with username, password
+#   keyboard-interactive  - currently synonym to 'password'
+#   gssapi-with-mic       - GSS API Kerberos 5 authentication
+#
+# This setting obsoletes the "git.sshWithKrb5" setting. To enable
+# Kerberos5 (GSS) authentication, add 'gssapi-with-mic' to the list.
+#
+# SINCE 1.9.0
+# RESTART REQUIRED
+# SPACE-DELIMITED
+git.sshAuthenticationMethods = publickey password
+
 
 # The path to a Kerberos 5 keytab.
 #
@@ -301,7 +316,7 @@ git.defaultIncrementalPushTagPrefix = r
 # the repository should be created with 'git init --shared' to make sure that
 # it can be accessed e.g. via ssh (user git) and http (user www-data).
 #
-# Valid values are the values available for the '--shared' option. The the manual
+# Valid values are the values available for the '--shared' option. See the manual
 # page for 'git init' for more information on shared repositories.
 #
 # SINCE 1.4.0
@@ -1950,6 +1965,22 @@ realm.ldap.email = email
 # SINCE 1.0.0
 realm.ldap.uid = uid
 
+# Attribute on the USER record that indicates their public SSH key.
+# Leave blank when public SSH keys shall not be retrieved from LDAP.
+#
+# This setting is only relevant when a public key manager is used that
+# retrieves SSH keys from LDAP (e.g. com.gitblit.transport.ssh.LdapKeyManager).
+#
+# The accepted format of the value is dependent on the public key manager used.
+# Examples:
+#  sshPublicKey - Use the attribute 'sshPublicKey' on the user record.
+#  altSecurityIdentities:SshKey - Use the attribute 'altSecurityIdentities'
+#                                 on the user record, for which the record value
+#                                 starts with 'SshKey:', followed by the SSH key entry.
+#
+# SINCE 1.9.0
+realm.ldap.sshPublicKey =
+
 # Defines whether to synchronize all LDAP users and teams into the user service
 # This requires either anonymous LDAP access or that a specific account is set
 # in realm.ldap.username and realm.ldap.password, that has permission to read
diff --git a/src/main/java/WEB-INF/web.xml b/src/main/java/WEB-INF/web.xml
index db7721539..c648dcdef 100644
--- a/src/main/java/WEB-INF/web.xml
+++ b/src/main/java/WEB-INF/web.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<web-app version="2.4"
-	xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_3_0.xsd">
+<web-app version="3.0"
+	xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
 
 	<!-- The base folder is used to specify the root location of your Gitblit data.
 	
@@ -49,4 +49,4 @@
 	<session-config>
 		<tracking-mode>COOKIE</tracking-mode>
 	</session-config>
-</web-app>
\ No newline at end of file
+</web-app>
diff --git a/src/main/java/WEB-INF/weblogic.xml b/src/main/java/WEB-INF/weblogic.xml
index cd08111d9..f41fa00d2 100644
--- a/src/main/java/WEB-INF/weblogic.xml
+++ b/src/main/java/WEB-INF/weblogic.xml
@@ -1,9 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<wls:weblogic-web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wls="http://www.bea.com/ns/weblogic/90" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd http://www.bea.com/ns/weblogic/90 http://www.bea.com/ns/weblogic/90/weblogic-web-app.xsd">
+<wls:weblogic-web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wls="http://www.bea.com/ns/weblogic/90" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd http://www.bea.com/ns/weblogic/90 http://www.bea.com/ns/weblogic/90/weblogic-web-app.xsd">
     <wls:weblogic-version>12.1.1</wls:weblogic-version>
     <wls:context-root>gitblit</wls:context-root>
     <wls:container-descriptor>
          <wls:show-archived-real-path-enabled>true</wls:show-archived-real-path-enabled>
          <wls:prefer-web-inf-classes>true</wls:prefer-web-inf-classes>
     </wls:container-descriptor>
-</wls:weblogic-web-app> 
\ No newline at end of file
+</wls:weblogic-web-app> 
diff --git a/src/main/java/com/gitblit/ConfigUserService.java b/src/main/java/com/gitblit/ConfigUserService.java
index 6d7230f71..025b1d8c0 100644
--- a/src/main/java/com/gitblit/ConfigUserService.java
+++ b/src/main/java/com/gitblit/ConfigUserService.java
@@ -898,7 +898,7 @@ protected synchronized void read() {
 					user.countryCode = config.getString(USER, username, COUNTRYCODE);
 					user.cookie = config.getString(USER, username, COOKIE);
 					if (StringUtils.isEmpty(user.cookie) && !StringUtils.isEmpty(user.password)) {
-						user.cookie = StringUtils.getSHA1(user.username + user.password);
+						user.cookie = user.createCookie();
 					}
 
 					// preferences
diff --git a/src/main/java/com/gitblit/Constants.java b/src/main/java/com/gitblit/Constants.java
index 1af79f094..af14ae5ac 100644
--- a/src/main/java/com/gitblit/Constants.java
+++ b/src/main/java/com/gitblit/Constants.java
@@ -63,6 +63,12 @@ public class Constants {
 	public static final String GIT_PATH = "/git/";
 	
 	public static final String REGEX_SHA256 = "[a-fA-F0-9]{64}";
+	
+	/**
+	 * This regular expression is used when searching for "mentions" in tickets
+	 * (when someone writes @thisOtherUser)
+	 */
+	public static final String REGEX_TICKET_MENTION = "\\B@(?<user>[^\\s]+)\\b";
 
 	public static final String ZIP_PATH = "/zip/";
 
diff --git a/src/main/java/com/gitblit/GitBlitServer.java b/src/main/java/com/gitblit/GitBlitServer.java
index d56d9c0c6..6123a872d 100644
--- a/src/main/java/com/gitblit/GitBlitServer.java
+++ b/src/main/java/com/gitblit/GitBlitServer.java
@@ -375,7 +375,8 @@ public void log(String message) {
 		HashSessionManager sessionManager = new HashSessionManager();
 		sessionManager.setHttpOnly(true);
 		// Use secure cookies if only serving https
-		sessionManager.setSecureRequestOnly(params.port <= 0 && params.securePort > 0);
+		sessionManager.setSecureRequestOnly( (params.port <= 0 && params.securePort > 0) ||
+				(params.port > 0 && params.securePort > 0 && settings.getBoolean(Keys.server.redirectToHttpsPort, true)) );
 		rootContext.getSessionHandler().setSessionManager(sessionManager);
 
 		// Ensure there is a defined User Service
diff --git a/src/main/java/com/gitblit/IUserService.java b/src/main/java/com/gitblit/IUserService.java
index 6f3c54233..468f968fc 100644
--- a/src/main/java/com/gitblit/IUserService.java
+++ b/src/main/java/com/gitblit/IUserService.java
@@ -26,6 +26,9 @@
  * Implementations of IUserService control all aspects of UserModel objects and
  * user authentication.
  *
+ * Plugins implementing this interface (which are instantiated during {@link com.gitblit.manager.UserManager#start()}) can provide
+ * a default constructor or might also use {@link IRuntimeManager} as a constructor argument which will be passed automatically then. 
+ *
  * @author James Moger
  *
  */
diff --git a/src/main/java/com/gitblit/auth/AuthenticationProvider.java b/src/main/java/com/gitblit/auth/AuthenticationProvider.java
index 0bfe23515..e359fd7e4 100644
--- a/src/main/java/com/gitblit/auth/AuthenticationProvider.java
+++ b/src/main/java/com/gitblit/auth/AuthenticationProvider.java
@@ -78,10 +78,10 @@ public String getServiceName() {
 
 	public abstract AuthenticationType getAuthenticationType();
 
-	protected void setCookie(UserModel user, char [] password) {
+	protected void setCookie(UserModel user) {
 		// create a user cookie
-		if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {
-			user.cookie = StringUtils.getSHA1(user.username + new String(password));
+		if (StringUtils.isEmpty(user.cookie)) {
+			user.cookie = user.createCookie();
 		}
 	}
 
diff --git a/src/main/java/com/gitblit/auth/HtpasswdAuthProvider.java b/src/main/java/com/gitblit/auth/HtpasswdAuthProvider.java
index 2cdabf6f8..3a6cb8ec1 100644
--- a/src/main/java/com/gitblit/auth/HtpasswdAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/HtpasswdAuthProvider.java
@@ -196,7 +196,7 @@ else if (supportPlaintextPwd() && storedPwd.equals(passwd)){
                 }
 
                 // create a user cookie
-                setCookie(user, password);
+                setCookie(user);
 
                 // Set user attributes, hide password from backing user service.
                 user.password = Constants.EXTERNAL_ACCOUNT;
diff --git a/src/main/java/com/gitblit/auth/LdapAuthProvider.java b/src/main/java/com/gitblit/auth/LdapAuthProvider.java
index e1dec48fb..6a2cbde2d 100644
--- a/src/main/java/com/gitblit/auth/LdapAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/LdapAuthProvider.java
@@ -16,9 +16,6 @@
  */
 package com.gitblit.auth;
 
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.security.GeneralSecurityException;
 import java.text.MessageFormat;
 import java.util.Arrays;
 import java.util.HashMap;
@@ -33,28 +30,20 @@
 import com.gitblit.Constants.Role;
 import com.gitblit.Keys;
 import com.gitblit.auth.AuthenticationProvider.UsernamePasswordAuthenticationProvider;
+import com.gitblit.ldap.LdapConnection;
 import com.gitblit.models.TeamModel;
 import com.gitblit.models.UserModel;
 import com.gitblit.service.LdapSyncService;
 import com.gitblit.utils.ArrayUtils;
 import com.gitblit.utils.StringUtils;
 import com.unboundid.ldap.sdk.Attribute;
-import com.unboundid.ldap.sdk.BindRequest;
 import com.unboundid.ldap.sdk.BindResult;
-import com.unboundid.ldap.sdk.DereferencePolicy;
-import com.unboundid.ldap.sdk.ExtendedResult;
-import com.unboundid.ldap.sdk.LDAPConnection;
 import com.unboundid.ldap.sdk.LDAPException;
-import com.unboundid.ldap.sdk.LDAPSearchException;
 import com.unboundid.ldap.sdk.ResultCode;
 import com.unboundid.ldap.sdk.SearchRequest;
 import com.unboundid.ldap.sdk.SearchResult;
 import com.unboundid.ldap.sdk.SearchResultEntry;
 import com.unboundid.ldap.sdk.SearchScope;
-import com.unboundid.ldap.sdk.SimpleBindRequest;
-import com.unboundid.ldap.sdk.extensions.StartTLSExtendedRequest;
-import com.unboundid.util.ssl.SSLUtil;
-import com.unboundid.util.ssl.TrustAllTrustManager;
 
 /**
  * Implementation of an LDAP user service.
@@ -109,7 +98,7 @@ public synchronized void sync() {
 		if (enabled) {
 			logger.info("Synchronizing with LDAP @ " + settings.getRequiredString(Keys.realm.ldap.server));
 			final boolean deleteRemovedLdapUsers = settings.getBoolean(Keys.realm.ldap.removeDeletedUsers, true);
-			LdapConnection ldapConnection = new LdapConnection();
+			LdapConnection ldapConnection = new LdapConnection(settings);
 			if (ldapConnection.connect()) {
 				if (ldapConnection.bind() == null) {
 					ldapConnection.close();
@@ -118,9 +107,9 @@ public synchronized void sync() {
 				}
 
 				try {
-					String accountBase = settings.getString(Keys.realm.ldap.accountBase, "");
 					String uidAttribute = settings.getString(Keys.realm.ldap.uid, "uid");
-					String accountPattern = settings.getString(Keys.realm.ldap.accountPattern, "(&(objectClass=person)(sAMAccountName=${username}))");
+					String accountBase = ldapConnection.getAccountBase();
+					String accountPattern = ldapConnection.getAccountPattern();
 					accountPattern = StringUtils.replace(accountPattern, "${username}", "*");
 
 					SearchResult result = doSearch(ldapConnection, accountBase, accountPattern);
@@ -171,6 +160,8 @@ public synchronized void sync() {
 							final Map<String, TeamModel> userTeams = new HashMap<String, TeamModel>();
 							for (UserModel user : ldapUsers.values()) {
 								for (TeamModel userTeam : user.teams) {
+									// Is this an administrative team?
+									setAdminAttribute(userTeam);
 									userTeams.put(userTeam.name, userTeam);
 								}
 							}
@@ -238,10 +229,7 @@ public boolean supportsTeamMembershipChanges() {
     public boolean supportsRoleChanges(UserModel user, Role role) {
     	if (Role.ADMIN == role) {
     		if (!supportsTeamMembershipChanges()) {
-    			List<String> admins = settings.getStrings(Keys.realm.ldap.admins);
-    			if (admins.contains(user.username)) {
-    				return false;
-    			}
+				return false;
     		}
     	}
         return true;
@@ -251,10 +239,7 @@ public boolean supportsRoleChanges(UserModel user, Role role) {
 	public boolean supportsRoleChanges(TeamModel team, Role role) {
 		if (Role.ADMIN == role) {
     		if (!supportsTeamMembershipChanges()) {
-    			List<String> admins = settings.getStrings(Keys.realm.ldap.admins);
-    			if (admins.contains("@" + team.name)) {
-    				return false;
-    			}
+				return false;
     		}
     	}
 		return true;
@@ -269,7 +254,7 @@ public AccountType getAccountType() {
 	public UserModel authenticate(String username, char[] password) {
 		String simpleUsername = getSimpleUsername(username);
 
-		LdapConnection ldapConnection = new LdapConnection();
+		LdapConnection ldapConnection = new LdapConnection(settings);
 		if (ldapConnection.connect()) {
 
 			// Try to bind either to the "manager" account,
@@ -290,11 +275,7 @@ public UserModel authenticate(String username, char[] password) {
 
 			try {
 				// Find the logging in user's DN
-				String accountBase = settings.getString(Keys.realm.ldap.accountBase, "");
-				String accountPattern = settings.getString(Keys.realm.ldap.accountPattern, "(&(objectClass=person)(sAMAccountName=${username}))");
-				accountPattern = StringUtils.replace(accountPattern, "${username}", escapeLDAPSearchFilter(simpleUsername));
-
-				SearchResult result = doSearch(ldapConnection, accountBase, accountPattern);
+				SearchResult result = ldapConnection.searchUser(simpleUsername);
 				if (result != null && result.getEntryCount() == 1) {
 					SearchResultEntry loggingInUser = result.getSearchEntries().get(0);
 					String loggingInUserDN = loggingInUser.getDN();
@@ -311,7 +292,7 @@ public UserModel authenticate(String username, char[] password) {
 							}
 
 							// create a user cookie
-							setCookie(user, password);
+							setCookie(user);
 
 							if (!supportsTeamMembershipChanges()) {
 								getTeamsFromLdap(ldapConnection, simpleUsername, loggingInUser, user);
@@ -325,6 +306,8 @@ public UserModel authenticate(String username, char[] password) {
 
 							if (!supportsTeamMembershipChanges()) {
 								for (TeamModel userTeam : user.teams) {
+									// Is this an administrative team?
+									setAdminAttribute(userTeam);
 									updateTeam(userTeam);
 								}
 							}
@@ -355,10 +338,7 @@ private void setAdminAttribute(UserModel user) {
 			if (!ArrayUtils.isEmpty(admins)) {
 				user.canAdmin = false;
 				for (String admin : admins) {
-					if (admin.startsWith("@") && user.isTeamMember(admin.substring(1))) {
-						// admin team
-						user.canAdmin = true;
-					} else if (user.getName().equalsIgnoreCase(admin)) {
+					if (user.getName().equalsIgnoreCase(admin)) {
 						// admin user
 						user.canAdmin = true;
 					}
@@ -367,6 +347,30 @@ private void setAdminAttribute(UserModel user) {
 		}
 	}
 
+	/**
+	 * Set the canAdmin attribute for team retrieved from LDAP.
+	 * If we are not storing teams in LDAP and/or we have not defined any
+	 * administrator teams, then do not change the admin flag.
+	 *
+	 * @param team
+	 */
+	private void setAdminAttribute(TeamModel team) {
+		if (!supportsTeamMembershipChanges()) {
+			List<String> admins = settings.getStrings(Keys.realm.ldap.admins);
+			// if we have defined administrative teams, then set admin flag
+			// otherwise leave admin flag unchanged
+			if (!ArrayUtils.isEmpty(admins)) {
+				team.canAdmin = false;
+				for (String admin : admins) {
+					if (admin.startsWith("@") && team.name.equalsIgnoreCase(admin.substring(1))) {
+						// admin team
+						team.canAdmin = true;
+					}
+				}
+			}
+		}
+	}
+
 	private void setUserAttributes(UserModel user, SearchResultEntry userEntry) {
 		// Is this user an admin?
 		setAdminAttribute(user);
@@ -422,12 +426,12 @@ private void getTeamsFromLdap(LdapConnection ldapConnection, String simpleUserna
 		String groupBase = settings.getString(Keys.realm.ldap.groupBase, "");
 		String groupMemberPattern = settings.getString(Keys.realm.ldap.groupMemberPattern, "(&(objectClass=group)(member=${dn}))");
 
-		groupMemberPattern = StringUtils.replace(groupMemberPattern, "${dn}", escapeLDAPSearchFilter(loggingInUserDN));
-		groupMemberPattern = StringUtils.replace(groupMemberPattern, "${username}", escapeLDAPSearchFilter(simpleUsername));
+		groupMemberPattern = StringUtils.replace(groupMemberPattern, "${dn}", LdapConnection.escapeLDAPSearchFilter(loggingInUserDN));
+		groupMemberPattern = StringUtils.replace(groupMemberPattern, "${username}", LdapConnection.escapeLDAPSearchFilter(simpleUsername));
 
 		// Fill in attributes into groupMemberPattern
 		for (Attribute userAttribute : loggingInUser.getAttributes()) {
-			groupMemberPattern = StringUtils.replace(groupMemberPattern, "${" + userAttribute.getName() + "}", escapeLDAPSearchFilter(userAttribute.getValue()));
+			groupMemberPattern = StringUtils.replace(groupMemberPattern, "${" + userAttribute.getName() + "}", LdapConnection.escapeLDAPSearchFilter(userAttribute.getValue()));
 		}
 
 		SearchResult teamMembershipResult = searchTeamsInLdap(ldapConnection, groupBase, true, groupMemberPattern, Arrays.asList("cn"));
@@ -462,6 +466,7 @@ private void getEmptyTeamsFromLdap(LdapConnection ldapConnection) {
 					TeamModel teamModel = userManager.getTeamModel(teamName);
 					if (teamModel == null) {
 						teamModel = createTeamFromLdap(teamEntry);
+						setAdminAttribute(teamModel);
 						userManager.updateTeamModel(teamModel);
 					}
 				}
@@ -518,6 +523,7 @@ private SearchResult doSearch(LdapConnection ldapConnection, String base, String
 
 
 
+
 	/**
 	 * Returns a simple username without any domain prefixes.
 	 *
@@ -533,34 +539,6 @@ protected String getSimpleUsername(String username) {
 		return username;
 	}
 
-	// From: https://www.owasp.org/index.php/Preventing_LDAP_Injection_in_Java
-	private static final String escapeLDAPSearchFilter(String filter) {
-		StringBuilder sb = new StringBuilder();
-		for (int i = 0; i < filter.length(); i++) {
-			char curChar = filter.charAt(i);
-			switch (curChar) {
-			case '\\':
-				sb.append("\\5c");
-				break;
-			case '*':
-				sb.append("\\2a");
-				break;
-			case '(':
-				sb.append("\\28");
-				break;
-			case ')':
-				sb.append("\\29");
-				break;
-			case '\u0000':
-				sb.append("\\00");
-				break;
-			default:
-				sb.append(curChar);
-			}
-		}
-		return sb.toString();
-	}
-
 	private void configureSyncService() {
 		LdapSyncService ldapSyncService = new LdapSyncService(settings, this);
 		if (ldapSyncService.isReady()) {
@@ -573,226 +551,4 @@ private void configureSyncService() {
 			logger.info("Ldap sync service is disabled.");
 		}
 	}
-
-
-
-	private class LdapConnection {
-		private LDAPConnection conn;
-		private SimpleBindRequest currentBindRequest;
-		private SimpleBindRequest managerBindRequest;
-		private SimpleBindRequest userBindRequest;
-
-
-		public LdapConnection() {
-			String bindUserName = settings.getString(Keys.realm.ldap.username, "");
-			String bindPassword = settings.getString(Keys.realm.ldap.password, "");
-			if (StringUtils.isEmpty(bindUserName) && StringUtils.isEmpty(bindPassword)) {
-				this.managerBindRequest = new SimpleBindRequest();
-			}
-			this.managerBindRequest = new SimpleBindRequest(bindUserName, bindPassword);
-		}
-
-
-		boolean connect() {
-			try {
-				URI ldapUrl = new URI(settings.getRequiredString(Keys.realm.ldap.server));
-				String ldapHost = ldapUrl.getHost();
-				int ldapPort = ldapUrl.getPort();
-
-				if (ldapUrl.getScheme().equalsIgnoreCase("ldaps")) {
-					// SSL
-					SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
-					conn = new LDAPConnection(sslUtil.createSSLSocketFactory());
-					if (ldapPort == -1) {
-						ldapPort = 636;
-					}
-				} else if (ldapUrl.getScheme().equalsIgnoreCase("ldap") || ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) {
-					// no encryption or StartTLS
-					conn = new LDAPConnection();
-					 if (ldapPort == -1) {
-						 ldapPort = 389;
-					 }
-				} else {
-					logger.error("Unsupported LDAP URL scheme: " + ldapUrl.getScheme());
-					return false;
-				}
-
-				conn.connect(ldapHost, ldapPort);
-
-				if (ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) {
-					SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
-					ExtendedResult extendedResult = conn.processExtendedOperation(
-							new StartTLSExtendedRequest(sslUtil.createSSLContext()));
-					if (extendedResult.getResultCode() != ResultCode.SUCCESS) {
-						throw new LDAPException(extendedResult.getResultCode());
-					}
-				}
-
-				return true;
-
-			} catch (URISyntaxException e) {
-				logger.error("Bad LDAP URL, should be in the form: ldap(s|+tls)://<server>:<port>", e);
-			} catch (GeneralSecurityException e) {
-				logger.error("Unable to create SSL Connection", e);
-			} catch (LDAPException e) {
-				logger.error("Error Connecting to LDAP", e);
-			}
-
-			return false;
-		}
-
-
-		void close() {
-			if (conn != null) {
-				conn.close();
-			}
-		}
-
-
-		SearchResult search(SearchRequest request) {
-			try {
-				return conn.search(request);
-			} catch (LDAPSearchException e) {
-				logger.error("Problem Searching LDAP [{}]",  e.getResultCode());
-				return e.getSearchResult();
-			}
-		}
-
-
-		SearchResult search(String base, boolean dereferenceAliases, String filter, List<String> attributes) {
-			try {
-				SearchRequest searchRequest = new SearchRequest(base, SearchScope.SUB, filter);
-				if (dereferenceAliases) {
-					searchRequest.setDerefPolicy(DereferencePolicy.SEARCHING);
-				}
-				if (attributes != null) {
-					searchRequest.setAttributes(attributes);
-				}
-				SearchResult result = search(searchRequest);
-				return result;
-
-			} catch (LDAPException e) {
-				logger.error("Problem creating LDAP search", e);
-				return null;
-			}
-		}
-
-
-
-		/**
-		 * Bind using the manager credentials set in realm.ldap.username and ..password
-		 * @return A bind result, or null if binding failed.
-		 */
-		BindResult bind() {
-			BindResult result = null;
-			try {
-				result = conn.bind(managerBindRequest);
-				currentBindRequest = managerBindRequest;
-			} catch (LDAPException e) {
-				logger.error("Error authenticating to LDAP with manager account to search the directory.");
-				logger.error("  Please check your settings for realm.ldap.username and realm.ldap.password.");
-				logger.debug("  Received exception when binding to LDAP", e);
-				return null;
-			}
-			return result;
-		}
-
-
-		/**
-		 * Bind using the given credentials, by filling in the username in the given {@code bindPattern} to
-		 * create the DN.
-		 * @return A bind result, or null if binding failed.
-		 */
-		BindResult bind(String bindPattern, String simpleUsername, String password) {
-			BindResult result = null;
-			try {
-				String bindUser = StringUtils.replace(bindPattern, "${username}", escapeLDAPSearchFilter(simpleUsername));
-				SimpleBindRequest request = new SimpleBindRequest(bindUser, password);
-				result = conn.bind(request);
-				userBindRequest = request;
-				currentBindRequest = userBindRequest;
-			} catch (LDAPException e) {
-				logger.error("Error authenticating to LDAP with user account to search the directory.");
-				logger.error("  Please check your settings for realm.ldap.bindpattern.");
-				logger.debug("  Received exception when binding to LDAP", e);
-				return null;
-			}
-			return result;
-		}
-
-
-		boolean rebindAsUser() {
-			if (userBindRequest == null || currentBindRequest == userBindRequest) {
-				return false;
-			}
-			try {
-				conn.bind(userBindRequest);
-				currentBindRequest = userBindRequest;
-			} catch (LDAPException e) {
-				conn.close();
-				logger.error("Error rebinding to LDAP with user account.", e);
-				return false;
-			}
-			return true;
-		}
-
-
-		boolean isAuthenticated(String userDn, String password) {
-			verifyCurrentBinding();
-
-			// If the currently bound DN is already the DN of the logging in user, authentication has already happened
-			// during the previous bind operation. We accept this and return with the current bind left in place.
-			// This could also be changed to always retry binding as the logging in user, to make sure that the
-			// connection binding has not been tampered with in between. So far I see no way how this could happen
-			// and thus skip the repeated binding.
-			// This check also makes sure that the DN in realm.ldap.bindpattern actually matches the DN that was found
-			// when searching the user entry.
-			String boundDN = currentBindRequest.getBindDN();
-			if (boundDN != null && boundDN.equals(userDn)) {
-				return true;
-			}
-
-			// Bind a the logging in user to check for authentication.
-			// Afterwards, bind as the original bound DN again, to restore the previous authorization.
-			boolean isAuthenticated = false;
-			try {
-				// Binding will stop any LDAP-Injection Attacks since the searched-for user needs to bind to that DN
-				SimpleBindRequest ubr = new SimpleBindRequest(userDn, password);
-				conn.bind(ubr);
-				isAuthenticated = true;
-				userBindRequest = ubr;
-			} catch (LDAPException e) {
-				logger.error("Error authenticating user ({})", userDn, e);
-			}
-
-			try {
-				conn.bind(currentBindRequest);
-			} catch (LDAPException e) {
-				logger.error("Error reinstating original LDAP authorization (code {}). Team information may be inaccurate for this log in.",
-							e.getResultCode(), e);
-			}
-			return isAuthenticated;
-		}
-
-
-
-		private boolean verifyCurrentBinding() {
-			BindRequest lastBind = conn.getLastBindRequest();
-			if (lastBind == currentBindRequest) {
-				return true;
-			}
-			logger.debug("Unexpected binding in LdapConnection. {} != {}", lastBind, currentBindRequest);
-
-			String lastBoundDN = ((SimpleBindRequest)lastBind).getBindDN();
-			String boundDN = currentBindRequest.getBindDN();
-			logger.debug("Currently bound as '{}', check authentication for '{}'", lastBoundDN, boundDN);
-			if (boundDN != null && ! boundDN.equals(lastBoundDN)) {
-				logger.warn("Unexpected binding DN in LdapConnection. '{}' != '{}'.", lastBoundDN, boundDN);
-				logger.warn("Updated binding information in LDAP connection.");
-				currentBindRequest = (SimpleBindRequest)lastBind;
-				return false;
-			}
-			return true;
-		}
-	}
 }
diff --git a/src/main/java/com/gitblit/auth/PAMAuthProvider.java b/src/main/java/com/gitblit/auth/PAMAuthProvider.java
index 46f4dd6a6..b38d49df9 100644
--- a/src/main/java/com/gitblit/auth/PAMAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/PAMAuthProvider.java
@@ -122,7 +122,7 @@ public UserModel authenticate(String username, char[] password) {
         }
 
         // create a user cookie
-        setCookie(user, password);
+        setCookie(user);
 
         // update user attributes from UnixUser
         user.accountType = getAccountType();
diff --git a/src/main/java/com/gitblit/auth/RedmineAuthProvider.java b/src/main/java/com/gitblit/auth/RedmineAuthProvider.java
index 27cece299..364aff042 100644
--- a/src/main/java/com/gitblit/auth/RedmineAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/RedmineAuthProvider.java
@@ -139,7 +139,7 @@ public UserModel authenticate(String username, char[] password) {
         }
 
         // create a user cookie
-        setCookie(user, password);
+        setCookie(user);
 
         // update user attributes from Redmine
         user.accountType = getAccountType();
diff --git a/src/main/java/com/gitblit/auth/SalesforceAuthProvider.java b/src/main/java/com/gitblit/auth/SalesforceAuthProvider.java
index df033c27a..79c3a0c47 100644
--- a/src/main/java/com/gitblit/auth/SalesforceAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/SalesforceAuthProvider.java
@@ -66,7 +66,7 @@ public UserModel authenticate(String username, char[] password) {
 					user = new UserModel(simpleUsername);
 				}
 
-				setCookie(user, password);
+				setCookie(user);
 				setUserAttributes(user, info);
 
 				updateUser(user);
diff --git a/src/main/java/com/gitblit/auth/WindowsAuthProvider.java b/src/main/java/com/gitblit/auth/WindowsAuthProvider.java
index aee51008a..4c31fb15b 100644
--- a/src/main/java/com/gitblit/auth/WindowsAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/WindowsAuthProvider.java
@@ -153,7 +153,7 @@ public UserModel authenticate(String username, char[] password) {
         }
 
         // create a user cookie
-        setCookie(user, password);
+        setCookie(user);
 
         // update user attributes from Windows identity
         user.accountType = getAccountType();
diff --git a/src/main/java/com/gitblit/authority/GitblitAuthority.java b/src/main/java/com/gitblit/authority/GitblitAuthority.java
index 5f4a7e7f3..15c23a79c 100644
--- a/src/main/java/com/gitblit/authority/GitblitAuthority.java
+++ b/src/main/java/com/gitblit/authority/GitblitAuthority.java
@@ -48,7 +48,9 @@
 import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
+import java.util.ResourceBundle;
 
 import javax.mail.Message;
 import javax.swing.ImageIcon;
@@ -98,6 +100,7 @@
 import com.gitblit.utils.X509Utils.RevocationReason;
 import com.gitblit.utils.X509Utils.X509Log;
 import com.gitblit.utils.X509Utils.X509Metadata;
+import com.gitblit.wicket.GitBlitWebSession;
 
 /**
  * Simple GUI tool for administering Gitblit client certificates.
@@ -447,7 +450,7 @@ public boolean newCertificate(UserCertificateModel ucm, X509Metadata metadata, b
 				}
 
 				File caKeystoreFile = new File(folder, X509Utils.CA_KEY_STORE);
-				File zip = X509Utils.newClientBundle(metadata, caKeystoreFile, caKeystorePassword, GitblitAuthority.this);
+				File zip = X509Utils.newClientBundle(user,metadata, caKeystoreFile, caKeystorePassword, GitblitAuthority.this);
 
 				// save latest expiration date
 				if (ucm.expires == null || metadata.notAfter.before(ucm.expires)) {
@@ -850,9 +853,19 @@ private boolean sendEmail(UserModel user, X509Metadata metadata, File zip) {
 		try {
 			if (mail.isReady()) {
 				Mailing mailing = Mailing.newPlain();
-				mailing.subject = "Your Gitblit client certificate for " + metadata.serverHostname;
+                if( user.getPreferences().getLocale()!=null )
+                    mailing.subject = MessageFormat.format(ResourceBundle.getBundle("com.gitblit.wicket.GitBlitWebApp",user.getPreferences().getLocale()).getString("gb.emailClientCertificateSubject"), metadata.serverHostname);
+                else
+                    mailing.subject = MessageFormat.format(ResourceBundle.getBundle("com.gitblit.wicket.GitBlitWebApp", Locale.ENGLISH).getString("gb.emailClientCertificateSubject") , metadata.serverHostname);
 				mailing.setRecipients(user.emailAddress);
-				String body = X509Utils.processTemplate(new File(folder, X509Utils.CERTS + File.separator + "mail.tmpl"), metadata);
+				File fileMailTmp = null;
+				String body = null;
+				if( (fileMailTmp = new File(folder, X509Utils.CERTS + File.separator +  "mail.tmpl"+"_"+user.getPreferences().getLocale())).exists())
+				  body = X509Utils.processTemplate(fileMailTmp, metadata);
+				else{
+				  fileMailTmp = new File(folder, X509Utils.CERTS + File.separator +  "mail.tmpl");
+				  body = X509Utils.processTemplate(fileMailTmp, metadata);
+				}  
 				if (StringUtils.isEmpty(body)) {
 					body = MessageFormat.format("Hi {0}\n\nHere is your client certificate bundle.\nInside the zip file are installation instructions.", user.getDisplayName());
 				}
diff --git a/src/main/java/com/gitblit/client/EditUserDialog.java b/src/main/java/com/gitblit/client/EditUserDialog.java
index 676916b23..4b01ff046 100644
--- a/src/main/java/com/gitblit/client/EditUserDialog.java
+++ b/src/main/java/com/gitblit/client/EditUserDialog.java
@@ -330,7 +330,7 @@ private boolean validateFields() {
 			}
 
 			// change the cookie
-			user.cookie = StringUtils.getSHA1(user.username + password);
+			user.cookie = user.createCookie();
 
 			String type = settings.get(Keys.realm.passwordStorage).getString("md5");
 			if (type.equalsIgnoreCase("md5")) {
diff --git a/src/main/java/com/gitblit/ldap/LdapConnection.java b/src/main/java/com/gitblit/ldap/LdapConnection.java
new file mode 100644
index 000000000..14fedf100
--- /dev/null
+++ b/src/main/java/com/gitblit/ldap/LdapConnection.java
@@ -0,0 +1,338 @@
+/*
+ * Copyright 2016 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package com.gitblit.ldap;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.security.GeneralSecurityException;
+import java.util.List;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.gitblit.IStoredSettings;
+import com.gitblit.Keys;
+import com.gitblit.utils.StringUtils;
+import com.unboundid.ldap.sdk.BindRequest;
+import com.unboundid.ldap.sdk.BindResult;
+import com.unboundid.ldap.sdk.DereferencePolicy;
+import com.unboundid.ldap.sdk.ExtendedResult;
+import com.unboundid.ldap.sdk.LDAPConnection;
+import com.unboundid.ldap.sdk.LDAPException;
+import com.unboundid.ldap.sdk.LDAPSearchException;
+import com.unboundid.ldap.sdk.ResultCode;
+import com.unboundid.ldap.sdk.SearchRequest;
+import com.unboundid.ldap.sdk.SearchResult;
+import com.unboundid.ldap.sdk.SearchScope;
+import com.unboundid.ldap.sdk.SimpleBindRequest;
+import com.unboundid.ldap.sdk.extensions.StartTLSExtendedRequest;
+import com.unboundid.util.ssl.SSLUtil;
+import com.unboundid.util.ssl.TrustAllTrustManager;
+
+public class LdapConnection implements AutoCloseable {
+
+	private final Logger logger = LoggerFactory.getLogger(getClass());
+
+	private IStoredSettings settings;
+
+	private LDAPConnection conn;
+	private SimpleBindRequest currentBindRequest;
+	private SimpleBindRequest managerBindRequest;
+	private SimpleBindRequest userBindRequest;
+
+
+	// From: https://www.owasp.org/index.php/Preventing_LDAP_Injection_in_Java
+	public static final String escapeLDAPSearchFilter(String filter) {
+		StringBuilder sb = new StringBuilder();
+		for (int i = 0; i < filter.length(); i++) {
+			char curChar = filter.charAt(i);
+			switch (curChar) {
+			case '\\':
+				sb.append("\\5c");
+				break;
+			case '*':
+				sb.append("\\2a");
+				break;
+			case '(':
+				sb.append("\\28");
+				break;
+			case ')':
+				sb.append("\\29");
+				break;
+			case '\u0000':
+				sb.append("\\00");
+				break;
+			default:
+				sb.append(curChar);
+			}
+		}
+		return sb.toString();
+	}
+
+
+
+	public static String getAccountBase(IStoredSettings settings) {
+		return settings.getString(Keys.realm.ldap.accountBase, "");
+	}
+
+	public static String getAccountPattern(IStoredSettings settings) {
+		return settings.getString(Keys.realm.ldap.accountPattern, "(&(objectClass=person)(sAMAccountName=${username}))");
+	}
+
+
+
+	public LdapConnection(IStoredSettings settings) {
+		this.settings = settings;
+
+		String bindUserName = settings.getString(Keys.realm.ldap.username, "");
+		String bindPassword = settings.getString(Keys.realm.ldap.password, "");
+		if (StringUtils.isEmpty(bindUserName) && StringUtils.isEmpty(bindPassword)) {
+			this.managerBindRequest = new SimpleBindRequest();
+		}
+		this.managerBindRequest = new SimpleBindRequest(bindUserName, bindPassword);
+	}
+
+
+
+	public String getAccountBase() {
+		return getAccountBase(settings);
+	}
+
+	public String getAccountPattern() {
+		return getAccountPattern(settings);
+	}
+
+
+
+	public boolean connect() {
+		try {
+			URI ldapUrl = new URI(settings.getRequiredString(Keys.realm.ldap.server));
+			String ldapHost = ldapUrl.getHost();
+			int ldapPort = ldapUrl.getPort();
+
+			if (ldapUrl.getScheme().equalsIgnoreCase("ldaps")) {
+				// SSL
+				SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
+				conn = new LDAPConnection(sslUtil.createSSLSocketFactory());
+				if (ldapPort == -1) {
+					ldapPort = 636;
+				}
+			} else if (ldapUrl.getScheme().equalsIgnoreCase("ldap") || ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) {
+				// no encryption or StartTLS
+				conn = new LDAPConnection();
+				 if (ldapPort == -1) {
+					 ldapPort = 389;
+				 }
+			} else {
+				logger.error("Unsupported LDAP URL scheme: " + ldapUrl.getScheme());
+				return false;
+			}
+
+			conn.connect(ldapHost, ldapPort);
+
+			if (ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) {
+				SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
+				ExtendedResult extendedResult = conn.processExtendedOperation(
+						new StartTLSExtendedRequest(sslUtil.createSSLContext()));
+				if (extendedResult.getResultCode() != ResultCode.SUCCESS) {
+					throw new LDAPException(extendedResult.getResultCode());
+				}
+			}
+
+			return true;
+
+		} catch (URISyntaxException e) {
+			logger.error("Bad LDAP URL, should be in the form: ldap(s|+tls)://<server>:<port>", e);
+		} catch (GeneralSecurityException e) {
+			logger.error("Unable to create SSL Connection", e);
+		} catch (LDAPException e) {
+			logger.error("Error Connecting to LDAP", e);
+		}
+
+		return false;
+	}
+
+
+	public void close() {
+		if (conn != null) {
+			conn.close();
+		}
+	}
+
+
+
+	/**
+	 * Bind using the manager credentials set in realm.ldap.username and ..password
+	 * @return A bind result, or null if binding failed.
+	 */
+	public BindResult bind() {
+		BindResult result = null;
+		try {
+			result = conn.bind(managerBindRequest);
+			currentBindRequest = managerBindRequest;
+		} catch (LDAPException e) {
+			logger.error("Error authenticating to LDAP with manager account to search the directory.");
+			logger.error("  Please check your settings for realm.ldap.username and realm.ldap.password.");
+			logger.debug("  Received exception when binding to LDAP", e);
+			return null;
+		}
+		return result;
+	}
+
+
+	/**
+	 * Bind using the given credentials, by filling in the username in the given {@code bindPattern} to
+	 * create the DN.
+	 * @return A bind result, or null if binding failed.
+	 */
+	public BindResult bind(String bindPattern, String simpleUsername, String password) {
+		BindResult result = null;
+		try {
+			String bindUser = StringUtils.replace(bindPattern, "${username}", escapeLDAPSearchFilter(simpleUsername));
+			SimpleBindRequest request = new SimpleBindRequest(bindUser, password);
+			result = conn.bind(request);
+			userBindRequest = request;
+			currentBindRequest = userBindRequest;
+		} catch (LDAPException e) {
+			logger.error("Error authenticating to LDAP with user account to search the directory.");
+			logger.error("  Please check your settings for realm.ldap.bindpattern.");
+			logger.debug("  Received exception when binding to LDAP", e);
+			return null;
+		}
+		return result;
+	}
+
+
+	public boolean rebindAsUser() {
+		if (userBindRequest == null || currentBindRequest == userBindRequest) {
+			return false;
+		}
+		try {
+			conn.bind(userBindRequest);
+			currentBindRequest = userBindRequest;
+		} catch (LDAPException e) {
+			conn.close();
+			logger.error("Error rebinding to LDAP with user account.", e);
+			return false;
+		}
+		return true;
+	}
+
+
+
+	public boolean isAuthenticated(String userDn, String password) {
+		verifyCurrentBinding();
+
+		// If the currently bound DN is already the DN of the logging in user, authentication has already happened
+		// during the previous bind operation. We accept this and return with the current bind left in place.
+		// This could also be changed to always retry binding as the logging in user, to make sure that the
+		// connection binding has not been tampered with in between. So far I see no way how this could happen
+		// and thus skip the repeated binding.
+		// This check also makes sure that the DN in realm.ldap.bindpattern actually matches the DN that was found
+		// when searching the user entry.
+		String boundDN = currentBindRequest.getBindDN();
+		if (boundDN != null && boundDN.equals(userDn)) {
+			return true;
+		}
+
+		// Bind a the logging in user to check for authentication.
+		// Afterwards, bind as the original bound DN again, to restore the previous authorization.
+		boolean isAuthenticated = false;
+		try {
+			// Binding will stop any LDAP-Injection Attacks since the searched-for user needs to bind to that DN
+			SimpleBindRequest ubr = new SimpleBindRequest(userDn, password);
+			conn.bind(ubr);
+			isAuthenticated = true;
+			userBindRequest = ubr;
+		} catch (LDAPException e) {
+			logger.error("Error authenticating user ({})", userDn, e);
+		}
+
+		try {
+			conn.bind(currentBindRequest);
+		} catch (LDAPException e) {
+			logger.error("Error reinstating original LDAP authorization (code {}). Team information may be inaccurate for this log in.",
+						e.getResultCode(), e);
+		}
+		return isAuthenticated;
+	}
+
+
+
+
+	public SearchResult search(SearchRequest request) {
+		try {
+			return conn.search(request);
+		} catch (LDAPSearchException e) {
+			logger.error("Problem Searching LDAP [{}]",  e.getResultCode());
+			return e.getSearchResult();
+		}
+	}
+
+
+	public SearchResult search(String base, boolean dereferenceAliases, String filter, List<String> attributes) {
+		try {
+			SearchRequest searchRequest = new SearchRequest(base, SearchScope.SUB, filter);
+			if (dereferenceAliases) {
+				searchRequest.setDerefPolicy(DereferencePolicy.SEARCHING);
+			}
+			if (attributes != null) {
+				searchRequest.setAttributes(attributes);
+			}
+			SearchResult result = search(searchRequest);
+			return result;
+
+		} catch (LDAPException e) {
+			logger.error("Problem creating LDAP search", e);
+			return null;
+		}
+	}
+
+
+	public SearchResult searchUser(String username, List<String> attributes) {
+
+		String accountPattern = getAccountPattern();
+		accountPattern = StringUtils.replace(accountPattern, "${username}", escapeLDAPSearchFilter(username));
+
+		return search(getAccountBase(), false, accountPattern, attributes);
+	}
+
+
+	public SearchResult searchUser(String username) {
+		return searchUser(username, null);
+	}
+
+
+
+	private boolean verifyCurrentBinding() {
+		BindRequest lastBind = conn.getLastBindRequest();
+		if (lastBind == currentBindRequest) {
+			return true;
+		}
+		logger.debug("Unexpected binding in LdapConnection. {} != {}", lastBind, currentBindRequest);
+
+		String lastBoundDN = ((SimpleBindRequest)lastBind).getBindDN();
+		String boundDN = currentBindRequest.getBindDN();
+		logger.debug("Currently bound as '{}', check authentication for '{}'", lastBoundDN, boundDN);
+		if (boundDN != null && ! boundDN.equals(lastBoundDN)) {
+			logger.warn("Unexpected binding DN in LdapConnection. '{}' != '{}'.", lastBoundDN, boundDN);
+			logger.warn("Updated binding information in LDAP connection.");
+			currentBindRequest = (SimpleBindRequest)lastBind;
+			return false;
+		}
+		return true;
+	}
+}
diff --git a/src/main/java/com/gitblit/manager/AuthenticationManager.java b/src/main/java/com/gitblit/manager/AuthenticationManager.java
index 497876315..0a4d8ed72 100644
--- a/src/main/java/com/gitblit/manager/AuthenticationManager.java
+++ b/src/main/java/com/gitblit/manager/AuthenticationManager.java
@@ -608,6 +608,11 @@ public void setCookie(HttpServletRequest request, HttpServletResponse response,
 						userCookie = new Cookie(Constants.NAME, cookie);
 						// expire the cookie in 7 days
 						userCookie.setMaxAge((int) TimeUnit.DAYS.toSeconds(7));
+
+						// Set cookies HttpOnly so they are not accessible to JavaScript engines
+						userCookie.setHttpOnly(true);
+						// Set secure cookie if only HTTPS is used
+						userCookie.setSecure(httpsOnly());
 					}
 				}
 				String path = "/";
@@ -622,6 +627,15 @@ public void setCookie(HttpServletRequest request, HttpServletResponse response,
 		}
 	}
 
+
+	private boolean httpsOnly() {
+		int port = settings.getInteger(Keys.server.httpPort, 0);
+		int tlsPort = settings.getInteger(Keys.server.httpsPort, 0);
+		return  (port <= 0 && tlsPort > 0) ||
+				(port > 0 && tlsPort > 0 && settings.getBoolean(Keys.server.redirectToHttpsPort, true) );
+	}
+
+
 	/**
 	 * Logout a user.
 	 *
diff --git a/src/main/java/com/gitblit/manager/ServicesManager.java b/src/main/java/com/gitblit/manager/ServicesManager.java
index b993eb66b..74f58c65a 100644
--- a/src/main/java/com/gitblit/manager/ServicesManager.java
+++ b/src/main/java/com/gitblit/manager/ServicesManager.java
@@ -276,7 +276,7 @@ public int compare(RepositoryUrl o1, RepositoryUrl o2) {
 			Iterator<RepositoryUrl> itr = list.iterator();
 			while (itr.hasNext()) {
 				RepositoryUrl url = itr.next();
-				if (url.transport.equals(preferredTransport)) {
+				if (url.transport != null && url.transport.equals(preferredTransport)) {
 					itr.remove();
 					preferredUrl = url;
 					break;
diff --git a/src/main/java/com/gitblit/manager/UserManager.java b/src/main/java/com/gitblit/manager/UserManager.java
index e88ac93c2..d661c9b42 100644
--- a/src/main/java/com/gitblit/manager/UserManager.java
+++ b/src/main/java/com/gitblit/manager/UserManager.java
@@ -17,6 +17,8 @@
 
 import java.io.File;
 import java.io.IOException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.InvocationTargetException;
 import java.text.MessageFormat;
 import java.util.ArrayList;
 import java.util.Collection;
@@ -119,8 +121,10 @@ public UserManager start() {
 					// typical file path configuration
 					File realmFile = runtimeManager.getFileOrFolder(Keys.realm.userService, "${baseFolder}/users.conf");
 					service = createUserService(realmFile);
-				} catch (InstantiationException | IllegalAccessException  e) {
-					logger.error("failed to instantiate user service {}: {}", realm, e.getMessage());
+				} catch (InstantiationException | IllegalAccessException e) {
+					logger.error("failed to instantiate user service {}: {}. Trying once again with IRuntimeManager constructor", realm, e.getMessage());
+					//try once again with IRuntimeManager constructor. This adds support for subclasses of ConfigUserService and other custom IUserServices
+					service = createIRuntimeManagerAwareUserService(realm);
 				}
 			}
 			setUserService(service);
@@ -128,6 +132,22 @@ public UserManager start() {
 		return this;
 	}
 
+	/**
+	 * Tries to create an {@link IUserService} with {@link #runtimeManager} as a constructor parameter
+	 *
+	 * @param realm the class name of the {@link IUserService} to be instantiated
+	 * @return the {@link IUserService} or {@code null} if instantiation fails
+	 */
+	private IUserService createIRuntimeManagerAwareUserService(String realm) {
+		try {
+		    Constructor<?> constructor = Class.forName(realm).getConstructor(IRuntimeManager.class);
+		    return (IUserService) constructor.newInstance(runtimeManager);
+		} catch (NoSuchMethodException | SecurityException | ClassNotFoundException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
+		    logger.error("failed to instantiate user service {}: {}", realm, e.getMessage());
+			return null;
+		}
+	}
+
 	protected IUserService createUserService(File realmFile) {
 		IUserService service = null;
 		if (realmFile.getName().toLowerCase().endsWith(".conf")) {
diff --git a/src/main/java/com/gitblit/models/TicketModel.java b/src/main/java/com/gitblit/models/TicketModel.java
index d53458919..65e29dc06 100644
--- a/src/main/java/com/gitblit/models/TicketModel.java
+++ b/src/main/java/com/gitblit/models/TicketModel.java
@@ -43,6 +43,8 @@
 
 import org.eclipse.jgit.util.RelativeDateFormatter;
 
+import com.gitblit.Constants;
+
 /**
  * The Gitblit Ticket model, its component classes, and enums.
  *
@@ -773,10 +775,10 @@ public Comment comment(String text) {
 			}
 			
 			try {
-				Pattern mentions = Pattern.compile("\\s@([A-Za-z0-9-_]+)");
+				Pattern mentions = Pattern.compile(Constants.REGEX_TICKET_MENTION);
 				Matcher m = mentions.matcher(text);
 				while (m.find()) {
-					String username = m.group(1);
+					String username = m.group("user");
 					plusList(Field.mentions, username);
 				}
 			} catch (Exception e) {
diff --git a/src/main/java/com/gitblit/models/UserModel.java b/src/main/java/com/gitblit/models/UserModel.java
index e15227482..1d9e413bb 100644
--- a/src/main/java/com/gitblit/models/UserModel.java
+++ b/src/main/java/com/gitblit/models/UserModel.java
@@ -36,6 +36,7 @@
 import com.gitblit.Constants.RegistrantType;
 import com.gitblit.utils.ArrayUtils;
 import com.gitblit.utils.ModelUtils;
+import com.gitblit.utils.SecureRandom;
 import com.gitblit.utils.StringUtils;
 
 /**
@@ -52,6 +53,8 @@ public class UserModel implements Principal, Serializable, Comparable<UserModel>
 
 	public static final UserModel ANONYMOUS = new UserModel();
 
+	private static final SecureRandom RANDOM = new SecureRandom();
+
 	// field names are reflectively mapped in EditUser page
 	public String username;
 	public String password;
@@ -660,4 +663,8 @@ public boolean isMyPersonalRepository(String repository) {
 		String projectPath = StringUtils.getFirstPathElement(repository);
 		return !StringUtils.isEmpty(projectPath) && projectPath.equalsIgnoreCase(getPersonalPath());
 	}
+
+	public String createCookie() {
+		return StringUtils.getSHA1(RANDOM.randomBytes(32));
+	}
 }
diff --git a/src/main/java/com/gitblit/service/LuceneRepoIndexStore.java b/src/main/java/com/gitblit/service/LuceneRepoIndexStore.java
new file mode 100644
index 000000000..ff7d08853
--- /dev/null
+++ b/src/main/java/com/gitblit/service/LuceneRepoIndexStore.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2017 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gitblit.service;
+
+import java.io.File;
+
+import com.gitblit.utils.LuceneIndexStore;
+
+/**
+ * @author Florian Zschocke
+ *
+ * @since 1.9.0
+ */
+class LuceneRepoIndexStore extends LuceneIndexStore
+{
+
+	private static final String LUCENE_DIR = "lucene";
+	private static final String CONF_FILE = "gb_lucene.conf";
+
+
+	/**
+	 * @param repositoryFolder
+	 * 			The directory of the repository for this index
+	 * @param indexVersion
+	 * 			Version of the index definition
+	 */
+	public LuceneRepoIndexStore(File repositoryFolder, int indexVersion) {
+		super(new File(repositoryFolder, LUCENE_DIR), indexVersion);
+	}
+
+
+	/**
+	 * Get the index config File.
+	 *
+	 * @return	The index config File
+	 */
+	public File getConfigFile() {
+		return new File(this.indexFolder, CONF_FILE);
+	}
+
+}
diff --git a/src/main/java/com/gitblit/service/LuceneService.java b/src/main/java/com/gitblit/service/LuceneService.java
index 097a39b2f..906a0b5e6 100644
--- a/src/main/java/com/gitblit/service/LuceneService.java
+++ b/src/main/java/com/gitblit/service/LuceneService.java
@@ -65,7 +65,6 @@
 import org.apache.lucene.search.highlight.SimpleSpanFragmenter;
 import org.apache.lucene.store.Directory;
 import org.apache.lucene.store.FSDirectory;
-import org.apache.lucene.util.Version;
 import org.eclipse.jgit.diff.DiffEntry.ChangeType;
 import org.eclipse.jgit.lib.Constants;
 import org.eclipse.jgit.lib.FileMode;
@@ -118,15 +117,9 @@ public class LuceneService implements Runnable {
 	private static final String FIELD_DATE = "date";
 	private static final String FIELD_TAG = "tag";
 
-	private static final String CONF_FILE = "lucene.conf";
-	private static final String LUCENE_DIR = "lucene";
-	private static final String CONF_INDEX = "index";
-	private static final String CONF_VERSION = "version";
 	private static final String CONF_ALIAS = "aliases";
 	private static final String CONF_BRANCH = "branches";
 
-	private static final Version LUCENE_VERSION = Version.LUCENE_4_10_0;
-
 	private final Logger logger = LoggerFactory.getLogger(LuceneService.class);
 
 	private final IStoredSettings storedSettings;
@@ -267,7 +260,7 @@ public synchronized void close() {
 		// close all writers
 		for (String writer : writers.keySet()) {
 			try {
-				writers.get(writer).close(true);
+				writers.get(writer).close();
 			} catch (Throwable t) {
 				logger.error("Failed to close Lucene writer for " + writer, t);
 			}
@@ -293,26 +286,13 @@ public synchronized void close() {
 	 * @return true, if successful
 	 */
 	public boolean deleteIndex(String repositoryName) {
-		try {
-			// close any open writer/searcher
-			close(repositoryName);
-
-			// delete the index folder
-			File repositoryFolder = FileKey.resolve(new File(repositoriesFolder, repositoryName), FS.DETECTED);
-			File luceneIndex = new File(repositoryFolder, LUCENE_DIR);
-			if (luceneIndex.exists()) {
-				org.eclipse.jgit.util.FileUtils.delete(luceneIndex,
-						org.eclipse.jgit.util.FileUtils.RECURSIVE);
-			}
-			// delete the config file
-			File luceneConfig = new File(repositoryFolder, CONF_FILE);
-			if (luceneConfig.exists()) {
-				luceneConfig.delete();
-			}
-			return true;
-		} catch (IOException e) {
-			throw new RuntimeException(e);
-		}
+		// close any open writer/searcher
+		close(repositoryName);
+
+		// delete the index folder
+		File repositoryFolder = FileKey.resolve(new File(repositoriesFolder, repositoryName), FS.DETECTED);
+		LuceneRepoIndexStore luceneIndex = new LuceneRepoIndexStore(repositoryFolder, INDEX_VERSION);
+		return luceneIndex.delete();
 	}
 
 	/**
@@ -386,29 +366,20 @@ private String getBranchKey(String branchName) {
 	 * @return a config object
 	 */
 	private FileBasedConfig getConfig(Repository repository) {
-		File file = new File(repository.getDirectory(), CONF_FILE);
-		FileBasedConfig config = new FileBasedConfig(file, FS.detect());
+		LuceneRepoIndexStore luceneIndex = new LuceneRepoIndexStore(repository.getDirectory(), INDEX_VERSION);
+		FileBasedConfig config = new FileBasedConfig(luceneIndex.getConfigFile(), FS.detect());
 		return config;
 	}
 
 	/**
-	 * Reads the Lucene config file for the repository to check the index
-	 * version. If the index version is different, then rebuild the repository
-	 * index.
+	 * Checks if an index exists for the repository, that is compatible with
+	 * INDEX_VERSION and the Lucene version.
 	 *
 	 * @param repository
-	 * @return true of the on-disk index format is different than INDEX_VERSION
+	 * @return true if no index is found for the repository, false otherwise.
 	 */
 	private boolean shouldReindex(Repository repository) {
-		try {
-			FileBasedConfig config = getConfig(repository);
-			config.load();
-			int indexVersion = config.getInt(CONF_INDEX, CONF_VERSION, 0);
-			// reindex if versions do not match
-			return indexVersion != INDEX_VERSION;
-		} catch (Throwable t) {
-		}
-		return true;
+		return ! (new LuceneRepoIndexStore(repository.getDirectory(), INDEX_VERSION).hasIndex());
 	}
 
 
@@ -618,7 +589,6 @@ public int compare(RefModel ref1, RefModel ref2) {
 			reader.close();
 
 			// commit all changes and reset the searcher
-			config.setInt(CONF_INDEX, null, CONF_VERSION, INDEX_VERSION);
 			config.save();
 			writer.commit();
 			resetIndexSearcher(model.name);
@@ -721,10 +691,9 @@ public boolean deleteBlob(String repositoryName, String branch, String path) thr
 		String pattern = MessageFormat.format("{0}:'{'0} AND {1}:\"'{'1'}'\" AND {2}:\"'{'2'}'\"", FIELD_OBJECT_TYPE, FIELD_BRANCH, FIELD_PATH);
 		String q = MessageFormat.format(pattern, SearchObjectType.blob.name(), branch, path);
 
-		BooleanQuery query = new BooleanQuery();
-		StandardAnalyzer analyzer = new StandardAnalyzer(LUCENE_VERSION);
-		QueryParser qp = new QueryParser(LUCENE_VERSION, FIELD_SUMMARY, analyzer);
-		query.add(qp.parse(q), Occur.MUST);
+		StandardAnalyzer analyzer = new StandardAnalyzer();
+		QueryParser qp = new QueryParser(FIELD_SUMMARY, analyzer);
+		BooleanQuery query = new BooleanQuery.Builder().add(qp.parse(q), Occur.MUST).build();
 
 		IndexWriter writer = getIndexWriter(repositoryName);
 		int numDocsBefore = writer.numDocs();
@@ -848,7 +817,6 @@ public int compare(RefModel ref1, RefModel ref2) {
 				}
 
 				// update the config
-				config.setInt(CONF_INDEX, null, CONF_VERSION, INDEX_VERSION);
 				config.setString(CONF_ALIAS, null, keyName, branchName);
 				config.setString(CONF_BRANCH, null, keyName, branch.getObjectId().getName());
 				config.save();
@@ -966,16 +934,13 @@ private IndexSearcher getIndexSearcher(String repository) throws IOException {
 	 */
 	private IndexWriter getIndexWriter(String repository) throws IOException {
 		IndexWriter indexWriter = writers.get(repository);
-		File repositoryFolder = FileKey.resolve(new File(repositoriesFolder, repository), FS.DETECTED);
-		File indexFolder = new File(repositoryFolder, LUCENE_DIR);
-		Directory directory = FSDirectory.open(indexFolder);
-
 		if (indexWriter == null) {
-			if (!indexFolder.exists()) {
-				indexFolder.mkdirs();
-			}
-			StandardAnalyzer analyzer = new StandardAnalyzer(LUCENE_VERSION);
-			IndexWriterConfig config = new IndexWriterConfig(LUCENE_VERSION, analyzer);
+			File repositoryFolder = FileKey.resolve(new File(repositoriesFolder, repository), FS.DETECTED);
+			LuceneRepoIndexStore indexStore = new LuceneRepoIndexStore(repositoryFolder, INDEX_VERSION);
+			indexStore.create();
+			Directory directory = FSDirectory.open(indexStore.getPath());
+			StandardAnalyzer analyzer = new StandardAnalyzer();
+			IndexWriterConfig config = new IndexWriterConfig(analyzer);
 			config.setOpenMode(OpenMode.CREATE_OR_APPEND);
 			indexWriter = new IndexWriter(directory, config);
 			writers.put(repository, indexWriter);
@@ -1028,18 +993,18 @@ public List<SearchResult> search(String text, int page, int pageSize, String...
 			return null;
 		}
 		Set<SearchResult> results = new LinkedHashSet<SearchResult>();
-		StandardAnalyzer analyzer = new StandardAnalyzer(LUCENE_VERSION);
+		StandardAnalyzer analyzer = new StandardAnalyzer();
 		try {
 			// default search checks summary and content
-			BooleanQuery query = new BooleanQuery();
+			BooleanQuery.Builder bldr = new BooleanQuery.Builder();
 			QueryParser qp;
-			qp = new QueryParser(LUCENE_VERSION, FIELD_SUMMARY, analyzer);
+			qp = new QueryParser(FIELD_SUMMARY, analyzer);
 			qp.setAllowLeadingWildcard(true);
-			query.add(qp.parse(text), Occur.SHOULD);
+			bldr.add(qp.parse(text), Occur.SHOULD);
 
-			qp = new QueryParser(LUCENE_VERSION, FIELD_CONTENT, analyzer);
+			qp = new QueryParser(FIELD_CONTENT, analyzer);
 			qp.setAllowLeadingWildcard(true);
-			query.add(qp.parse(text), Occur.SHOULD);
+			bldr.add(qp.parse(text), Occur.SHOULD);
 
 			IndexSearcher searcher;
 			if (repositories.length == 1) {
@@ -1057,10 +1022,11 @@ public List<SearchResult> search(String text, int page, int pageSize, String...
 				searcher = new IndexSearcher(reader);
 			}
 
+			BooleanQuery query = bldr.build();
 			Query rewrittenQuery = searcher.rewrite(query);
 			logger.debug(rewrittenQuery.toString());
 
-			TopScoreDocCollector collector = TopScoreDocCollector.create(5000, true);
+			TopScoreDocCollector collector = TopScoreDocCollector.create(5000);
 			searcher.search(rewrittenQuery, collector);
 			int offset = Math.max(0, (page - 1) * pageSize);
 			ScoreDoc[] hits = collector.topDocs(offset, pageSize).scoreDocs;
@@ -1225,7 +1191,7 @@ float duration() {
 	 */
 	private class MultiSourceReader extends MultiReader {
 
-		MultiSourceReader(IndexReader [] readers) {
+		MultiSourceReader(IndexReader [] readers) throws IOException {
 			super(readers, false);
 		}
 
diff --git a/src/main/java/com/gitblit/servlet/RpcServlet.java b/src/main/java/com/gitblit/servlet/RpcServlet.java
index 9809a2525..0081367f6 100644
--- a/src/main/java/com/gitblit/servlet/RpcServlet.java
+++ b/src/main/java/com/gitblit/servlet/RpcServlet.java
@@ -133,6 +133,10 @@ protected void processRequest(HttpServletRequest request, HttpServletResponse re
 							model.name));
 					continue;
 				}
+				if(!StringUtils.isEmpty(objectName) && !objectName.equals(model.name)) {
+					// skip repository if a name was submitted and it doesn't match
+					continue;
+				}
 				// get local branches
 				Repository repository = gitblit.getRepository(model.name);
 				List<RefModel> refs = JGitUtils.getLocalBranches(repository, false, -1);
diff --git a/src/main/java/com/gitblit/tickets/BranchTicketService.java b/src/main/java/com/gitblit/tickets/BranchTicketService.java
index 7bef435aa..8430c546b 100644
--- a/src/main/java/com/gitblit/tickets/BranchTicketService.java
+++ b/src/main/java/com/gitblit/tickets/BranchTicketService.java
@@ -110,9 +110,8 @@ public BranchTicketService(
 	}
 
 	@Override
-	public BranchTicketService start() {
+	public void onStart() {
 		log.info("{} started", getClass().getSimpleName());
-		return this;
 	}
 
 	@Override
diff --git a/src/main/java/com/gitblit/tickets/FileTicketService.java b/src/main/java/com/gitblit/tickets/FileTicketService.java
index 1e82f0de1..05670468a 100644
--- a/src/main/java/com/gitblit/tickets/FileTicketService.java
+++ b/src/main/java/com/gitblit/tickets/FileTicketService.java
@@ -80,9 +80,8 @@ public FileTicketService(
 	}
 
 	@Override
-	public FileTicketService start() {
+	public void onStart() {
 		log.info("{} started", getClass().getSimpleName());
-		return this;
 	}
 
 	@Override
diff --git a/src/main/java/com/gitblit/tickets/ITicketService.java b/src/main/java/com/gitblit/tickets/ITicketService.java
index 20b6505b4..3252a603f 100644
--- a/src/main/java/com/gitblit/tickets/ITicketService.java
+++ b/src/main/java/com/gitblit/tickets/ITicketService.java
@@ -181,7 +181,24 @@ public ITicketService(
 	 * @since 1.4.0
 	 */
 	@Override
-	public abstract ITicketService start();
+	public final ITicketService start() {
+		onStart();
+		if (shouldReindex()) {
+			log.info("Re-indexing all tickets...");
+//			long startTime = System.currentTimeMillis();
+			reindex();
+//			float duration = (System.currentTimeMillis() - startTime) / 1000f;
+//			log.info("Built Lucene index over all tickets in {} secs", duration);
+		}
+		return this;
+	}
+
+	/**
+	 * Start the specific ticket service implementation.
+	 *
+	 * @since 1.9.0
+	 */
+	public abstract void onStart();
 
 	/**
 	 * Stop the service.
@@ -196,6 +213,12 @@ public final ITicketService stop() {
 		return this;
 	}
 
+	/**
+	 * Closes any open resources used by this service.
+	 * @since 1.4.0
+	 */
+	protected abstract void close();
+
 	/**
 	 * Creates a ticket notifier.  The ticket notifier is not thread-safe!
 	 * @since 1.4.0
@@ -273,12 +296,6 @@ public boolean hasTickets(RepositoryModel repository) {
 		return indexer.hasTickets(repository);
 	}
 
-	/**
-	 * Closes any open resources used by this service.
-	 * @since 1.4.0
-	 */
-	protected abstract void close();
-
 	/**
 	 * Reset all caches in the service.
 	 * @since 1.4.0
@@ -1343,6 +1360,18 @@ public List<QueryResult> queryFor(String query, int page, int pageSize, String s
 		return indexer.queryFor(query, page, pageSize, sortBy, descending);
 	}
 
+
+	/**
+	 * Checks tickets should get re-indexed.
+	 *
+	 * @return true if tickets should get re-indexed, false otherwise.
+	 */
+	private boolean shouldReindex()
+	{
+		return indexer.shouldReindex();
+	}
+
+
 	/**
 	 * Destroys an existing index and reindexes all tickets.
 	 * This operation may be expensive and time-consuming.
diff --git a/src/main/java/com/gitblit/tickets/NullTicketService.java b/src/main/java/com/gitblit/tickets/NullTicketService.java
index 3947b945e..050c69905 100644
--- a/src/main/java/com/gitblit/tickets/NullTicketService.java
+++ b/src/main/java/com/gitblit/tickets/NullTicketService.java
@@ -61,9 +61,8 @@ public boolean isReady() {
 	}
 
 	@Override
-	public NullTicketService start() {
+	public void onStart() {
 		log.info("{} started", getClass().getSimpleName());
-		return this;
 	}
 
 	@Override
diff --git a/src/main/java/com/gitblit/tickets/RedisTicketService.java b/src/main/java/com/gitblit/tickets/RedisTicketService.java
index 0f9ad174e..4e632317f 100644
--- a/src/main/java/com/gitblit/tickets/RedisTicketService.java
+++ b/src/main/java/com/gitblit/tickets/RedisTicketService.java
@@ -83,12 +83,11 @@ public RedisTicketService(
 	}
 
 	@Override
-	public RedisTicketService start() {
+	public void onStart() {
 		log.info("{} started", getClass().getSimpleName());
 		if (!isReady()) {
 			log.warn("{} is not ready!", getClass().getSimpleName());
 		}
-		return this;
 	}
 
 	@Override
diff --git a/src/main/java/com/gitblit/tickets/TicketIndexer.java b/src/main/java/com/gitblit/tickets/TicketIndexer.java
index e2d53af7b..7c1644872 100644
--- a/src/main/java/com/gitblit/tickets/TicketIndexer.java
+++ b/src/main/java/com/gitblit/tickets/TicketIndexer.java
@@ -31,6 +31,8 @@
 import org.apache.lucene.document.Field.Store;
 import org.apache.lucene.document.IntField;
 import org.apache.lucene.document.LongField;
+import org.apache.lucene.document.NumericDocValuesField;
+import org.apache.lucene.document.SortedDocValuesField;
 import org.apache.lucene.document.TextField;
 import org.apache.lucene.index.DirectoryReader;
 import org.apache.lucene.index.IndexWriter;
@@ -49,7 +51,7 @@
 import org.apache.lucene.search.TopScoreDocCollector;
 import org.apache.lucene.store.Directory;
 import org.apache.lucene.store.FSDirectory;
-import org.apache.lucene.util.Version;
+import org.apache.lucene.util.BytesRef;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -60,7 +62,7 @@
 import com.gitblit.models.TicketModel.Attachment;
 import com.gitblit.models.TicketModel.Patchset;
 import com.gitblit.models.TicketModel.Status;
-import com.gitblit.utils.FileUtils;
+import com.gitblit.utils.LuceneIndexStore;
 import com.gitblit.utils.StringUtils;
 
 /**
@@ -108,6 +110,8 @@ public static enum Lucene {
 		priority(Type.INT),
 		severity(Type.INT);
 
+		final static int INDEX_VERSION = 2;
+
 		final Type fieldType;
 
 		Lucene(Type fieldType) {
@@ -167,16 +171,15 @@ public static Lucene fromString(String value) {
 
 	private final Logger log = LoggerFactory.getLogger(getClass());
 
-	private final Version luceneVersion = Version.LUCENE_46;
-
-	private final File luceneDir;
+	private final LuceneIndexStore indexStore;
 
 	private IndexWriter writer;
 
 	private IndexSearcher searcher;
 
 	public TicketIndexer(IRuntimeManager runtimeManager) {
-		this.luceneDir = runtimeManager.getFileOrFolder(Keys.tickets.indexFolder, "${baseFolder}/tickets/lucene");
+		File luceneDir = runtimeManager.getFileOrFolder(Keys.tickets.indexFolder, "${baseFolder}/tickets/lucene");
+		this.indexStore = new LuceneIndexStore(luceneDir, Lucene.INDEX_VERSION);
 	}
 
 	/**
@@ -192,7 +195,7 @@ public void close() {
 	 */
 	public void deleteAll() {
 		close();
-		FileUtils.delete(luceneDir);
+		indexStore.delete();
 	}
 
 	/**
@@ -201,10 +204,9 @@ public void deleteAll() {
 	public boolean deleteAll(RepositoryModel repository) {
 		try {
 			IndexWriter writer = getWriter();
-			StandardAnalyzer analyzer = new StandardAnalyzer(luceneVersion);
-			QueryParser qp = new QueryParser(luceneVersion, Lucene.rid.name(), analyzer);
-			BooleanQuery query = new BooleanQuery();
-			query.add(qp.parse(repository.getRID()), Occur.MUST);
+			StandardAnalyzer analyzer = new StandardAnalyzer();
+			QueryParser qp = new QueryParser(Lucene.rid.name(), analyzer);
+			BooleanQuery query = new BooleanQuery.Builder().add(qp.parse(repository.getRID()), Occur.MUST).build();
 
 			int numDocsBefore = writer.numDocs();
 			writer.deleteDocuments(query);
@@ -224,6 +226,18 @@ public boolean deleteAll(RepositoryModel repository) {
 		return false;
 	}
 
+	/**
+	 * Checks if a tickets index exists, that is compatible with Lucene.INDEX_VERSION
+	 * and the Lucene codec version.
+	 *
+	 * @return true if no tickets index is found, false otherwise.
+	 *
+	 * @since 1.9.0
+	 */
+	boolean shouldReindex() {
+		return ! this.indexStore.hasIndex();
+	}
+
 	/**
 	 * Bulk Add/Update tickets in the Lucene index
 	 *
@@ -287,10 +301,9 @@ public boolean delete(TicketModel ticket) {
 	 * @return true, if deleted, false if no record was deleted
 	 */
 	private boolean delete(String repository, long ticketId, IndexWriter writer) throws Exception {
-		StandardAnalyzer analyzer = new StandardAnalyzer(luceneVersion);
-		QueryParser qp = new QueryParser(luceneVersion, Lucene.did.name(), analyzer);
-		BooleanQuery query = new BooleanQuery();
-		query.add(qp.parse(StringUtils.getSHA1(repository + ticketId)), Occur.MUST);
+		StandardAnalyzer analyzer = new StandardAnalyzer();
+		QueryParser qp = new QueryParser(Lucene.did.name(), analyzer);
+		BooleanQuery query = new BooleanQuery.Builder().add(qp.parse(StringUtils.getSHA1(repository + ticketId)), Occur.MUST).build();
 
 		int numDocsBefore = writer.numDocs();
 		writer.deleteDocuments(query);
@@ -331,30 +344,30 @@ public List<QueryResult> searchFor(RepositoryModel repository, String text, int
 			return Collections.emptyList();
 		}
 		Set<QueryResult> results = new LinkedHashSet<QueryResult>();
-		StandardAnalyzer analyzer = new StandardAnalyzer(luceneVersion);
+		StandardAnalyzer analyzer = new StandardAnalyzer();
 		try {
 			// search the title, description and content
-			BooleanQuery query = new BooleanQuery();
+			BooleanQuery.Builder bldr = new BooleanQuery.Builder();
 			QueryParser qp;
 
-			qp = new QueryParser(luceneVersion, Lucene.title.name(), analyzer);
+			qp = new QueryParser(Lucene.title.name(), analyzer);
 			qp.setAllowLeadingWildcard(true);
-			query.add(qp.parse(text), Occur.SHOULD);
+			bldr.add(qp.parse(text), Occur.SHOULD);
 
-			qp = new QueryParser(luceneVersion, Lucene.body.name(), analyzer);
+			qp = new QueryParser(Lucene.body.name(), analyzer);
 			qp.setAllowLeadingWildcard(true);
-			query.add(qp.parse(text), Occur.SHOULD);
+			bldr.add(qp.parse(text), Occur.SHOULD);
 
-			qp = new QueryParser(luceneVersion, Lucene.content.name(), analyzer);
+			qp = new QueryParser(Lucene.content.name(), analyzer);
 			qp.setAllowLeadingWildcard(true);
-			query.add(qp.parse(text), Occur.SHOULD);
+			bldr.add(qp.parse(text), Occur.SHOULD);
 
 			IndexSearcher searcher = getSearcher();
-			Query rewrittenQuery = searcher.rewrite(query);
+			Query rewrittenQuery = searcher.rewrite(bldr.build());
 
 			log.debug(rewrittenQuery.toString());
 
-			TopScoreDocCollector collector = TopScoreDocCollector.create(5000, true);
+			TopScoreDocCollector collector = TopScoreDocCollector.create(5000);
 			searcher.search(rewrittenQuery, collector);
 			int offset = Math.max(0, (page - 1) * pageSize);
 			ScoreDoc[] hits = collector.topDocs(offset, pageSize).scoreDocs;
@@ -392,9 +405,9 @@ public List<QueryResult> queryFor(String queryText, int page, int pageSize, Stri
 		}
 
 		Set<QueryResult> results = new LinkedHashSet<QueryResult>();
-		StandardAnalyzer analyzer = new StandardAnalyzer(luceneVersion);
+		StandardAnalyzer analyzer = new StandardAnalyzer();
 		try {
-			QueryParser qp = new QueryParser(luceneVersion, Lucene.content.name(), analyzer);
+			QueryParser qp = new QueryParser(Lucene.content.name(), analyzer);
 			Query query = qp.parse(queryText);
 
 			IndexSearcher searcher = getSearcher();
@@ -409,7 +422,7 @@ public List<QueryResult> queryFor(String queryText, int page, int pageSize, Stri
 				sort = new Sort(Lucene.fromString(sortBy).asSortField(desc));
 			}
 			int maxSize = 5000;
-			TopFieldDocs docs = searcher.search(rewrittenQuery, null, maxSize, sort, false, false);
+			TopFieldDocs docs = searcher.search(rewrittenQuery, maxSize, sort, false, false);
 			int size = (pageSize <= 0) ? maxSize : pageSize;
 			int offset = Math.max(0, (page - 1) * size);
 			ScoreDoc[] hits = subset(docs.scoreDocs, offset, size);
@@ -443,14 +456,11 @@ public List<QueryResult> queryFor(String queryText, int page, int pageSize, Stri
 
 	private IndexWriter getWriter() throws IOException {
 		if (writer == null) {
-			Directory directory = FSDirectory.open(luceneDir);
-
-			if (!luceneDir.exists()) {
-				luceneDir.mkdirs();
-			}
+			indexStore.create();
 
-			StandardAnalyzer analyzer = new StandardAnalyzer(luceneVersion);
-			IndexWriterConfig config = new IndexWriterConfig(luceneVersion, analyzer);
+			Directory directory = FSDirectory.open(indexStore.getPath());
+			StandardAnalyzer analyzer = new StandardAnalyzer();
+			IndexWriterConfig config = new IndexWriterConfig(analyzer);
 			config.setOpenMode(OpenMode.CREATE_OR_APPEND);
 			writer = new IndexWriter(directory, config);
 		}
@@ -554,14 +564,17 @@ private void toDocField(Document doc, Lucene lucene, Date value) {
 			return;
 		}
 		doc.add(new LongField(lucene.name(), value.getTime(), Store.YES));
+		doc.add(new NumericDocValuesField(lucene.name(), value.getTime()));
 	}
 
 	private void toDocField(Document doc, Lucene lucene, long value) {
 		doc.add(new LongField(lucene.name(), value, Store.YES));
+		doc.add(new NumericDocValuesField(lucene.name(), value));
 	}
 
 	private void toDocField(Document doc, Lucene lucene, int value) {
 		doc.add(new IntField(lucene.name(), value, Store.YES));
+		doc.add(new NumericDocValuesField(lucene.name(), value));
 	}
 
 	private void toDocField(Document doc, Lucene lucene, String value) {
@@ -569,6 +582,7 @@ private void toDocField(Document doc, Lucene lucene, String value) {
 			return;
 		}
 		doc.add(new org.apache.lucene.document.Field(lucene.name(), value, TextField.TYPE_STORED));
+		doc.add(new SortedDocValuesField(lucene.name(), new BytesRef(value)));
 	}
 
 	/**
@@ -663,4 +677,4 @@ private int unpackInt(Document doc, Lucene lucene) {
 		int i = Integer.parseInt(val);
 		return i;
 	}
-}
\ No newline at end of file
+}
diff --git a/src/main/java/com/gitblit/tickets/TicketNotifier.java b/src/main/java/com/gitblit/tickets/TicketNotifier.java
index 8c7fe6d46..b913db257 100644
--- a/src/main/java/com/gitblit/tickets/TicketNotifier.java
+++ b/src/main/java/com/gitblit/tickets/TicketNotifier.java
@@ -573,10 +573,10 @@ protected void setRecipients(TicketModel ticket, Mailing mailing) {
 		// cc users mentioned in last comment
 		Change lastChange = ticket.changes.get(ticket.changes.size() - 1);
 		if (lastChange.hasComment()) {
-			Pattern p = Pattern.compile("\\s@([A-Za-z0-9-_]+)");
+			Pattern p = Pattern.compile(Constants.REGEX_TICKET_MENTION);
 			Matcher m = p.matcher(lastChange.comment.text);
 			while (m.find()) {
-				String username = m.group();
+				String username = m.group("user");
 				ccs.add(username);
 			}
 		}
diff --git a/src/main/java/com/gitblit/transport/ssh/IPublicKeyManager.java b/src/main/java/com/gitblit/transport/ssh/IPublicKeyManager.java
index 1e74b2f03..ffe64f593 100644
--- a/src/main/java/com/gitblit/transport/ssh/IPublicKeyManager.java
+++ b/src/main/java/com/gitblit/transport/ssh/IPublicKeyManager.java
@@ -25,6 +25,7 @@
 import org.slf4j.LoggerFactory;
 
 import com.gitblit.manager.IManager;
+import com.gitblit.models.UserModel;
 import com.google.common.cache.CacheBuilder;
 import com.google.common.cache.CacheLoader;
 import com.google.common.cache.CacheLoader.InvalidCacheLoadException;
@@ -99,4 +100,16 @@ public final void renameUser(String oldName, String newName) {
 	public abstract boolean removeKey(String username, SshKey key);
 
 	public abstract boolean removeAllKeys(String username);
+
+	public boolean supportsWritingKeys(UserModel user) {
+		return (user != null);
+	}
+
+	public boolean supportsCommentChanges(UserModel user) {
+		return (user != null);
+	}
+
+	public boolean supportsPermissionChanges(UserModel user) {
+		return (user != null);
+	}
 }
diff --git a/src/main/java/com/gitblit/transport/ssh/LdapKeyManager.java b/src/main/java/com/gitblit/transport/ssh/LdapKeyManager.java
new file mode 100644
index 000000000..c62c4dee2
--- /dev/null
+++ b/src/main/java/com/gitblit/transport/ssh/LdapKeyManager.java
@@ -0,0 +1,435 @@
+/*
+ * Copyright 2016 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package com.gitblit.transport.ssh;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.TreeMap;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.apache.sshd.common.config.keys.KeyUtils;
+import org.apache.sshd.common.util.GenericUtils;
+import org.apache.sshd.server.config.keys.AuthorizedKeyEntry;
+
+import com.gitblit.IStoredSettings;
+import com.gitblit.Keys;
+import com.gitblit.Constants.AccessPermission;
+import com.gitblit.ldap.LdapConnection;
+import com.gitblit.models.UserModel;
+import com.gitblit.utils.StringUtils;
+import com.google.common.base.Joiner;
+import com.google.inject.Inject;
+import com.unboundid.ldap.sdk.BindResult;
+import com.unboundid.ldap.sdk.ResultCode;
+import com.unboundid.ldap.sdk.SearchResult;
+import com.unboundid.ldap.sdk.SearchResultEntry;
+
+/**
+ * LDAP-only public key manager
+ *
+ * Retrieves public keys from user's LDAP entries. Using this key manager,
+ * no SSH keys can be edited, i.e. added, removed, permissions changed, etc.
+ *
+ * This key manager supports SSH key entries in LDAP of the following form:
+ * [<prefix>:] [<options>] <type> <key> [<comment>]
+ * This follows the required form of entries in the authenticated_keys file,
+ * with an additional optional prefix. Key entries must have a key type
+ * (like "ssh-rsa") and a key, and may have a comment at the end.
+ *
+ * An entry may specify login options as specified for the authorized_keys file.
+ * The 'environment' option may be used to set the permissions for the key
+ * by setting a 'gbPerm' environment variable. The key manager will interpret
+ * such a environment variable option and use the set permission string to set
+ * the permission on the key in Gitblit. Example:
+ *   environment="gbPerm=V",pty ssh-rsa AAAxjka.....dv= Clone only key
+ * Above entry would create a RSA key with the comment "Clone only key" and
+ * set the key permission to CLONE. All other options are ignored.
+ *
+ * In Active Directory SSH public keys are sometimes stored in the attribute
+ * 'altSecurityIdentity'. The attribute value is usually prefixed by a type
+ * identifier. LDAP entries could have the following attribute values:
+ *   altSecurityIdentity: X.509: ADKEJBAKDBZUPABBD...
+ *   altSecurityIdentity: SshKey: ssh-dsa AAAAknenazuzucbhda...
+ * This key manager supports this by allowing an optional prefix to identify
+ * SSH keys. The prefix to be used should be set in the 'realm.ldap.sshPublicKey'
+ * setting by separating it from the attribute name with a colon, e.g.:
+ *    realm.ldap.sshPublicKey = altSecurityIdentity:SshKey
+ *
+ * @author Florian Zschocke
+ *
+ */
+public class LdapKeyManager extends IPublicKeyManager {
+
+	/**
+	 * Pattern to find prefixes like 'SSHKey:' in key entries.
+	 * These prefixes describe the type of an altSecurityIdentity.
+	 * The pattern accepts anything but quote and colon up to the
+	 * first colon at the start of a string.
+	 */
+	private static final Pattern PREFIX_PATTERN = Pattern.compile("^([^\":]+):");
+	/**
+	 * Pattern to find the string describing Gitblit permissions for a SSH key.
+	 * The pattern matches on a string starting with 'gbPerm', matched case-insensitive,
+	 * followed by '=' with optional whitespace around it, followed by a string of
+	 * upper and lower case letters and '+' and '-' for the permission, which can optionally
+	 * be enclosed in '"' or '\"' (only the leading quote is matched in the pattern).
+	 * Only the group describing the permission is a capturing group.
+	 */
+	private static final Pattern GB_PERM_PATTERN = Pattern.compile("(?i:gbPerm)\\s*=\\s*(?:\\\\\"|\")?\\s*([A-Za-z+-]+)");
+
+
+	private final IStoredSettings settings;
+
+
+
+	@Inject
+	public LdapKeyManager(IStoredSettings settings) {
+		this.settings = settings;
+	}
+
+
+	@Override
+	public String toString() {
+		return getClass().getSimpleName();
+	}
+
+	@Override
+	public LdapKeyManager start() {
+		log.info(toString());
+		return this;
+	}
+
+	@Override
+	public boolean isReady() {
+		return true;
+	}
+
+	@Override
+	public LdapKeyManager stop() {
+		return this;
+	}
+
+	@Override
+	protected boolean isStale(String username) {
+		// always return true so we gets keys from LDAP every time
+		return true;
+	}
+
+	@Override
+	protected List<SshKey> getKeysImpl(String username) {
+		try (LdapConnection conn = new LdapConnection(settings)) {
+			if (conn.connect()) {
+				log.info("loading ssh key for {} from LDAP directory", username);
+
+				BindResult bindResult = conn.bind();
+				if (bindResult == null) {
+					conn.close();
+					return null;
+				}
+
+				// Search the user entity
+
+				// Support prefixing the key data, e.g. when using altSecurityIdentities in AD.
+				String pubKeyAttribute = settings.getString(Keys.realm.ldap.sshPublicKey, "sshPublicKey");
+				String pkaPrefix = null;
+				int idx = pubKeyAttribute.indexOf(':');
+				if (idx > 0) {
+					pkaPrefix = pubKeyAttribute.substring(idx +1);
+					pubKeyAttribute = pubKeyAttribute.substring(0, idx);
+				}
+
+				SearchResult result = conn.searchUser(getSimpleUsername(username), Arrays.asList(pubKeyAttribute));
+				conn.close();
+
+				if (result != null && result.getResultCode() == ResultCode.SUCCESS) {
+					if ( result.getEntryCount() > 1) {
+						log.info("Found more than one entry for user {} in LDAP. Cannot retrieve SSH key.", username);
+						return null;
+					} else if ( result.getEntryCount() < 1) {
+						log.info("Found no entry for user {} in LDAP. Cannot retrieve SSH key.", username);
+						return null;
+					}
+
+					// Retrieve the SSH key attributes
+					SearchResultEntry foundUser = result.getSearchEntries().get(0);
+					String[] attrs = foundUser.getAttributeValues(pubKeyAttribute);
+					if (attrs == null ||attrs.length == 0) {
+						log.info("found no keys for user {} under attribute {} in directory", username, pubKeyAttribute);
+						return null;
+					}
+
+
+					// Filter resulting list to match with required special prefix in entry
+					List<GbAuthorizedKeyEntry> authorizedKeys = new ArrayList<>(attrs.length);
+					Matcher m = PREFIX_PATTERN.matcher("");
+					for (int i = 0; i < attrs.length; ++i) {
+						// strip out line breaks
+						String keyEntry = Joiner.on("").join(attrs[i].replace("\r\n", "\n").split("\n"));
+						m.reset(keyEntry);
+						try {
+							if (m.lookingAt()) { // Key is prefixed in LDAP
+								if (pkaPrefix == null) {
+									continue;
+								}
+								String prefix = m.group(1).trim();
+								if (! pkaPrefix.equalsIgnoreCase(prefix)) {
+									continue;
+								}
+								String s = keyEntry.substring(m.end()); // Strip prefix off
+								authorizedKeys.add(GbAuthorizedKeyEntry.parseAuthorizedKeyEntry(s));
+
+							} else { // Key is not prefixed in LDAP
+								if (pkaPrefix != null) {
+									continue;
+								}
+								String s = keyEntry; // Strip prefix off
+								authorizedKeys.add(GbAuthorizedKeyEntry.parseAuthorizedKeyEntry(s));
+							}
+						} catch (IllegalArgumentException e) {
+							log.info("Failed to parse key entry={}:", keyEntry, e.getMessage());
+						}
+					}
+
+					List<SshKey> keyList = new ArrayList<>(authorizedKeys.size());
+					for (GbAuthorizedKeyEntry keyEntry : authorizedKeys) {
+						try {
+							SshKey key = new SshKey(keyEntry.resolvePublicKey());
+							key.setComment(keyEntry.getComment());
+							setKeyPermissions(key, keyEntry);
+							keyList.add(key);
+						} catch (GeneralSecurityException | IOException e) {
+							log.warn("Error resolving key entry for user {}. Entry={}", username, keyEntry, e);
+						}
+					}
+					return keyList;
+				}
+			}
+		}
+
+		return null;
+	}
+
+
+	@Override
+	public boolean addKey(String username, SshKey key) {
+		return false;
+	}
+
+	@Override
+	public boolean removeKey(String username, SshKey key) {
+		return false;
+	}
+
+	@Override
+	public boolean removeAllKeys(String username) {
+		return false;
+	}
+
+
+	public boolean supportsWritingKeys(UserModel user) {
+		return false;
+	}
+
+	public boolean supportsCommentChanges(UserModel user) {
+		return false;
+	}
+
+	public boolean supportsPermissionChanges(UserModel user) {
+		return false;
+	}
+
+
+	private void setKeyPermissions(SshKey key, GbAuthorizedKeyEntry keyEntry) {
+		List<String> env = keyEntry.getLoginOptionValues("environment");
+		if (env != null && !env.isEmpty()) {
+			// Walk over all entries and find one that sets 'gbPerm'. The last one wins.
+			for (String envi : env) {
+				Matcher m = GB_PERM_PATTERN.matcher(envi);
+				if (m.find()) {
+					String perm = m.group(1).trim();
+					AccessPermission ap = AccessPermission.fromCode(perm);
+					if (ap == AccessPermission.NONE) {
+						ap = AccessPermission.valueOf(perm.toUpperCase());
+					}
+
+					if (ap != null && ap != AccessPermission.NONE) {
+						try {
+							key.setPermission(ap);
+						} catch (IllegalArgumentException e) {
+							log.warn("Incorrect permissions ({}) set for SSH key entry {}.", ap, envi, e);
+						}
+					}
+				}
+			}
+		}
+	}
+
+
+	/**
+	 * Returns a simple username without any domain prefixes.
+	 *
+	 * @param username
+	 * @return a simple username
+	 */
+	private String getSimpleUsername(String username) {
+		int lastSlash = username.lastIndexOf('\\');
+		if (lastSlash > -1) {
+			username = username.substring(lastSlash + 1);
+		}
+
+		return username;
+	}
+
+
+	/**
+	 * Extension of the AuthorizedKeyEntry from Mina SSHD with better option parsing.
+	 *
+	 * The class makes use of code from the two methods copied from the original
+	 * Mina SSHD AuthorizedKeyEntry class. The code is rewritten to improve user login
+	 * option support. Options are correctly parsed even if they have whitespace within
+	 * double quotes. Options can occur multiple times, which is needed for example for
+	 * the "environment" option. Thus for an option a list of strings is kept, holding
+	 * multiple option values.
+	 */
+	private static class GbAuthorizedKeyEntry extends AuthorizedKeyEntry {
+
+		private static final long serialVersionUID = 1L;
+		/**
+		 * Pattern to extract the first part of the key entry without whitespace or only with quoted whitespace.
+		 * The pattern essentially splits the line in two parts with two capturing groups. All other groups
+		 * in the pattern are non-capturing. The first part is a continuous string that only includes double quoted
+		 * whitespace and ends in whitespace. The second part is the rest of the line.
+		 * The first part is at the beginning of the line, the lead-in. For a SSH key entry this can either be
+		 * login options (see authorized keys file description) or the key type. Since options, other than the
+		 * key type, can include whitespace and escaped double quotes within double quotes, the pattern takes
+		 * care of that by searching for either "characters that are not whitespace and not double quotes"
+		 * or "a double quote, followed by 'characters that are not a double quote or backslash, or a backslash
+		 * and then a double quote, or a backslash', followed by a double quote".
+		 */
+		private static final Pattern LEADIN_PATTERN = Pattern.compile("^((?:[^\\s\"]*|(?:\"(?:[^\"\\\\]|\\\\\"|\\\\)*\"))*\\s+)(.+)");
+		/**
+		 * Pattern to split a comma separated list of options.
+		 * Since an option could contain commas (as well as escaped double quotes) within double quotes
+		 * in the option value, a simple split on comma is not enough. So the pattern searches for multiple
+		 * occurrences of:
+		 * characters that are not double quotes or a comma, or
+		 * a double quote followed by: characters that are not a double quote or backslash, or
+		 *                             a backslash and then a double quote, or
+		 *                             a backslash,
+		 *   followed by a double quote.
+		 */
+		private static final Pattern OPTION_PATTERN = Pattern.compile("([^\",]+|(?:\"(?:[^\"\\\\]|\\\\\"|\\\\)*\"))+");
+
+		// for options that have no value, "true" is used
+		private Map<String, List<String>> loginOptionsMulti = Collections.emptyMap();
+
+
+		List<String> getLoginOptionValues(String option) {
+			return loginOptionsMulti.get(option);
+		}
+
+
+
+		/**
+		 * @param line Original line from an <code>authorized_keys</code> file
+		 * @return {@link GbAuthorizedKeyEntry} or {@code null} if the line is
+		 * {@code null}/empty or a comment line
+		 * @throws IllegalArgumentException If failed to parse/decode the line
+		 * @see #COMMENT_CHAR
+		 */
+		public static GbAuthorizedKeyEntry parseAuthorizedKeyEntry(String line) throws IllegalArgumentException {
+			line = GenericUtils.trimToEmpty(line);
+			if (StringUtils.isEmpty(line) || (line.charAt(0) == COMMENT_CHAR) /* comment ? */) {
+				return null;
+			}
+
+			Matcher m = LEADIN_PATTERN.matcher(line);
+			if (! m.lookingAt()) {
+				throw new IllegalArgumentException("Bad format (no key data delimiter): " + line);
+			}
+
+			String keyType = m.group(1).trim();
+			final GbAuthorizedKeyEntry entry;
+			if (KeyUtils.getPublicKeyEntryDecoder(keyType) == null) {  // assume this is due to the fact that it starts with login options
+				entry = parseAuthorizedKeyEntry(m.group(2));
+				if (entry == null) {
+					throw new IllegalArgumentException("Bad format (no key data after login options): " + line);
+				}
+
+				entry.parseAndSetLoginOptions(keyType);
+			} else {
+				int startPos = line.indexOf(' ');
+				if (startPos <= 0) {
+					throw new IllegalArgumentException("Bad format (no key data delimiter): " + line);
+				}
+
+				int endPos = line.indexOf(' ', startPos + 1);
+				if (endPos <= startPos) {
+					endPos = line.length();
+				}
+
+				String encData = (endPos < (line.length() - 1)) ? line.substring(0, endPos).trim() : line;
+				String comment = (endPos < (line.length() - 1)) ? line.substring(endPos + 1).trim() : null;
+				entry = parsePublicKeyEntry(new GbAuthorizedKeyEntry(), encData);
+				entry.setComment(comment);
+			}
+
+			return entry;
+		}
+
+		private void parseAndSetLoginOptions(String options) {
+			Matcher m = OPTION_PATTERN.matcher(options);
+			if (! m.find()) {
+				loginOptionsMulti = Collections.emptyMap();
+			}
+			Map<String, List<String>> optsMap = new TreeMap<>(String.CASE_INSENSITIVE_ORDER);
+
+			do {
+				String p = m.group();
+				p = GenericUtils.trimToEmpty(p);
+				if (StringUtils.isEmpty(p)) {
+					continue;
+				}
+
+				int pos = p.indexOf('=');
+				String name = (pos < 0) ? p : GenericUtils.trimToEmpty(p.substring(0, pos));
+				CharSequence value = (pos < 0) ? null : GenericUtils.trimToEmpty(p.substring(pos + 1));
+				value = GenericUtils.stripQuotes(value);
+
+				// For options without value the value is set to TRUE.
+				if (value == null) {
+					value = Boolean.TRUE.toString();
+				}
+
+				List<String> opts = optsMap.get(name);
+				if (opts == null) {
+					opts = new ArrayList<String>();
+					optsMap.put(name, opts);
+				}
+				opts.add(value.toString());
+			} while(m.find());
+
+			loginOptionsMulti = optsMap;
+		}
+	}
+
+}
diff --git a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java
index 5a94c9a3f..5a0537812 100644
--- a/src/main/java/com/gitblit/transport/ssh/SshDaemon.java
+++ b/src/main/java/com/gitblit/transport/ssh/SshDaemon.java
@@ -23,6 +23,7 @@
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.text.MessageFormat;
+import java.util.List;
 import java.util.concurrent.atomic.AtomicBoolean;
 
 import org.apache.sshd.common.io.IoServiceFactoryFactory;
@@ -55,6 +56,13 @@ public class SshDaemon {
 
 	private final Logger log = LoggerFactory.getLogger(SshDaemon.class);
 
+	private static final String AUTH_PUBLICKEY = "publickey";
+	private static final String AUTH_PASSWORD = "password";
+	private static final String AUTH_KBD_INTERACTIVE = "keyboard-interactive";
+	private static final String AUTH_GSSAPI = "gssapi-with-mic";
+
+
+
 	public static enum SshSessionBackend {
 		MINA, NIO2
 	}
@@ -97,9 +105,6 @@ public SshDaemon(IGitblit gitblit, WorkQueue workQueue) {
 		FileKeyPairProvider hostKeyPairProvider = new FileKeyPairProvider();
 		hostKeyPairProvider.setFiles(new String [] { rsaKeyStore.getPath(), dsaKeyStore.getPath(), dsaKeyStore.getPath() });
 
-		// Client public key authenticator
-		SshKeyAuthenticator keyAuthenticator =
-				new SshKeyAuthenticator(gitblit.getPublicKeyManager(), gitblit);
 
 		// Configure the preferred SSHD backend
 		String sshBackendStr = settings.getString(Keys.git.sshBackend,
@@ -125,16 +130,39 @@ public SshDaemon(IGitblit gitblit, WorkQueue workQueue) {
 		sshd.setPort(addr.getPort());
 		sshd.setHost(addr.getHostName());
 		sshd.setKeyPairProvider(hostKeyPairProvider);
-		sshd.setPublickeyAuthenticator(new CachingPublicKeyAuthenticator(keyAuthenticator));
-		sshd.setPasswordAuthenticator(new UsernamePasswordAuthenticator(gitblit));
-		if (settings.getBoolean(Keys.git.sshWithKrb5, false)) {
+
+		List<String> authMethods = settings.getStrings(Keys.git.sshAuthenticationMethods);
+		if (authMethods.isEmpty()) {
+			authMethods.add(AUTH_PUBLICKEY);
+			authMethods.add(AUTH_PASSWORD);
+		}
+		// Keep backward compatibility with old setting files that use the git.sshWithKrb5 setting.
+		if (settings.getBoolean("git.sshWithKrb5", false) && !authMethods.contains(AUTH_GSSAPI)) {
+			authMethods.add(AUTH_GSSAPI);
+			log.warn("git.sshWithKrb5 is obsolete!");
+			log.warn("Please add {} to {} in gitblit.properties!", AUTH_GSSAPI, Keys.git.sshAuthenticationMethods);
+			settings.overrideSetting(Keys.git.sshAuthenticationMethods,
+					settings.getString(Keys.git.sshAuthenticationMethods, AUTH_PUBLICKEY + " " + AUTH_PASSWORD) + " " + AUTH_GSSAPI);
+		}
+		if (authMethods.contains(AUTH_PUBLICKEY)) {
+			SshKeyAuthenticator keyAuthenticator = new SshKeyAuthenticator(gitblit.getPublicKeyManager(), gitblit);
+			sshd.setPublickeyAuthenticator(new CachingPublicKeyAuthenticator(keyAuthenticator));
+			log.info("SSH: adding public key authentication method.");
+		}
+		if (authMethods.contains(AUTH_PASSWORD) || authMethods.contains(AUTH_KBD_INTERACTIVE)) {
+			sshd.setPasswordAuthenticator(new UsernamePasswordAuthenticator(gitblit));
+			log.info("SSH: adding password authentication method.");
+		}
+		if (authMethods.contains(AUTH_GSSAPI)) {
 			sshd.setGSSAuthenticator(new SshKrbAuthenticator(settings, gitblit));
+			log.info("SSH: adding GSSAPI authentication method.");
 		}
+
 		sshd.setSessionFactory(new SshServerSessionFactory());
 		sshd.setFileSystemFactory(new DisabledFilesystemFactory());
 		sshd.setTcpipForwardingFilter(new NonForwardingFilter());
 		sshd.setCommandFactory(new SshCommandFactory(gitblit, workQueue));
-		sshd.setShellFactory(new WelcomeShell(settings));
+		sshd.setShellFactory(new WelcomeShell(gitblit));
 
 		// Set the server id.  This can be queried with:
 		//   ssh-keyscan -t rsa,dsa -p 29418 localhost
diff --git a/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java b/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java
index ec6f72914..7c407d365 100644
--- a/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java
+++ b/src/main/java/com/gitblit/transport/ssh/WelcomeShell.java
@@ -34,6 +34,7 @@
 
 import com.gitblit.IStoredSettings;
 import com.gitblit.Keys;
+import com.gitblit.manager.IGitblit;
 import com.gitblit.models.UserModel;
 import com.gitblit.transport.ssh.commands.DispatchCommand;
 import com.gitblit.transport.ssh.commands.SshCommandFactory;
@@ -45,19 +46,20 @@
  */
 public class WelcomeShell implements Factory<Command> {
 
-	private final IStoredSettings settings;
+	private final IGitblit gitblit;
 
-	public WelcomeShell(IStoredSettings settings) {
-		this.settings = settings;
+	public WelcomeShell(IGitblit gitblit) {
+		this.gitblit = gitblit;
 	}
 
 	@Override
 	public Command create() {
-		return new SendMessage(settings);
+		return new SendMessage(gitblit);
 	}
 
 	private static class SendMessage implements Command, SessionAware {
 
+		private final IPublicKeyManager km;
 		private final IStoredSettings settings;
 		private ServerSession session;
 
@@ -66,8 +68,9 @@ private static class SendMessage implements Command, SessionAware {
 		private OutputStream err;
 		private ExitCallback exit;
 
-		SendMessage(IStoredSettings settings) {
-			this.settings = settings;
+		SendMessage(IGitblit gitblit) {
+			this.km = gitblit.getPublicKeyManager();
+			this.settings = gitblit.getSettings();
 		}
 
 		@Override
@@ -116,6 +119,10 @@ String getMessage() {
 			UserModel user = client.getUser();
 			String hostname = getHostname();
 			int port = settings.getInteger(Keys.git.sshPort, 0);
+			boolean writeKeysIsSupported = true;
+			if (km != null) {
+				writeKeysIsSupported = km.supportsWritingKeys(user);
+			}
 
 			final String b1 = StringUtils.rightPad("", 72, '═');
 			final String b2 = StringUtils.rightPad("", 72, '─');
@@ -159,7 +166,7 @@ String getMessage() {
 			msg.append(nl);
 			msg.append(nl);
 
-			if (client.getKey() == null) {
+			if (writeKeysIsSupported && client.getKey() == null) {
 				// user has authenticated with a password
 				// display add public key instructions
 				msg.append(" You may upload an SSH public key with the following syntax:");
diff --git a/src/main/java/com/gitblit/transport/ssh/keys/KeysDispatcher.java b/src/main/java/com/gitblit/transport/ssh/keys/KeysDispatcher.java
index da58584c9..817a98ffc 100644
--- a/src/main/java/com/gitblit/transport/ssh/keys/KeysDispatcher.java
+++ b/src/main/java/com/gitblit/transport/ssh/keys/KeysDispatcher.java
@@ -25,6 +25,7 @@
 import org.slf4j.LoggerFactory;
 
 import com.gitblit.Constants.AccessPermission;
+import com.gitblit.models.UserModel;
 import com.gitblit.transport.ssh.IPublicKeyManager;
 import com.gitblit.transport.ssh.SshKey;
 import com.gitblit.transport.ssh.commands.CommandMetaData;
@@ -47,12 +48,20 @@ public class KeysDispatcher extends DispatchCommand {
 
 	@Override
 	protected void setup() {
-		register(AddKey.class);
-		register(RemoveKey.class);
+		IPublicKeyManager km = getContext().getGitblit().getPublicKeyManager();
+		UserModel user = getContext().getClient().getUser();
+		if (km != null && km.supportsWritingKeys(user)) {
+			register(AddKey.class);
+			register(RemoveKey.class);
+		}
 		register(ListKeys.class);
 		register(WhichKey.class);
-		register(CommentKey.class);
-		register(PermissionKey.class);
+		if (km != null && km.supportsCommentChanges(user)) {
+			register(CommentKey.class);
+		}
+		if (km != null && km.supportsPermissionChanges(user)) {
+			register(PermissionKey.class);
+		}
 	}
 
 	@CommandMetaData(name = "add", description = "Add an SSH public key to your account")
diff --git a/src/main/java/com/gitblit/utils/HttpUtils.java b/src/main/java/com/gitblit/utils/HttpUtils.java
index 2fd8d898e..27df5a52c 100644
--- a/src/main/java/com/gitblit/utils/HttpUtils.java
+++ b/src/main/java/com/gitblit/utils/HttpUtils.java
@@ -110,7 +110,9 @@ public static String getGitblitURL(HttpServletRequest request) {
 		sb.append(host);
 		if (("http".equals(scheme) && port != 80)
 				|| ("https".equals(scheme) && port != 443)) {
-			sb.append(":").append(port);
+			if (!host.endsWith(":" + port)) {
+				sb.append(":").append(port);
+			}
 		}
 		sb.append(context);
 		return sb.toString();
diff --git a/src/main/java/com/gitblit/utils/LuceneIndexStore.java b/src/main/java/com/gitblit/utils/LuceneIndexStore.java
new file mode 100644
index 000000000..c05e2019b
--- /dev/null
+++ b/src/main/java/com/gitblit/utils/LuceneIndexStore.java
@@ -0,0 +1,98 @@
+/*
+ * Copyright 2017 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gitblit.utils;
+
+import java.io.File;
+import java.nio.file.Path;
+
+/**
+ * @author Florian Zschocke
+ *
+ * @since 1.9.0
+ */
+public class LuceneIndexStore
+{
+
+	public static final int LUCENE_CODEC_VERSION = 54;
+
+	protected File indexFolder;
+
+	/**
+	 * Constructor for a base folder that contains the version specific index folders
+	 * and an index version.
+	 *
+	 * @param luceneFolder
+	 * 			Path to the base folder for the Lucene indices, i.e. the common "lucene" directory.
+	 * @param indexVersion
+	 * 			Version of the index definition
+	 */
+	public LuceneIndexStore(File luceneFolder, int indexVersion)
+	{
+		this.indexFolder = new File(luceneFolder, indexVersion + "_" + LUCENE_CODEC_VERSION);
+	}
+
+
+
+	/**
+	 * Create the Lucene index directory for this index version and Lucene codec version
+	 */
+	public void create()
+	{
+		if (! indexFolder.exists()) {
+			indexFolder.mkdirs();
+		}
+	}
+
+
+	/**
+	 * Delete the Lucene index directory for this index version and Lucene codec version
+	 *
+	 * @return	True if the directory could successfully be deleted.
+	 */
+	public boolean delete()
+	{
+		if (indexFolder.exists()) {
+			return FileUtils.delete(indexFolder);
+		}
+		return true;
+	}
+
+
+
+	/**
+	 * @return	The Path to the index folder
+	 */
+	public Path getPath()
+	{
+		return indexFolder.toPath();
+	}
+
+
+
+	/**
+	 * Check if an index of the respective version, or compatible, already exists.
+	 *
+	 * @return	True if an index exists, False otherwise
+	 */
+	public boolean hasIndex()
+	{
+		return indexFolder.exists() &&
+				indexFolder.isDirectory() &&
+				(indexFolder.list().length > 1);  // Must have more than 'write.lock'
+	}
+
+}
diff --git a/src/main/java/com/gitblit/utils/MarkdownUtils.java b/src/main/java/com/gitblit/utils/MarkdownUtils.java
index e0c9dd4e7..8371b3c64 100644
--- a/src/main/java/com/gitblit/utils/MarkdownUtils.java
+++ b/src/main/java/com/gitblit/utils/MarkdownUtils.java
@@ -30,6 +30,7 @@
 import org.pegdown.PegDownProcessor;
 import org.pegdown.ast.RootNode;
 
+import com.gitblit.Constants;
 import com.gitblit.IStoredSettings;
 import com.gitblit.Keys;
 import com.gitblit.wicket.MarkupProcessor.WorkaroundHtmlSerializer;
@@ -137,8 +138,8 @@ public static String transformGFM(IStoredSettings settings, String input, String
 		String canonicalUrl = settings.getString(Keys.web.canonicalUrl, "https://localhost:8443");
 
 		// emphasize and link mentions
-		String mentionReplacement = String.format(" **[@$1](%1s/user/$1)**", canonicalUrl);
-		text = text.replaceAll("\\s@([A-Za-z0-9-_]+)", mentionReplacement);
+		String mentionReplacement = String.format("**[@${user}](%1s/user/${user})**", canonicalUrl);
+		text = text.replaceAll(Constants.REGEX_TICKET_MENTION, mentionReplacement);
 
 		// link ticket refs
 		String ticketReplacement = MessageFormat.format("$1[#$2]({0}/tickets?r={1}&h=$2)$3", canonicalUrl, repositoryName);
diff --git a/src/main/java/com/gitblit/utils/SecureRandom.java b/src/main/java/com/gitblit/utils/SecureRandom.java
new file mode 100644
index 000000000..119533d41
--- /dev/null
+++ b/src/main/java/com/gitblit/utils/SecureRandom.java
@@ -0,0 +1,83 @@
+/*
+ * Copyright 2016 gitblit.com
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gitblit.utils;
+
+/**
+ * Wrapper class for java.security.SecureRandom, which will periodically reseed
+ * the PRNG in case an instance of the class has been running for a long time.
+ *
+ * @author Florian Zschocke
+ */
+public class SecureRandom {
+
+	/** Period (in ms) after which a new SecureRandom will be created in order to get a fresh random seed. */
+	private static final long RESEED_PERIOD = 24 * 60 * 60 * 1000; /* 24 hours */
+
+
+	private long last;
+	private java.security.SecureRandom random;
+
+
+
+	public SecureRandom() {
+		// Make sure the SecureRandom is seeded right from the start.
+		// This also lets any blocks during seeding occur at creation
+		// and prevents it from happening when getting next random bytes.
+		seed();
+	}
+
+
+
+	public byte[] randomBytes(int num) {
+		byte[] bytes = new byte[num];
+		nextBytes(bytes);
+		return bytes;
+	}
+
+
+	public void nextBytes(byte[] bytes) {
+		random.nextBytes(bytes);
+		reseed(false);
+	}
+
+
+	void reseed(boolean forced) {
+		long ts = System.currentTimeMillis();
+		if (forced || (ts - last) > RESEED_PERIOD) {
+			last = ts;
+			runReseed();
+		}
+	}
+
+
+
+	private void seed() {
+		random = new java.security.SecureRandom();
+		random.nextBytes(new byte[0]);
+		last = System.currentTimeMillis();
+	}
+
+
+	private void runReseed() {
+		// Have some other thread hit the penalty potentially incurred by reseeding,
+		// so that we can immediately return and not block the operation in progress.
+		new Thread() {
+			public void run() {
+				seed();
+			}
+		}.start();
+	}
+}
diff --git a/src/main/java/com/gitblit/utils/X509Utils.java b/src/main/java/com/gitblit/utils/X509Utils.java
index a2650be44..b661922dd 100644
--- a/src/main/java/com/gitblit/utils/X509Utils.java
+++ b/src/main/java/com/gitblit/utils/X509Utils.java
@@ -743,6 +743,25 @@ public static void addTrustedCertificate(String alias, X509Certificate cert, Fil
 	 */
 	public static File newClientBundle(X509Metadata clientMetadata, File caKeystoreFile,
 			String caKeystorePassword, X509Log x509log) {
+		return newClientBundle(null,clientMetadata,caKeystoreFile,caKeystorePassword,x509log);
+	}
+
+	/**
+	 * Creates a new client certificate PKCS#12 and PEM store.  Any existing
+	 * stores are destroyed.  After generation, the certificates are bundled
+	 * into a zip file with a personalized README file.
+	 *
+	 * The zip file reference is returned.
+	 *
+	 * @param user 
+	 * @param clientMetadata a container for dynamic parameters needed for generation
+	 * @param caKeystoreFile
+	 * @param caKeystorePassword
+	 * @param x509log
+	 * @return a zip file containing the P12, PEM, and personalized README
+	 */
+	public static File newClientBundle(com.gitblit.models.UserModel user,X509Metadata clientMetadata, File caKeystoreFile,
+				String caKeystorePassword, X509Log x509log) {		
 		try {
 			// read the Gitblit CA key and certificate
 			KeyStore store = openKeyStore(caKeystoreFile, caKeystorePassword);
@@ -755,8 +774,17 @@ public static File newClientBundle(X509Metadata clientMetadata, File caKeystoreF
 	        x509log.log(MessageFormat.format("New client certificate {0,number,0} [{1}]", cert.getSerialNumber(), cert.getSubjectDN().getName()));
 
 	        // process template message
-	        String readme = processTemplate(new File(caKeystoreFile.getParentFile(), "instructions.tmpl"), clientMetadata);
-
+	        String readme = null;
+	        String sInstructionsFileName = "instructions.tmpl";
+	        if( user == null )
+	        	readme = processTemplate(new File(caKeystoreFile.getParentFile(),sInstructionsFileName), clientMetadata);
+	        else{
+	        	File fileInstructionsTmp = null;
+	        	if( (fileInstructionsTmp = new File(caKeystoreFile.getParentFile(),sInstructionsFileName+"_"+user.getPreferences().getLocale())).exists() )
+	        		readme = processTemplate(fileInstructionsTmp,clientMetadata);
+	        	else
+	        		readme = processTemplate(new File(caKeystoreFile.getParentFile(),sInstructionsFileName),clientMetadata);
+	        }
 	        // Create a zip bundle with the p12, pem, and a personalized readme
 	        File zipFile = new File(targetFolder, clientMetadata.commonName + ".zip");
 	        if (zipFile.exists()) {
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp.java b/src/main/java/com/gitblit/wicket/GitBlitWebApp.java
index 0a2c90c2f..9381d4dc7 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp.java
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp.java
@@ -15,7 +15,6 @@
  */
 package com.gitblit.wicket;
 
-import java.time.Instant;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Locale;
@@ -144,7 +143,7 @@ public class GitBlitWebApp extends WebApplication implements GitblitWicketApp {
 
 	private final IFilestoreManager filestoreManager;
 
-	private static final Instant APPLICATION_STARTUP_TIME = Instant.now();
+	private static final Date APPLICATION_STARTUP_TIME = new Date();
 
 	@Inject
 	public GitBlitWebApp(Provider<IPublicKeyManager> publicKeyManagerProvider,
@@ -254,7 +253,7 @@ public void init() {
 		FontAwesome.install(this);
 		Octicons.install(this);
 		StaticResources.install(this);
-		
+
 		// allow started Wicket plugins to initialize
 		for (PluginWrapper pluginWrapper : pluginManager.getPlugins()) {
 			if (PluginState.STARTED != pluginWrapper.getPluginState()) {
@@ -282,16 +281,13 @@ public void init() {
 	 */
 	@Override
 	public void mount(String location, Class<? extends WebPage> clazz, String... parameters) {
-		if (parameters == null) {
-			parameters = new String[] {};
-		}
-		if (!settings.getBoolean(Keys.web.mountParameters, true)) {
-			parameters = new String[] {};
+		String mountPoint = location;
+		if (settings.getBoolean(Keys.web.mountParameters, true) && parameters != null) {
+			for (String param : parameters) {
+				mountPoint = String.format("%s/#{%s}", mountPoint, param);
+			}
 		}
-		// TODO: check if needed with wichet-7
-		// mount(new GitblitParamUrlCodingStrategy(settings, xssFilter,
-		// location, clazz, parameters));
-		mountPage(location, clazz);
+		mountPage(mountPoint, clazz);
 
 		// map the mount point to the cache control definition
 		if (clazz.isAnnotationPresent(CacheControl.class)) {
@@ -529,7 +525,7 @@ public TimeZone getTimezone() {
 		return runtimeManager.getTimezone();
 	}
 
-	public Instant getApplicationStartupTime() {
+	public Date getApplicationStartupTime() {
 		return APPLICATION_STARTUP_TIME;
 	}
 
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp.properties
index b3cbef82f..c46bd63dd 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp.properties
@@ -218,7 +218,8 @@ gb.pages = pages
 gb.workingCopy = working copy
 gb.workingCopyWarning = this repository has a working copy and can not receive pushes
 gb.query = query
-gb.queryHelp = Standard query syntax is supported.<p/><p/>Please see <a target="_new" href="http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">Lucene Query Parser Syntax</a> for details.
+gb.queryHelp = Standard query syntax is supported.<p/><p/>Please see ${querySyntax} for details.
+gb.querySyntax = Lucene Query Parser Syntax
 gb.queryResults = results {0} - {1} ({2} hits)
 gb.noHits = no hits
 gb.authored = authored
@@ -783,3 +784,4 @@ gb.deletePatchsetSuccess = Deleted Patchset {0}.
 gb.deletePatchsetFailure = Error deleting Patchset {0}.
 gb.referencedByCommit = Referenced by commit.
 gb.referencedByTicket = Referenced by ticket.
+gb.emailClientCertificateSubject = Your Gitblit client certificate for {0}
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_cs.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_cs.properties
new file mode 100644
index 000000000..45eb428fb
--- /dev/null
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_cs.properties
@@ -0,0 +1,788 @@
+
+gb.zip=zip
+gb.repository=repozit\u00e1\u0159
+gb.owner=vlastn\u00edk
+gb.description=popis
+gb.lastChange=posledn\u00ed zm\u011bna
+gb.author=autor
+gb.age=st\u00e1\u0159\u00ed
+gb.tree=strom
+gb.parent=rodi\u010d
+gb.url=URL
+gb.history=historie
+gb.object=objekt
+gb.ticketAssigned=p\u0159i\u0159azen
+gb.ticketStatus=status
+gb.ticketComments=koment\u00e1\u0159e
+gb.local=lok\u00e1ln\u00ed
+gb.branches=v\u011btve
+gb.patch=patch
+gb.diff=diff
+gb.allTags=v\u0161echny tagy...
+gb.allBranches=v\u0161echny v\u011btve...
+gb.moreLogs=v\u0161echny commity...
+gb.summary=souhrn
+gb.newRepository=nov\u00fd repozit\u00e1\u0159
+gb.newUser=nov\u00fd u\u017eivatel
+gb.pageFirst=prvn\u00ed
+gb.pagePrevious=p\u0159edchoz\u00ed
+gb.pageNext=dal\u0161\u00ed
+gb.head=HEAD
+gb.login=p\u0159ihl\u00e1sit
+gb.logout=odhl\u00e1sit
+gb.username=u\u017eivatelsk\u00e9 jm\u00e9no
+gb.password=heslo
+gb.search=hledat
+gb.modification=zmena
+gb.rename=p\u0159ejmenov\u00e1n\u00ed
+gb.stats=statistiky
+gb.tagger=taguj\u00edc\u00ed
+gb.moreHistory=v\u00edce historie...
+gb.changedFiles=zm\u011bn\u011bn\u00e9 soubory
+gb.filesAdded={0} soubr\u016f p\u0159id\u00e1no
+gb.filesModified={0} soubr\u016f zm\u011bn\u011bno
+gb.filesDeleted={0} soubr\u016f smaz\u00e1no
+gb.filesCopied={0} soubr\u016f zkopirov\u00e1no
+gb.filesRenamed={0} soubr\u016f p\u0159ejmenov\u00e1no
+gb.edit=upravit
+gb.searchTooltip=Hledej {0}
+gb.delete=smazat
+gb.docs=dokumentace
+gb.accessRestriction=Omezen\u00ed p\u0159\u00edstupu
+gb.name=n\u00e1zev
+gb.enableDocs=Povolit dokumentaci
+gb.save=ulo\u017eit
+gb.isFrozen=je zmra\u017een\u00fd
+gb.cancel=zru\u0161it
+gb.changePassword=zm\u011bnit heslo
+gb.repositories=repozit\u00e1\u0159e
+gb.frequency=frekvence
+gb.folder=slo\u017eka
+gb.lastPull=posledn\u00ed pull
+gb.nextPull=n\u00e1sleduj\u00edc\u00ed pull
+gb.registration=registrace
+gb.origin=origin
+gb.headRef=v\u00fdchoz\u00ed v\u011btev (HEAD)
+gb.oid=id objektu
+gb.editFile=upravit soubor
+gb.continueEditing=Pokra\u010dovat v uprav\u00e1ch
+gb.allRepositories=V\u0161echny repozit\u00e1\u0159e
+gb.ignore_whitespace=ignorovat b\u00edle znaky
+gb.show_whitespace=uk\u00e1zat b\u00edl\u00e9 znaky
+gb.diffDeletedFileSkipped=(smazan\u00fd)
+gb.comment=Koment\u00e1\u0159
+gb.tag=tag
+gb.tags=tagy
+gb.commit=commit
+gb.committer=commituj\u00edc\u00ed
+gb.log=z\u00e1znam
+gb.ticket=\u00fakol
+gb.commitdiff=commitdiff
+gb.tickets=\u00fakoly
+gb.difftocurrent=porovnej se sou\u010dasn\u00fdm
+gb.metrics=metriky
+gb.markdown=markdown
+gb.missingUsername=Chyb\u00fd u\u017eivatelsk\u00e9 jm\u00e9no
+gb.searchTypeTooltip=Vyberte typ hled\u00e1n\u00ed
+gb.enableTickets=povolit \u00fakoly
+gb.showRemoteBranches=uk\u00e1zat vzd\u00e1len\u00e9 v\u011btve
+gb.editUsers=upravit u\u017eivatele
+gb.confirmPassword=potvrdit heslo
+gb.restrictedRepositories=omezen\u00fd repozit\u00e1\u0159
+gb.canAdmin=m\u016f\u017ee administrovat
+gb.notRestricted=anonymn\u00ed prohl\u00ed\u017een\u00ed, clone a push
+gb.view=prohl\u00ed\u017een\u00ed
+gb.remote=vzd\u00e1len\u00fd
+gb.deletion=vym\u00e1z\u00e1n\u00ed
+gb.pushRestricted=ov\u011b\u0159en\u00fd push
+gb.cloneRestricted=ov\u011b\u0159en\u00fd clone a push
+gb.viewRestricted=ov\u011b\u0159en\u00e9 prohl\u00ed\u017een\u00ed, clone a push
+gb.useDocsDescription=vyp\u00ed\u0161e Markdown dokumentaci v repozit\u00e1\u0159i
+gb.federatedRepositoryDefinitions=definice repozit\u00e1\u0159\u016f
+gb.federatedUserDefinitions=definice u\u017eivatel\u016f
+gb.federatedSettingDefinitions=definice nastaven\u00ed
+gb.type=typ
+gb.inclusions=zahrnut\u00e9
+gb.exclusions=vylou\u010den\u00e9
+gb.sendProposal=navrhnout
+gb.message=zpr\u00e1va
+gb.destinationUrl=odeslat do
+gb.destinationUrlDescription=URL Gitblit instance kam poslat n\u00e1vrh
+gb.users=u\u017eivatel\u00e9
+gb.federation=federace
+gb.error=chyba
+gb.refresh=obnovit
+gb.browse=proch\u00e1zet
+gb.clone=klonovat
+gb.filter=filtrovat
+gb.create=vytvo\u0159it
+gb.recent=ned\u00e1vn\u00e9
+gb.available=dostupn\u00e9
+gb.selected=vybran\u00e9
+gb.size=velikost
+gb.downloading=stahov\u00e1n\u00ed
+gb.loading=nahr\u00e1v\u00e1n\u00ed
+gb.starting=spou\u0161t\u011bn\u00ed
+gb.general=obecn\u00e9
+gb.settings=nastaven\u00ed
+gb.manage=spravovat
+gb.lastLogin=posledn\u00ed p\u0159ihl\u00e1\u0161en\u00ed
+gb.skipSizeCalculation=p\u0159esko\u010dit v\u00fdpo\u010det velikosti
+gb.default=v\u00fdchoz\u00ed
+gb.setDefault=nastavit v\u00fdchoz\u00ed
+gb.since=od
+gb.status=status
+gb.servletContainer=kontejner servletu
+gb.version=verze
+gb.releaseDate=datum vyd\u00e1n\u00ed
+gb.date=datum
+gb.activity=aktivita
+gb.subscribe=p\u0159ihl\u00e1sit
+gb.branch=v\u011btev
+gb.recentActivity=posledn\u00ed aktivita
+gb.commits=zm\u011bny
+gb.teams=t\u00fdmy
+gb.teamName=jm\u00e9no t\u00fdmu
+gb.teamMembers=\u010dlenov\u00e9 t\u00fdmu
+gb.teamMemberships=\u010dlenstv\u00ed v t\u00fdmu
+gb.newTeam=nov\u00fd t\u00fdm
+gb.permittedTeams=povolen\u00e9 t\u00fdmy
+gb.emptyRepository=pr\u00e1zdn\u00fd repozit\u00e1\u0159
+gb.repositoryUrl=URL repozit\u00e1\u0159e
+gb.filters=filtry
+gb.generalDescription=obecn\u00e1 nastaven\u00ed
+gb.pages=str\u00e1nky
+gb.workingCopy=pracovn\u00ed kopie
+gb.empty=pr\u00e1zdn\u00fd
+gb.deleteRepository=Smazat repozit\u00e1\u0159 "{0}"?
+gb.repositoryDeleted=Repozit\u00e1\u0159 ''{0}'' smaz\u00e1no.
+gb.repositoryDeleteFailed=Smaz\u00e1n\u00ed repozit\u00e1\u0159e ''{0}'' selhalo!
+gb.deleteUser=Smazat u\u017eivatele "{0}"?
+gb.userDeleted=U\u017eivatel ''{0}'' smaz\u00e1n.
+gb.userDeleteFailed=Chyba pri maz\u00e1n\u00ed u\u017eivatele ''{0}''!
+gb.time.justNow=nyn\u00ed
+gb.time.today=dnes
+gb.time.yesterday=v\u010dera
+gb.time.hoursAgo=p\u0159ed {0} hodinami
+gb.time.minsAgo=p\u0159ed {0} minutami
+gb.time.daysAgo=p\u0159ed {0} dny
+gb.time.weeksAgo=p\u0159ed {0} t\u00fddny
+gb.time.monthsAgo=p\u0159ed {0} m\u011bs\u00edci
+gb.time.oneYearAgo=p\u0159ed jedn\u00edm rokem
+gb.time.yearsAgo=p\u0159ed {0} roky
+gb.duration.oneDay=1 den
+gb.duration.days={0} dn\u00ed
+gb.duration.oneMonth=1 m\u011bs\u00edc
+gb.duration.months={0} m\u011bs\u00edc\u016f
+gb.duration.oneYear=1 rok
+gb.duration.years={0} let
+gb.projects=projekty
+gb.project=projekt
+gb.allProjects=v\u0161echny projetky
+gb.copyToClipboard=zkop\u00edrovat do schr\u00e1nky
+gb.add=p\u0159idat
+gb.noPermission=SMAZAT TOTO OPR\u00c1VN\u011aN\u00cd
+gb.viewPermission={0} (zobrazit)
+gb.clonePermission={0} (klonovat)
+gb.pushPermission={0} (push)
+gb.createPermission={0} (push, vytv\u00e1\u0159en\u00ed ref)
+gb.deletePermission={0} (push, vytv\u00e1\u0159en\u00ed+maz\u00e1n\u00ed ref)
+gb.rewindPermission={0} (push, vytv\u00e1\u0159en\u00ed+maz\u00e1n\u00ed+rewind ref)
+gb.regexPermission=toto opr\u00e1vn\u011bn\u00ed je nastaveno z regul\u00e1rn\u00edho v\u00fdrazu "{0}"
+gb.accessDenied=p\u0159\u00edstup odep\u0159en
+gb.administrator=admin
+gb.administratorPermission=administr\u00e1tor Gitblitu
+gb.team=t\u00fdm
+gb.missing=chyb\u00ed!
+gb.effective=efektivn\u00ed
+gb.properties=vlastnosti
+gb.serialNumber=s\u00e9riov\u00e9 \u010d\u00edslo
+gb.certificates=certifik\u00e1ty
+gb.newCertificate=nov\u00fd certifik\u00e1t
+gb.revokeCertificate=zru\u0161it certifik\u00e1t
+gb.sendEmail=odeslat e-mail
+gb.passwordHint=n\u00e1pov\u011bda hesla
+gb.ok=ok
+gb.subject=p\u0159edm\u011bt
+gb.issuer=vydavatel
+gb.validFrom=platn\u00fd od
+gb.validUntil=platn\u00fd do
+gb.publicKey=ve\u0159ejn\u00fd kl\u00ed\u010d
+gb.unspecified=nespecifikov\u00e1no
+gb.oneCommitTo=1 commit do
+gb.noMilestoneSelected=mezn\u00edk nevybr\u00e1n
+gb.veto=vetovat
+gb.illegalCharacterRepositoryName=Neplatn\u00fd znak ''{0}'' ve jm\u00e9n\u011b repozit\u00e1\u0159e.
+gb.errorAdminLoginRequired=Administrace vy\u017eaduje p\u0159ihl\u00e1\u0161en\u00ed
+gb.compare=porovnat
+gb.nClosedTickets={0} zav\u0159eno
+gb.canCreate=m\u016f\u017ee vytv\u00e1\u0159et
+gb.leaveComment=zanechat koment\u00e1\u0159...
+gb.sort=se\u0159adit
+gb.deletedBranch=smazat v\u011btev
+gb.export=exportovat
+gb.myRepositories=moje repozit\u00e1\u0159e
+gb.md5FingerPrint=MD5 otisk
+gb.watching=sledovat
+gb.sha1FingerPrint=SHA1 otisk
+gb.clearCache=vymazat cache
+gb.warning=varov\u00e1n\u00ed
+gb.discussion=diskuze
+gb.oneCommit=jeden commit
+gb.duration=doba trv\u00e1n\u00ed
+gb.watchers=sleduj\u00edc\u00ed
+gb.addedNCommits=p\u0159id\u00e1no {0} commit\u016f
+gb.expires=vypr\u0161\u00ed
+gb.diffNewFile=Nov\u00fd soubor
+gb.revisionHistory=historie reviz\u00ed
+gb.initWithReadme=P\u0159idat README
+gb.editMilestone=upravit mezn\u00edk
+gb.signatureAlgorithm=algoritmus podpisu
+gb.overview=p\u0159ehled
+gb.expired=vypr\u0161el
+gb.dailyActivity=denn\u00ed aktivita
+gb.validity=platnost
+gb.query=dotaz
+gb.ticketState=Stav \u00fakolu
+gb.to=do
+gb.newTicket=nov\u00fd \u00fakol
+gb.download=st\u00e1hnout
+gb.issued=vydan\u00fd
+gb.owners=vlastn\u00edci
+gb.closed=uzav\u0159en\u00fd
+gb.bugTickets=chyba
+gb.write=ps\u00e1t
+gb.receive=p\u0159ijmout
+gb.updated=aktualizov\u00e1no
+gb.voters=hlasuj\u00edc\u00ed
+gb.at=v
+gb.noSelectedRepositoriesWarning=pros\u00edm vyberte jeden nebo v\u00edce repozit\u00e1\u0159\u016f!
+gb.ticketN=\u00fakol #{0
+gb.time.inHours=b\u011bhem {0} hodin
+gb.sortNewest=nejnov\u011bj\u0161\u00ed
+gb.deleteMilestone=Smazat mezn\u00edk "{0}"?
+gb.emailAddressDescription=Prim\u00e1rn\u00ed e-mailov\u00e1 adresa pro p\u0159\u00edjem upozorn\u011bn\u00ed
+gb.line=linka
+gb.lastNDays=posledn\u00edch {0} dn\u00ed
+gb.sortMostRecentlyUpdated=ned\u00e1vno aktualizov\u00e1no
+gb.displayName=zobrazovan\u00fd n\u00e1zev
+gb.administration=administrace
+gb.priority=priorita
+gb.overdue=zpo\u017ed\u011bn\u00fd
+gb.any=libovoln\u00fd
+gb.indexedBranches=Indexovan\u00e9 v\u011btve
+gb.diffDeletedFile=Soubor byl smaz\u00e1n
+gb.userCreated=Nov\u00fd u\u017eivatel ''{0}'' \u00fasp\u011b\u0161n\u011b vytvo\u0159en.
+gb.teamCreated=Nov\u00fd t\u00fdm ''{0}'' \u00fasp\u011b\u0161n\u011b vytvo\u0159en.
+gb.isSparkleshared=repozit\u00e1\u0159 je Sparkleshare
+gb.nTotalTickets={0} celkem
+gb.all=v\u0161echny
+gb.new=nov\u00fd
+gb.excludeFromActivity=odebrat z aktivn\u00ed str\u00e1nky
+gb.referencedByTicket=Odkazovan\u00fd \u00fakolem.
+gb.ticketId=id \u00fakolu
+gb.forkNotAuthorized=Promint\u011b, nejste opr\u00e1vn\u011bni k vytvo\u0159en\u00ed forku {0}
+gb.servers=servry
+gb.nParticipants={0} \u00fa\u010dastn\u00edk\u016f
+gb.oneParticipant={0} \u00fa\u010dastn\u00edk
+gb.reset=reset
+gb.oneComment={0} koment\u00e1\u0159
+gb.oneAttachment={0} p\u0159\u00edloha
+gb.from=od
+gb.blob=blob
+gb.severity=z\u00e1va\u017enost
+gb.accessLevel=\u00farove\u0148 p\u0159\u00edstupu
+gb.yourCreatedTickets=vytvo\u0159eno v\u00e1mi
+gb.editTicket=upravit \u00fakol
+gb.milestones=mezn\u00edky
+gb.sortLowestSeverity=nejni\u017e\u0161\u00ed z\u00e1va\u017enost
+gb.permittedUsers=opr\u00e1vn\u011bn\u00fd u\u017eivatel
+gb.sortMostVotes=nejv\u00edce hlas\u016f
+gb.plugins=pluginy
+gb.specified=specifikovan\u00e9
+gb.sortHighestPriority=nejvy\u0161\u0161\u00ed priorita
+gb.content=obsah
+gb.organization=organizace
+gb.passwordTooShort=Heslo je p\u0159\u00edli\u0161 kr\u00e1tke. minimum je {0} znak\u016f.
+gb.notSpecified=nen\u00ed specifikov\u00e1no
+gb.superseded=nahrazeno
+gb.keyCompromise=kl\u00ed\u010d kompromitov\u00e1n
+gb.locality=lokalita
+gb.addSshKey=P\u0159idat SSH kl\u00ed\u010d
+gb.myFork=zobrazit m\u016fj fork
+gb.mergeType=typ slou\u010den\u00ed
+gb.commitsTo={0} commit\u016f do
+gb.indexedBranchesDescription=Vyberte v\u011btev kter\u00e1 bude indexov\u00e1na pomoc\u00ed Lucene
+gb.couldNotCreateFederationProposal=Nelze vytvo\u0159it n\u00e1vrh federace!
+gb.completeGravatarProfile=Dokon\u010dete profil na Gravatar.com
+gb.errorOnlyAdminOrOwnerMayEditRepository=Pouze administr\u00e1tor nebo vlastn\u00edk m\u016f\u017ee upravovat repozit\u00e1\u0159
+gb.diffCopiedFile=Soubor byl zkop\u00edrov\u00e1n z {0}
+gb.failedToReadMessage=Nelze p\u0159e\u010d\u00edst v\u00fdchoz\u00ed zpr\u00e1vu z {0}!
+gb.organizationalUnit=organiza\u010dn\u00ed jednotka
+gb.newSSLCertificate=nov\u00fd serverov\u00fd SSL certifik\u00e1t
+gb.anonymousPolicyDescription=Kdokoli m\u016f\u017ee zobrazit repozit\u00e1\u0159 a prov\u00e1d\u011bt clone a push.
+gb.deleteRepositoryDescription=Smazan\u00e9 repozit\u00e1\u0159e budou neobnoviteln\u00e1.
+gb.allowForks=povolit forky
+gb.newMilestone=nov\u00fd mezn\u00edk
+gb.nFederationProposalsToReview={0} n\u00e1vrh\u016f federac\u00ed \u010dek\u00e1 na posouzen\u00ed.
+gb.anonymousCanNotPropose=Anonymn\u00ed u\u017eivatel nem\u016f\u017ee navrhovat patchsety.
+gb.patchsetN=sada zm\u011bn {0}
+gb.failedToUpdateUser=Aktualizace u\u017eivatelsk\u00e9ho \u00fa\u010dtu selhala!
+gb.commitIsNull=Commit je null
+gb.certificate=certifik\u00e1t
+gb.isMirror=tento repozit\u00e1\u0159 je zrcadlo
+gb.accessPolicy=Opr\u00e1vn\u011bn\u00ed p\u0159\u00edstupu
+gb.todaysActivityNone=dnes / nic
+gb.transportPreference=Preference transportu
+gb.reviews=posouzen\u00ed
+gb.open=otev\u0159\u00edt
+gb.oneMoreCommit=1 dal\u0161\u00ed commit \u00bb
+gb.patchsetVetoedMore=Posuzovatel volil tento patchset.
+gb.about=o
+gb.action=akce
+gb.acceptNewPatchsets=p\u0159ijmout sady zm\u011bn
+gb.accessPermissions=p\u0159\u00edstupov\u00e1 opr\u00e1vn\u011bn\u00ed
+gb.accountPreferences=Preference \u00fa\u010dtu
+gb.active=aktivn\u00ed
+gb.activeAuthors=aktivn\u00ed u\u017eivatel\u00e9
+gb.activeRepositories=aktivn\u00ed repozit\u00e1\u0159e
+gb.addComment=p\u0159idat koment\u00e1\u0159
+gb.addedOneCommit=p\u0159id\u00e1n 1 commit
+gb.opacityAdjust=Nastavit nepr\u016fhlednost
+gb.errorAdministrationDisabled=Administrace je zak\u00e1z\u00e1na
+gb.affiliationChanged=p\u0159\u00edslu\u0161nost se zm\u011bnila
+gb.moreChanges=v\u0161echny zm\u011bny...
+gb.verifyCommitterNote=v\u0161echna slou\u010den\u00ed vy\u017eaduj\u00ed "--no-ff" aby se vynutila identita v\u00fdvoj\u00e1\u0159e
+gb.tokenJurDescription=v\u0161echny repozit\u00e1\u0159e
+gb.tokenUnrDescription=v\u0161echny repozit\u00e1\u0159e a u\u017eivatel\u00e9
+gb.tokenAllDescription=v\u0161echny repozit\u00e1\u0159e, u\u017eivatel\u00e9 a nastaven\u00ed
+gb.heapAllocated=alokovan\u00e1 halda
+gb.allowForksDescription=povolit opr\u00e1vn\u011bn\u00fdm u\u017eivatel\u016fm vytv\u00e1\u0159et fork tohoto repozit\u00e1\u0159e
+gb.acceptNewTicketsDescription=povolit vytv\u00e1\u0159en\u00ed hl\u00e1\u0161en\u00ed o chyb\u00e1ch, vylep\u0161en\u00ed, ulohy a dal\u0161\u00edch \u00fakol\u016f
+gb.acceptNewTickets=povolit nov\u00e9 \u00fakoly
+gb.anonymousUser=anonym
+gb.anonymousPolicy=Anonymn\u00ed prohl\u00ed\u017een\u00ed, klonov\u00e1n\u00ed a push
+gb.approve=schv\u00e1lit
+gb.yourAssignedTickets=p\u0159i\u0159azeno v\u00e1m
+gb.attributes=atributy
+gb.body=t\u011blo
+gb.caCompromise=CA kompromitov\u00e1na
+gb.canAdminDescription=m\u016f\u017ee spravovat Gitblit server
+gb.canCreateDescription=m\u016f\u017ee vytv\u00e1\u0159et osobn\u00ed repozit\u00e1\u0159
+gb.canFork=m\u016f\u017ee prov\u00e1d\u011bt fork
+gb.canForkDescription=m\u016f\u017ee prov\u00e1d\u011bt fork opr\u00e1vn\u011bn\u00fdch repozit\u00e1\u0159\u016f do osobn\u00edch repozit\u00e1\u0159\u016f
+gb.canNotLoadRepository=Nelze na\u010d\u00edst repozit\u00e1\u0159
+gb.canNotProposePatchset=nelze navrhnout sadu zm\u011bn
+gb.acceptNewPatchsetsDescription=p\u0159imout sady zm\u011bn p\u0159edan\u00fdch pomoc\u00ed push do tohoto repozit\u00e1\u0159e
+gb.checkoutStep2=P\u0159ekontrolovat sadu zm\u011bn
+gb.checkoutViaCommandLine=P\u0159ekontrolovat pomoc\u00ed p\u0159\u00edkazov\u00e9 \u0159\u00e1dky
+gb.checkout=checkout
+gb.clientCertificateBundleSent=Bal\u00edk klientsk\u00e9ho certifik\u00e1tu {0} odesl\u00e1n
+gb.closedMilestones=uzav\u0159en\u00e9 mezn\u00edky
+gb.comments=koment\u00e1\u0159e
+gb.commented=komentov\u00e1no
+gb.compareToMergeBase=porovnat k z\u00e1kladu slu\u010dov\u00e1n\u00ed
+gb.requireApprovalDescription=sady zm\u011bn mus\u00ed b\u00fdt odsouhlaseny p\u0159ed t\u00edm, ne\u017e je povoleno tla\u010d\u00edtko slou\u010den\u00ed
+gb.nComments={0} koment\u00e1\u0159\u016f
+gb.milestoneProgress={0} otev\u0159eno, {1} uzav\u0159eno
+gb.nOpenTickets={0} otev\u0159eno
+gb.nMoreCommits={0} v\u00edce commit\u016f \u00bb
+gb.diffStat={0} p\u0159id\u00e1n\u00ed a {1} odebr\u00e1n\u00ed
+gb.noForks={0} nem\u00e1 \u017e\u00e1dn\u00e9 forky
+gb.repositoryForked={0} byl forknut
+gb.userServiceDoesNotPermitPasswordChanges={0} nepovoluje zm\u011bnu hesla!
+gb.userServiceDoesNotPermitAddUser={0} nedovoluje p\u0159id\u00e1n\u00ed u\u017eivatelsk\u00e9ho \u00fa\u010dtu!
+gb.doesNotExistInTree={0} nen\u00ed obsa\u017een ve stromu {1}
+gb.branchStats={0} commit\u016f a {1} tag\u016f b\u011bhem {2}
+gb.nCommits={0} commit\u016f
+gb.nAttachments={0} p\u0159\u00edloh
+gb.externalPermissions={0} p\u0159\u00edstupov\u00e1 pr\u00e1va jsou spravov\u00e1na vzd\u00e1len\u011b
+gb.excludePermission={0} (vyjmout)
+gb.yourWatchedTickets=sledov\u00e1no v\u00e1mi
+gb.viewCertificate=zobrazit certifik\u00e1t
+gb.viewComparison=zobrazit porovn\u00e1n\u00ed t\u011bchto {0} commit\u016f \u00bb
+gb.verifyCommitter=ov\u011b\u0159it v\u00fdvoj\u00e1\u0159e
+gb.usernameUnavailable=U\u017eivatelsk\u00e9 jm\u00e9no ''{0}'' nen\u00ed dostupn\u00e9.
+gb.userPermissions=opr\u00e1vn\u011bn\u00ed u\u017eivatele
+gb.nameDescription=pou\u017e\u00edvat '/' k seskupen\u00ed repozit\u00e1\u0159\u016f, nap\u0159. libraries/mycoollib.git
+gb.heapUsed=pou\u017eit\u00e1 halda
+gb.uploadedPatchsetNRevisionN=nahr\u00e1na sada zm\u011bn {0} revize {1}
+gb.uploadedPatchsetN=nahr\u00e1na sada zm\u011bn {0}
+gb.unstar=odzna\u010d
+gb.title=titulek
+gb.ticketSettings=Nastaven\u00ed \u00fakolu
+gb.repositoryIsFrozen=Repozit\u00e1\u0159 je zmra\u017een\u00e9.
+gb.repositoryIsMirror=Repozit\u00e1\u0159 je zrcadlo pouze pro \u010dten\u00ed.
+gb.serverDoesNotAcceptPatchsets=Tento server neakceptuje sady zm\u011bn.
+gb.ticketIsClosed=Tento \u00fakol je uzav\u0159en\u00fd.
+gb.initWithReadmeDescription=Toto vytvo\u0159\u00ed jednoduch\u00fd README dokument ve va\u0161em repozit\u00e1\u0159i.
+gb.ticketPatchset=\u00fakol {0}, psada zm\u011bn {1}
+gb.vote=hlasovat pro toto {0}
+gb.votes=hlasy
+gb.watch=sledovat toto {0}
+gb.updatedBy=aktualizoval
+gb.unauthorizedAccessForRepository=Neautorizovan\u00fd p\u0159\u00edstup do repozit\u00e1\u0159e.
+gb.fileNotMergeable=Nelze prov\u00e9st commit {0}. Tento soubor nelze automaticky slou\u010dit.
+gb.patchsetNotApprovedMore=Posuzovatel mus\u00ed schv\u00e1lit tuto sadu zm\u011bn.
+gb.teamPermission=opr\u00e1vn\u011bn\u00ed nastavil "{0}" \u010dlenstv\u00ed v t\u00fdmu
+gb.ticketsWelcome=M\u016f\u017eete pou\u017e\u00edt \u00fakoly k organizaci va\u0161eho seznamu \u00fakol\u016f, diskutovat chyby a spolupracovat na sad\u00e1ch zm\u011bn.
+gb.sshKeyCommentDescription=Vlo\u017ete voliteln\u00fd koment\u00e1\u0159. Pokud bude pr\u00e1zdn\u00fd, bude automaticky vyta\u017een z dat kl\u00ed\u010de.
+gb.feed=kan\u00e1l
+gb.recentActivityNone=posledn\u00edch {0} dn\u00ed / nic
+gb.selectFederationStrategy=Pros\u00edm zvolte strategii federace!
+gb.ptDescription=n\u00e1stroj sad zm\u011bn Gitblitu
+gb.milestone=mezn\u00edk
+gb.federationSets=sady federac\u00ed
+gb.diffRenamedFile=Soubor byl p\u0159ejmenov\u00e1n z {0}
+gb.noActivityToday=dnes tu nebyla \u017e\u00e1dn\u00e1 aktivita
+gb.noActivity=nebyla tu \u017e\u00e1dn\u00e1 aktivita b\u011bhem posledn\u00edch {0} dn\u00ed
+gb.dashboard=hlavn\u00ed panel
+gb.myDashboard=m\u016fj hlavn\u00ed panel
+gb.myProfile=m\u016fj profil
+gb.myTickets=moje \u00fakoly
+gb.merged=slou\u010deno
+gb.mergeTo=slou\u010dit do
+gb.mergedPatchset=slou\u010dit sadu zm\u011bn
+gb.mergedPullRequest=slou\u010dit \u017e\u00e1dost o p\u0159eta\u017een\u00ed
+gb.mergingViaCommandLine=Slou\u010dit pomoc\u00ed p\u0159\u00edkazov\u00e9 \u0159\u00e1dky
+gb.merge=slou\u010dit
+gb.heapMaximum=maxim\u00e1ln\u00ed halda
+gb.sortLowestPriority=nejni\u017e\u010d\u00ed priorita
+gb.luceneDisabled=indexov\u00e1n\u00ed pomoc\u00ed Lucene je zak\u00e1zan\u00e9
+gb.maintenanceTickets=\u00fadr\u017eba
+gb.isFork=je fork
+gb.isNotValidFile=nen\u00ed platn\u00fd soubor
+gb.key=Kl\u00ed\u010d
+gb.initialCommit=Prvn\u00ed commit
+gb.invalidExpirationDate=deplatn\u00e9 datum vypr\u0161en\u00ed!
+gb.invalidUsernameOrPassword=Neplatn\u00e9 u\u017eivatelsk\u00e9 jm\u00e9no nebo heslo!
+gb.filestoreHelp=Jak pou\u017e\u00edvat \u00dalo\u017ei\u010dt\u011b velk\u00fdch soubor\u016f?
+gb.filestore=velk\u00e9 soubory
+gb.filestoreStats=\u00dalo\u017ei\u0161t\u011b velk\u00fdch soubor\u016f obsahuje {0} soubor\u016f o celkov\u00e9 velikosti {1}.  ({2} zb\u00fdv\u00e1)
+gb.findSomeRepositories=naj\u00edt n\u011bjak\u00e9 repozit\u00e1\u0159e
+gb.repositoryForkFailed=fork selhal
+gb.forkInProgress=fork prob\u00edh\u00e1
+gb.forkRepository=prov\u00e9st fork {0}?
+gb.forkedFrom=fork z
+gb.forks=forky
+gb.forksProhibited=vytvo\u0159en\u00ed forku zak\u00e1z\u00e1no
+gb.free=uvolnit
+gb.expiring=exportov\u00e1n\u00ed
+gb.excludeFromFederation=vyjmout z federace
+gb.deletePatchsetFailure=Chyba p\u0159i odstranov\u00e1n\u00ed sady zm\u011bn {0}.
+gb.enhancementTickets=vylep\u0161en\u00ed
+gb.requestTickets=vylep\u0161en\u00ed a \u00falohy
+gb.emailAddress=e-mailov\u00e1 adresa
+gb.gcPeriodDescription=doba mezi \u00faklidy
+gb.garbageCollection=\u00daklid
+gb.gcPeriod=GC perioda
+gb.gcThreshold=GC pr\u00e1h
+gb.gc=GC
+gb.sortLeastVotes=posledn\u00ed hlasy
+gb.sortLeastComments=posledn\u00ed koment\u00e1\u0159e
+gb.looksGood=vypad\u00e1 dob\u0159e
+gb.mergeBase=z\u00e1klad slou\u010den\u00ed
+gb.mergeStep3=Slou\u010dit navrhovan\u00e9 zm\u011bny a aktualizuj server
+gb.mentionsMeTickets=zmi\u0148uj\u00edc\u00ed v\u00e1s
+gb.mirrorOf=zrcadlo pro {0}
+gb.miscellaneous=r\u016fzn\u00e9
+gb.sortMostComments=nejv\u00edce koment\u00e1\u0159\u016f
+gb.mutable=prom\u011bnliv\u00fd
+gb.needsImprovement=pot\u0159ebuje zlep\u0161en\u00ed
+gb.newCertificateDefaults=v\u00fdchoz\u00ed hodnoty nov\u00e9ho certifik\u00e1tu
+gb.noComments=\u017e\u00e1dn\u00e9 koment\u00e1\u0159e
+gb.none=\u017e\u00e1dn\u00e9
+gb.noIndexedRepositoriesWarning=\u017e\u00e1dn\u00fd z va\u0161ich repozit\u00e1\u0159\u016f nen\u00ed nakonfigurov\u00e1n pro indexov\u00e1n\u00ed pomoc\u00ed Lucene
+gb.sortOldest=nejstar\u0161\u00ed
+gb.owned=vlastn\u00ed
+gb.starred=ozna\u010den\u00e9
+gb.starredAndOwned=ozna\u010den\u00e9 a vlastn\u00ed
+gb.starredRepositories=ozna\u010den\u00e9 repozit\u00e1\u0159e
+gb.star=ozna\u010dit
+gb.initWithGitignore=P\u0159idat soubor .gitignore
+gb.time.inMinutes=b\u011bhem {0} minut
+gb.time.inDays=b\u011bhem {0} dn\u00ed
+gb.languagePreference=Nastaven\u00ed jazyka
+gb.recentActivityStats=posledn\u00edch {0} dn\u00ed / {1} commit\u016f od {2} autor\u016f
+gb.incrementalPushTagMessage=Automaticky otagovan\u00e1 [{0}] v\u011btev p\u0159i push
+gb.undefinedQueryWarning=dotaz je nedefinovan\u00fd!
+gb.sessionEnded=Sezen\u00ed bylo zav\u0159eno
+gb.myUrlDescription=ve\u0159ejn\u011b dostupn\u00e1 URL va\u0161\u00ed Gitblit instance
+gb.addition=p\u0159\u00eddavek
+gb.accessPermissionsForUserDescription=nastavte \u010dlenstv\u00ed v t\u00fdmech nebo povolte p\u0159\u00edstup do zvolen\u00fdch omezen\u00fdch repozit\u00e1\u0159\u016f
+gb.accessPermissionsForTeamDescription=nastavte \u010dleny t\u00fdmu a povolte p\u0159\u00edstup do zvolen\u00fdch omezen\u00fdch repozit\u00e1\u0159\u016f
+gb.headRefDescription=V\u00fdchoz\u00ed v\u011btev kter\u00e1 bude klonov\u00e1na a bude zobrazena na souhrnn\u00e9 str\u00e1nce.
+gb.passwordChangeAborted=Zm\u011bna hesla p\u0159eru\u0161ena.
+gb.monthlyActivity=m\u011bs\u00ed\u010dn\u00ed aktivita
+gb.excludeFromFederationDescription=blokuj prov\u00e1den\u00ed pull tohoto \u00fa\u010dtu instanc\u00edm Gitblitu ve federaci
+gb.siteNameDescription=kr\u00e1tk\u00e9 popisn\u00e9 jm\u00e9no va\u0161eho serveru
+gb.federationRegistration=registrace federace
+gb.registrations=registrace federace
+gb.customFields=vlastn\u00ed pole
+gb.customFieldsDescription=vlastn\u00ed pole dostupn\u00e1 pro h\u00e1\u010dky Groovy
+gb.certificateRevoked=Certifik\u00e1t {0,\u010d\u00edslo,0} byl zam\u00edtnut
+gb.cessationOfOperation=zastaven\u00ed provozu
+gb.committed=commitov\u00e1no
+gb.commitActivityDOW=aktivita commit\u016f podle dne v t\u00fddnu
+gb.federationRepositoryDescription=sd\u00edlet tento repozit\u00e1\u0159 s ostatn\u00edmi Gitblit servery
+gb.allowAuthenticatedDescription=ud\u011blit pr\u00e1vo RW+ v\u0161em p\u0159ihl\u00e1\u0161en\u00fdm u\u017eivatel\u016fm
+gb.allowNamedDescription=ud\u011blit p\u0159esn\u00e1 opr\u00e1vn\u011bn\u00ed pojmenovan\u00fdm u\u017eivatel\u016fm a t\u00fdm\u016fm
+gb.authorizationControl=kontrola autorizace
+gb.countryCode=k\u00f3d zem\u011b
+gb.ticketOpenDate=datum otev\u0159en\u00ed
+gb.bootDate=datum startu
+gb.of=z
+gb.busyCollectingGarbage=Promint\u011b, Gitblit je zanepr\u00e1zdn\u011bn \u00faklidem v {0}
+gb.noProposals=Promint\u011b, {0} nyn\u00ed neakceptuje n\u00e1vrhy.
+gb.noFederation=Promint\u011b, {0} nen\u00ed nakonfigurov\u00e1n k federaci s jin\u00fdmi Gitblit instancemi.
+gb.noGitblitFound=Promint\u011b, {0} nelze nal\u00e9zt Gitblit instanci {1}
+gb.proposalFailed=Promint\u011b, {0} nep\u0159ijala \u017e\u00e1dn\u00e1 data n\u00e1vrhu!
+gb.proposalError=Promint\u011b, {0} hl\u00e1s\u00ed, \u017ee do\u0161lo k neo\u010dek\u00e1van\u00e9 chyb\u011b.
+gb.passwordHintRequired=n\u00e1pov\u011bda hesla je po\u017eadov\u00e1na!
+gb.in=v
+gb.stateProvince=st\u00e1t nebo provincie
+gb.forksProhibitedWarning=repozit\u00e1\u0159 zakazuje forky
+gb.workingCopyWarning=tento repozit\u00e1\u0159 m\u00e1 pracovn\u00ed kopii a nem\u016f\u017ee p\u0159ij\u00edmat push
+gb.federationStrategy=strategie federace
+gb.isFederated=je ve federaci
+gb.metricAuthorExclusions=vylou\u010dit autora z metrik
+gb.failedToFindAccount=chyba p\u0159i hled\u00e1n\u00ed u\u017eivatelsk\u00e9ho \u00fa\u010dtu ''{0}''
+gb.failedToFindGravatarProfile=Chyba p\u0159i hled\u00e1n\u00ed profilu Gravatar pro {0}
+gb.federateThis=tento repozit\u00e1\u0159 ve federaci
+gb.federateOrigin=origin ve federaci
+gb.fork=fork
+gb.combinedMd5Rename=Gitblit je nakonfigurov\u00e1n pro kombinovan\u00e9 MD5 he\u0161ov\u00e1n\u00ed hesla. Mus\u00edte zadat nov\u00e9 heslo p\u0159i p\u0159ejmenov\u00e1n\u00ed \u00fa\u010dtu.
+gb.inherited=zd\u011bd\u011bn\u00fd
+gb.todaysActivityStats=dnes / {1} commit\u016f od {2} autor\u016f
+gb.hostname=hostname
+gb.noMaximum=\u017e\u00e1dn\u00e9 maximum
+gb.failedtoRead=Chyba \u010dten\u00ed
+gb.showRemoteBranchesDescription=uk\u00e1zat vzd\u00e1len\u00e9 v\u011btve
+gb.showReadme=uk\u00e1zat readme
+gb.showReadmeDescription=uk\u00e1zat "readme" Markdown soubor na souhrnn\u00e9 str\u00e1nce
+gb.siteName=jm\u00e9no str\u00e1nky
+gb.clientCertificateGenerated=\u00dasp\u011b\u0161n\u011b vygenerov\u00e1n klientsk\u00fd certifik\u00e1t pro {0}
+gb.sslCertificateGeneratedRestart=\u00dasp\u011b\u0161n\u011b vygenerov\u00e1n serverov\u00fd SSL certifik\u00e1t pro {0}.\nMus\u00edte restartovat Gitblit pro pou\u017eit\u00ed nov\u00e9ho certifik\u00e1tu.\n\nPokud spou\u0161t\u00edte s parametrem '--alias', budete jej muset nastavit na ''--alias {0}''.
+gb.sslCertificateGenerated=\u00dasp\u011b\u0161n\u011b vygenerov\u00e1n serverov\u00fd SSL certifik\u00e1t pro {0}
+gb.viewAccess=V Gitblitu nem\u00e1te pr\u00e1vo pro p\u0159\u00edstup ke \u010dten\u00ed nebo z\u00e1pisu
+gb.createdNewTag=vytvo\u0159it nov\u00fd tag
+gb.enableIncrementalPushTags=povolit inkrement\u00e1ln\u00ed push tags
+gb.OneProposalToReview=Je tu jeden n\u00e1vrh na federaci \u010dekaj\u00edc\u00ed na vy\u0159\u00edzen\u00ed.
+gb.pushedOneCommitTo=proveden push 1 commitu do
+gb.pushedNewBranch=proveden push do nov\u00e9 v\u011btve
+gb.pushedNewTag=proveden push nov\u00e9ho tagu
+gb.pushedNCommitsTo=proveden push {0} commit\u016f do
+gb.authored=napsan\u00fd
+gb.skipSummaryMetrics=p\u0159esko\u010dit souhrnn\u00e9 metriky
+gb.maxActivityCommits=maxim\u00e1ln\u00ed aktivita commit\u016f
+gb.skipSummaryMetricsDescription=nepo\u010d\u00edtat metriky na souhrnn\u00e9 str\u00e1nce (redukuje \u010das na\u010d\u00edt\u00e1n\u00ed str\u00e1nky)
+gb.skipSizeCalculationDescription=nepo\u010d\u00edtat velikost repozit\u00e1\u0159e (redukuje \u010das na\u010d\u00edt\u00e1n\u00ed str\u00e1nky)
+gb.failedToFindCommit=Nelze nal\u00e9zt commit "{0}" v {1}!
+gb.markdownFailure=Chyba p\u0159i zpracov\u00e1n\u00ed Markdown obsahu!
+gb.failedToSendProposal=Selhalo odesl\u00e1n\u00ed n\u00e1vrhu!
+gb.couldNotFindTag=Nelze nal\u00e9zt tag {0}
+gb.couldNotFindFederationRegistration=Nelze nal\u00e9zt registraci federace!
+gb.couldNotFindFederationProposal=Nelze nal\u00e9zt n\u00e1vrh k federaci!
+gb.teamNameUnavailable=T\u00fdm se jm\u00e9nem ''{0}'' nen\u00ed dostupn\u00fd.
+gb.ownerDescription=vlastn\u00edk m\u016f\u017ee upravovat nastaven\u00ed repozit\u00e1\u0159e
+gb.newClientCertificateMessage=POZN\u00c1MKA:\n'Heslo' nen\u00ed u\u017eivatelsk\u00e9 heslo. Je to heslo k ochran\u011b \u00falo\u017ei\u0161t\u011b kl\u00ed\u010d\u016f. Toto heslo nebude nikam ulo\u017eeno tak\u017ee mus\u00edte zadat tak\u00e9 n\u00e1pov\u011bdu, kter\u00e1 bude p\u0159ilo\u017eena k instrukc\u00edm u\u017eivatelova README.
+gb.emailCertificateBundle=bal\u00edk klientsk\u00e9ho certifik\u00e1tu e-mailu
+gb.passwordChanged=Heslo \u00fasp\u011b\u0161n\u011b zm\u011bn\u011bno.
+gb.passwordsDoNotMatch=Hesla se neshoduj\u00ed!
+gb.permission=Opr\u00e1vn\u011bn\u00ed
+gb.teamPermissions=opr\u00e1vn\u011bn\u00ed t\u00fdmu
+gb.repositoryPermissions=opr\u00e1vn\u011bn\u00ed repozit\u00e1\u0159e
+gb.createdNewBranch=vytvo\u0159it novou v\u011bt\u011bv
+gb.teamMustSpecifyRepository=T\u00fdm mus\u00ed nastavit nejm\u00e9n\u011b jeden repozit\u00e1\u0159.
+gb.emailMeOnMyTicketChanges=Poslat e-mail p\u0159i zm\u011bn\u011b m\u00e9ho \u00fakolu
+gb.patchsetMergeableMore=Tato sada zm\u011bn m\u016f\u017ee b\u00fdt slou\u010dena do {0} tak\u00e9 pomoc\u00ed p\u0159\u00edkazov\u00e9 \u0159\u00e1dky.
+gb.createdThisTicket=\u00fakol vytvo\u0159en
+gb.showHideDetails=zobrazit/skr\u00fdt detaily
+gb.labels=popisky
+gb.topicsAndLabels=t\u00e9mata a popisky
+gb.topic=t\u00e9ma
+gb.preview=n\u00e1hled
+gb.commitsInPatchsetN=commity v sad\u011b zm\u011bn {0}
+gb.ptSimplifiedMerge=zjednodu\u0161en\u00e1 syntaxe slu\u010dov\u00e1n\u00ed
+gb.compareToN=porovnat s {0}
+gb.authenticatedPushPolicy=Omezit Push (P\u0159ihl\u00e1\u0161en\u00fd)
+gb.authenticatedPushPolicyDescription=Kdokoli m\u016f\u017ee prohl\u00ed\u017eet a klonovat tento repozit\u00e1\u0159. V\u0161ichni p\u0159ihl\u00e1\u0161en\u00ed u\u017eivatel\u00e9 budou m\u00edt pr\u00e1va RW+.
+gb.clonePolicyDescription=Kdokoli m\u016f\u017ee vid\u011bt tento repozit\u00e1\u0159. M\u016f\u017eete vybrat, kdo m\u016f\u017ee klonovat a prov\u00e1d\u011bt push.
+gb.clonePolicy=Omezit klonov\u00e1n\u00ed a Push
+gb.closeBrowser=Pros\u00edm zav\u0159ete prohl\u00ed\u017ee\u010d ke spr\u00e1vn\u00e9mu ukon\u010den\u00ed sezen\u00ed.
+gb.commitMessageRendererDescription=Zpr\u00e1va commitu m\u016f\u017ee b\u00fdt zobrazena jako prost\u00fd text nebo vykreslena jako markup.
+gb.commitMessageRenderer=vykreslen\u00ed zpr\u00e1vy commitu
+gb.commitChanges=Zmeny commitu
+gb.commitActivityTrend=Trend aktivity commit\u016f
+gb.commitActivityAuthors=prim\u00e1rn\u00ed auto\u0159i podle aktivity commit\u016f
+gb.createdNewPullRequest=vytvo\u0159ena \u017e\u00e1dost o p\u0159eta\u017een\u00ed
+gb.createFirstTicket=vytvo\u0159te v\u00e1\u0161 prvn\u00ed \u00fakol
+gb.createReadme=vytvo\u0159it README
+gb.deletedTag=smazat tag
+gb.deletePatchset=Smazat sadu zm\u011bn {0}
+gb.deletePatchsetSuccess=Smazat sadu zm\u011bn {0}.
+gb.deleteRepositoryHeader=Smazat repozit\u00e1\u0159
+gb.disableUser=zak\u00e1zat u\u017eivatele
+gb.disableUserDescription=zamezit tomuto \u00fa\u010dtu v p\u0159ihl\u00e1\u0161en\u00ed
+gb.displayNameDescription=Preferovan\u00e9 jm\u00e9no prozobrazen\u00ed
+gb.docsWelcome1=M\u016f\u017eete pou\u017e\u00edt dokumentaci k dokumentov\u00e1n\u00ed va\u0161eho repozit\u00e1\u0159e.
+gb.docsWelcome2=Za\u010dn\u011bte commitem souboru README.md nebo HOME.md.
+gb.emailClientCertificateSubject=V\u00e1\u0161 Gitblit klientsk\u00fd certifik\u00e1t pro {0}
+gb.manual=ru\u010dn\u011b
+gb.refs=refs
+gb.removeVote=vzd\u00e1len\u00e9 hlasov\u00e1n\u00ed
+gb.review=posoudit
+gb.revoked=zru\u0161it
+gb.rewind=REWIND
+gb.permissions=opr\u00e1vn\u011bn\u00ed
+gb.personalRepositories=osobn\u00ed repozit\u00e1\u0159e
+gb.pleaseSetDestinationUrl=Pros\u00edm zadejte cilovou URL pro v\u00e1\u0161 n\u00e1vrh!
+gb.patchset=sada zm\u011bn
+gb.proposal=n\u00e1vrh
+gb.proposalReceived=N\u00e1vrh \u00fasp\u011b\u0161n\u011b p\u0159ijat od {0}.
+gb.proposePatchset=navrhnout sadu zm\u011bn
+gb.proposeWith=navrhnout sadu zm\u011bn s {0}
+gb.proposedThisChange=navrhnout tuto zm\u011bnu
+gb.proposalTickets=navrhnout zm\u011bny
+gb.queries=dotazy
+gb.questionTickets=ot\u00e1zky
+gb.reason=d\u016fvod
+gb.received=p\u0159ijat
+gb.receiveSettings=Nastaven\u00ed p\u0159\u00edjmu
+gb.referencedByCommit=Odkazovan\u00fd commitem.
+gb.reflog=reflog
+gb.illegalRelativeSlash=RElativn\u00ed reference na adres\u00e1\u0159 (../) jsou zak\u00e1z\u00e1ny.
+gb.useTicketsDescription=pouze pro \u010dten\u00ed, idstribuovan\u00e9 Ticgit \u00fakoly
+gb.privilegeWithdrawn=sta\u017een\u00ed privilegi\u00ed
+gb.repositoryNotSpecifiedFor=Repozit\u00e1\u0159 nen\u00ed nastaven pro {0}!
+gb.ownerPermission=vlastn\u00edk repozit\u00e1\u0159e
+gb.requireApproval=vy\u017eaduje schv\u00e1len\u00ed
+gb.verifyCommitterDescription=vy\u017eaduje aby se identita v\u00fdvoj\u00e1\u0159e shodovala s Gitblit \u00fa\u010dtem pou\u017eit\u00fdm pro push
+gb.responsible=zodpov\u011bdn\u00fd
+gb.accessPermissionsDescription=omezit p\u0159\u00edstup na u\u017eivatel\u00e9 a t\u00fdmy\n
+gb.namedPushPolicy=Omezit Push (Pojmenovan\u00fd)
+gb.viewPolicy=Omezit prohl\u00ed\u017een\u00ed, klonov\u00e1n\u00ed a Push
+gb.raw=raw
+gb.searchForAuthor=Vyhledat commity podle autora
+gb.searchForCommitter=Vyhledat commity podle v\u00fdvoj\u00e1\u0159e
+gb.isFrozenDescription=zak\u00e1zat operace push
+gb.tokens=token federace
+gb.proposals=n\u00e1vrh federace
+gb.token=token
+gb.federationResults=v\u00fdsledek p\u0159eta\u017een\u00ed federace
+gb.maxHits=maximum v\u00fdsledk\u016f
+gb.preReceiveScripts=skript p\u0159ed p\u0159\u00edjmem
+gb.postReceiveScripts=skript po p\u0159\u00edjmu
+gb.hookScripts=k\u00e1\u010dkovac\u00ed skripty
+gb.hookScriptsDescription=spustit Groovy skript po push na tento Gitblit server
+gb.noHits=\u017e\u00e1dn\u00e9 v\u00fdsledky
+gb.queryResults=v\u00fdsledek {0} - {1} ({2} v\u00fdsledk\u016f)
+gb.pleaseSetRepositoryName=Pros\u00edm, nastavte jm\u00e9no repozit\u00e1\u0159e!
+gb.illegalLeadingSlash=Po\u010d\u00e1te\u010dn\u00ed reference na ko\u0159enov\u00fd adres\u00e1\u0159 (/) jsou zak\u00e1z\u00e1ny.
+gb.selectAccessRestriction=Pros\u00edm, vyberte omezen\u00ed p\u0159\u00edstupu!
+gb.pleaseSetTeamName=Pros\u00edm, zadejte jm\u00e9no t\u00fdmu!
+gb.pleaseSetUsername=Pros\u00edm, zadejte u\u017eivatelsk\u00e9 jm\u00e9no!
+gb.repositoryNotSpecified=Repozit\u00e1\u0159 nen\u00ed vybr\u00e1n!
+gb.pleaseSetGitblitUrl=Pros\u00edm, zadejte URL va\u0161eho Gitblitu!
+gb.errorOnlyAdminMayCreateRepository=Pouze administr\u00e1tor m\u016f\u017ee vytv\u00e1\u0159et repozit\u00e1\u0159
+gb.preparingFork=vytv\u00e1\u0159en\u00ed va\u0161eho forku...
+gb.illegalPersonalRepositoryLocation=v\u00e1\u0161 soukrom\u00fd repozit\u00e1\u0159 mus\u00ed b\u00fdt um\u00edst\u011bn v "{0}"
+gb.gcThresholdDescription=minim\u00e1ln\u00ed celkov\u00e1 velikost uvoln\u011bn\u00fdch objekt\u016f pro vyvol\u00e1n\u00ed \u00faklidu
+gb.missingPermission=repozit\u00e1\u0159 pro toto opr\u00e1vn\u011bn\u00ed chyb\u00ed!
+gb.revokeCertificateReason=Pros\u00edm, vyberte d\u016fvod zam\u00edtnut\u00ed certifik\u00e1tu
+gb.hostnameRequired=Pros\u00edm, zadejte hostname
+gb.pleaseGenerateClientCertificate=Pros\u00edm, vytvo\u0159te klientsk\u00fd certifik\u00e1t pro {0}
+gb.enterKeystorePassword=Pros\u00edm, zadejte heslo k \u00falo\u017ei\u0161ti kl\u00ed\u010d\u016f Gitblitu
+gb.maxActivityCommitsDescription=maxim\u00e1ln\u00ed po\u010det commit\u016f pro p\u0159isp\u011bn\u00ed na str\u00e1nku aktivit
+gb.serveCertificate=provozovat https s t\u00edmto certifik\u00e1tem
+gb.useIncrementalPushTagsDescription=p\u0159i akci push, automaticky tagovat ka\u017edou v\u011btev s inkrement\u00e1ln\u00edm \u010d\u00edslem revize
+gb.stargazers=pozorovatel\u00e9
+gb.reviewPatchset=posoudit {0} sadu zm\u011bn {1}
+gb.home=dom\u016f
+gb.mirrorWarning=tento repozit\u00e1\u0159 je zrcadlo a nem\u016f\u017ee p\u0159ij\u00edmat push
+gb.noDescriptionGiven=popis nen\u00ed zad\u00e1n
+gb.toBranch=do {0}
+gb.createdBy=vytvo\u0159il
+gb.patchsetMergeable=Tato sada zm\u011bn m\u016f\u017ee b\u00fdt automaticky slou\u010dena do {0}.
+gb.patchsetAlreadyMerged=Tato sada zm\u011bn byla slou\u010dena do {0}.
+gb.patchsetNotMergeable=Tato sada zm\u011bn nem\u016f\u017ee b\u00fdt automaticky slou\u010dena do {0}.
+gb.patchsetNotMergeableMore=Tato sada zm\u011bn mus\u00ed b\u00fdt p\u0159evedena na nov\u00fd z\u00e1klad nebo slou\u010dena manu\u00e1ln\u011b do {0}, aby se vy\u0159e\u0161ily konflikty.
+gb.patchsetNotApproved=Tato sada zm\u011bn nebyla schv\u00e1lena pro slou\u010den\u00ed do {0}.
+gb.taskTickets=\u00falohy
+gb.sortLeastRecentlyUpdated=naposledy aktualizovan\u00e9
+gb.searchTickets=prohledat \u00fakol
+gb.searchTicketsTooltip=prohledat {0} \u00fakol\u016f
+gb.changedStatus=zm\u011bnit status
+gb.proposePatchsetNote=Jste v\u00fdt\u00e1n\u00ed k navr\u017een\u00ed sady zm\u011bn pro tento \u00fakol.
+gb.proposeInstructions=Pro za\u010d\u00e1tek, vytvo\u0159te sadu zm\u011bn a nahrajte ji pomoc\u00ed Gitu. Gitblit propoj\u00ed va\u0161i sadu zm\u011bn s t\u00edmto \u00fakolem pomoc\u00ed id.
+gb.jceWarning=Va\u0161e Java Runtime Environment nem\u00e1 soubory "JCE Unlimited Strength Jurisdiction Policy".\nToto zmen\u0161\u00ed d\u00e9lku hesla, kterou m\u016f\u017eete za\u0161ifrovat \u00falo\u017ei\u0161t\u011b kl\u00ed\u010d\u016f na 7 znak\u016f.\nSoubory politik jsou dodate\u010dn\u00e1 mo\u017enost ke sta\u017een\u00ed od Oracle.\n\nP\u0159ejete si pokra\u010dovat a vygenerovat i p\u0159es to certifika\u010dn\u00ed infrastrukturu?\n\nOdpov\u011b\u010f Ne v\u00e1s p\u0159esm\u011bruje na str\u00e1nky Oracle, kde sy m\u016f\u017eete tyto soubory politik st\u00e1hnout.
+gb.byNAuthors=od {0} autor\u016f
+gb.byOneAuthor=od {0}
+gb.sortMostPatchsetRevisions=nejv\u00edce reviz\u00ed sad zm\u011bn
+gb.sortLeastPatchsetRevisions=nejm\u00e9n\u011b reviz\u00ed sad zm\u011bn
+gb.stepN=Krok {0}
+gb.stopWatching=p\u0159estat sledovat
+gb.mergeSha=slou\u010dit SHA
+gb.reviewers=recenzenti
+gb.mentions=zminuje
+gb.repositoryDoesNotAcceptPatchsets=Tento repozit\u00e1\u0159 nep\u0159ij\u00edm\u00e1 sady zm\u011bn.
+gb.openMilestones=otev\u0159en\u00e9 mezn\u00edky
+gb.extensions=roz\u0161\u00ed\u0159en\u00ed
+gb.pleaseSelectProject=Pros\u00edm, vyberte projekt!
+gb.checkoutViaCommandLineNote=M\u016f\u017eete p\u0159ekontrolovat a otestovat tyto zm\u011bny lok\u00e1ln\u011b v klonu tohoto repozit\u00e1\u0159e.
+gb.checkoutStep1=Z\u00edskat aktu\u00e1ln\u00ed sadu zm\u011bn \u2014 spus\u0165te toto z va\u0161eho projektov\u00e9ho adres\u00e1\u0159e
+gb.mergingViaCommandLineNote=Pokud si nep\u0159ejete pou\u017e\u00edt tla\u010d\u00edtko pro slou\u010den\u00ed, nebo nelze prov\u00e9st automatick\u00e9 slou\u010den\u00ed, m\u016f\u017eete prov\u00e9st manu\u00e1ln\u00ed slou\u010den\u00ed pomoc\u00ed p\u0159\u00edkazov\u00e9 \u0159\u00e1dky.
+gb.mergeStep1=Vytvo\u0159it novou v\u011btev pro prohl\u00e9dnut\u00ed zm\u011bn \u2014 spus\u0165te tot z va\u0161eho projektov\u00e9ho adres\u00e1\u0159e
+gb.mergeStep2=P\u0159evz\u00edt navrhovan\u00e9 zm\u011bny a prozkoumat
+gb.ptCheckout=St\u00e1hnout a p\u0159ekontrolovat aktu\u00e1ln\u00ed sadu zm\u011bn do posuzovac\u00ed v\u011btve
+gb.ptMerge=St\u00e1hnout a slou\u010dit aktu\u00e1ln\u00ed sadu zm\u011bn do va\u0161\u00ed lok\u00e1ln\u00ed v\u011btve
+gb.ptDescription1=Barnum je pomocn\u00edk v p\u0159\u00edkazov\u00e9 \u0159\u00e1dce pro Git, kter\u00fd zjednodu\u0161uje syntaxi pro pr\u00e1ci s \u00fakly a sadami zm\u011bn v Gitblitu.
+gb.ptSimplifiedCollaboration=zjednodu\u0161en\u00e1 syntaxe pro spolupr\u00e1ci
+gb.ptDescription2=Barnum vy\u017eaduje Python 3 a nativn\u00ed Git. B\u011b\u017e\u00ed na Windows, Linux a Mac OS X.
+gb.reviewedPatchsetRev=posouzen\u00e9 sady zm\u011bn {0} revize {1}: {2}
+gb.hasNotReviewed=neposoudil
+gb.mergeToDescription=v\u00fdchoz\u00ed integra\u010dn\u00ed v\u011btev pro slu\u010dov\u00e1n\u00ed sad zm\u011bn z \u00fakol\u016f
+gb.mergeTypeDescription=slou\u010dit \u00fakol s p\u0159esunem vp\u0159ed, pokud je pot\u0159eba, nebo v\u017edy s commitem o slou\u010den\u00ed do integra\u010dn\u00ed v\u011btve
+gb.youDoNotHaveClonePermission=Nem\u00e1te opr\u00e1vn\u011bn\u00ed pro klonov\u00e1n\u00ed tohoto repozit\u00e1\u0159e.
+gb.milestoneDeleteFailed=Selhalo odstran\u011bn\u00ed mezn\u00edku ''{0}''!
+gb.notifyChangedOpenTickets=pos\u00edlat upozorn\u011bn\u00ed na zm\u011bn\u011bn\u00e9 otev\u0159en\u00e9 \u00fakoly
+gb.accessPolicyDescription=Vyberte politiky p\u0159\u00edstupu pro ovl\u00e1d\u00e1n\u00ed viditelnosti a pr\u00e1vech gitu.
+gb.namedPushPolicyDescription=Kdokoli m\u016f\u017ee vid\u011bt a klonovat tento repozit\u00e1\u0159. M\u016f\u017eete vybrat, kdo m\u016f\u017ee prov\u00e1d\u011bt push.
+gb.viewPolicyDescription=M\u016f\u017eete vybrat, kdo m\u016f\u017ee vid\u011bt, klonovat a prov\u00e1d\u011bt push do tohoto repozit\u00e1\u0159e.
+gb.initialCommitDescription=Umo\u017en\u00ed v\u00e1m okam\u017eit\u00fd <code>git clone</code> tohoto repozit\u00e1\u0159e. P\u0159esko\u010dte tento krok, pokud jste ji\u017e spustili lok\u00e1ln\u011b <code>git init</code>.
+gb.initWithGitignoreDescription=Vlo\u017e\u00ed konfigura\u010dn\u00ed soubor, kter\u00fd bude \u0159\u00edkat klient\u016fm Git, jak\u00e9 soubory, adres\u00e1\u0159e nebo vzory ignorovat.
+gb.pleaseSelectGitIgnore=Pros\u00edm, vyberte soubor .gitignore
+gb.ownersDescription=Vlastn\u00edci mohou spravovat v\u0161echna nastaven\u00ed repozit\u00e1\u0159e, ale nemohou p\u0159ejmenovat repozit\u00e1\u0159, pokud to nen\u00ed jejich osobn\u00ed repozit\u00e1\u0159.
+gb.userPermissionsDescription=M\u016f\u017eete nastavit individu\u00e1ln\u00ed u\u017eivatelsk\u00e1 opr\u00e1vn\u011bn\u00ed. Toto nastaven\u00ed potla\u010d\u00ed pr\u00e1va t\u00fdmu nebo regex.
+gb.teamPermissionsDescription=M\u016f\u017eete nastavit individu\u00e1ln\u00ed opr\u00e1vn\u011bn\u00ed t\u00fdmu. Toto nastaven\u00ed potla\u010d\u00ed opr\u00e1vn\u011bn\u00ed regex.
+gb.receiveSettingsDescription=Nastaven\u00ed p\u0159\u00edjmu ovl\u00e1d\u00e1 prov\u00e1d\u011bn\u00ed operace push s repozit\u00e1\u0159em.
+gb.preReceiveDescription=H\u00e1\u010dky p\u0159ed p\u0159ijet\u00edm budou vykon\u00e1ny po p\u0159ijet\u00ed commitu, ale <em>P\u0158EDT\u00cdM</em>, ne\u017e budou aktualizov\u00e1ny refs.<p>Toto je vhodn\u00fd h\u00e1\u010dek pro zam\u00edtnut\u00ed operace push.</p>
+gb.postReceiveDescription=H\u00e1\u010dky po p\u0159ijet\u00ed budou vykon\u00e1ny po p\u0159ijet\u00ed commitu, ale <em>POTOM</em>, co budou aktualizov\u00e1ny refs.<p>Toto je vhodn\u00fd h\u00e1\u010dek pro upozorn\u011bn\u00ed, spu\u0161t\u011bn\u00ed sestaven\u00ed, atd.</p>
+gb.federationStrategyDescription=Ovl\u00e1dat jestli a jak federovat tento repozit\u00e1\u0159 s jim\u00fdn Gitblit.
+gb.federationSetsDescription=Tento repozit\u00e1\u0159 bude obsa\u017een ve vybran\u00fdch federac\u00edch.
+gb.originDescription=URL, ze kter\u00e9ho byl tento repozit\u00e1\u0159 klonov\u00e1no.
+gb.garbageCollectionDescription=\u00daklid zabal\u00ed voln\u00e9 objekty, kter\u00e9 byly nahr\u00e1ny klienty pomoc\u00ed push a odstran\u00ed obj\u011bkty, na kter\u00e9 v repozit\u00e1\u0159i nevede reference.
+gb.preferences=preference
+gb.accountPreferencesDescription=Stanovte preference va\u0161eho \u00fa\u010dtu
+gb.languagePreferenceDescription=Vyberte v\u00e1mi preferovan\u00fd p\u0159eklad pro Gitblit
+gb.emailMeOnMyTicketChangesDescription=Pos\u00edlat mi e-malov\u00e9 notifikace o zm\u011bn\u00e1ch, kter\u00e9 jsem provedl na \u00fakolech
+gb.sshKeys=SSH kl\u00ed\u010de
+gb.sshKeysDescription=SSH ve\u0159ejn\u00fd kl\u00ed\u010d je bezpe\u010dn\u00e1 alternativa k autentifikaci pomoc\u00ed hesla
+gb.sshKeyPermissionDescription=Ur\u010dete p\u0159\u00edstupov\u00e1 pr\u00e1va pro SSH kl\u00ed\u010d
+gb.transportPreferenceDescription=Vyberte transport, kter\u00fd preferujete pro klonov\u00e1n\u00ed
+gb.sortHighestSeverity=nejvy\u0161\u0161\u00ed z\u00e1va\u017enost
+gb.diffFileDiffTooLarge=Rozd\u00edl je p\u0159\u00edli\u0161 velk\u00fd
+gb.missingIntegrationBranchMore=C\u00edlov\u00e1 integra\u010dn\u00ed v\u011btev v repozit\u00e1\u0159i neexistuje!
+gb.queryHelp=Standardn\u00ed syntaxe dotaz\u016f je podporov\u00e1na.<p/><p/>Pod\u00edvejte se pros\u00edm na ${querySyntax} pro detaily.
+gb.querySyntax=Lucene Query Parser Syntax
+gb.diffTruncated=Diff o\u0159iznut po p\u0159edchoz\u00edm souboru
+gb.blame=blame
+gb.imgdiffSubtract=Od\u010d\u00edtat (\u010dern\u00e1 = stejn\u00e9l)
+gb.statusChangedOn=status zm\u011bn\u011bn na
+gb.statusChangedBy=status zm\u011bnil
+gb.fileCommitted=\u00dasp\u011b\u0161n\u011b commitov\u00e1no {0}.
+gb.due=z d\u016fvodu
+gb.mailingLists=e-mailov\u00e1 konference
+gb.blinkComparator=Blink kompar\u00e1tor
+palette.available=Dostupn\u00ed
+palette.selected=Vybran\u00ed
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_de.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_de.properties
index eca3fd2a7..9599f7eb5 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp_de.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_de.properties
@@ -218,7 +218,8 @@ gb.pages = Seiten
 gb.workingCopy = Arbeitskopie
 gb.workingCopyWarning = Dieses Repository besitzt eine Arbeitskopie und kann keine Pushes empfangen
 gb.query = Abfrage
-gb.queryHelp = Standard Abfragesyntax wird unterst\u00fctzt.<p/><p/>Unter <a target="_new" href="http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">Lucene Query Parser Syntax</a> finden Sie weitere Details.
+gb.queryHelp = Standard Abfragesyntax wird unterst\u00fctzt.<p/><p/>Unter ${querySyntax} finden Sie weitere Details.
+gb.querySyntax = Lucene Query Parser Syntax
 gb.queryResults = Ergebnisse {0} - {1} ({2} Treffer)
 gb.noHits = Keine Treffer
 gb.authored = ist Autor von
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_es.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_es.properties
index 791b286ee..fa08485a4 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp_es.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_es.properties
@@ -218,7 +218,8 @@ gb.pages = P\u00E1ginas
 gb.workingCopy = Copia de trabajo
 gb.workingCopyWarning = Este repositorio tiene una copia de trabajo y no se le puede empujar
 gb.query = Consulta
-gb.queryHelp = Se admite la sintaxis de consulta est\u00E1ndar.<p/>Por favor, lee el: <a target="_new" href="http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">Analizador sint\u00E1ctico de consultas de Lucene</a> para m\u00E1s detalles.
+gb.queryHelp = Se admite la sintaxis de consulta est\u00E1ndar.<p/>Por favor, lee el: ${querySyntax} para m\u00E1s detalles.
+gb.querySyntax = Analizador sint\u00E1ctico de consultas de Lucene
 gb.queryResults = Resultados {0} - {1} ({2} coincidencias)
 gb.noHits = Sin coincidencias
 gb.authored = Autor
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_fr.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_fr.properties
index d479b3d66..3e7571201 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp_fr.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_fr.properties
@@ -218,7 +218,8 @@ gb.pages = pages
 gb.workingCopy = d\u00e9p\u00f4t de travail
 gb.workingCopyWarning = ce d\u00e9p\u00f4t poss\u00e8de un d\u00e9p\u00f4t de travail et ne peut donc pas recevoir de pushes
 gb.query = recherche
-gb.queryHelp = La syntaxe Lucene standard est support\u00e9e.<p/><p/>Se r\u00e9f\u00e9rer \u00e0 la <a target="_new" href="http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">Syntaxe de recherche Lucene</a> pour plus de d\u00e9tails.
+gb.queryHelp = La syntaxe Lucene standard est support\u00e9e.<p/><p/>Se r\u00e9f\u00e9rer \u00e0 la ${querySyntax} pour plus de d\u00e9tails.
+gb.querySyntax = Syntaxe de recherche Lucene
 gb.queryResults = r\u00e9sultats {0} - {1} ({2} hits)
 gb.noHits = aucun r\u00e9sultats
 gb.authored = authored
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_it.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_it.properties
index 7230ec836..970496bb1 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp_it.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_it.properties
@@ -218,7 +218,8 @@ gb.pages = pagine
 gb.workingCopy = copia di lavoro
 gb.workingCopyWarning = questo repository � una copia di lavoro a non ammette push
 gb.query = interrogazione
-gb.queryHelp = La sintassi standard � supportata.<p/><p/>Si vedi <a target="_new" href="http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">Lucene Query Parser Syntax</a> per ulteriori dettagli.
+gb.queryHelp = La sintassi standard � supportata.<p/><p/>Si vedi ${querySyntax} per ulteriori dettagli.
+gb.querySyntax = Lucene Query Parser Syntax
 gb.queryResults = risultati {0} - {1} ({2} corrispondenze)
 gb.noHits = nessuna corrispondenza
 gb.authored = creato da
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_ja.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_ja.properties
index c8a2449fb..36e21a7fc 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp_ja.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_ja.properties
@@ -217,7 +217,8 @@ gb.pages = \u30da\u30fc\u30b8
 gb.workingCopy = \u4f5c\u696d\u30b3\u30d4\u30fc
 gb.workingCopyWarning = \u3053\u306e\u30ea\u30dd\u30b8\u30c8\u30ea\u306b\u306f\u4f5c\u696d\u30b3\u30d4\u30fc\u304c\u3042\u308b\u305f\u3081 push \u3067\u304d\u307e\u305b\u3093
 gb.query = \u30af\u30a8\u30ea\u30fc
-gb.queryHelp = \u6a19\u6e96\u7684\u306a\u30af\u30a8\u30ea\u30fc\u66f8\u5f0f\u3092\u30b5\u30dd\u30fc\u30c8\u3057\u3066\u3044\u307e\u3059\u3002<p/><p/>\u8a73\u7d30\u306f <a target="_new" href="http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">Lucene Query Parser Syntax</a> \u3092\u53c2\u7167\u3057\u3066\u4e0b\u3055\u3044\u3002
+gb.queryHelp = \u6a19\u6e96\u7684\u306a\u30af\u30a8\u30ea\u30fc\u66f8\u5f0f\u3092\u30b5\u30dd\u30fc\u30c8\u3057\u3066\u3044\u307e\u3059\u3002<p/><p/>\u8a73\u7d30\u306f ${querySyntax} \u3092\u53c2\u7167\u3057\u3066\u4e0b\u3055\u3044\u3002
+gb.querySyntax = Lucene Query Parser Syntax
 gb.queryResults = \u691c\u7d22\u7d50\u679c {0} - {1} ({2} \u30d2\u30c3\u30c8)
 gb.noHits = \u898b\u3064\u304b\u308a\u307e\u305b\u3093\u3067\u3057\u305f\u3002
 gb.authored = authored
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_ko.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_ko.properties
index 404f0d283..b4a675ce8 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp_ko.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_ko.properties
@@ -1,184 +1,184 @@
-gb.repository = \uc800\uc7a5\uc18c
-gb.owner = \uc18c\uc720\uc790
-gb.description = \uc124\uba85
-gb.lastChange = \ucd5c\uadfc \ubcc0\uacbd
+gb.repository = \uC800\uC7A5\uC18C
+gb.owner = \uC18C\uC720\uC790
+gb.description = \uC124\uBA85
+gb.lastChange = \uCD5C\uADFC \uBCC0\uACBD
 gb.refs = refs
-gb.tag = \ud0dc\uadf8
-gb.tags = \ud0dc\uadf8\ub4e4
-gb.author = \uc791\uc131\uc790
-gb.committer = \ucee4\ubbf8\ud130
-gb.commit = \ucee4\ubc0b
-gb.age = \ub098\uc774
-gb.tree = \ud2b8\ub9ac
-gb.parent = \ubd80\ubaa8
+gb.tag = \uD0DC\uADF8
+gb.tags = \uD0DC\uADF8\uB4E4
+gb.author = \uC791\uC131\uC790
+gb.committer = \uCEE4\uBBF8\uD130
+gb.commit = \uCEE4\uBC0B
+gb.age = \uB098\uC774
+gb.tree = \uD2B8\uB9AC
+gb.parent = \uBD80\uBAA8
 gb.url = URL
-gb.history = \ud788\uc2a4\ud1a0\ub9ac
+gb.history = \uD788\uC2A4\uD1A0\uB9AC
 gb.raw = raw
-gb.object = \uc624\ube0c\uc81d\ud2b8
-gb.ticketId = \ud2f0\ucf13 id
-gb.ticketAssigned = \ud560\ub2f9
-gb.ticketOpenDate = \uc5f4\ub9b0 \ub0a0\uc790
-gb.ticketState = \uc0c1\ud0dc
-gb.ticketComments = \ucf54\uba58\ud2b8
-gb.view = \ubcf4\uae30
-gb.local = \ub85c\uceec
-gb.remote = \ub9ac\ubaa8\ud2b8
-gb.branches = \ube0c\ub79c\uce58
-gb.patch = \ud328\uce58
-gb.diff = \ube44\uad50
-gb.log = \ub85c\uadf8
-gb.moreLogs = \ucee4\ubc0b \ub354 \ubcf4\uae30...
-gb.allTags = \ubaa8\ub4e0 \ud0dc\uadf8...
-gb.allBranches = \ubaa8\ub4e0 \ube0c\ub79c\uce58...
-gb.summary = \uc694\uc57d
-gb.ticket = \ud2f0\ucf13
-gb.newRepository = \uc0c8 \uc800\uc7a5\uc18c
-gb.newUser = \uc0c8 \uc0ac\uc6a9\uc790
-gb.commitdiff = \ucee4\ubc0b\ube44\uad50
-gb.tickets = \ud2f0\ucf13
-gb.pageFirst = \ucc98\uc74c
-gb.pagePrevious = \uc774\uc804
-gb.pageNext = \ub2e4\uc74c
+gb.object = \uC624\uBE0C\uC81D\uD2B8
+gb.ticketId = \uD2F0\uCF13 id
+gb.ticketAssigned = \uD560\uB2F9
+gb.ticketOpenDate = \uC5F4\uB9B0 \uB0A0\uC790
+gb.ticketStatus = \uC0C1\uD0DC
+gb.ticketComments = \uCF54\uBA58\uD2B8
+gb.view = \uBCF4\uAE30
+gb.local = \uB85C\uCEEC
+gb.remote = \uB9AC\uBAA8\uD2B8
+gb.branches = \uBE0C\uB79C\uCE58
+gb.patch = \uD328\uCE58
+gb.diff = \uBE44\uAD50
+gb.log = \uB85C\uADF8
+gb.moreLogs = \uCEE4\uBC0B \uB354 \uBCF4\uAE30...
+gb.allTags = \uBAA8\uB4E0 \uD0DC\uADF8...
+gb.allBranches = \uBAA8\uB4E0 \uBE0C\uB79C\uCE58...
+gb.summary = \uC694\uC57D
+gb.ticket = \uD2F0\uCF13
+gb.newRepository = \uC0C8 \uC800\uC7A5\uC18C
+gb.newUser = \uC0C8 \uC0AC\uC6A9\uC790
+gb.commitdiff = \uCEE4\uBC0B\uBE44\uAD50
+gb.tickets = \uD2F0\uCF13
+gb.pageFirst = \uCC98\uC74C
+gb.pagePrevious = \uC774\uC804
+gb.pageNext = \uB2E4\uC74C
 gb.head = HEAD
 gb.blame = blame
-gb.login = \ub85c\uadf8\uc778
-gb.logout = \ub85c\uadf8\uc544\uc6c3
-gb.username = \uc720\uc800\ub124\uc784
-gb.password = \ud328\uc2a4\uc6cc\ub4dc
-gb.tagger = \ud0dc\uac70
-gb.moreHistory = \ud788\uc2a4\ud1a0\ub9ac \ub354 \ubcf4\uae30...
-gb.difftocurrent = \ud604\uc7ac\uc640 \ube44\uad50
-gb.search = \uac80\uc0c9
-gb.searchForAuthor = \ucee4\ubc0b\uc744 \uc791\uc131\uc790\ub85c \uac80\uc0c9
-gb.searchForCommitter = \ucee4\ubc0b\uc744 \ucee4\ubc0b\ud130\ub85c \uac80\uc0c9
-gb.addition = \ucd94\uac00
-gb.modification = \ubcc0\uacbd
-gb.deletion = \uc0ad\uc81c
-gb.rename = \uc774\ub984\ubcc0\uacbd
-gb.metrics = \uba54\ud2b8\ub9ad
-gb.stats = \uc0c1\ud0dc
-gb.markdown = \ub9c8\ud06c\ub2e4\uc6b4
-gb.changedFiles = \ud30c\uc77c \ubcc0\uacbd\ub428 
-gb.filesAdded = {0}\uac1c \ud30c\uc77c \ucd94\uac00\ub428
-gb.filesModified = {0}\uac1c \ud30c\uc77c \ubcc0\uacbd\ub428
-gb.filesDeleted = {0}\uac1c \ud30c\uc77c \uc0ad\uc81c\ub428
-gb.filesCopied = {0}\uac1c \ud30c\uc77c \ubcf5\uc0ac\ub428
-gb.filesRenamed = {0}\uac1c \ud30c\uc77c \uc774\ub984 \ubcc0\uacbd\ub428
-gb.missingUsername = \uc720\uc800\ub124\uc784 \ub204\ub77d
-gb.edit = \uc218\uc815
-gb.searchTypeTooltip = \uac80\uc0c9 \ud0c0\uc785 \uc120\ud0dd
-gb.searchTooltip = {0} \uac80\uc0c9
-gb.delete = \uc0ad\uc81c
-gb.docs = \ubb38\uc11c
-gb.accessRestriction = \uc811\uc18d \uc81c\ud55c
-gb.name = \uc774\ub984
-gb.enableTickets = \ud2f0\ucf13 \uc0ac\uc6a9
-gb.enableDocs = \ubb38\uc11c \uc0ac\uc6a9
-gb.save = \uc800\uc7a5
-gb.showRemoteBranches = \ub9ac\ubaa8\ud2b8 \ube0c\ub79c\uce58 \ubcf4\uae30
-gb.editUsers = \uc720\uc800 \uc218\uc815
-gb.confirmPassword = \ud328\uc2a4\uc6cc\ub4dc \ud655\uc778
-gb.restrictedRepositories = \uc81c\ud55c\ub41c \uc800\uc7a5\uc18c
-gb.canAdmin = \uad00\ub9ac \uac00\ub2a5
-gb.notRestricted = \uc775\uba85 \ubdf0, \ud074\ub860, & \ud478\uc2dc
-gb.pushRestricted = \uc778\uc99d\ub41c \uc720\uc800\ub9cc \ud478\uc2dc
-gb.cloneRestricted = \uc778\uc99d\ub41c \uc720\uc800\ub9cc \ud074\ub860 & \ud478\uc2dc
-gb.viewRestricted = \uc778\uc99d\ub41c \uc720\uc800\ub9cc \ubdf0, \ud074\ub860, & \ud478\uc2dc
-gb.useTicketsDescription = Ticgit(\ubd84\uc0b0 \ud2f0\ucf13 \uc2dc\uc2a4\ud15c) \uc774\uc288 \uc0ac\uc6a9
-gb.useDocsDescription = \uc800\uc7a5\uc18c \uc788\ub294 \ub9c8\ud06c\ub2e4\uc6b4 \ubb38\uc11c \uc0ac\uc6a9
-gb.showRemoteBranchesDescription = \ub9ac\ubaa8\ud2b8 \ube0c\ub79c\uce58 \ubcf4\uae30
-gb.canAdminDescription = Gitblit \uad00\ub9ac \uad8c\ud55c \ubd80\uc5ec
-gb.permittedUsers = \ud5c8\uc6a9\ub41c \uc0ac\uc6a9\uc790
-gb.isFrozen = \ud504\ub9ac\uc9d5\ub428
-gb.isFrozenDescription = \ud478\uc2dc \ucc28\ub2e8
+gb.login = \uB85C\uADF8\uC778
+gb.logout = \uB85C\uADF8\uC544\uC6C3
+gb.username = \uC720\uC800\uB124\uC784
+gb.password = \uD328\uC2A4\uC6CC\uB4DC
+gb.tagger = \uD0DC\uAC70
+gb.moreHistory = \uD788\uC2A4\uD1A0\uB9AC \uB354 \uBCF4\uAE30...
+gb.difftocurrent = \uD604\uC7AC\uC640 \uBE44\uAD50
+gb.search = \uAC80\uC0C9
+gb.searchForAuthor = \uCEE4\uBC0B\uC744 \uC791\uC131\uC790\uB85C \uAC80\uC0C9
+gb.searchForCommitter = \uCEE4\uBC0B\uC744 \uCEE4\uBC0B\uD130\uB85C \uAC80\uC0C9
+gb.addition = \uCD94\uAC00
+gb.modification = \uBCC0\uACBD
+gb.deletion = \uC0AD\uC81C
+gb.rename = \uC774\uB984\uBCC0\uACBD
+gb.metrics = \uBA54\uD2B8\uB9AD
+gb.stats = \uC0C1\uD0DC
+gb.markdown = \uB9C8\uD06C\uB2E4\uC6B4
+gb.changedFiles = \uD30C\uC77C \uBCC0\uACBD\uB428 
+gb.filesAdded = {0}\uAC1C \uD30C\uC77C \uCD94\uAC00\uB428
+gb.filesModified = {0}\uAC1C \uD30C\uC77C \uBCC0\uACBD\uB428
+gb.filesDeleted = {0}\uAC1C \uD30C\uC77C \uC0AD\uC81C\uB428
+gb.filesCopied = {0}\uAC1C \uD30C\uC77C \uBCF5\uC0AC\uB428
+gb.filesRenamed = {0}\uAC1C \uD30C\uC77C \uC774\uB984 \uBCC0\uACBD\uB428
+gb.missingUsername = \uC720\uC800\uB124\uC784 \uB204\uB77D
+gb.edit = \uC218\uC815
+gb.searchTypeTooltip = \uAC80\uC0C9 \uD0C0\uC785 \uC120\uD0DD
+gb.searchTooltip = {0} \uAC80\uC0C9
+gb.delete = \uC0AD\uC81C
+gb.docs = \uBB38\uC11C
+gb.accessRestriction = \uC811\uC18D \uC81C\uD55C
+gb.name = \uC774\uB984
+gb.enableTickets = \uD2F0\uCF13 \uC0AC\uC6A9
+gb.enableDocs = \uBB38\uC11C \uC0AC\uC6A9
+gb.save = \uC800\uC7A5
+gb.showRemoteBranches = \uB9AC\uBAA8\uD2B8 \uBE0C\uB79C\uCE58 \uBCF4\uAE30
+gb.editUsers = \uC720\uC800 \uC218\uC815
+gb.confirmPassword = \uD328\uC2A4\uC6CC\uB4DC \uD655\uC778
+gb.restrictedRepositories = \uC81C\uD55C\uB41C \uC800\uC7A5\uC18C
+gb.canAdmin = \uAD00\uB9AC \uAC00\uB2A5
+gb.notRestricted = \uC775\uBA85 \uBDF0, \uD074\uB860, & \uD478\uC2DC
+gb.pushRestricted = \uC778\uC99D\uB41C \uC720\uC800\uB9CC \uD478\uC2DC
+gb.cloneRestricted = \uC778\uC99D\uB41C \uC720\uC800\uB9CC \uD074\uB860 & \uD478\uC2DC
+gb.viewRestricted = \uC778\uC99D\uB41C \uC720\uC800\uB9CC \uBDF0, \uD074\uB860, & \uD478\uC2DC
+gb.useTicketsDescription = Ticgit(\uBD84\uC0B0 \uD2F0\uCF13 \uC2DC\uC2A4\uD15C) \uC774\uC288 \uC0AC\uC6A9
+gb.useDocsDescription = \uC800\uC7A5\uC18C \uC788\uB294 \uB9C8\uD06C\uB2E4\uC6B4 \uBB38\uC11C \uC0AC\uC6A9
+gb.showRemoteBranchesDescription = \uB9AC\uBAA8\uD2B8 \uBE0C\uB79C\uCE58 \uBCF4\uAE30
+gb.canAdminDescription = Gitblit \uAD00\uB9AC \uAD8C\uD55C \uBD80\uC5EC
+gb.permittedUsers = \uD5C8\uC6A9\uB41C \uC0AC\uC6A9\uC790
+gb.isFrozen = \uD504\uB9AC\uC9D5\uB428
+gb.isFrozenDescription = \uD478\uC2DC \uCC28\uB2E8
 gb.zip = zip
-gb.showReadme = \ub9ac\ub4dc\ubbf8(readme) \ubcf4\uae30
-gb.showReadmeDescription = \uc694\uc57d\ud398\uc774\uc9c0\uc5d0\uc11c \"readme\" \ub9c8\ud06c\ub2e4\uc6b4 \ud30c\uc77c \ubcf4\uae30
-gb.nameDescription = \uc800\uc7a5\uc18c\ub97c \uadf8\ub8f9\uc73c\ub85c \ubb36\uc73c\ub824\uba74 '/' \ub97c \uc0ac\uc6a9. \uc608) libraries/reponame.git
-gb.ownerDescription = \uc18c\uc720\uc790\ub294 \uc800\uc7a5\uc18c \uc124\uc815\uc744 \ubcc0\uacbd\ud560 \uc218 \uc788\uc74c
+gb.showReadme = \uB9AC\uB4DC\uBBF8(readme) \uBCF4\uAE30
+gb.showReadmeDescription = \uC694\uC57D\uD398\uC774\uC9C0\uC5D0\uC11C \"readme\" \uB9C8\uD06C\uB2E4\uC6B4 \uD30C\uC77C \uBCF4\uAE30
+gb.nameDescription = \uC800\uC7A5\uC18C\uB97C \uADF8\uB8F9\uC73C\uB85C \uBB36\uC73C\uB824\uBA74 '/' \uB97C \uC0AC\uC6A9. \uC608) libraries/reponame.git
+gb.ownerDescription = \uC18C\uC720\uC790\uB294 \uC800\uC7A5\uC18C \uC124\uC815\uC744 \uBCC0\uACBD\uD560 \uC218 \uC788\uC74C
 gb.blob = blob
-gb.commitActivityTrend = \ucee4\ubc0b \ud65c\ub3d9 \ud2b8\ub79c\ub4dc
-gb.commitActivityDOW = 1\uc8fc\uc77c\uc758 \uc77c\ub2e8\uc704 \ucee4\ubc0b \ud65c\ub3d9
-gb.commitActivityAuthors = \ucee4\ubc0b \ud65c\ub3d9\uc758 \uc8fc \uc791\uc131\uc790
-gb.feed = \ud53c\ub4dc
-gb.cancel = \ucde8\uc18c
-gb.changePassword = \ud328\uc2a4\uc6cc\ub4dc \ubcc0\uacbd
-gb.isFederated = \ud398\ub354\ub808\uc774\uc158\ub428
-gb.federateThis = \uc774 \uc800\uc7a5\uc18c\ub97c \ud398\ub354\ub808\uc774\uc158\ud568
-gb.federateOrigin = origin \uc5d0 \ud398\ub354\ub808\uc774\uc158
-gb.excludeFromFederation = \ud398\ub354\ub808\uc774\uc158 \uc81c\uc678
-gb.excludeFromFederationDescription = \uc774 \uacc4\uc815\uc73c\ub85c \ud480\ub9c1\ub418\ub294 \ud398\ub7ec\ub808\uc774\uc158 \ub41c Gitblit \uc778\uc2a4\ud134\uc2a4 \ucc28\ub2e8
-gb.tokens = \ud398\ub354\ub808\uc774\uc158 \ud1a0\ud070
-gb.tokenAllDescription = \ubaa8\ub4e0 \uc800\uc7a5\uc18c, \ud1a0\ud070, \uc0ac\uc6a9\uc790 & \uc124\uc815
-gb.tokenUnrDescription = \ubaa8\ub4e0 \uc800\uc7a5\uc18c & \uc0ac\uc6a9\uc790
-gb.tokenJurDescription = \ubaa8\ub4e0 \uc800\uc7a5\uc18c
-gb.federatedRepositoryDefinitions = \uc800\uc7a5\uc18c \uc815\uc758
-gb.federatedUserDefinitions = \uc0ac\uc6a9\uc790 \uc815\uc758
-gb.federatedSettingDefinitions = \uc124\uc815 \uc815\uc758
-gb.proposals = \ud398\ub354\ub808\uc774\uc158 \uc81c\uc548
-gb.received = \uc218\uc2e0\ud568
-gb.type = \ud0c0\uc785
-gb.token = \ud1a0\ud070
-gb.repositories = \uc800\uc7a5\uc18c
-gb.proposal = \uc81c\uc548
-gb.frequency = \ube48\ub3c4
-gb.folder = \ud3f4\ub354
-gb.lastPull = \ub9c8\uc9c0\ub9c9 \ud480
-gb.nextPull = \ub2e4\uc74c \ud480
-gb.inclusions = \ud3ec\ud568
-gb.exclusions = \uc81c\uc678
-gb.registration = \ub4f1\ub85d
-gb.registrations = \ud398\ub354\ub808\uc774\uc158 \ub4f1\ub85d
-gb.sendProposal = \uc81c\uc548\ud558\uae30
-gb.status = \uc0c1\ud0dc
+gb.commitActivityTrend = \uCEE4\uBC0B \uD65C\uB3D9 \uD2B8\uB79C\uB4DC
+gb.commitActivityDOW = 1\uC8FC\uC77C\uC758 \uC77C\uB2E8\uC704 \uCEE4\uBC0B \uD65C\uB3D9
+gb.commitActivityAuthors = \uCEE4\uBC0B \uD65C\uB3D9\uC758 \uC8FC \uC791\uC131\uC790
+gb.feed = \uD53C\uB4DC
+gb.cancel = \uCDE8\uC18C
+gb.changePassword = \uD328\uC2A4\uC6CC\uB4DC \uBCC0\uACBD
+gb.isFederated = \uD398\uB354\uB808\uC774\uC158\uB428
+gb.federateThis = \uC774 \uC800\uC7A5\uC18C\uB97C \uD398\uB354\uB808\uC774\uC158\uD568
+gb.federateOrigin = origin \uC5D0 \uD398\uB354\uB808\uC774\uC158
+gb.excludeFromFederation = \uD398\uB354\uB808\uC774\uC158 \uC81C\uC678
+gb.excludeFromFederationDescription = \uC774 \uACC4\uC815\uC73C\uB85C \uD480\uB9C1\uB418\uB294 \uD398\uB7EC\uB808\uC774\uC158 \uB41C Gitblit \uC778\uC2A4\uD134\uC2A4 \uCC28\uB2E8
+gb.tokens = \uD398\uB354\uB808\uC774\uC158 \uD1A0\uD070
+gb.tokenAllDescription = \uBAA8\uB4E0 \uC800\uC7A5\uC18C, \uD1A0\uD070, \uC0AC\uC6A9\uC790 & \uC124\uC815
+gb.tokenUnrDescription = \uBAA8\uB4E0 \uC800\uC7A5\uC18C & \uC0AC\uC6A9\uC790
+gb.tokenJurDescription = \uBAA8\uB4E0 \uC800\uC7A5\uC18C
+gb.federatedRepositoryDefinitions = \uC800\uC7A5\uC18C \uC815\uC758
+gb.federatedUserDefinitions = \uC0AC\uC6A9\uC790 \uC815\uC758
+gb.federatedSettingDefinitions = \uC124\uC815 \uC815\uC758
+gb.proposals = \uD398\uB354\uB808\uC774\uC158 \uC81C\uC548
+gb.received = \uC218\uC2E0\uD568
+gb.type = \uD0C0\uC785
+gb.token = \uD1A0\uD070
+gb.repositories = \uC800\uC7A5\uC18C
+gb.proposal = \uC81C\uC548
+gb.frequency = \uBE48\uB3C4
+gb.folder = \uD3F4\uB354
+gb.lastPull = \uB9C8\uC9C0\uB9C9 \uD480
+gb.nextPull = \uB2E4\uC74C \uD480
+gb.inclusions = \uD3EC\uD568
+gb.exclusions = \uC81C\uC678
+gb.registration = \uB4F1\uB85D
+gb.registrations = \uD398\uB354\uB808\uC774\uC158 \uB4F1\uB85D
+gb.sendProposal = \uC81C\uC548\uD558\uAE30
+gb.status = \uC0C1\uD0DC
 gb.origin = origin
-gb.headRef = \ub514\ud3f4\ud2b8 \ube0c\ub79c\uce58(HEAD)
-gb.headRefDescription = \ub514\ud3f4\ud2b8 \ube0c\ub79c\uce58\ub97c \uc785\ub825. \uc608) refs/heads/master
-gb.federationStrategy = \ud398\ub354\ub808\uc774\uc158 \uc815\ucc45
-gb.federationRegistration = \ud398\ub354\ub808\uc774\uc158 \ub4f1\ub85d
-gb.federationResults = \ud398\ub354\ub808\uc774\uc158 \ud480 \uacb0\uacfc
-gb.federationSets = \ud398\ub354\ub808\uc774\uc158 \uc14b
-gb.message = \uba54\uc2dc\uc9c0
-gb.myUrlDescription = \uacf5\uac1c\ub418\uc5b4 \uc811\uc18d\ud560 \uc218 \uc788\ub294 Gitblit \uc778\uc2a4\ud134\uc2a4 url
-gb.destinationUrl = \ub85c \ubcf4\ub0c4
-gb.destinationUrlDescription = \uc81c\uc548\uc744 \uc804\uc1a1\ud560 \ub300\uc0c1 Gitblit \uc778\uc2a4\ud134\uc2a4\uc758 url
-gb.users = \uc720\uc800
-gb.federation = \ud398\ub354\ub808\uc774\uc158
-gb.error = \uc5d0\ub7ec
-gb.refresh = \uc0c8\ub85c\uace0\uce68
-gb.browse = \ube0c\ub77c\uc6b0\uc988
+gb.headRef = \uB514\uD3F4\uD2B8 \uBE0C\uB79C\uCE58(HEAD)
+gb.headRefDescription = \uB514\uD3F4\uD2B8 \uBE0C\uB79C\uCE58\uB97C \uC785\uB825. \uC608) refs/heads/master
+gb.federationStrategy = \uD398\uB354\uB808\uC774\uC158 \uC815\uCC45
+gb.federationRegistration = \uD398\uB354\uB808\uC774\uC158 \uB4F1\uB85D
+gb.federationResults = \uD398\uB354\uB808\uC774\uC158 \uD480 \uACB0\uACFC
+gb.federationSets = \uD398\uB354\uB808\uC774\uC158 \uC14B
+gb.message = \uBA54\uC2DC\uC9C0
+gb.myUrlDescription = \uACF5\uAC1C\uB418\uC5B4 \uC811\uC18D\uD560 \uC218 \uC788\uB294 Gitblit \uC778\uC2A4\uD134\uC2A4 url
+gb.destinationUrl = \uB85C \uBCF4\uB0C4
+gb.destinationUrlDescription = \uC81C\uC548\uC744 \uC804\uC1A1\uD560 \uB300\uC0C1 Gitblit \uC778\uC2A4\uD134\uC2A4\uC758 url
+gb.users = \uC720\uC800
+gb.federation = \uD398\uB354\uB808\uC774\uC158
+gb.error = \uC5D0\uB7EC
+gb.refresh = \uC0C8\uB85C\uACE0\uCE68
+gb.browse = \uBE0C\uB77C\uC6B0\uC988
 gb.clone = clone
-gb.filter = \ud544\ud130
-gb.create = \uc0dd\uc131
-gb.servers = \uc11c\ubc84
+gb.filter = \uD544\uD130
+gb.create = \uC0DD\uC131
+gb.servers = \uC11C\uBC84
 gb.recent = recent
-gb.available = \uac00\ub2a5\ud55c
-gb.selected = \uc120\ud0dd\ub41c
-gb.size = \ud06c\uae30
-gb.downloading = \ub2e4\uc6b4\ub85c\ub4dc\uc911
-gb.loading = \ub85c\ub529\uc911
-gb.starting = \uc2dc\uc791\uc911
-gb.general = \uc77c\ubc18
-gb.settings = \uc138\ud305
-gb.manage = \uad00\ub9ac
-gb.lastLogin = \ub9c8\uc9c0\ub9c9 \ub85c\uadf8\uc778
-gb.skipSizeCalculation = \ud06c\uae30 \uacc4\uc0b0 \ubb34\uc2dc
-gb.skipSizeCalculationDescription = \uc800\uc7a5\uc18c \ud06c\uae30 \uacc4\uc0b0\ud558\uc9c0 \uc54a\uc74c (\ud398\uc774\uc9c0 \ub85c\ub529 \uc2dc\uac04 \ub2e8\ucd95\ub428)
-gb.skipSummaryMetrics = \uba54\ud2b8\ub9ad \uc694\uc57d \ubb34\uc2dc
-gb.skipSummaryMetricsDescription = \uc694\uc57d \ud398\uc9c0\uc774\uc5d0\uc11c \uba54\ud2b8\ub9ad \uacc4\uc0b0\ud558\uc9c0 \uc54a\uc74c (\ud398\uc774\uc9c0 \ub85c\ub529 \uc2dc\uac04 \ub2e8\ucd95\ub428)
-gb.accessLevel = \uc811\uc18d \ub808\ubca8
-gb.default = \ub514\ud3f4\ud2b8
-gb.setDefault = \ub514\ud3f4\ud2b8 \uc124\uc815
+gb.available = \uAC00\uB2A5\uD55C
+gb.selected = \uC120\uD0DD\uB41C
+gb.size = \uD06C\uAE30
+gb.downloading = \uB2E4\uC6B4\uB85C\uB4DC\uC911
+gb.loading = \uB85C\uB529\uC911
+gb.starting = \uC2DC\uC791\uC911
+gb.general = \uC77C\uBC18
+gb.settings = \uC138\uD305
+gb.manage = \uAD00\uB9AC
+gb.lastLogin = \uB9C8\uC9C0\uB9C9 \uB85C\uADF8\uC778
+gb.skipSizeCalculation = \uD06C\uAE30 \uACC4\uC0B0 \uBB34\uC2DC
+gb.skipSizeCalculationDescription = \uC800\uC7A5\uC18C \uD06C\uAE30 \uACC4\uC0B0\uD558\uC9C0 \uC54A\uC74C (\uD398\uC774\uC9C0 \uB85C\uB529 \uC2DC\uAC04 \uB2E8\uCD95\uB428)
+gb.skipSummaryMetrics = \uBA54\uD2B8\uB9AD \uC694\uC57D \uBB34\uC2DC
+gb.skipSummaryMetricsDescription = \uC694\uC57D \uD398\uC9C0\uC774\uC5D0\uC11C \uBA54\uD2B8\uB9AD \uACC4\uC0B0\uD558\uC9C0 \uC54A\uC74C (\uD398\uC774\uC9C0 \uB85C\uB529 \uC2DC\uAC04 \uB2E8\uCD95\uB428)
+gb.accessLevel = \uC811\uC18D \uB808\uBCA8
+gb.default = \uB514\uD3F4\uD2B8
+gb.setDefault = \uB514\uD3F4\uD2B8 \uC124\uC815
 gb.since = since
-gb.status = \uc0c1\ud0dc
-gb.bootDate = \ubd80\ud305 \uc77c\uc790
-gb.servletContainer = \uc11c\ube14\ub9bf \ucee8\ud14c\uc774\ub108
-gb.heapMaximum = \ucd5c\ub300 \ud799
-gb.heapAllocated = \ud560\ub2f9\ub41c \ud799
-gb.heapUsed = \uc0ac\uc6a9\ub41c \ud799
-gb.free = \ud504\ub9ac
-gb.version = \ubc84\uc804
-gb.releaseDate = \ub9b4\ub9ac\uc988 \ub0a0\uc9dc
+gb.status = \uC0C1\uD0DC
+gb.bootDate = \uBD80\uD305 \uC77C\uC790
+gb.servletContainer = \uC11C\uBE14\uB9BF \uCEE8\uD14C\uC774\uB108
+gb.heapMaximum = \uCD5C\uB300 \uD799
+gb.heapAllocated = \uD560\uB2F9\uB41C \uD799
+gb.heapUsed = \uC0AC\uC6A9\uB41C \uD799
+gb.free = \uD504\uB9AC
+gb.version = \uBC84\uC804
+gb.releaseDate = \uB9B4\uB9AC\uC988 \uB0A0\uC9DC
 gb.date = date
 gb.activity = \uc561\ud2f0\ube44\ud2f0
 gb.subscribe = \uad6c\ub3c5
@@ -218,7 +218,8 @@ gb.pages = \ud398\uc774\uc9c0
 gb.workingCopy = \uc6cc\ud0b9 \uce74\ud53c
 gb.workingCopyWarning = \uc774 \uc800\uc7a5\uc18c\ub294 \uc6cc\ud0b9\uce74\ud53c\ub97c \uac00\uc9c0\uace0 \uc788\uace0 \ud478\uc2dc\ub97c \ubc1b\uc744 \uc218 \uc5c6\uc74c
 gb.query = \ucffc\ub9ac
-gb.queryHelp = \ud45c\uc900 \ucffc\ub9ac \ubb38\ubc95\uc744 \uc9c0\uc6d0.<p/><p/>\uc790\uc138\ud55c \uac83\uc744 \uc6d0\ud55c\ub2e4\uba74 <a target="_new" href="http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">\ub8e8\uc2e0 \ucffc\ub9ac \ud30c\uc11c \ubb38\ubc95</a> \uc744 \ubc29\ubb38\ud574 \uc8fc\uc138\uc694.
+gb.queryHelp = \ud45c\uc900 \ucffc\ub9ac \ubb38\ubc95\uc744 \uc9c0\uc6d0.<p/><p/>\uc790\uc138\ud55c \uac83\uc744 \uc6d0\ud55c\ub2e4\uba74 ${querySyntax} \uc744 \ubc29\ubb38\ud574 \uc8fc\uc138\uc694.
+gb.querySyntax = \ub8e8\uc2e0 \ucffc\ub9ac \ud30c\uc11c \ubb38\ubc95
 gb.queryResults = \uac80\uc0c9\uacb0\uacfc {0} - {1} ({2}\uac1c \uac80\uc0c9\ub428)
 gb.noHits = \uac80\uc0c9 \uacb0\uacfc \uc5c6\uc74c
 gb.authored = \uac00 \uc791\uc131\ud568.
@@ -285,460 +286,501 @@ gb.errorAdministrationDisabled = \uad00\ub9ac\uae30\ub2a5 \ube44\ud65c\uc131\ud6
 gb.lastNDays = {0} \uc77c\uc804
 gb.completeGravatarProfile = Gravatar.com \uc5d0 \ud504\ub85c\ud30c\uc77c \uc0dd\uc131\ub428
 gb.none = none
-gb.line = \ub77c\uc778
-gb.content = \ub0b4\uc6a9
+gb.line = \uB77C\uC778
+gb.content = \uB0B4\uC6A9
 gb.empty = empty
-gb.inherited = \uc0c1\uc18d
-gb.deleteRepository = \uc800\uc7a5\uc18c \"{0}\" \ub97c \uc0ad\uc81c\ud560\uae4c\uc694?
-gb.repositoryDeleted = \uc800\uc7a5\uc18c ''{0}'' \uc0ad\uc81c\ub428.
-gb.repositoryDeleteFailed = \uc800\uc7a5\uc18c ''{0}'' \uc0ad\uc81c \uc2e4\ud328!
-gb.deleteUser = \uc0ac\uc6a9\uc790 \"{0}\"\ub97c \uc0ad\uc81c\ud560\uae4c\uc694?
-gb.userDeleted = \uc0ac\uc6a9\uc790 ''{0}'' \uc0ad\uc81c\ub428.
-gb.userDeleteFailed = \uc0ac\uc6a9\uc790 ''{0}'' \uc0ad\uc81c \uc2e4\ud328!
-gb.time.justNow = \uc9c0\uae08
-gb.time.today = \uc624\ub298
-gb.time.yesterday = \uc5b4\uc81c
-gb.time.minsAgo = {0}\ubd84 \uc804
-gb.time.hoursAgo = {0}\uc2dc\uac04 \uc804
-gb.time.daysAgo = {0}\uc77c \uc804
-gb.time.weeksAgo = {0}\uc8fc \uc804
-gb.time.monthsAgo = {0}\ub2ec \uc804
-gb.time.oneYearAgo = 1\ub144 \uc804
-gb.time.yearsAgo = {0}\ub144 \uc804
-gb.duration.oneDay = 1\uc77c
-gb.duration.days = {0}\uc77c
-gb.duration.oneMonth = 1\uac1c\uc6d4
-gb.duration.months = {0}\uac1c\uc6d4
-gb.duration.oneYear = 1\ub144
-gb.duration.years = {0}\ub144
-gb.authorizationControl = \uc778\uc99d \uc81c\uc5b4
-gb.allowAuthenticatedDescription = \ubaa8\ub4e0 \uc778\uc99d\ub41c \uc720\uc800\uc5d0\uac8c \uad8c\ud55c \ubd80\uc5ec
-gb.allowNamedDescription = \uc774\ub984\uc73c\ub85c \uc720\uc800\ub098 \ud300\uc5d0\uac8c \uad8c\ud55c \ubd80\uc5ec
-gb.markdownFailure = \ub9c8\ud06c\ub2e4\uc6b4 \ucee8\ud150\uce20 \ud30c\uc2f1 \uc624\ub958!
-gb.clearCache = \uce90\uc2dc \uc9c0\uc6b0\uae30
-gb.projects = \ud504\ub85c\uc81d\ud2b8
-gb.project = \ud504\ub85c\uc81d\ud2b8
-gb.allProjects = \ubaa8\ub4e0 \ud504\ub85c\uc81d\ud2b8
-gb.copyToClipboard = \ud074\ub9bd\ubcf4\ub4dc\uc5d0 \ubcf5\uc0ac
-gb.fork = \ud3ec\ud06c
-gb.forks = \ud3ec\ud06c
-gb.forkRepository = {0}\ub97c \ud3ec\ud06c\ud560\uae4c\uc694?
-gb.repositoryForked = {0} \ud3ec\ud06c\ub428
-gb.repositoryForkFailed= \ud3ec\ud06c\uc2e4\ud328
-gb.personalRepositories = \uac1c\uc778 \uc800\uc7a5\uc18c
-gb.allowForks = \ud3ec\ud06c \ud5c8\uc6a9
-gb.allowForksDescription = \uc774 \uc800\uc7a5\uc18c\ub97c \uc778\uc99d\ub41c \uc720\uc800\uc5d0\uac70 \ud3ec\ud06c \ud5c8\uc6a9
-gb.forkedFrom = \ub85c\ubd80\ud130 \ud3ec\ud06c\ub428
-gb.canFork = \ud3ec\ud06c \uac00\ub2a5
-gb.canForkDescription = \ud5c8\uc6a9\ub41c \uc800\uc7a5\uc18c\ub97c \uac1c\uc778 \uc800\uc7a5\uc18c\uc5d0 \ud3ec\ud06c\ud560 \uc218 \uc788\uc74c
-gb.myFork = \ub0b4 \ud3ec\ud06c \ubcf4\uae30
-gb.forksProhibited = \ud3ec\ud06c \ucc28\ub2e8\ub428
-gb.forksProhibitedWarning = \uc774 \uc800\uc7a5\uc18c\ub294 \ud3ec\ud06c \ucc28\ub2e8\ub418\uc5b4 \uc788\uc74c
-gb.noForks = {0} \ub294 \ud3ec\ud06c \uc5c6\uc74c
-gb.forkNotAuthorized = \uc8c4\uc1a1\ud569\ub2c8\ub2e4. {0} \ud3ec\ud06c\uc5d0 \uc811\uc18d\uc774 \uc778\uc99d\ub418\uc9c0 \uc54a\uc558\uc2b5\ub2c8\ub2e4.
-gb.forkInProgress = \ud504\ud06c \uc9c4\ud589 \uc911
-gb.preparingFork = \ud3ec\ud06c \uc900\ube44 \uc911...
-gb.isFork = \ud3ec\ud06c\ud55c
-gb.canCreate = \uc0dd\uc131 \uac00\ub2a5
-gb.canCreateDescription = \uac1c\uc778 \uc800\uc7a5\uc18c\ub97c \ub9cc\ub4e4 \uc218 \uc788\uc74c
-gb.illegalPersonalRepositoryLocation = \uac1c\uc778 \uc800\uc7a5\uc18c\ub294 \ubc18\ub4dc\uc2dc \"{0}\" \uc5d0 \uc704\uce58\ud574\uc57c \ud569\ub2c8\ub2e4.
-gb.verifyCommitter = \ucee4\ubbf8\ud130 \ud655\uc778
-gb.verifyCommitterDescription = \ucee4\ubbf8\ud130 ID \ub294 Gitblit ID \uc640 \ub9e4\uce58\ub418\uc5b4\uc57c \ud568
-gb.verifyCommitterNote = \ubaa8\ub4e0 \uba38\uc9c0\ub294 \ucee4\ubbf8\ud130 ID \ub97c \uc801\uc6a9\ud558\uae30 \uc704\ud574 "--no-ff" \uc635\uc158 \ud544\uc694
-gb.repositoryPermissions = \uc800\uc7a5\uc18c \uad8c\ud55c
-gb.userPermissions = \uc720\uc800 \uad8c\ud55c
-gb.teamPermissions = \ud300 \uad8c\ud55c
-gb.add = \ucd94\uac00
-gb.noPermission = \uc774 \uad8c\ud55c \uc0ad\uc81c
-gb.excludePermission = {0} (\uc81c\uc678)
-gb.viewPermission = {0} (\ubcf4\uae30)
-gb.clonePermission = {0} (\ud074\ub860)
-gb.pushPermission = {0} (\ud478\uc2dc)
-gb.createPermission = {0} (\ud478\uc2dc, ref \uc0dd\uc131)
-gb.deletePermission = {0} (\ud478\uc2dc, ref \uc0dd\uc131+\uc0ad\uc81c)
-gb.rewindPermission = {0} (\ud478\uc2dc, ref \uc0dd\uc131+\uc0ad\uc81c+\ub418\ub3cc\ub9ac\uae30)
-gb.permission = \uad8c\ud55c
-gb.regexPermission = \uc774 \uad8c\ud55c\uc740 \uc815\uaddc\uc2dd \"{0}\" \ub85c\ubd80\ud130 \uc124\uc815\ub428
-gb.accessDenied = \uc811\uc18d \uac70\ubd80
-gb.busyCollectingGarbage = \uc8c4\uc1a1\ud569\ub2c8\ub2e4. Gitblit \uc740 \uac00\ube44\uc9c0 \uceec\ub809\uc158 \uc911\uc785\ub2c8\ub2e4. {0}
-gb.gcPeriod = GC \uc8fc\uae30
-gb.gcPeriodDescription = \uac00\ube44\uc9c0 \ud074\ub809\uc158\uac04\uc758 \uc2dc\uac04 \uac04\uaca9
-gb.gcThreshold = GC \uae30\uc900\uc810
-gb.gcThresholdDescription = \uc870\uae30 \uac00\ube44\uc9c0 \uceec\ub809\uc158\uc744 \ubc1c\uc0dd\uc2dc\ud0a4\uae30 \uc704\ud55c \uc624\ube0c\uc81d\ud2b8\ub4e4\uc758 \ucd5c\uc18c \uc804\uccb4 \ud06c\uae30
-gb.ownerPermission = \uc800\uc7a5\uc18c \uc624\ub108
-gb.administrator = \uad00\ub9ac\uc790
-gb.administratorPermission = Gitblit \uad00\ub9ac\uc790
-gb.team = \ud300
-gb.teamPermission = \"{0}\" \ud300 \uba64\ubc84\uc5d0 \uad8c\ud55c \uc124\uc815\ub428
-gb.missing = \ub204\ub77d!
-gb.missingPermission = \uc774 \uad8c\ud55c\uc744 \uc704\ud55c \uc800\uc7a5\uc18c \ub204\ub77d!
-gb.mutable = \uac00\ubcc0
-gb.specified = \uc9c0\uc815\ub41c
-gb.effective = \ud6a8\uacfc\uc801
-gb.organizationalUnit = \uc870\uc9c1
-gb.organization = \uae30\uad00
-gb.locality = \uc704\uce58
-gb.stateProvince = \ub3c4 \ub610\ub294 \uc8fc
-gb.countryCode = \uad6d\uac00\ucf54\ub4dc
-gb.properties = \uc18d\uc131
-gb.issued = \ubc1c\uae09\ub428
-gb.expires = \ub9cc\ub8cc
-gb.expired = \ub9cc\ub8cc\ub428
-gb.expiring = \ub9cc\ub8cc\uc911
-gb.revoked = \ud3d0\uae30\ub428
-gb.serialNumber = \uc77c\ub828\ubc88\ud638
-gb.certificates = \uc778\uc99d\uc11c
-gb.newCertificate = \uc0c8 \uc778\uc99d\uc11c
-gb.revokeCertificate = \uc778\uc99d\uc11c \ud3d0\uae30
-gb.sendEmail = \uba54\uc77c \ubcf4\ub0b4\uae30
-gb.passwordHint = \ud328\uc2a4\uc6cc\ub4dc \ud78c\ud2b8
+gb.inherited = \uC0C1\uC18D
+gb.deleteRepository = \uC800\uC7A5\uC18C \"{0}\" \uB97C \uC0AD\uC81C\uD560\uAE4C\uC694?
+gb.repositoryDeleted = \uC800\uC7A5\uC18C ''{0}'' \uC0AD\uC81C\uB428.
+gb.repositoryDeleteFailed = \uC800\uC7A5\uC18C ''{0}'' \uC0AD\uC81C \uC2E4\uD328!
+gb.deleteUser = \uC0AC\uC6A9\uC790 \"{0}\"\uB97C \uC0AD\uC81C\uD560\uAE4C\uC694?
+gb.userDeleted = \uC0AC\uC6A9\uC790 ''{0}'' \uC0AD\uC81C\uB428.
+gb.userDeleteFailed = \uC0AC\uC6A9\uC790 ''{0}'' \uC0AD\uC81C \uC2E4\uD328!
+gb.time.justNow = \uC9C0\uAE08
+gb.time.today = \uC624\uB298
+gb.time.yesterday = \uC5B4\uC81C
+gb.time.minsAgo = {0}\uBD84 \uC804
+gb.time.hoursAgo = {0}\uC2DC\uAC04 \uC804
+gb.time.daysAgo = {0}\uC77C \uC804
+gb.time.weeksAgo = {0}\uC8FC \uC804
+gb.time.monthsAgo = {0}\uB2EC \uC804
+gb.time.oneYearAgo = 1\uB144 \uC804
+gb.time.yearsAgo = {0}\uB144 \uC804
+gb.duration.oneDay = 1\uC77C
+gb.duration.days = {0}\uC77C
+gb.duration.oneMonth = 1\uAC1C\uC6D4
+gb.duration.months = {0}\uAC1C\uC6D4
+gb.duration.oneYear = 1\uB144
+gb.duration.years = {0}\uB144
+gb.authorizationControl = \uC778\uC99D \uC81C\uC5B4
+gb.allowAuthenticatedDescription = \uBAA8\uB4E0 \uC778\uC99D\uB41C \uC720\uC800\uC5D0\uAC8C \uAD8C\uD55C \uBD80\uC5EC
+gb.allowNamedDescription = \uC774\uB984\uC73C\uB85C \uC720\uC800\uB098 \uD300\uC5D0\uAC8C \uAD8C\uD55C \uBD80\uC5EC
+gb.markdownFailure = \uB9C8\uD06C\uB2E4\uC6B4 \uCEE8\uD150\uCE20 \uD30C\uC2F1 \uC624\uB958!
+gb.clearCache = \uCE90\uC2DC \uC9C0\uC6B0\uAE30
+gb.projects = \uD504\uB85C\uC81D\uD2B8
+gb.project = \uD504\uB85C\uC81D\uD2B8
+gb.allProjects = \uBAA8\uB4E0 \uD504\uB85C\uC81D\uD2B8
+gb.copyToClipboard = \uD074\uB9BD\uBCF4\uB4DC\uC5D0 \uBCF5\uC0AC
+gb.fork = \uD3EC\uD06C
+gb.forks = \uD3EC\uD06C
+gb.forkRepository = {0}\uB97C \uD3EC\uD06C\uD560\uAE4C\uC694?
+gb.repositoryForked = {0} \uD3EC\uD06C\uB428
+gb.repositoryForkFailed= \uD3EC\uD06C\uC2E4\uD328
+gb.personalRepositories = \uAC1C\uC778 \uC800\uC7A5\uC18C
+gb.allowForks = \uD3EC\uD06C \uD5C8\uC6A9
+gb.allowForksDescription = \uC774 \uC800\uC7A5\uC18C\uB97C \uC778\uC99D\uB41C \uC720\uC800\uC5D0\uAC70 \uD3EC\uD06C \uD5C8\uC6A9
+gb.forkedFrom = \uB85C\uBD80\uD130 \uD3EC\uD06C\uB428
+gb.canFork = \uD3EC\uD06C \uAC00\uB2A5
+gb.canForkDescription = \uD5C8\uC6A9\uB41C \uC800\uC7A5\uC18C\uB97C \uAC1C\uC778 \uC800\uC7A5\uC18C\uC5D0 \uD3EC\uD06C\uD560 \uC218 \uC788\uC74C
+gb.myFork = \uB0B4 \uD3EC\uD06C \uBCF4\uAE30
+gb.forksProhibited = \uD3EC\uD06C \uCC28\uB2E8\uB428
+gb.forksProhibitedWarning = \uC774 \uC800\uC7A5\uC18C\uB294 \uD3EC\uD06C \uCC28\uB2E8\uB418\uC5B4 \uC788\uC74C
+gb.noForks = {0} \uB294 \uD3EC\uD06C \uC5C6\uC74C
+gb.forkNotAuthorized = \uC8C4\uC1A1\uD569\uB2C8\uB2E4. {0} \uD3EC\uD06C\uC5D0 \uC811\uC18D\uC774 \uC778\uC99D\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4.
+gb.forkInProgress = \uD504\uD06C \uC9C4\uD589 \uC911
+gb.preparingFork = \uD3EC\uD06C \uC900\uBE44 \uC911...
+gb.isFork = \uD3EC\uD06C\uD55C
+gb.canCreate = \uC0DD\uC131 \uAC00\uB2A5
+gb.canCreateDescription = \uAC1C\uC778 \uC800\uC7A5\uC18C\uB97C \uB9CC\uB4E4 \uC218 \uC788\uC74C
+gb.illegalPersonalRepositoryLocation = \uAC1C\uC778 \uC800\uC7A5\uC18C\uB294 \uBC18\uB4DC\uC2DC \"{0}\" \uC5D0 \uC704\uCE58\uD574\uC57C \uD569\uB2C8\uB2E4.
+gb.verifyCommitter = \uCEE4\uBBF8\uD130 \uD655\uC778
+gb.verifyCommitterDescription = \uCEE4\uBBF8\uD130 ID \uB294 Gitblit ID \uC640 \uB9E4\uCE58\uB418\uC5B4\uC57C \uD568
+gb.verifyCommitterNote = \uBAA8\uB4E0 \uBA38\uC9C0\uB294 \uCEE4\uBBF8\uD130 ID \uB97C \uC801\uC6A9\uD558\uAE30 \uC704\uD574 "--no-ff" \uC635\uC158 \uD544\uC694
+gb.repositoryPermissions = \uC800\uC7A5\uC18C \uAD8C\uD55C
+gb.userPermissions = \uC720\uC800 \uAD8C\uD55C
+gb.teamPermissions = \uD300 \uAD8C\uD55C
+gb.add = \uCD94\uAC00
+gb.noPermission = \uC774 \uAD8C\uD55C \uC0AD\uC81C
+gb.excludePermission = {0} (\uC81C\uC678)
+gb.viewPermission = {0} (\uBCF4\uAE30)
+gb.clonePermission = {0} (\uD074\uB860)
+gb.pushPermission = {0} (\uD478\uC2DC)
+gb.createPermission = {0} (\uD478\uC2DC, ref \uC0DD\uC131)
+gb.deletePermission = {0} (\uD478\uC2DC, ref \uC0DD\uC131+\uC0AD\uC81C)
+gb.rewindPermission = {0} (\uD478\uC2DC, ref \uC0DD\uC131+\uC0AD\uC81C+\uB418\uB3CC\uB9AC\uAE30)
+gb.permission = \uAD8C\uD55C
+gb.regexPermission = \uC774 \uAD8C\uD55C\uC740 \uC815\uADDC\uC2DD \"{0}\" \uB85C\uBD80\uD130 \uC124\uC815\uB428
+gb.accessDenied = \uC811\uC18D \uAC70\uBD80
+gb.busyCollectingGarbage = \uC8C4\uC1A1\uD569\uB2C8\uB2E4. Gitblit \uC740 \uAC00\uBE44\uC9C0 \uCEEC\uB809\uC158 \uC911\uC785\uB2C8\uB2E4. {0}
+gb.gcPeriod = GC \uC8FC\uAE30
+gb.gcPeriodDescription = \uAC00\uBE44\uC9C0 \uD074\uB809\uC158\uAC04\uC758 \uC2DC\uAC04 \uAC04\uACA9
+gb.gcThreshold = GC \uAE30\uC900\uC810
+gb.gcThresholdDescription = \uC870\uAE30 \uAC00\uBE44\uC9C0 \uCEEC\uB809\uC158\uC744 \uBC1C\uC0DD\uC2DC\uD0A4\uAE30 \uC704\uD55C \uC624\uBE0C\uC81D\uD2B8\uB4E4\uC758 \uCD5C\uC18C \uC804\uCCB4 \uD06C\uAE30
+gb.ownerPermission = \uC800\uC7A5\uC18C \uC624\uB108
+gb.administrator = \uAD00\uB9AC\uC790
+gb.administratorPermission = Gitblit \uAD00\uB9AC\uC790
+gb.team = \uD300
+gb.teamPermission = \"{0}\" \uD300 \uBA64\uBC84\uC5D0 \uAD8C\uD55C \uC124\uC815\uB428
+gb.missing = \uB204\uB77D!
+gb.missingPermission = \uC774 \uAD8C\uD55C\uC744 \uC704\uD55C \uC800\uC7A5\uC18C \uB204\uB77D!
+gb.mutable = \uAC00\uBCC0
+gb.specified = \uC9C0\uC815\uB41C
+gb.effective = \uD6A8\uACFC\uC801
+gb.organizationalUnit = \uC870\uC9C1
+gb.organization = \uAE30\uAD00
+gb.locality = \uC704\uCE58
+gb.stateProvince = \uB3C4 \uB610\uB294 \uC8FC
+gb.countryCode = \uAD6D\uAC00\uCF54\uB4DC
+gb.properties = \uC18D\uC131
+gb.issued = \uBC1C\uAE09\uB428
+gb.expires = \uB9CC\uB8CC
+gb.expired = \uB9CC\uB8CC\uB428
+gb.expiring = \uB9CC\uB8CC\uC911
+gb.revoked = \uD3D0\uAE30\uB428
+gb.serialNumber = \uC77C\uB828\uBC88\uD638
+gb.certificates = \uC778\uC99D\uC11C
+gb.newCertificate = \uC0C8 \uC778\uC99D\uC11C
+gb.revokeCertificate = \uC778\uC99D\uC11C \uD3D0\uAE30
+gb.sendEmail = \uBA54\uC77C \uBCF4\uB0B4\uAE30
+gb.passwordHint = \uD328\uC2A4\uC6CC\uB4DC \uD78C\uD2B8
 gb.ok = ok
-gb.invalidExpirationDate = \ub9d0\ub8cc\uc77c\uc790 \uc624\ub958!
-gb.passwordHintRequired = \ud328\uc2a4\uc6cc\ub4dc \ud78c\ud2b8 \ud544\uc218!
-gb.viewCertificate = \uc778\uc99d\uc11c \ubcf4\uae30
-gb.subject = \uc774\ub984
-gb.issuer = \ubc1c\uae09\uc790
-gb.validFrom = \uc720\ud6a8\uae30\uac04 (\uc2dc\uc791)
-gb.validUntil = \uc720\ud6a8\uae30\uac04 (\ub05d)
-gb.publicKey = \uacf5\uac1c\ud0a4
-gb.signatureAlgorithm = \uc11c\uba85 \uc54c\uace0\ub9ac\uc998
-gb.sha1FingerPrint = SHA-1 \uc9c0\ubb38 \uc54c\uace0\ub9ac\uc998
-gb.md5FingerPrint = MD5 \uc9c0\ubb38 \uc54c\uace0\ub9ac\uc998
-gb.reason = \uc774\uc720
-gb.revokeCertificateReason = \uc778\uc99d\uc11c \ud574\uc9c0\uc774\uc720\ub97c \uc120\ud0dd\ud558\uc138\uc694
-gb.unspecified = \ud45c\uc2dc\ud558\uc9c0 \uc54a\uc74c
-gb.keyCompromise = \ud0a4 \uc190\uc0c1
-gb.caCompromise = CA \uc190\uc0c1
-gb.affiliationChanged = \uad00\uacc4 \ubcc0\uacbd\ub428
-gb.superseded = \ub300\uccb4\ub428
-gb.cessationOfOperation = \uc6b4\uc601 \uc911\uc9c0
-gb.privilegeWithdrawn = \uad8c\ud55c \ucca0\ud68c\ub428
-gb.time.inMinutes = {0} \ubd84
-gb.time.inHours = {0} \uc2dc\uac04
-gb.time.inDays = {0} \uc77c
-gb.hostname = \ud638\uc2a4\ud2b8\uba85
-gb.hostnameRequired = \ud638\uc2a4\ud2b8\uba85\uc744 \uc785\ub825\ud558\uc138\uc694
-gb.newSSLCertificate = \uc0c8 \uc11c\ubc84 SSL \uc778\uc99d\uc11c
-gb.newCertificateDefaults = \uc0c8 \uc778\uc99d\uc11c \uae30\ubcf8
-gb.duration = \uae30\uac04
-gb.certificateRevoked = \uc778\uc99d\uc11c {0,number,0} \ub294 \ud3d0\uae30\ub418\uc5c8\uc2b5\ub2c8\ub2e4
-gb.clientCertificateGenerated = {0} \uc744(\ub97c) \uc704\ud55c \uc0c8\ub85c\uc6b4 \ud074\ub77c\uc774\uc5b8\ud2b8 \uc778\uc99d\uc11c \uc0dd\uc131 \uc131\uacf5
-gb.sslCertificateGenerated = {0} \uc744(\ub97c) \uc704\ud55c \uc0c8\ub85c\uc6b4 \uc11c\ubc84 SSL \uc778\uc99d\uc11c \uc0dd\uc131 \uc131\uacf5
-gb.newClientCertificateMessage = \ub178\ud2b8:\n'\ud328\uc2a4\uc6cc\ub4dc' \ub294 \uc720\uc800\uc758 \ud328\uc2a4\uc6cc\ub4dc\uac00 \uc544\ub2c8\ub77c \uc720\uc800\uc758 \ud0a4\uc2a4\ud1a0\uc5b4 \ub97c \ubcf4\ud638\ud558\uae30 \uc704\ud55c \uac83\uc785\ub2c8\ub2e4. \uc774 \ud328\uc2a4\uc6cc\ub4dc\ub294 \uc800\uc7a5\ub418\uc9c0 \uc54a\uc73c\ubbc0\ub85c \uc0ac\uc6a9\uc790 README \uc9c0\uce68\uc5d0 \ud3ec\ud568\ub420 '\ud78c\ud2b8' \ub97c \ubc18\ub4dc\uc2dc \uc785\ub825\ud574\uc57c \ud569\ub2c8\ub2e4.
-gb.certificate = \uc778\uc99d\uc11c
-gb.emailCertificateBundle = \uc774\uba54\uc77c \ud074\ub77c\uc774\uc5b8\ud2b8 \uc778\uc99d\uc11c \ubc88\ub4e4
-gb.pleaseGenerateClientCertificate = {0} \uc744(\ub97c) \uc704\ud55c \ud074\ub77c\uc774\uc5b8\ud2b8 \uc778\uc99d\uc11c\ub97c \uc0dd\uc131\ud558\uc138\uc694
-gb.clientCertificateBundleSent = {0} \uc744(\ub97c) \uc704\ud55c \ud074\ub77c\uc774\uc5b8\ud2b8 \uc778\uc99d\uc11c \ubc88\ub4e4 \ubc1c\uc1a1\ub428
-gb.enterKeystorePassword = Gitblit \ud0a4\uc2a4\ud1a0\uc5b4 \ud328\uc2a4\uc6cc\ub4dc\ub97c \uc785\ub825\ud558\uc138\uc694
-gb.warning = \uacbd\uace0
-gb.jceWarning = \uc790\ubc14 \uc2e4\ud589\ud658\uacbd\uc5d0 \"JCE Unlimited Strength Jurisdiction Policy\" \ud30c\uc77c\uc774 \uc5c6\uc2b5\ub2c8\ub2e4.\n\uc774\uac83\uc740 \ud0a4\uc800\uc7a5\uc18c \uc554\ud638\ud654\uc5d0 \uc0ac\uc6a9\ub418\ub294 \ud328\uc2a4\uc6cc\ub4dc\uc758 \uae38\uc774\ub294 7\uc790\ub85c \uc81c\ud55c\ud569\ub2c8\ub2e4.\n\uc774 \uc815\ucc45 \ud30c\uc77c\uc740 Oracle \uc5d0\uc11c \uc120\ud0dd\uc801\uc73c\ub85c \ub2e4\uc6b4\ub85c\ub4dc\ud574\uc57c \ud569\ub2c8\ub2e4.\n\n\ubb34\uc2dc\ud558\uace0 \uc778\uc99d\uc11c \uc778\ud504\ub77c\ub97c \uc0dd\uc131\ud558\uc2dc\uaca0\uc2b5\ub2c8\uae4c?\n\n\uc544\ub2c8\uc624(No) \ub77c\uace0 \ub2f5\ud558\uba74 \uc815\ucc45\ud30c\uc77c\uc744 \ub2e4\uc6b4\ubc1b\uc744 \uc218 \uc788\ub294 Oracle \ub2e4\uc6b4\ub85c\ub4dc \ud398\uc774\uc9c0\ub97c \ube0c\ub77c\uc6b0\uc800\ub85c \uc548\ub0b4\ud560 \uac83\uc785\ub2c8\ub2e4.
-gb.maxActivityCommits = \ucd5c\ub300 \uc561\ud2f0\ube44\ud2f0 \ucee4\ubc0b
-gb.maxActivityCommitsDescription = \uc561\ud2f0\ube44\ud2f0 \ud398\uc774\uc9c0\uc5d0 \ud45c\uc2dc\ud560 \ucd5c\ub300 \ucee4\ubc0b \uc218
-gb.noMaximum = \ubb34\uc81c\ud55c
-gb.attributes = \uc18d\uc131
-gb.serveCertificate = \uc774 \uc778\uc99d\uc11c\ub85c https \uc81c\uacf5
-gb.sslCertificateGeneratedRestart = {0} \uc744(\ub97c) \uc704\ud55c \uc0c8 \uc11c\ubc84 SSL \uc778\uc99d\uc11c\ub97c \uc131\uacf5\uc801\uc73c\ub85c \uc0dd\uc131\ud558\uc600\uc2b5\ub2c8\ub2e4. \n\uc0c8 \uc778\uc99d\uc11c\ub97c \uc0ac\uc6a9\ud558\ub824\uba74 Gitblit \uc744 \uc7ac\uc2dc\uc791 \ud574\uc57c \ud569\ub2c8\ub2e4.\n\n'--alias' \ud30c\ub77c\ubbf8\ud130\ub85c \uc2e4\ud589\ud55c\ub2e4\uba74 ''--alias {0}'' \ub85c \uc124\uc815\ud574\uc57c \ud569\ub2c8\ub2e4.
-gb.validity = \uc720\ud6a8\uc131
-gb.siteName = \uc0ac\uc774\ud2b8 \uc774\ub984
-gb.siteNameDescription = \uc11c\ubc84\uc758 \uc9e6\uc740 \uc124\uba85\uc774 \ud3ec\ud568\ub41c \uc774\ub984
-gb.excludeFromActivity = \uc561\ud2f0\ube44\ud2f0 \ud398\uc774\uc9c0\uc5d0\uc11c \uc81c\uc678
-gb.isSparkleshared = \uc800\uc7a5\uc18c\ub294 Sparkleshare \ub428
-gb.owners = \uc624\ub108
-gb.sessionEnded = \uc138\uc158\uc774 \uc885\ub8cc\ub428
-gb.closeBrowser = \uc815\ud655\ud788 \uc138\uc158\uc744 \uc885\ub8cc\ud558\ub824\uba74 \ube0c\ub77c\uc6b0\uc800\ub97c \ub2eb\uc544 \uc8fc\uc138\uc694.
-gb.doesNotExistInTree = {1} \ud2b8\ub9ac\uc5d0 {0} \uac00 \uc5c6\uc74c
-gb.enableIncrementalPushTags = \uc99d\uac00\ud558\ub294 \ud478\uc2dc \ud0dc\uadf8 \uac00\ub2a5
-gb.useIncrementalPushTagsDescription = \ud478\uc2dc\ud560 \ub54c, \uc99d\uac00\ud558\ub294 \ub9ac\ube44\uc804 \ubc88\ud638\uac00 \uc790\ub3d9\uc73c\ub85c \ud0dc\uadf8\ub428
-gb.incrementalPushTagMessage = \ud478\uc2dc\ud560 \ub54c [{0}] \ube0c\ub79c\uce58\uc5d0 \uc790\ub3d9\uc73c\ub85c \ud0dc\uadf8\ub428
-gb.externalPermissions = {0} \uc811\uc18d \uad8c\ud55c\uc740 \uc678\ubd80\uc5d0\uc11c \uad00\ub9ac\ub428
-gb.viewAccess = Gitblit \uc5d0 \uc77d\uae30 \ub610\ub294 \uc4f0\uae30 \uad8c\ud55c\uc774 \uc5c6\uc74c
-gb.overview = \uac1c\uc694
-gb.dashboard = \ub300\uc2dc\ubcf4\ub4dc
-gb.monthlyActivity = \uc6d4\ubcc4 \uc561\ud2f0\ube44
-gb.myProfile = \ub0b4 \ud504\ub85c\ud544
-gb.compare = \ube44\uad50
-gb.manual = \uc124\uba85\uc11c
+gb.invalidExpirationDate = \uB9D0\uB8CC\uC77C\uC790 \uC624\uB958!
+gb.passwordHintRequired = \uD328\uC2A4\uC6CC\uB4DC \uD78C\uD2B8 \uD544\uC218!
+gb.viewCertificate = \uC778\uC99D\uC11C \uBCF4\uAE30
+gb.subject = \uC774\uB984
+gb.issuer = \uBC1C\uAE09\uC790
+gb.validFrom = \uC720\uD6A8\uAE30\uAC04 (\uC2DC\uC791)
+gb.validUntil = \uC720\uD6A8\uAE30\uAC04 (\uB05D)
+gb.publicKey = \uACF5\uAC1C\uD0A4
+gb.signatureAlgorithm = \uC11C\uBA85 \uC54C\uACE0\uB9AC\uC998
+gb.sha1FingerPrint = SHA-1 \uC9C0\uBB38 \uC54C\uACE0\uB9AC\uC998
+gb.md5FingerPrint = MD5 \uC9C0\uBB38 \uC54C\uACE0\uB9AC\uC998
+gb.reason = \uC774\uC720
+gb.revokeCertificateReason = \uC778\uC99D\uC11C \uD574\uC9C0\uC774\uC720\uB97C \uC120\uD0DD\uD558\uC138\uC694
+gb.unspecified = \uD45C\uC2DC\uD558\uC9C0 \uC54A\uC74C
+gb.keyCompromise = \uD0A4 \uC190\uC0C1
+gb.caCompromise = CA \uC190\uC0C1
+gb.affiliationChanged = \uAD00\uACC4 \uBCC0\uACBD\uB428
+gb.superseded = \uB300\uCCB4\uB428
+gb.cessationOfOperation = \uC6B4\uC601 \uC911\uC9C0
+gb.privilegeWithdrawn = \uAD8C\uD55C \uCCA0\uD68C\uB428
+gb.time.inMinutes = {0} \uBD84
+gb.time.inHours = {0} \uC2DC\uAC04
+gb.time.inDays = {0} \uC77C
+gb.hostname = \uD638\uC2A4\uD2B8\uBA85
+gb.hostnameRequired = \uD638\uC2A4\uD2B8\uBA85\uC744 \uC785\uB825\uD558\uC138\uC694
+gb.newSSLCertificate = \uC0C8 \uC11C\uBC84 SSL \uC778\uC99D\uC11C
+gb.newCertificateDefaults = \uC0C8 \uC778\uC99D\uC11C \uAE30\uBCF8
+gb.duration = \uAE30\uAC04
+gb.certificateRevoked = \uC778\uC99D\uC11C {0,number,0} \uB294 \uD3D0\uAE30\uB418\uC5C8\uC2B5\uB2C8\uB2E4
+gb.clientCertificateGenerated = {0} \uC744(\uB97C) \uC704\uD55C \uC0C8\uB85C\uC6B4 \uD074\uB77C\uC774\uC5B8\uD2B8 \uC778\uC99D\uC11C \uC0DD\uC131 \uC131\uACF5
+gb.sslCertificateGenerated = {0} \uC744(\uB97C) \uC704\uD55C \uC0C8\uB85C\uC6B4 \uC11C\uBC84 SSL \uC778\uC99D\uC11C \uC0DD\uC131 \uC131\uACF5
+gb.newClientCertificateMessage = \uB178\uD2B8:\n'\uD328\uC2A4\uC6CC\uB4DC' \uB294 \uC720\uC800\uC758 \uD328\uC2A4\uC6CC\uB4DC\uAC00 \uC544\uB2C8\uB77C \uC720\uC800\uC758 \uD0A4\uC2A4\uD1A0\uC5B4 \uB97C \uBCF4\uD638\uD558\uAE30 \uC704\uD55C \uAC83\uC785\uB2C8\uB2E4. \uC774 \uD328\uC2A4\uC6CC\uB4DC\uB294 \uC800\uC7A5\uB418\uC9C0 \uC54A\uC73C\uBBC0\uB85C \uC0AC\uC6A9\uC790 README \uC9C0\uCE68\uC5D0 \uD3EC\uD568\uB420 '\uD78C\uD2B8' \uB97C \uBC18\uB4DC\uC2DC \uC785\uB825\uD574\uC57C \uD569\uB2C8\uB2E4.
+gb.certificate = \uC778\uC99D\uC11C
+gb.emailCertificateBundle = \uC774\uBA54\uC77C \uD074\uB77C\uC774\uC5B8\uD2B8 \uC778\uC99D\uC11C \uBC88\uB4E4
+gb.pleaseGenerateClientCertificate = {0} \uC744(\uB97C) \uC704\uD55C \uD074\uB77C\uC774\uC5B8\uD2B8 \uC778\uC99D\uC11C\uB97C \uC0DD\uC131\uD558\uC138\uC694
+gb.clientCertificateBundleSent = {0} \uC744(\uB97C) \uC704\uD55C \uD074\uB77C\uC774\uC5B8\uD2B8 \uC778\uC99D\uC11C \uBC88\uB4E4 \uBC1C\uC1A1\uB428
+gb.enterKeystorePassword = Gitblit \uD0A4\uC2A4\uD1A0\uC5B4 \uD328\uC2A4\uC6CC\uB4DC\uB97C \uC785\uB825\uD558\uC138\uC694
+gb.warning = \uACBD\uACE0
+gb.jceWarning = \uC790\uBC14 \uC2E4\uD589\uD658\uACBD\uC5D0 \"JCE Unlimited Strength Jurisdiction Policy\" \uD30C\uC77C\uC774 \uC5C6\uC2B5\uB2C8\uB2E4.\n\uC774\uAC83\uC740 \uD0A4\uC800\uC7A5\uC18C \uC554\uD638\uD654\uC5D0 \uC0AC\uC6A9\uB418\uB294 \uD328\uC2A4\uC6CC\uB4DC\uC758 \uAE38\uC774\uB294 7\uC790\uB85C \uC81C\uD55C\uD569\uB2C8\uB2E4.\n\uC774 \uC815\uCC45 \uD30C\uC77C\uC740 Oracle \uC5D0\uC11C \uC120\uD0DD\uC801\uC73C\uB85C \uB2E4\uC6B4\uB85C\uB4DC\uD574\uC57C \uD569\uB2C8\uB2E4.\n\n\uBB34\uC2DC\uD558\uACE0 \uC778\uC99D\uC11C \uC778\uD504\uB77C\uB97C \uC0DD\uC131\uD558\uC2DC\uACA0\uC2B5\uB2C8\uAE4C?\n\n\uC544\uB2C8\uC624(No) \uB77C\uACE0 \uB2F5\uD558\uBA74 \uC815\uCC45\uD30C\uC77C\uC744 \uB2E4\uC6B4\uBC1B\uC744 \uC218 \uC788\uB294 Oracle \uB2E4\uC6B4\uB85C\uB4DC \uD398\uC774\uC9C0\uB97C \uBE0C\uB77C\uC6B0\uC800\uB85C \uC548\uB0B4\uD560 \uAC83\uC785\uB2C8\uB2E4.
+gb.maxActivityCommits = \uCD5C\uB300 \uC561\uD2F0\uBE44\uD2F0 \uCEE4\uBC0B
+gb.maxActivityCommitsDescription = \uC561\uD2F0\uBE44\uD2F0 \uD398\uC774\uC9C0\uC5D0 \uD45C\uC2DC\uD560 \uCD5C\uB300 \uCEE4\uBC0B \uC218
+gb.noMaximum = \uBB34\uC81C\uD55C
+gb.attributes = \uC18D\uC131
+gb.serveCertificate = \uC774 \uC778\uC99D\uC11C\uB85C https \uC81C\uACF5
+gb.sslCertificateGeneratedRestart = {0} \uC744(\uB97C) \uC704\uD55C \uC0C8 \uC11C\uBC84 SSL \uC778\uC99D\uC11C\uB97C \uC131\uACF5\uC801\uC73C\uB85C \uC0DD\uC131\uD558\uC600\uC2B5\uB2C8\uB2E4. \n\uC0C8 \uC778\uC99D\uC11C\uB97C \uC0AC\uC6A9\uD558\uB824\uBA74 Gitblit \uC744 \uC7AC\uC2DC\uC791 \uD574\uC57C \uD569\uB2C8\uB2E4.\n\n'--alias' \uD30C\uB77C\uBBF8\uD130\uB85C \uC2E4\uD589\uD55C\uB2E4\uBA74 ''--alias {0}'' \uB85C \uC124\uC815\uD574\uC57C \uD569\uB2C8\uB2E4.
+gb.validity = \uC720\uD6A8\uC131
+gb.siteName = \uC0AC\uC774\uD2B8 \uC774\uB984
+gb.siteNameDescription = \uC11C\uBC84\uC758 \uC9E6\uC740 \uC124\uBA85\uC774 \uD3EC\uD568\uB41C \uC774\uB984
+gb.excludeFromActivity = \uC561\uD2F0\uBE44\uD2F0 \uD398\uC774\uC9C0\uC5D0\uC11C \uC81C\uC678
+gb.isSparkleshared = \uC800\uC7A5\uC18C\uB294 Sparkleshare \uB428
+gb.owners = \uC624\uB108
+gb.sessionEnded = \uC138\uC158\uC774 \uC885\uB8CC\uB428
+gb.closeBrowser = \uC815\uD655\uD788 \uC138\uC158\uC744 \uC885\uB8CC\uD558\uB824\uBA74 \uBE0C\uB77C\uC6B0\uC800\uB97C \uB2EB\uC544 \uC8FC\uC138\uC694.
+gb.doesNotExistInTree = {1} \uD2B8\uB9AC\uC5D0 {0} \uAC00 \uC5C6\uC74C
+gb.enableIncrementalPushTags = \uC99D\uAC00\uD558\uB294 \uD478\uC2DC \uD0DC\uADF8 \uAC00\uB2A5
+gb.useIncrementalPushTagsDescription = \uD478\uC2DC\uD560 \uB54C, \uC99D\uAC00\uD558\uB294 \uB9AC\uBE44\uC804 \uBC88\uD638\uAC00 \uC790\uB3D9\uC73C\uB85C \uD0DC\uADF8\uB428
+gb.incrementalPushTagMessage = \uD478\uC2DC\uD560 \uB54C [{0}] \uBE0C\uB79C\uCE58\uC5D0 \uC790\uB3D9\uC73C\uB85C \uD0DC\uADF8\uB428
+gb.externalPermissions = {0} \uC811\uC18D \uAD8C\uD55C\uC740 \uC678\uBD80\uC5D0\uC11C \uAD00\uB9AC\uB428
+gb.viewAccess = Gitblit \uC5D0 \uC77D\uAE30 \uB610\uB294 \uC4F0\uAE30 \uAD8C\uD55C\uC774 \uC5C6\uC74C
+gb.overview = \uAC1C\uC694
+gb.dashboard = \uB300\uC2DC\uBCF4\uB4DC
+gb.monthlyActivity = \uC6D4\uBCC4 \uC561\uD2F0\uBE44
+gb.myProfile = \uB0B4 \uD504\uB85C\uD544
+gb.compare = \uBE44\uAD50
+gb.manual = \uC124\uBA85\uC11C
 gb.from = from
 gb.to = to
 gb.at = at
 gb.of = of
 gb.in = in
-gb.moreChanges = \ubaa8\ub4e0 \ubcc0\uacbd...
-gb.pushedNCommitsTo = {0} \uac1c \ucee4\ubc0b\uc774 \ud478\uc2dc\ub428
-gb.pushedOneCommitTo = 1 \uac1c \ucee4\ubc0b\uc774 \ud478\uc2dc\ub428
-gb.commitsTo = {0} \uac1c \ucee4\ubc0b
-gb.oneCommitTo = 1 \uac1c \ucee4\ubc0b
-gb.byNAuthors = {0} \uba85\uc758 \uc791\uc131\uc790
-gb.byOneAuthor = {0} \uc5d0 \uc758\ud574 
-gb.viewComparison = {0} \ucee4\ubc0b\uc758 \ube44\uad50 \ubcf4\uae30 \u00bb
-gb.nMoreCommits = {0} \uac1c \ub354 \u00bb
-gb.oneMoreCommit = 1 \uac1c \ub354 \u00bb
-gb.pushedNewTag = \uc0c8 \ud0dc\uadf8\uac00 \ud478\uc2dc\ub428
-gb.createdNewTag = \uc0c8 \ud0dc\uadf8\uac00 \uc0dd\uc131\ub428
-gb.deletedTag = \ud0dc\uadf8\uac00 \uc0ad\uc81c\ub428
-gb.pushedNewBranch = \uc0c8 \ube0c\ub79c\uce58\uac00 \ud478\uc2dc\ub428
-gb.createdNewBranch = \uc0c8 \ube0c\ub79c\uce58\uac00 \uc0dd\uc131\ub428
-gb.deletedBranch = \ube0c\ub79c\uce58\uac00 \uc0ad\uc81c\ub428
-gb.createdNewPullRequest = \ud480 \ub9ac\ud018\uc2a4\ud2b8\uac00 \uc0dd\uc131\ub428
-gb.mergedPullRequest = \ud480 \ub9ac\ud018\uc2a4\ud2b8\uac00 \uba38\uc9c0\ub428
+gb.moreChanges = \uBAA8\uB4E0 \uBCC0\uACBD...
+gb.pushedNCommitsTo = {0} \uAC1C \uCEE4\uBC0B\uC774 \uD478\uC2DC\uB428
+gb.pushedOneCommitTo = 1 \uAC1C \uCEE4\uBC0B\uC774 \uD478\uC2DC\uB428
+gb.commitsTo = {0} \uAC1C \uCEE4\uBC0B
+gb.oneCommitTo = 1 \uAC1C \uCEE4\uBC0B
+gb.byNAuthors = {0} \uBA85\uC758 \uC791\uC131\uC790
+gb.byOneAuthor = {0} \uC5D0 \uC758\uD574 
+gb.viewComparison = {0} \uCEE4\uBC0B\uC758 \uBE44\uAD50 \uBCF4\uAE30 \u00BB
+gb.nMoreCommits = {0} \uAC1C \uB354 \u00BB
+gb.oneMoreCommit = 1 \uAC1C \uB354 \u00BB
+gb.pushedNewTag = \uC0C8 \uD0DC\uADF8\uAC00 \uD478\uC2DC\uB428
+gb.createdNewTag = \uC0C8 \uD0DC\uADF8\uAC00 \uC0DD\uC131\uB428
+gb.deletedTag = \uD0DC\uADF8\uAC00 \uC0AD\uC81C\uB428
+gb.pushedNewBranch = \uC0C8 \uBE0C\uB79C\uCE58\uAC00 \uD478\uC2DC\uB428
+gb.createdNewBranch = \uC0C8 \uBE0C\uB79C\uCE58\uAC00 \uC0DD\uC131\uB428
+gb.deletedBranch = \uBE0C\uB79C\uCE58\uAC00 \uC0AD\uC81C\uB428
+gb.createdNewPullRequest = \uD480 \uB9AC\uD018\uC2A4\uD2B8\uAC00 \uC0DD\uC131\uB428
+gb.mergedPullRequest = \uD480 \uB9AC\uD018\uC2A4\uD2B8\uAC00 \uBA38\uC9C0\uB428
 gb.rewind = REWIND
-gb.star = \ubcc4
-gb.unstar = \ubcc4\uc81c\uac70
-gb.stargazers = \uad00\uce21\uc790
-gb.starredRepositories = \ubcc4 \ud45c\uc2dc\ub41c \uc800\uc7a5\uc18c
-gb.failedToUpdateUser = \uacc4\uc815 \uc5c5\ub370\uc774\ud2b8 \uc2e4\ud328!
-gb.myRepositories = \ub0b4 \uc800\uc7a5\uc18c
-gb.noActivity = \uc9c0\ub09c {0} \uc77c\uac04 \uc561\ud2f0\ube44\ud2f0 \uc5c6\uc74c
-gb.findSomeRepositories = \uc800\uc7a5\uc18c \ucc3e\uae30
-gb.metricAuthorExclusions = \uc791\uc131\uc790 \uba54\ud2b8\ub9ad \uc81c\uc678
-gb.myDashboard = \ub0b4 \ub300\uc2dc\ubcf4\ub4dc
-gb.failedToFindAccount = ''{0}'' \uacc4\uc815 \ucc3e\uae30 \uc2e4\ud328
+gb.star = \uBCC4
+gb.unstar = \uBCC4\uC81C\uAC70
+gb.stargazers = \uAD00\uCE21\uC790
+gb.starredRepositories = \uBCC4 \uD45C\uC2DC\uB41C \uC800\uC7A5\uC18C
+gb.failedToUpdateUser = \uACC4\uC815 \uC5C5\uB370\uC774\uD2B8 \uC2E4\uD328!
+gb.myRepositories = \uB0B4 \uC800\uC7A5\uC18C
+gb.noActivity = \uC9C0\uB09C {0} \uC77C\uAC04 \uC561\uD2F0\uBE44\uD2F0 \uC5C6\uC74C
+gb.findSomeRepositories = \uC800\uC7A5\uC18C \uCC3E\uAE30
+gb.metricAuthorExclusions = \uC791\uC131\uC790 \uBA54\uD2B8\uB9AD \uC81C\uC678
+gb.myDashboard = \uB0B4 \uB300\uC2DC\uBCF4\uB4DC
+gb.failedToFindAccount = ''{0}'' \uACC4\uC815 \uCC3E\uAE30 \uC2E4\uD328
 gb.reflog = reflog
-gb.active = \ud65c\uc131
-gb.starred = \ubcc4\ud45c
-gb.owned = \uc18c\uc720\ud568
-gb.starredAndOwned = \ubcc4\ud45c & \uc18c\uc720\ud568
-gb.reviewPatchset = \ub9ac\ubdf0 {0} \ud328\uce58\uc14b {1}
-gb.todaysActivityStats = \uc624\ub298 / {2} \uc791\uc131\uc790\uac00 {1} \ucee4\ubc0b\uc0dd\uc131
-gb.todaysActivityNone = \uc624\ub298 / \uc5c6\uc74c
-gb.noActivityToday = \uc624\ub298\uc740 \uc561\ud2f0\ube44\ud2f0\uac00 \uc5c6\uc74c
-gb.anonymousUser= \uc775\uba85
-gb.commitMessageRenderer = \ucee4\ubc0b \uba54\uc2dc\uc9c0 \ub79c\ub354\ub7ec
-gb.diffStat = {0}\uac1c \ucd94\uac00 & {1}\uac1c \uc0ad\uc81c
-gb.home = \ud648
-gb.isMirror = \ubbf8\ub7ec \uc800\uc7a5\uc18c
-gb.mirrorOf = {0} \uc758 \ubbf8\ub7ec
-gb.mirrorWarning = \uc774 \uc800\uc7a5\uc18c\ub294 \ubbf8\ub7ec\uc774\uace0 \ud478\uc2dc\ub97c \ubc1b\uc744 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4.
-gb.docsWelcome1 = \uc800\uc7a5\uc18c\ub97c \ubb38\uc11c\ud654\ud558\uae30 \uc704\ud574 \ubb38\uc11c\ub4e4\uc744 \uc0ac\uc6a9\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.
-gb.docsWelcome2 = \uc2dc\uc791\ud558\uae30 \uc704\ud574 README.md \ub610\ub294 HOME.md \ud30c\uc77c\uc744 \ucee4\ubc0b\ud558\uc138\uc694.
-gb.createReadme = README \uc0dd\uc131
-gb.responsible = \ub2f4\ub2f9\uc790
-gb.createdThisTicket = \uc774 \ud2f0\ucf13 \uc0dd\uc131
-gb.proposedThisChange = \uc774 \ubcc0\uacbd \uc81c\uc548
-gb.uploadedPatchsetN = {0} \ud328\uce58\uc14b \uc5c5\ub85c\ub4dc
-gb.uploadedPatchsetNRevisionN = \ub9ac\ube44\uc804 {1} \ud328\uce58\uc14b {0} \uc5c5\ub85c\ub4dc
-gb.mergedPatchset = \ud328\uce58\uc14b \uba38\uc9c0
-gb.commented = \ucf54\uba58\ud2b8
-gb.noDescriptionGiven = \uc124\uba85 \uc5c6\uc74c
-gb.toBranch = {0}\uc5d0\uac8c
-gb.createdBy = \uc0dd\uc131\uc790
-gb.oneParticipant = \ucc38\uac00\uc790 {0}
-gb.nParticipants = \ucc38\uac00\uc790 {0}
-gb.noComments = \ucf54\uba58\ud2b8 \uc5c6\uc74c
-gb.oneComment = \ucf54\uba58\ud2b8 {0}
-gb.nComments = \ucf54\uba58\ud2b8 {0}
-gb.oneAttachment  = \ucca8\ubd80\ud30c\uc77c {0}
-gb.nAttachments = \ucca8\ubd80\ud30c\uc77c {0}
-gb.milestone = \ub9c8\uc77c\uc2a4\ud1a4
-gb.compareToMergeBase = \uba38\uc9c0\ubca0\uc774\uc2a4\uc640 \ube44\uad50
-gb.compareToN = {0}\uc640 \ube44\uad50
-gb.open = \uc5f4\ub9bc
-gb.closed = \ub2eb\ud798
-gb.merged = \uba38\uc9c0\ud568
-gb.ticketPatchset = {0} \ud2f0\ucf13, {1} \ud328\uce58\uc14b
-gb.patchsetMergeable = \uc774 \ud328\uce58\uc14b\uc740 {0}\uc5d0 \uc790\ub3d9\uc73c\ub85c \uba38\uc9c0\ub420 \uc218 \uc788\uc2b5\ub2c8\ub2e4.
-gb.patchsetMergeableMore = \uc774 \ud328\uce58\uc14b\uc740 \ucee4\ub9e8\ub4dc \ub77c\uc778\uc5d0\uc11c {0}\uc5d0 \uba38\uc9c0\ub420 \uc218 \uc788\uc2b5\ub2c8\ub2e4.
-gb.patchsetAlreadyMerged = \uc774 \ud328\uce58\uc14b\uc740 {0}\uc5d0 \uba38\uc9c0\ub428.
-gb.patchsetNotMergeable = \uc774 \ud328\uce58\uc14b\uc740 {0}\uc5d0 \uc790\ub3d9\uc73c\ub85c \uba38\uc9c0\ub420 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4.
-gb.patchsetNotMergeableMore = \ucda9\ub3cc\uc744 \ud574\uacb0\ud558\uae30 \uc704\ud574 \uc774 \ud328\uce58\uc14b\uc740 \ub9ac\ubca0\uc774\uc2a4 \ud558\uac70\ub098 {0}\uc5d0 \uba38\uc9c0\ub418\uc5b4\uc57c \ud569\ub2c8\ub2e4.
-gb.patchsetNotApproved = \uc774 \ud328\uce58\uc14b \ub9ac\ube44\uc804\uc740 {0}\uc5d0 \uba38\uc9c0\ub418\ub294\uac83\uc774 \uc2b9\uc778\ub418\uc9c0 \uc54a\uc558\uc2b5\ub2c8\ub2e4.
-gb.patchsetNotApprovedMore = \ub9ac\ubdf0\uc5b4\uac00 \uc774 \ud328\uce58\uc14b\uc744 \uc2b9\uc778\ud574\uc57c \ud569\ub2c8\ub2e4.
-gb.patchsetVetoedMore = \ub9ac\ubdf0\uc5b4\uac00 \uc774 \ud328\uce58\uc14b\uc744 \uac70\ubd80\ud558\uc600\uc2b5\ub2c8\ub2e4.
-gb.write = \uc4f0\uae30
-gb.comment = \ucf54\uba58\ud2b8
-gb.preview = \ubbf8\ub9ac\ubcf4\uae30
-gb.leaveComment = \ucf54\uba58\ud2b8 \ub0a8\uae30\uae30...
-gb.showHideDetails = \uc0c1\uc138 \ubcf4\uae30/\uc228\uae30\uae30
-gb.acceptNewPatchsets = \ud328\uce58\uc14b \uc2b9\uc778
-gb.acceptNewPatchsetsDescription = \uc774 \uc800\uc7a5\uc18c\uc5d0 \ud328\uce58\uc14b\uc744 \ud478\uc2dc\ud558\ub294\uac83\uc744 \uc2b9\uc778
-gb.acceptNewTickets = \uc0c8 \ud2f0\ucf13 \ud5c8\uc6a9
-gb.acceptNewTicketsDescription = \ubc84\uadf8, \uac1c\uc120, \ud0c0\uc2a4\ud06c, \ub4f1\uc758 \ud2f0\ucf13 \uc0dd\uc131 \ud5c8\uc6a9
-gb.requireApproval = \uc2b9\uc778 \ud544\uc694
-gb.requireApprovalDescription = \uba38\uc9c0\ubc84\ud2bc \ud65c\uc131\ud654 \uc804 \ud328\uce58\uc14b\uc774 \uc2b9\uc778\ub418\uc5b4\uc57c \ud568
-gb.topic = \ud1a0\ud53d
-gb.proposalTickets = \ubcc0\uacbd \uc81c\uc548
-gb.bugTickets = \ubc84\uadf8
-gb.enhancementTickets = \uac1c\uc120
-gb.taskTickets = \ud0c0\uc2a4\ud06c
-gb.questionTickets = \uc9c8\ubb38
-gb.requestTickets = \uac1c\uc120 & \ud0c0\uc2a4\ud06c
-gb.yourCreatedTickets = \ub0b4\uac00 \uc0dd\uc131\ud568
-gb.yourWatchedTickets = \ub0b4\uac00 \uc9c0\ucf1c\ubd04
-gb.mentionsMeTickets = \ub098\ub97c \ub9e8\uc158 \uc911
-gb.updatedBy = \uc5c5\ub370\uc774\ud2b8
-gb.sort = \uc815\ub82c
-gb.sortNewest = \ucd5c\uc2e0 \uc21c
-gb.sortOldest = \uc624\ub798\ub41c \uc21c
-gb.sortMostRecentlyUpdated = \ucd5c\uadfc \uc5c5\ub370\uc774\ud2b8 \uc21c
-gb.sortLeastRecentlyUpdated = \uc624\ub798\ub41c \uc5c5\ub370\uc774\ud2b8\ub41c \uc21c
-gb.sortMostComments = \ucf54\uba58\ud2b8 \ub9ce\uc740 \uc21c
-gb.sortLeastComments = \ucf54\uba58\ud2b8 \uc801\uc740 \uc21c
-gb.sortMostPatchsetRevisions = \ud328\uce58\uc14b \ub9ac\ube44\uc804 \ub9ce\uc740 \uc21c
-gb.sortLeastPatchsetRevisions = \ud328\uce58\uc14b \ub9ac\ube44\uc804 \uc801\uc740 \uc21c
-gb.sortMostVotes = \uac70\ubd80 \ub9ce\uc740 \uc21c
-gb.sortLeastVotes = \uac70\ubd80 \uc801\uc740 \uc21c
-gb.topicsAndLabels = \ud1a0\ud53d & \ub77c\ubca8
-gb.milestones = \ub9c8\uc77c\uc2a4\ud1a4
-gb.noMilestoneSelected = \uc120\ud0dd\ub41c \ub9c8\uc77c\uc2a4\ud1a4 \uc5c6\uc74c
-gb.notSpecified = \uc9c0\uc815\ub418\uc9c0 \uc54a\uc74c
+gb.active = \uD65C\uC131
+gb.starred = \uBCC4\uD45C
+gb.owned = \uC18C\uC720\uD568
+gb.starredAndOwned = \uBCC4\uD45C & \uC18C\uC720\uD568
+gb.reviewPatchset = \uB9AC\uBDF0 {0} \uD328\uCE58\uC14B {1}
+gb.todaysActivityStats = \uC624\uB298 / {2} \uC791\uC131\uC790\uAC00 {1} \uCEE4\uBC0B\uC0DD\uC131
+gb.todaysActivityNone = \uC624\uB298 / \uC5C6\uC74C
+gb.noActivityToday = \uC624\uB298\uC740 \uC561\uD2F0\uBE44\uD2F0\uAC00 \uC5C6\uC74C
+gb.anonymousUser= \uC775\uBA85
+gb.commitMessageRenderer = \uCEE4\uBC0B \uBA54\uC2DC\uC9C0 \uB79C\uB354\uB7EC
+gb.diffStat = {0}\uAC1C \uCD94\uAC00 & {1}\uAC1C \uC0AD\uC81C
+gb.home = \uD648
+gb.isMirror = \uBBF8\uB7EC \uC800\uC7A5\uC18C
+gb.mirrorOf = {0} \uC758 \uBBF8\uB7EC
+gb.mirrorWarning = \uC774 \uC800\uC7A5\uC18C\uB294 \uBBF8\uB7EC\uC774\uACE0 \uD478\uC2DC\uB97C \uBC1B\uC744 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.
+gb.docsWelcome1 = \uC800\uC7A5\uC18C\uB97C \uBB38\uC11C\uD654\uD558\uAE30 \uC704\uD574 \uBB38\uC11C\uB4E4\uC744 \uC0AC\uC6A9\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4.
+gb.docsWelcome2 = \uC2DC\uC791\uD558\uAE30 \uC704\uD574 README.md \uB610\uB294 HOME.md \uD30C\uC77C\uC744 \uCEE4\uBC0B\uD558\uC138\uC694.
+gb.createReadme = README \uC0DD\uC131
+gb.responsible = \uB2F4\uB2F9\uC790
+gb.createdThisTicket = \uC774 \uD2F0\uCF13 \uC0DD\uC131
+gb.proposedThisChange = \uC774 \uBCC0\uACBD \uC81C\uC548
+gb.uploadedPatchsetN = {0} \uD328\uCE58\uC14B \uC5C5\uB85C\uB4DC
+gb.uploadedPatchsetNRevisionN = \uB9AC\uBE44\uC804 {1} \uD328\uCE58\uC14B {0} \uC5C5\uB85C\uB4DC
+gb.mergedPatchset = \uD328\uCE58\uC14B \uBA38\uC9C0
+gb.commented = \uCF54\uBA58\uD2B8
+gb.noDescriptionGiven = \uC124\uBA85 \uC5C6\uC74C
+gb.toBranch = {0}\uC5D0\uAC8C
+gb.createdBy = \uC0DD\uC131\uC790
+gb.oneParticipant = \uCC38\uAC00\uC790 {0}
+gb.nParticipants = \uCC38\uAC00\uC790 {0}
+gb.noComments = \uCF54\uBA58\uD2B8 \uC5C6\uC74C
+gb.oneComment = \uCF54\uBA58\uD2B8 {0}
+gb.nComments = \uCF54\uBA58\uD2B8 {0}
+gb.oneAttachment  = \uCCA8\uBD80\uD30C\uC77C {0}
+gb.nAttachments = \uCCA8\uBD80\uD30C\uC77C {0}
+gb.milestone = \uB9C8\uC77C\uC2A4\uD1A4
+gb.compareToMergeBase = \uBA38\uC9C0\uBCA0\uC774\uC2A4\uC640 \uBE44\uAD50
+gb.compareToN = {0}\uC640 \uBE44\uAD50
+gb.open = \uC5F4\uB9BC
+gb.closed = \uB2EB\uD798
+gb.merged = \uBA38\uC9C0\uD568
+gb.ticketPatchset = {0} \uD2F0\uCF13, {1} \uD328\uCE58\uC14B
+gb.patchsetMergeable = \uC774 \uD328\uCE58\uC14B\uC740 {0}\uC5D0 \uC790\uB3D9\uC73C\uB85C \uBA38\uC9C0\uB420 \uC218 \uC788\uC2B5\uB2C8\uB2E4.
+gb.patchsetMergeableMore = \uC774 \uD328\uCE58\uC14B\uC740 \uCEE4\uB9E8\uB4DC \uB77C\uC778\uC5D0\uC11C {0}\uC5D0 \uBA38\uC9C0\uB420 \uC218 \uC788\uC2B5\uB2C8\uB2E4.
+gb.patchsetAlreadyMerged = \uC774 \uD328\uCE58\uC14B\uC740 {0}\uC5D0 \uBA38\uC9C0\uB428.
+gb.patchsetNotMergeable = \uC774 \uD328\uCE58\uC14B\uC740 {0}\uC5D0 \uC790\uB3D9\uC73C\uB85C \uBA38\uC9C0\uB420 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.
+gb.patchsetNotMergeableMore = \uCDA9\uB3CC\uC744 \uD574\uACB0\uD558\uAE30 \uC704\uD574 \uC774 \uD328\uCE58\uC14B\uC740 \uB9AC\uBCA0\uC774\uC2A4 \uD558\uAC70\uB098 {0}\uC5D0 \uBA38\uC9C0\uB418\uC5B4\uC57C \uD569\uB2C8\uB2E4.
+gb.patchsetNotApproved = \uC774 \uD328\uCE58\uC14B \uB9AC\uBE44\uC804\uC740 {0}\uC5D0 \uBA38\uC9C0\uB418\uB294\uAC83\uC774 \uC2B9\uC778\uB418\uC9C0 \uC54A\uC558\uC2B5\uB2C8\uB2E4.
+gb.patchsetNotApprovedMore = \uB9AC\uBDF0\uC5B4\uAC00 \uC774 \uD328\uCE58\uC14B\uC744 \uC2B9\uC778\uD574\uC57C \uD569\uB2C8\uB2E4.
+gb.patchsetVetoedMore = \uB9AC\uBDF0\uC5B4\uAC00 \uC774 \uD328\uCE58\uC14B\uC744 \uAC70\uBD80\uD558\uC600\uC2B5\uB2C8\uB2E4.
+gb.write = \uC4F0\uAE30
+gb.comment = \uCF54\uBA58\uD2B8
+gb.preview = \uBBF8\uB9AC\uBCF4\uAE30
+gb.leaveComment = \uCF54\uBA58\uD2B8 \uB0A8\uAE30\uAE30...
+gb.showHideDetails = \uC0C1\uC138 \uBCF4\uAE30/\uC228\uAE30\uAE30
+gb.acceptNewPatchsets = \uD328\uCE58\uC14B \uC2B9\uC778
+gb.acceptNewPatchsetsDescription = \uC774 \uC800\uC7A5\uC18C\uC5D0 \uD328\uCE58\uC14B\uC744 \uD478\uC2DC\uD558\uB294\uAC83\uC744 \uC2B9\uC778
+gb.acceptNewTickets = \uC0C8 \uD2F0\uCF13 \uD5C8\uC6A9
+gb.acceptNewTicketsDescription = \uBC84\uADF8, \uAC1C\uC120, \uD0C0\uC2A4\uD06C, \uB4F1\uC758 \uD2F0\uCF13 \uC0DD\uC131 \uD5C8\uC6A9
+gb.requireApproval = \uC2B9\uC778 \uD544\uC694
+gb.requireApprovalDescription = \uBA38\uC9C0\uBC84\uD2BC \uD65C\uC131\uD654 \uC804 \uD328\uCE58\uC14B\uC774 \uC2B9\uC778\uB418\uC5B4\uC57C \uD568
+gb.topic = \uD1A0\uD53D
+gb.proposalTickets = \uBCC0\uACBD \uC81C\uC548
+gb.bugTickets = \uBC84\uADF8
+gb.enhancementTickets = \uAC1C\uC120
+gb.taskTickets = \uD0C0\uC2A4\uD06C
+gb.questionTickets = \uC9C8\uBB38
+gb.maintenanceTickets = \uC720\uC9C0\uBCF4\uC218
+gb.requestTickets = \uAC1C\uC120 & \uD0C0\uC2A4\uD06C
+gb.yourCreatedTickets = \uB0B4\uAC00 \uC0DD\uC131\uD568
+gb.yourWatchedTickets = \uB0B4\uAC00 \uC9C0\uCF1C\uBD04
+gb.mentionsMeTickets = \uB098\uB97C \uB9E8\uC158 \uC911
+gb.updatedBy = \uC5C5\uB370\uC774\uD2B8
+gb.sort = \uC815\uB82C
+gb.sortNewest = \uCD5C\uC2E0 \uC21C
+gb.sortOldest = \uC624\uB798\uB41C \uC21C
+gb.sortMostRecentlyUpdated = \uCD5C\uADFC \uC5C5\uB370\uC774\uD2B8 \uC21C
+gb.sortLeastRecentlyUpdated = \uC624\uB798\uB41C \uC5C5\uB370\uC774\uD2B8\uB41C \uC21C
+gb.sortMostComments = \uCF54\uBA58\uD2B8 \uB9CE\uC740 \uC21C
+gb.sortLeastComments = \uCF54\uBA58\uD2B8 \uC801\uC740 \uC21C
+gb.sortMostPatchsetRevisions = \uD328\uCE58\uC14B \uB9AC\uBE44\uC804 \uB9CE\uC740 \uC21C
+gb.sortLeastPatchsetRevisions = \uD328\uCE58\uC14B \uB9AC\uBE44\uC804 \uC801\uC740 \uC21C
+gb.sortMostVotes = \uAC70\uBD80 \uB9CE\uC740 \uC21C
+gb.sortLeastVotes = \uAC70\uBD80 \uC801\uC740 \uC21C
+gb.topicsAndLabels = \uD1A0\uD53D & \uB77C\uBCA8
+gb.milestones = \uB9C8\uC77C\uC2A4\uD1A4
+gb.noMilestoneSelected = \uC120\uD0DD\uB41C \uB9C8\uC77C\uC2A4\uD1A4 \uC5C6\uC74C
+gb.notSpecified = \uC9C0\uC815\uB418\uC9C0 \uC54A\uC74C
 gb.due = due
-gb.queries = \ucffc\ub9ac
-gb.searchTicketsTooltip = {0} \ud2f0\ucf13 \uac80\uc0c9
-gb.searchTickets = \ud2f0\ucf13 \uac80\uc0c9
-gb.new = \uc0c8
-gb.newTicket = \uc0c8 \ud2f0\ucf13
-gb.editTicket = \ud2f0\ucf13 \uc218\uc815
-gb.ticketsWelcome = \ud560\uc77c \ubaa9\ub85d, \ubc84\uadf8 \ud1a0\ub860\uc744 \uc815\ub9ac\ud558\uace0 \ud328\uce58\uc14b\uc73c\ub85c \ud611\uc5c5\ud558\uae30 \uc704\ud574 \ud2f0\ucf13\uc744 \uc0ac\uc6a9\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.
-gb.createFirstTicket = \uccab\ubc88\uc9f8 \ud2f0\ucf13\uc744 \ub9cc\ub4dc\uc138\uc694.
-gb.title = \uc81c\ubaa9
-gb.changedStatus = \uc0c1\ud0dc \ubcc0\uacbd\ub428
-gb.discussion = \ud1a0\ub860
-gb.updated = \uc5c5\ub370\uc774\ud2b8\ub428
-gb.proposePatchset = \ud328\uce58\uc14b\uc758 \uc81c\uc548
-gb.proposePatchsetNote = \uc774 \ud2f0\ucf13\uc5d0 \ub300\ud55c \ud328\uce58\uc14b \uc81c\uc548\uc744 \ud658\uc601\ud569\ub2c8\ub2e4.
-gb.proposeInstructions = \ub9e8 \uba3c\uc800, \ud328\uce58\uc14b\uc744 \ub9cc\ub4e4\uace0 Git\uc73c\ub85c \uc5c5\ub85c\ub4dc \ud558\uc138\uc694. Gitblit \uc774 id \ub85c \uc774 \ud2f0\ucf13\uacfc \uc5f0\uacb0\ud560 \uac83\uc785\ub2c8\ub2e4.
-gb.proposeWith = \uc774\uac83\uc73c\ub85c \ud328\uce58\uc14b \uc81c\uc548 - {0}
-gb.revisionHistory = \ub9ac\ube44\uc804 \ud788\uc2a4\ud1a0\ub9ac
-gb.merge = \uba38\uc9c0
-gb.action = \uc561\uc158
-gb.patchset = \ud328\uce58\uc14b
-gb.all = \ubaa8\ub450
-gb.mergeBase = \uba38\uc9c0 \ubca0\uc774\uc2a4
-gb.checkout = \uccb4\ud06c\uc544\uc6c3
-gb.checkoutViaCommandLine = \ucee4\ub9e8\ub4dc \ub77c\uc778\uc73c\ub85c \uccb4\ud06c\uc544\uc6c3
-gb.checkoutViaCommandLineNote = \uc774 \uc800\uc7a5\uc18c\uc758 \ud074\ub860\uc5d0\uc11c \ub85c\uceec \ubcc0\uacbd\uc0ac\ud56d\uc744 \uccb4\ud06c\uc544\uc6c3\ud558\uace0 \ud14c\uc2a4\ud2b8\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.
-gb.checkoutStep1 = \ud604\uc7ac \ud328\uce58\uc14b\uc744 \uac00\uc838\uc624\uc138\uc694. - \ud504\ub85c\uc81d\ud2b8 \ub514\ub809\ud1a0\ub9ac\uc5d0\uc11c \uc774 \uc791\uc5c5\uc744 \uc2e4\ud589\ud558\uc138\uc694.
-gb.checkoutStep2 = \uc0c8 \ube0c\ub79c\uce58\uc640 \ub9ac\ubdf0\uc5d0 \ud328\uce58\uc14b\uc744 \uccb4\ud06c\uc544\uc6c3 \ud558\uc138\uc694.
-gb.mergingViaCommandLine = \ucee4\ub9e8\ub4dc \ub77c\uc778\uc5d0\uc11c \uba38\uc9d5
-gb.mergingViaCommandLineNote = \uba38\uc9c0 \ubc84\ud2bc \uc0ac\uc6a9\uc744 \uc6d0\ud558\uc9c0 \uc54a\uac70\ub098 \uc790\ub3d9 \uba38\uc9c0\uac00 \ub3d9\uc791\ud558\uc9c0 \ub418\uc9c0 \uc54a\ub294\ub2e4\uba74, \ucee4\ub9e8\ub4dc \ub77c\uc778\uc5d0\uc11c \uc218\ub3d9\uc73c\ub85c \uba38\uc9c0\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.
-gb.mergeStep1 = \ubcc0\uacbd\uc0ac\ud56d\uc744 \ub9ac\ubdf0\ud558\uae30\uc704\ud574 \uc0c8 \ube0c\ub79c\uce58\ub97c \uccb4\ud06c\uc544\uc6c3 \ud558\uc138\uc694. \u2014 \ud504\ub85c\uc81d\ud2b8 \ub514\ub809\ud1a0\ub9ac\uc5d0\uc11c \uc774 \uc791\uc5c5\uc744 \uc2e4\ud589\ud558\uc138\uc694.
-gb.mergeStep2 = \uc81c\uc548\ub41c \ubcc0\uacbd\uc0ac\ud56d\uacfc \ub9ac\ubdf0\ub97c \uac00\uc838\uc624\uc138\uc694.
-gb.mergeStep3 = \uc81c\uc548\ub41c \ubcc0\uacbd\uc0ac\ud56d\uc744 \uba38\uc9c0\ud558\uace0 \uc11c\ubc84\uc5d0 \uc5c5\ub370\uc774\ud2b8 \ud558\uc138\uc694.
-gb.download = \ub2e4\uc6b4\ub85c\ub4dc
-gb.ptDescription = Gitblit \ud328\uce58\uc14b \ub3c4\uad6c
-gb.ptCheckout = \ub9ac\ubdf0 \ube0c\ub79c\uce58\uc5d0 \ud604\uc7ac \ud328\uce58\uc14b\uc744 \uac00\uc838\uc624\uace0 \uccb4\ud06c\uc544\uc6c3\ud558\uc138\uc694.
-gb.ptMerge = \ub85c\uceec \ube0c\ub79c\uce58\uc5d0 \ud604\uc7ac \ud328\uce58\uc14b\uc744 \uac00\uc838\uc624\uace0 \uba38\uc9c0\ud558\uc138\uc694.
-gb.ptDescription1 = Barnum \uc740 Gitblit \ud2f0\ucf13\uacfc \ud328\uce58\uc14b\uc744 \uc0ac\uc6a9\ud558\uae30 \uc704\ud55c \uad6c\ubb38\uc744 \ub2e8\uc21c\ud558\uac8c \ud574\uc904 Git \ucee4\ub9e8\ub4dc \ub77c\uc778 \ub3c4\uad6c \uc785\ub2c8\ub2e4.
-gb.ptSimplifiedCollaboration = \ub2e8\uc21c\ud654\ub41c \uacf5\ub3d9\uc791\uc5c5 \uad6c\ubb38
-gb.ptSimplifiedMerge = \ub2e8\uc21c\ud654\ub41c \uba38\uc9c0 \uad6c\ubb38
-gb.ptDescription2 = Barnum \uc740 \ud30c\uc774\uc36c 3 \uc640 \ub124\uc774\ud2f0\ube0c Git \uc774 \ud544\uc694\ud569\ub2c8\ub2e4. Windows, Linux, and Mac OS X \uc5d0\uc11c \ub3d9\uc791\ud569\ub2c8\ub2e4.
-gb.stepN = {0} \ub2e8\uacc4
-gb.watchers = \uc9c0\ucf1c\ubcf4\ub294 \uc774
-gb.votes = \ud22c\ud45c
-gb.vote = {0} \uc5d0 \ud22c\ud45c\ud558\uae30
-gb.watch = {0} \uc9c0\ucf1c\ubcf4\uae30
-gb.removeVote = \ud22c\ud45c \uc81c\uac70
-gb.stopWatching = \uc9c0\ucf1c\ubcf4\uae30 \uc911\uc9c0
-gb.watching = \uc9c0\ucf1c\ubcf4\ub294 \uc911
-gb.comments = \ucf54\uba58\ud2b8
-gb.addComment = \ucf54\uba58\ud2b8 \ucd94\uac00
-gb.export = \ub0b4\ubcf4\ub0b4\uae30
-gb.oneCommit = 1\uac1c \ucee4\ubc0b
-gb.nCommits = {0}\uac1c \ucee4\ubc0b
-gb.addedOneCommit = 1\uac1c \ucee4\ubc0b \ucd94\uac00
-gb.addedNCommits = {0}\uac1c \ucee4\ubc0b \ucd94\uac00
-gb.commitsInPatchsetN = {0} \ud328\uce58\uc14b\uc758 \ucee4\ubc0b
-gb.patchsetN = \ud328\uce58\uc14b {0}
-gb.reviewedPatchsetRev = \ud328\uce58\uc14b {0} \ub9ac\ube44\uc804 {1}: {2} \ub9ac\ubdf0
-gb.review = \ub9ac\ubdf0
-gb.reviews = \ub9ac\ubdf0
-gb.veto = \uac70\ubd80
-gb.needsImprovement = \uac1c\uc120 \ud544\uc694
-gb.looksGood = \uc88b\uc544 \ubcf4\uc784
-gb.approve = \uc2b9\uc778
-gb.hasNotReviewed = \ub9ac\ubdf0\ub418\uc9c0 \uc54a\uc74c
+gb.queries = \uCFFC\uB9AC
+gb.searchTicketsTooltip = {0} \uD2F0\uCF13 \uAC80\uC0C9
+gb.searchTickets = \uD2F0\uCF13 \uAC80\uC0C9
+gb.new = \uC0C8
+gb.newTicket = \uC0C8 \uD2F0\uCF13
+gb.editTicket = \uD2F0\uCF13 \uC218\uC815
+gb.ticketsWelcome = \uD560\uC77C \uBAA9\uB85D, \uBC84\uADF8 \uD1A0\uB860\uC744 \uC815\uB9AC\uD558\uACE0 \uD328\uCE58\uC14B\uC73C\uB85C \uD611\uC5C5\uD558\uAE30 \uC704\uD574 \uD2F0\uCF13\uC744 \uC0AC\uC6A9\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4.
+gb.createFirstTicket = \uCCAB\uBC88\uC9F8 \uD2F0\uCF13\uC744 \uB9CC\uB4DC\uC138\uC694.
+gb.title = \uC81C\uBAA9
+gb.changedStatus = \uC0C1\uD0DC \uBCC0\uACBD\uB428
+gb.discussion = \uD1A0\uB860
+gb.updated = \uC5C5\uB370\uC774\uD2B8\uB428
+gb.proposePatchset = \uD328\uCE58\uC14B\uC758 \uC81C\uC548
+gb.proposePatchsetNote = \uC774 \uD2F0\uCF13\uC5D0 \uB300\uD55C \uD328\uCE58\uC14B \uC81C\uC548\uC744 \uD658\uC601\uD569\uB2C8\uB2E4.
+gb.proposeInstructions = \uB9E8 \uBA3C\uC800, \uD328\uCE58\uC14B\uC744 \uB9CC\uB4E4\uACE0 Git\uC73C\uB85C \uC5C5\uB85C\uB4DC \uD558\uC138\uC694. Gitblit \uC774 id \uB85C \uC774 \uD2F0\uCF13\uACFC \uC5F0\uACB0\uD560 \uAC83\uC785\uB2C8\uB2E4.
+gb.proposeWith = \uC774\uAC83\uC73C\uB85C \uD328\uCE58\uC14B \uC81C\uC548 - {0}
+gb.revisionHistory = \uB9AC\uBE44\uC804 \uD788\uC2A4\uD1A0\uB9AC
+gb.merge = \uBA38\uC9C0
+gb.action = \uC561\uC158
+gb.patchset = \uD328\uCE58\uC14B
+gb.all = \uBAA8\uB450
+gb.mergeBase = \uBA38\uC9C0 \uBCA0\uC774\uC2A4
+gb.checkout = \uCCB4\uD06C\uC544\uC6C3
+gb.checkoutViaCommandLine = \uCEE4\uB9E8\uB4DC \uB77C\uC778\uC73C\uB85C \uCCB4\uD06C\uC544\uC6C3
+gb.checkoutViaCommandLineNote = \uC774 \uC800\uC7A5\uC18C\uC758 \uD074\uB860\uC5D0\uC11C \uB85C\uCEEC \uBCC0\uACBD\uC0AC\uD56D\uC744 \uCCB4\uD06C\uC544\uC6C3\uD558\uACE0 \uD14C\uC2A4\uD2B8\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4.
+gb.checkoutStep1 = \uD604\uC7AC \uD328\uCE58\uC14B\uC744 \uAC00\uC838\uC624\uC138\uC694. - \uD504\uB85C\uC81D\uD2B8 \uB514\uB809\uD1A0\uB9AC\uC5D0\uC11C \uC774 \uC791\uC5C5\uC744 \uC2E4\uD589\uD558\uC138\uC694.
+gb.checkoutStep2 = \uC0C8 \uBE0C\uB79C\uCE58\uC640 \uB9AC\uBDF0\uC5D0 \uD328\uCE58\uC14B\uC744 \uCCB4\uD06C\uC544\uC6C3 \uD558\uC138\uC694.
+gb.mergingViaCommandLine = \uCEE4\uB9E8\uB4DC \uB77C\uC778\uC5D0\uC11C \uBA38\uC9D5
+gb.mergingViaCommandLineNote = \uBA38\uC9C0 \uBC84\uD2BC \uC0AC\uC6A9\uC744 \uC6D0\uD558\uC9C0 \uC54A\uAC70\uB098 \uC790\uB3D9 \uBA38\uC9C0\uAC00 \uB3D9\uC791\uD558\uC9C0 \uB418\uC9C0 \uC54A\uB294\uB2E4\uBA74, \uCEE4\uB9E8\uB4DC \uB77C\uC778\uC5D0\uC11C \uC218\uB3D9\uC73C\uB85C \uBA38\uC9C0\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4.
+gb.mergeStep1 = \uBCC0\uACBD\uC0AC\uD56D\uC744 \uB9AC\uBDF0\uD558\uAE30\uC704\uD574 \uC0C8 \uBE0C\uB79C\uCE58\uB97C \uCCB4\uD06C\uC544\uC6C3 \uD558\uC138\uC694. \u2014 \uD504\uB85C\uC81D\uD2B8 \uB514\uB809\uD1A0\uB9AC\uC5D0\uC11C \uC774 \uC791\uC5C5\uC744 \uC2E4\uD589\uD558\uC138\uC694.
+gb.mergeStep2 = \uC81C\uC548\uB41C \uBCC0\uACBD\uC0AC\uD56D\uACFC \uB9AC\uBDF0\uB97C \uAC00\uC838\uC624\uC138\uC694.
+gb.mergeStep3 = \uC81C\uC548\uB41C \uBCC0\uACBD\uC0AC\uD56D\uC744 \uBA38\uC9C0\uD558\uACE0 \uC11C\uBC84\uC5D0 \uC5C5\uB370\uC774\uD2B8 \uD558\uC138\uC694.
+gb.download = \uB2E4\uC6B4\uB85C\uB4DC
+gb.ptDescription = Gitblit \uD328\uCE58\uC14B \uB3C4\uAD6C
+gb.ptCheckout = \uB9AC\uBDF0 \uBE0C\uB79C\uCE58\uC5D0 \uD604\uC7AC \uD328\uCE58\uC14B\uC744 \uAC00\uC838\uC624\uACE0 \uCCB4\uD06C\uC544\uC6C3\uD558\uC138\uC694.
+gb.ptMerge = \uB85C\uCEEC \uBE0C\uB79C\uCE58\uC5D0 \uD604\uC7AC \uD328\uCE58\uC14B\uC744 \uAC00\uC838\uC624\uACE0 \uBA38\uC9C0\uD558\uC138\uC694.
+gb.ptDescription1 = Barnum \uC740 Gitblit \uD2F0\uCF13\uACFC \uD328\uCE58\uC14B\uC744 \uC0AC\uC6A9\uD558\uAE30 \uC704\uD55C \uAD6C\uBB38\uC744 \uB2E8\uC21C\uD558\uAC8C \uD574\uC904 Git \uCEE4\uB9E8\uB4DC \uB77C\uC778 \uB3C4\uAD6C \uC785\uB2C8\uB2E4.
+gb.ptSimplifiedCollaboration = \uB2E8\uC21C\uD654\uB41C \uACF5\uB3D9\uC791\uC5C5 \uAD6C\uBB38
+gb.ptSimplifiedMerge = \uB2E8\uC21C\uD654\uB41C \uBA38\uC9C0 \uAD6C\uBB38
+gb.ptDescription2 = Barnum \uC740 \uD30C\uC774\uC36C 3 \uC640 \uB124\uC774\uD2F0\uBE0C Git \uC774 \uD544\uC694\uD569\uB2C8\uB2E4. Windows, Linux, and Mac OS X \uC5D0\uC11C \uB3D9\uC791\uD569\uB2C8\uB2E4.
+gb.stepN = {0} \uB2E8\uACC4
+gb.watchers = \uC9C0\uCF1C\uBCF4\uB294 \uC774
+gb.votes = \uD22C\uD45C
+gb.vote = {0} \uC5D0 \uD22C\uD45C\uD558\uAE30
+gb.watch = {0} \uC9C0\uCF1C\uBCF4\uAE30
+gb.removeVote = \uD22C\uD45C \uC81C\uAC70
+gb.stopWatching = \uC9C0\uCF1C\uBCF4\uAE30 \uC911\uC9C0
+gb.watching = \uC9C0\uCF1C\uBCF4\uB294 \uC911
+gb.comments = \uCF54\uBA58\uD2B8
+gb.addComment = \uCF54\uBA58\uD2B8 \uCD94\uAC00
+gb.export = \uB0B4\uBCF4\uB0B4\uAE30
+gb.oneCommit = 1\uAC1C \uCEE4\uBC0B
+gb.nCommits = {0}\uAC1C \uCEE4\uBC0B
+gb.addedOneCommit = 1\uAC1C \uCEE4\uBC0B \uCD94\uAC00
+gb.addedNCommits = {0}\uAC1C \uCEE4\uBC0B \uCD94\uAC00
+gb.commitsInPatchsetN = {0} \uD328\uCE58\uC14B\uC758 \uCEE4\uBC0B
+gb.patchsetN = \uD328\uCE58\uC14B {0}
+gb.reviewedPatchsetRev = \uD328\uCE58\uC14B {0} \uB9AC\uBE44\uC804 {1}: {2} \uB9AC\uBDF0
+gb.review = \uB9AC\uBDF0
+gb.reviews = \uB9AC\uBDF0
+gb.veto = \uAC70\uBD80
+gb.needsImprovement = \uAC1C\uC120 \uD544\uC694
+gb.looksGood = \uC88B\uC544 \uBCF4\uC784
+gb.approve = \uC2B9\uC778
+gb.hasNotReviewed = \uB9AC\uBDF0\uB418\uC9C0 \uC54A\uC74C
 gb.about = about
-gb.ticketN = \ud2f0\ucf13 #{0}
-gb.disableUser = \uc0ac\uc6a9\uc790 \ube44\ud65c\uc131\ud654
-gb.disableUserDescription = \uc778\uc99d\uc5d0\uc11c \uc774 \uacc4\uc815 \ucc28\ub2e8
-gb.any = \ubaa8\ub450
-gb.milestoneProgress = {0}\uac1c \uc5f4\ub9bc, {1}\uac1c \ub2eb\ud798
-gb.nOpenTickets = {0}\uac1c \uc5f4\ub9bc
-gb.nClosedTickets = {0}\uac1c \ub2eb\ud798
-gb.nTotalTickets = \ubaa8\ub450 {0}\uac1c
-gb.body = \ub0b4\uc6a9
+gb.ticketN = \uD2F0\uCF13 #{0}
+gb.disableUser = \uC0AC\uC6A9\uC790 \uBE44\uD65C\uC131\uD654
+gb.disableUserDescription = \uC778\uC99D\uC5D0\uC11C \uC774 \uACC4\uC815 \uCC28\uB2E8
+gb.any = \uBAA8\uB450
+gb.milestoneProgress = {0}\uAC1C \uC5F4\uB9BC, {1}\uAC1C \uB2EB\uD798
+gb.nOpenTickets = {0}\uAC1C \uC5F4\uB9BC
+gb.nClosedTickets = {0}\uAC1C \uB2EB\uD798
+gb.nTotalTickets = \uBAA8\uB450 {0}\uAC1C
+gb.body = \uB0B4\uC6A9
 gb.mergeSha = mergeSha
-gb.mergeTo = \uba38\uc9c0\ub300\uc0c1
-gb.labels = \ub77c\ubca8
-gb.reviewers = \uac80\ud1a0\uc790
-gb.voters = \ud22c\ud45c\uc790
-gb.mentions = \ub9e8\uc158
-gb.canNotProposePatchset = \ud328\uce58\uc14b\uc744 \uc81c\uc548\ud560 \uc218 \uc5c6\uc74c
-gb.repositoryIsMirror = \uc774 \uc800\uc7a5\uc18c\ub294 \uc77d\uae30\uc804\uc6a9 \ubbf8\ub7ec\uc785\ub2c8\ub2e4.
-gb.repositoryIsFrozen = \uc774 \uc800\uc7a5\uc18c\ub294 \ud504\ub85c\uc98c \uc0c1\ud0dc\uc785\ub2c8\ub2e4.
-gb.repositoryDoesNotAcceptPatchsets = \uc774 \uc800\uc7a5\uc18c\ub294 \ud328\uce58\uc14b\uc744 \uc218\uc6a9\ud558\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4.
-gb.serverDoesNotAcceptPatchsets = \uc774 \uc11c\ubc84\ub294 \ud328\uce58\uc14b\uc744 \uc218\uc6a9\ud558\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4.
-gb.ticketIsClosed = \uc774 \ud2f0\ucf13\uc740 \ub2eb\ud600 \uc788\uc2b5\ub2c8\ub2e4.
-gb.mergeToDescription = \ud2f0\ucf13 \ud328\uce58\uc14b\uc744 \uba38\uc9c0\ud560 \uae30\ubcf8 \ud1b5\ud569 \ube0c\ub79c\uce58
-gb.anonymousCanNotPropose = \uc775\uba85 \uc0ac\uc6a9\uc790\ub294 \ud328\uce58\uc14b\uc744 \uc81c\uc548\ud560 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4.
-gb.youDoNotHaveClonePermission = \ub2f9\uc2e0\uc740 \uc774 \uc800\uc7a5\uc18c\ub97c \ud074\ub860\ud560 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4.
-gb.myTickets = \ub0b4 \ud2f0\ucf13
-gb.yourAssignedTickets = \ub098\uc5d0\uac8c \ud560\ub2f9\ub41c
-gb.newMilestone = \uc0c8 \ub9c8\uc77c\uc2a4\ud1a4
-gb.editMilestone = \ub9c8\uc77c\uc2a4\ud1a4 \uc218\uc815
-gb.deleteMilestone = \ub9c8\uc77c\uc2a4\ud1a4 \"{0}\"\uc744(\ub97c) \uc0ad\uc81c\ud560\uae4c\uc694?
-gb.milestoneDeleteFailed = \ub9c8\uc77c\uc2a4\ud1a4 ''{0}'' \uc0ad\uc81c \uc2e4\ud328!
-gb.notifyChangedOpenTickets = \uc5f0 \ud2f0\ucf13\uc758 \ubcc0\uacbd \uc54c\ub9bc \uc804\uc1a1
-gb.overdue = \uc9c0\uc5f0
-gb.openMilestones = \ub9c8\uc77c\uc2a4\ud1a4 \uc5f4\uae30
-gb.closedMilestones = \ub2eb\ud78c \ub9c8\uc77c\uc2a4\ud1a4
-gb.administration = \uad00\ub9ac
-gb.plugins = \ud50c\ub7ec\uadf8\uc778
-gb.extensions = \ud655\uc7a5\uae30\ub2a5
-gb.pleaseSelectProject = \ud504\ub85c\uc81d\ud2b8\ub97c \uc120\ud0dd\ud574 \uc8fc\uc138\uc694!
-gb.accessPolicy = \uc811\uadfc \uc815\ucc45
-gb.accessPolicyDescription = \uc800\uc7a5\uc18c \ubcf4\uae30\uc640 git \uad8c\ud55c\uc744 \uc81c\uc5b4\ud558\uae30 \uc704\ud574 \uc811\uadfc \uc815\ucc45\uc744 \uc120\ud0dd\ud558\uc138\uc694.
-gb.anonymousPolicy = \uc775\uba85 \ubcf4\uae30, \ud074\ub860 \uadf8\ub9ac\uace0 \ud478\uc2dc
-gb.anonymousPolicyDescription = \ub204\uad6c\ub098 \uc774 \uc800\uc7a5\uc18c\ub97c \ubcf4\uae30, \ud074\ub860, \uadf8\ub9ac\uace0 \ud478\uc2dc\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.
-gb.authenticatedPushPolicy = \uc81c\ud55c\ub41c \ud478\uc2dc (\uc778\uc99d\ub41c)
-gb.authenticatedPushPolicyDescription = \ub204\uad6c\ub098 \uc774 \uc800\uc7a5\uc18c\ub97c \ubcf4\uac70\ub098 \ud074\ub860\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \ubaa8\ub4e0 \uc778\uc99d\ub41c \uc720\uc800\ub294 RW+ \ud478\uc2dc \uad8c\ud55c\uc744 \uac00\uc9d1\ub2c8\ub2e4.
-gb.namedPushPolicy = \uc774\ub984\uc73c\ub85c \ud478\uc2dc \uc81c\ud55c
-gb.namedPushPolicyDescription = \ub204\uad6c\ub098 \uc774 \uc800\uc7a5\uc18c\ub97c \ubcf4\uac70\ub098 \ud074\ub860\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc120\ud0dd\ud55c \uc720\uc800\ub9cc \ud478\uc2dc\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.
-gb.clonePolicy = \uc81c\ud55c\ub41c \ud074\ub860 & \ud478\uc2dc
-gb.clonePolicyDescription = \ub204\uad6c\ub098 \uc774 \uc800\uc7a5\uc18c\ub97c \ubcfc \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc120\ud0dd\ud55c \uc720\uc800\ub9cc \ud074\ub860\uacfc \ud478\uc2dc\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.
-gb.viewPolicy  = \uc81c\ud55c\ub41c \ubcf4\uae30, \ud074\ub860 & \ud478\uc2dc
-gb.viewPolicyDescription = \uc120\ud0dd\ud55c \uc720\uc800\ub9cc \uc774 \uc800\uc7a5\uc18c\uc5d0 \ub300\ud574 \ubcf4\uae30, \ud074\ub860 \uadf8\ub9ac\uace0 \ud478\uc2dc \ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.
-gb.initialCommit = \ucd5c\ucd08 \ucee4\ubc0b
-gb.initialCommitDescription = \uc774 \uc800\uc7a5\uc18c\ub97c \uc989\uc2dc <code>git clone</code> \ud560 \uc218 \uc788\ub3c4\ub85d \ud569\ub2c8\ub2e4. \ub85c\uceec\uc5d0\uc11c <code>git init</code> \ud588\ub2e4\uba74 \uc774 \ub2e8\uacc4\ub97c \uac74\ub108\ub6f0\uc138\uc694.
-gb.initWithReadme = README \ud3ec\ud568
-gb.initWithReadmeDescription = \uc800\uc7a5\uc18c\uc758 \uac04\ub2e8\ud55c README \ubb38\uc11c\ub97c \uc0dd\uc131\ud569\ub2c8\ub2e4.
-gb.initWithGitignore = .gitignore \ud30c\uc77c \ud3ec\ud568
-gb.initWithGitignoreDescription = Git \ud074\ub77c\uc774\uc5b8\ud2b8\uac00 \uc815\uc758\ub41c \ud328\ud134\uc5d0 \ub530\ub77c \ud30c\uc77c\uc774\ub098 \ub514\ub809\ud1a0\ub9ac\ub97c \ubb34\uc2dc\ud558\ub3c4\ub85d \uc9c0\uc815\ud55c \uc124\uc815\ud30c\uc77c\uc744 \ucd94\uac00\ud569\ub2c8\ub2e4.
-gb.pleaseSelectGitIgnore = .gitignore \ud30c\uc77c\uc744 \uc120\ud0dd\ud558\uc138\uc694.
-gb.receive = \uc218\uc2e0
-gb.permissions = \uad8c\ud55c
-gb.ownersDescription = \uc18c\uc720\uc790\ub294 \uc800\uc7a5\uc18c\uc758 \ubaa8\ub4e0 \uc124\uc815\uc744 \uad00\ub9ac\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uadf8\ub7ec\ub098, \uac1c\uc778 \uc800\uc7a5\uc18c\ub97c \uc81c\uc678\ud558\uace0\ub294 \uc800\uc7a5\uc18c \uc774\ub984\uc744 \ubcc0\uacbd\ud560 \uc218 \uc5c6\uc2b5\ub2c8\ub2e4.
-gb.userPermissionsDescription = \uac1c\ubcc4 \uc0ac\uc6a9\uc790 \uad8c\ud55c\uc744 \uc9c0\uc815\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc774 \uc124\uc815\uc740 \ud300\uc774\ub098 \uc815\uaddc\uc2dd \uad8c\ud55c\uc744 \ubb34\uc2dc\ud569\ub2c8\ub2e4.
-gb.teamPermissionsDescription = \uac1c\ubcc4 \ud300 \uad8c\ud55c\uc744 \uc9c0\uc815\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc774 \uc124\uc815\uc740 \uc815\uaddc\uc2dd \uad8c\ud55c\uc744 \ubb34\uc2dc\ud569\ub2c8\ub2e4.
-gb.ticketSettings = \ud2f0\ucf13 \uc124\uc815
-gb.receiveSettings = \uc218\uc2e0 \uc124\uc815
-gb.receiveSettingsDescription = \uc218\uc2e0 \uc124\uc815\uc740 \uc800\uc7a5\uc18c\uc5d0 \ud478\uc2dc\ud558\ub294 \uac83\uc744 \uc81c\uc5b4\ud569\ub2c8\ub2e4.
-gb.preReceiveDescription = Pre-receive \ud6c5\uc740 \ucee4\ubc0b\uc744 \uc218\uc2e0\ud588\uc9c0\ub9cc, refs \uac00 \uc5c5\ub370\uc774\ud2b8 \ub418\uae30 <em>\uc804</em> \uc5d0 \uc2e4\ud589\ub429\ub2c8\ub2e4.<p>\uc774\uac83\uc740 \ud478\uc2dc\ub97c \uac70\ubd80\ud558\uae30\uc5d0 \uc801\uc808\ud55c \ud6c5 \uc785\ub2c8\ub2e4.</p>
-gb.postReceiveDescription = Post-receive \ud639\uc740 \ucee4\ubc0b\uc744 \uc218\uc2e0\ud558\uace0, refs \uac00 \uc5c5\ub370\uc774\ud2b8 \ub41c <em>\ud6c4</em> \uc5d0 \uc2e4\ud589\ub429\ub2c8\ub2e4.<p>\uc774\uac83\uc740 \uc54c\ub9bc, \ube4c\ub4dc \ud2b8\ub9ac\uac70 \ub4f1\uc744 \ud558\uae30\uc5d0 \uc801\uc808\ud55c \ud6c5 \uc785\ub2c8\ub2e4.</p>
-gb.federationStrategyDescription = \ub2e4\ub978 Gitblit \uacfc \ud398\ub354\ub808\uc774\uc158 \ud558\ub294 \ubc29\ubc95\uc744 \uc81c\uc5b4\ud569\ub2c8\ub2e4.
-gb.federationSetsDescription = \uc774 \uc800\uc7a5\uc18c\ub294 \uc120\ud0dd\ub41c \ud398\ub354\ub808\uc774\uc158 \uc14b\uc5d0 \ud3ec\ud568\ub429\ub2c8\ub2e4.
-gb.miscellaneous = \uae30\ud0c0
-gb.originDescription = \uc774 \uc800\uc7a5\uc18c\uac00 \ud074\ub860\ub41c \uacf3\uc758 url
+gb.mergeTo = \uBA38\uC9C0\uB300\uC0C1
+gb.mergeType = \uBA38\uC9C0\uD0C0\uC785
+gb.labels = \uB77C\uBCA8
+gb.reviewers = \uAC80\uD1A0\uC790
+gb.voters = \uD22C\uD45C\uC790
+gb.mentions = \uB9E8\uC158
+gb.canNotProposePatchset = \uD328\uCE58\uC14B\uC744 \uC81C\uC548\uD560 \uC218 \uC5C6\uC74C
+gb.repositoryIsMirror = \uC774 \uC800\uC7A5\uC18C\uB294 \uC77D\uAE30\uC804\uC6A9 \uBBF8\uB7EC\uC785\uB2C8\uB2E4.
+gb.repositoryIsFrozen = \uC774 \uC800\uC7A5\uC18C\uB294 \uD504\uB85C\uC98C \uC0C1\uD0DC\uC785\uB2C8\uB2E4.
+gb.repositoryDoesNotAcceptPatchsets = \uC774 \uC800\uC7A5\uC18C\uB294 \uD328\uCE58\uC14B\uC744 \uC218\uC6A9\uD558\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4.
+gb.serverDoesNotAcceptPatchsets = \uC774 \uC11C\uBC84\uB294 \uD328\uCE58\uC14B\uC744 \uC218\uC6A9\uD558\uC9C0 \uC54A\uC2B5\uB2C8\uB2E4.
+gb.ticketIsClosed = \uC774 \uD2F0\uCF13\uC740 \uB2EB\uD600 \uC788\uC2B5\uB2C8\uB2E4.
+gb.mergeToDescription = \uD2F0\uCF13 \uD328\uCE58\uC14B\uC744 \uBA38\uC9C0\uD560 \uAE30\uBCF8 \uD1B5\uD569 \uBE0C\uB79C\uCE58
+gb.mergeTypeDescription	=  fast-forward \uB9CC \uBA38\uC9C0, \uD544\uC694\uD558\uBA74, \uB610\uB294 \uD56D\uC0C1 \uD1B5\uD569\uBE0C\uB79C\uCE58\uC5D0 \uCEE4\uBC0B \uBA38\uC9C0
+gb.anonymousCanNotPropose = \uC775\uBA85 \uC0AC\uC6A9\uC790\uB294 \uD328\uCE58\uC14B\uC744 \uC81C\uC548\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.
+gb.youDoNotHaveClonePermission = \uB2F9\uC2E0\uC740 \uC774 \uC800\uC7A5\uC18C\uB97C \uD074\uB860\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.
+gb.myTickets = \uB0B4 \uD2F0\uCF13
+gb.yourAssignedTickets = \uB098\uC5D0\uAC8C \uD560\uB2F9\uB41C
+gb.newMilestone = \uC0C8 \uB9C8\uC77C\uC2A4\uD1A4
+gb.editMilestone = \uB9C8\uC77C\uC2A4\uD1A4 \uC218\uC815
+gb.deleteMilestone = \uB9C8\uC77C\uC2A4\uD1A4 \"{0}\"\uC744(\uB97C) \uC0AD\uC81C\uD560\uAE4C\uC694?
+gb.milestoneDeleteFailed = \uB9C8\uC77C\uC2A4\uD1A4 ''{0}'' \uC0AD\uC81C \uC2E4\uD328!
+gb.notifyChangedOpenTickets = \uC5F0 \uD2F0\uCF13\uC758 \uBCC0\uACBD \uC54C\uB9BC \uC804\uC1A1
+gb.overdue = \uC9C0\uC5F0
+gb.openMilestones = \uB9C8\uC77C\uC2A4\uD1A4 \uC5F4\uAE30
+gb.closedMilestones = \uB2EB\uD78C \uB9C8\uC77C\uC2A4\uD1A4
+gb.administration = \uAD00\uB9AC
+gb.plugins = \uD50C\uB7EC\uADF8\uC778
+gb.extensions = \uD655\uC7A5\uAE30\uB2A5
+gb.pleaseSelectProject = \uD504\uB85C\uC81D\uD2B8\uB97C \uC120\uD0DD\uD574 \uC8FC\uC138\uC694!
+gb.accessPolicy = \uC811\uADFC \uC815\uCC45
+gb.accessPolicyDescription = \uC800\uC7A5\uC18C \uBCF4\uAE30\uC640 git \uAD8C\uD55C\uC744 \uC81C\uC5B4\uD558\uAE30 \uC704\uD574 \uC811\uADFC \uC815\uCC45\uC744 \uC120\uD0DD\uD558\uC138\uC694.
+gb.anonymousPolicy = \uC775\uBA85 \uBCF4\uAE30, \uD074\uB860 \uADF8\uB9AC\uACE0 \uD478\uC2DC
+gb.anonymousPolicyDescription = \uB204\uAD6C\uB098 \uC774 \uC800\uC7A5\uC18C\uB97C \uBCF4\uAE30, \uD074\uB860, \uADF8\uB9AC\uACE0 \uD478\uC2DC\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4.
+gb.authenticatedPushPolicy = \uC81C\uD55C\uB41C \uD478\uC2DC (\uC778\uC99D\uB41C)
+gb.authenticatedPushPolicyDescription = \uB204\uAD6C\uB098 \uC774 \uC800\uC7A5\uC18C\uB97C \uBCF4\uAC70\uB098 \uD074\uB860\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4. \uBAA8\uB4E0 \uC778\uC99D\uB41C \uC720\uC800\uB294 RW+ \uD478\uC2DC \uAD8C\uD55C\uC744 \uAC00\uC9D1\uB2C8\uB2E4.
+gb.namedPushPolicy = \uC774\uB984\uC73C\uB85C \uD478\uC2DC \uC81C\uD55C
+gb.namedPushPolicyDescription = \uB204\uAD6C\uB098 \uC774 \uC800\uC7A5\uC18C\uB97C \uBCF4\uAC70\uB098 \uD074\uB860\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4. \uC120\uD0DD\uD55C \uC720\uC800\uB9CC \uD478\uC2DC\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4.
+gb.clonePolicy = \uC81C\uD55C\uB41C \uD074\uB860 & \uD478\uC2DC
+gb.clonePolicyDescription = \uB204\uAD6C\uB098 \uC774 \uC800\uC7A5\uC18C\uB97C \uBCFC \uC218 \uC788\uC2B5\uB2C8\uB2E4. \uC120\uD0DD\uD55C \uC720\uC800\uB9CC \uD074\uB860\uACFC \uD478\uC2DC\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4.
+gb.viewPolicy  = \uC81C\uD55C\uB41C \uBCF4\uAE30, \uD074\uB860 & \uD478\uC2DC
+gb.viewPolicyDescription = \uC120\uD0DD\uD55C \uC720\uC800\uB9CC \uC774 \uC800\uC7A5\uC18C\uC5D0 \uB300\uD574 \uBCF4\uAE30, \uD074\uB860 \uADF8\uB9AC\uACE0 \uD478\uC2DC \uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4.
+gb.initialCommit = \uCD5C\uCD08 \uCEE4\uBC0B
+gb.initialCommitDescription = \uC774 \uC800\uC7A5\uC18C\uB97C \uC989\uC2DC <code>git clone</code> \uD560 \uC218 \uC788\uB3C4\uB85D \uD569\uB2C8\uB2E4. \uB85C\uCEEC\uC5D0\uC11C <code>git init</code> \uD588\uB2E4\uBA74 \uC774 \uB2E8\uACC4\uB97C \uAC74\uB108\uB6F0\uC138\uC694.
+gb.initWithReadme = README \uD3EC\uD568
+gb.initWithReadmeDescription = \uC800\uC7A5\uC18C\uC758 \uAC04\uB2E8\uD55C README \uBB38\uC11C\uB97C \uC0DD\uC131\uD569\uB2C8\uB2E4.
+gb.initWithGitignore = .gitignore \uD30C\uC77C \uD3EC\uD568
+gb.initWithGitignoreDescription = Git \uD074\uB77C\uC774\uC5B8\uD2B8\uAC00 \uC815\uC758\uB41C \uD328\uD134\uC5D0 \uB530\uB77C \uD30C\uC77C\uC774\uB098 \uB514\uB809\uD1A0\uB9AC\uB97C \uBB34\uC2DC\uD558\uB3C4\uB85D \uC9C0\uC815\uD55C \uC124\uC815\uD30C\uC77C\uC744 \uCD94\uAC00\uD569\uB2C8\uB2E4.
+gb.pleaseSelectGitIgnore = .gitignore \uD30C\uC77C\uC744 \uC120\uD0DD\uD558\uC138\uC694.
+gb.receive = \uC218\uC2E0
+gb.permissions = \uAD8C\uD55C
+gb.ownersDescription = \uC18C\uC720\uC790\uB294 \uC800\uC7A5\uC18C\uC758 \uBAA8\uB4E0 \uC124\uC815\uC744 \uAD00\uB9AC\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4. \uADF8\uB7EC\uB098, \uAC1C\uC778 \uC800\uC7A5\uC18C\uB97C \uC81C\uC678\uD558\uACE0\uB294 \uC800\uC7A5\uC18C \uC774\uB984\uC744 \uBCC0\uACBD\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.
+gb.userPermissionsDescription = \uAC1C\uBCC4 \uC0AC\uC6A9\uC790 \uAD8C\uD55C\uC744 \uC9C0\uC815\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4. \uC774 \uC124\uC815\uC740 \uD300\uC774\uB098 \uC815\uADDC\uC2DD \uAD8C\uD55C\uC744 \uBB34\uC2DC\uD569\uB2C8\uB2E4.
+gb.teamPermissionsDescription = \uAC1C\uBCC4 \uD300 \uAD8C\uD55C\uC744 \uC9C0\uC815\uD560 \uC218 \uC788\uC2B5\uB2C8\uB2E4. \uC774 \uC124\uC815\uC740 \uC815\uADDC\uC2DD \uAD8C\uD55C\uC744 \uBB34\uC2DC\uD569\uB2C8\uB2E4.
+gb.ticketSettings = \uD2F0\uCF13 \uC124\uC815
+gb.receiveSettings = \uC218\uC2E0 \uC124\uC815
+gb.receiveSettingsDescription = \uC218\uC2E0 \uC124\uC815\uC740 \uC800\uC7A5\uC18C\uC5D0 \uD478\uC2DC\uD558\uB294 \uAC83\uC744 \uC81C\uC5B4\uD569\uB2C8\uB2E4.
+gb.preReceiveDescription = Pre-receive \uD6C5\uC740 \uCEE4\uBC0B\uC744 \uC218\uC2E0\uD588\uC9C0\uB9CC, refs \uAC00 \uC5C5\uB370\uC774\uD2B8 \uB418\uAE30 <em>\uC804</em> \uC5D0 \uC2E4\uD589\uB429\uB2C8\uB2E4.<p>\uC774\uAC83\uC740 \uD478\uC2DC\uB97C \uAC70\uBD80\uD558\uAE30\uC5D0 \uC801\uC808\uD55C \uD6C5 \uC785\uB2C8\uB2E4.</p>
+gb.postReceiveDescription = Post-receive \uD639\uC740 \uCEE4\uBC0B\uC744 \uC218\uC2E0\uD558\uACE0, refs \uAC00 \uC5C5\uB370\uC774\uD2B8 \uB41C <em>\uD6C4</em> \uC5D0 \uC2E4\uD589\uB429\uB2C8\uB2E4.<p>\uC774\uAC83\uC740 \uC54C\uB9BC, \uBE4C\uB4DC \uD2B8\uB9AC\uAC70 \uB4F1\uC744 \uD558\uAE30\uC5D0 \uC801\uC808\uD55C \uD6C5 \uC785\uB2C8\uB2E4.</p>
+gb.federationStrategyDescription = \uB2E4\uB978 Gitblit \uACFC \uD398\uB354\uB808\uC774\uC158 \uD558\uB294 \uBC29\uBC95\uC744 \uC81C\uC5B4\uD569\uB2C8\uB2E4.
+gb.federationSetsDescription = \uC774 \uC800\uC7A5\uC18C\uB294 \uC120\uD0DD\uB41C \uD398\uB354\uB808\uC774\uC158 \uC14B\uC5D0 \uD3EC\uD568\uB429\uB2C8\uB2E4.
+gb.miscellaneous = \uAE30\uD0C0
+gb.originDescription = \uC774 \uC800\uC7A5\uC18C\uAC00 \uD074\uB860\uB41C \uACF3\uC758 url
 gb.gc = GC 
-gb.garbageCollection = \uac00\ube44\uc9c0 \uceec\ub809\uc158
-gb.garbageCollectionDescription = \uac00\ube44\uc9c0 \uceec\ub809\ud130\ub294 \ud074\ub77c\uc774\uc5b8\ud2b8\uc5d0\uc11c \ud478\uc2dc\ud55c \ub290\uc2a8\ud55c \uc624\ube0c\uc81d\ud2b8\ub97c \ud328\ud0b9\ud558\uace0, \uc800\uc7a5\uc18c\uc5d0\uc11c \ucc38\uc870\ud558\uc9c0 \uc54a\ub294 \uc624\ube0c\uc81d\ud2b8\ub97c \uc0ad\uc81c\ud569\ub2c8\ub2e4.
-gb.commitMessageRendererDescription = \ucee4\ubc0b \uba54\uc2dc\uc9c0\ub294 \ud3c9\ubb38 \ub610\ub294 \ub9c8\ud06c\uc5c5\uc73c\ub85c \ub80c\ub354\ub9c1\ud558\uc5ec \ud45c\uc2dc\ub420 \uc218 \uc788\uc2b5\ub2c8\ub2e4.
-gb.preferences = \uc124\uc815
-gb.accountPreferences = \uacc4\uc815 \uc124\uc815
-gb.accountPreferencesDescription = \uacc4\uc815 \uc124\uc815\uc744 \uc9c0\uc815\ud569\ub2c8\ub2e4.
-gb.languagePreference = \uc5b8\uc5b4 \uc124\uc815 
-gb.languagePreferenceDescription = \uc120\ud638\ud558\ub294 \uc5b8\uc5b4\ub97c \uc120\ud0dd\ud558\uc138\uc694.
-gb.emailMeOnMyTicketChanges = \ub0b4 \ud2f0\ucf13\uc774 \ubcc0\uacbd\ub418\uba74 \uc774\uba54\uc77c\ub85c \uc54c\ub9bc
-gb.emailMeOnMyTicketChangesDescription  = \ub0b4\uac00 \ub9cc\ub4e0 \ud2f0\ucf13\uc758 \ubcc0\uacbd\ub418\uba74 \ubcc0\uacbd\uc0ac\ud56d\uc744 \ub098\uc758 \uc774\uba54\uc77c\ub85c \uc54c\ub824\uc90c
-gb.displayNameDescription = \ud45c\uc2dc\ub420 \uc774\ub984
-gb.emailAddressDescription = \uc54c\ub9bc\uc744 \ubc1b\uae30\uc704\ud55c \uc8fc \uc774\uba54\uc77c
-gb.sshKeys = SSH \ud0a4
-gb.sshKeysDescription = SSH \uacf5\uac1c\ud0a4 \uc778\uc99d\uc740 \ud328\uc2a4\uc6cc\ub4dc \uc778\uc99d\uc744 \ub300\uccb4\ud558\ub294 \uc548\uc804\ud55c \ub300\uc548\uc785\ub2c8\ub2e4. 
-gb.addSshKey = SSH \ud0a4 \ucd94\uac00
-gb.key = \ud0a4
-gb.comment = \uc124\uba85
-gb.sshKeyCommentDescription = \uc0ac\uc6a9\uc790 \uc120\ud0dd\uc778 \uc124\uba85\uc744 \ucd94\uac00\ud558\uc138\uc694. \ube44\uc6cc \ub450\uba74 \ud0a4 \ub370\uc774\ud130\uc5d0\uc11c \ucd94\ucd9c\ud558\uc5ec \ucc44\uc6cc\uc9d1\ub2c8\ub2e4.
-gb.permission = \uad8c\ud55c
-gb.sshKeyPermissionDescription = SSH \ud0a4\uc758 \uc811\uc18d \uad8c\ud55c\uc744 \uc9c0\uc815\ud558\uc138\uc694.
-gb.transportPreference = \uc804\uc1a1 \uc124\uc815
-gb.transportPreferenceDescription = \ud074\ub860\uc2dc \uc0ac\uc6a9\ud560 \uc124\uc815\uc744 \uc9c0\uc815\ud558\uc138\uc694.
+gb.garbageCollection = \uAC00\uBE44\uC9C0 \uCEEC\uB809\uC158
+gb.garbageCollectionDescription = \uAC00\uBE44\uC9C0 \uCEEC\uB809\uD130\uB294 \uD074\uB77C\uC774\uC5B8\uD2B8\uC5D0\uC11C \uD478\uC2DC\uD55C \uB290\uC2A8\uD55C \uC624\uBE0C\uC81D\uD2B8\uB97C \uD328\uD0B9\uD558\uACE0, \uC800\uC7A5\uC18C\uC5D0\uC11C \uCC38\uC870\uD558\uC9C0 \uC54A\uB294 \uC624\uBE0C\uC81D\uD2B8\uB97C \uC0AD\uC81C\uD569\uB2C8\uB2E4.
+gb.commitMessageRendererDescription = \uCEE4\uBC0B \uBA54\uC2DC\uC9C0\uB294 \uD3C9\uBB38 \uB610\uB294 \uB9C8\uD06C\uC5C5\uC73C\uB85C \uB80C\uB354\uB9C1\uD558\uC5EC \uD45C\uC2DC\uB420 \uC218 \uC788\uC2B5\uB2C8\uB2E4.
+gb.preferences = \uC124\uC815
+gb.accountPreferences = \uACC4\uC815 \uC124\uC815
+gb.accountPreferencesDescription = \uACC4\uC815 \uC124\uC815\uC744 \uC9C0\uC815\uD569\uB2C8\uB2E4.
+gb.languagePreference = \uC5B8\uC5B4 \uC124\uC815 
+gb.languagePreferenceDescription = \uC120\uD638\uD558\uB294 \uC5B8\uC5B4\uB97C \uC120\uD0DD\uD558\uC138\uC694.
+gb.emailMeOnMyTicketChanges = \uB0B4 \uD2F0\uCF13\uC774 \uBCC0\uACBD\uB418\uBA74 \uC774\uBA54\uC77C\uB85C \uC54C\uB9BC
+gb.emailMeOnMyTicketChangesDescription  = \uB0B4\uAC00 \uB9CC\uB4E0 \uD2F0\uCF13\uC758 \uBCC0\uACBD\uB418\uBA74 \uBCC0\uACBD\uC0AC\uD56D\uC744 \uB098\uC758 \uC774\uBA54\uC77C\uB85C \uC54C\uB824\uC90C
+gb.displayNameDescription = \uD45C\uC2DC\uB420 \uC774\uB984
+gb.emailAddressDescription = \uC54C\uB9BC\uC744 \uBC1B\uAE30\uC704\uD55C \uC8FC \uC774\uBA54\uC77C
+gb.sshKeys = SSH \uD0A4
+gb.sshKeysDescription = SSH \uACF5\uAC1C\uD0A4 \uC778\uC99D\uC740 \uD328\uC2A4\uC6CC\uB4DC \uC778\uC99D\uC744 \uB300\uCCB4\uD558\uB294 \uC548\uC804\uD55C \uB300\uC548\uC785\uB2C8\uB2E4. 
+gb.addSshKey = SSH \uD0A4 \uCD94\uAC00
+gb.key = \uD0A4
+gb.comment = \uC124\uBA85
+gb.sshKeyCommentDescription = \uC0AC\uC6A9\uC790 \uC120\uD0DD\uC778 \uC124\uBA85\uC744 \uCD94\uAC00\uD558\uC138\uC694. \uBE44\uC6CC \uB450\uBA74 \uD0A4 \uB370\uC774\uD130\uC5D0\uC11C \uCD94\uCD9C\uD558\uC5EC \uCC44\uC6CC\uC9D1\uB2C8\uB2E4.
+gb.permission = \uAD8C\uD55C
+gb.sshKeyPermissionDescription = SSH \uD0A4\uC758 \uC811\uC18D \uAD8C\uD55C\uC744 \uC9C0\uC815\uD558\uC138\uC694.
+gb.transportPreference = \uC804\uC1A1 \uC124\uC815
+gb.transportPreferenceDescription = \uD074\uB860\uC2DC \uC0AC\uC6A9\uD560 \uC124\uC815\uC744 \uC9C0\uC815\uD558\uC138\uC694.
+gb.priority = \uC6B0\uC120\uC21C\uC704
+gb.severity = \uC911\uC694\uB3C4
+gb.sortHighestPriority = \uCD5C\uACE0 \uC6B0\uC120\uC21C\uC704
+gb.sortLowestPriority = \uCD5C\uC800 \uC6B0\uC120\uC21C\uC704
+gb.sortHighestSeverity = \uCD5C\uACE0 \uC911\uC694\uB3C4
+gb.sortLowestSeverity = \uCD5C\uC800 \uC911\uC694\uB3C4
+gb.missingIntegrationBranchMore = \uD1B5\uD569\uB300\uC0C1 \uBE0C\uB79C\uCE58\uAC00 \uC800\uC7A5\uC18C\uC5D0 \uC5C6\uC5B4\uC694!
+gb.diffDeletedFileSkipped = (\uC0AD\uC81C\uB428)
+gb.diffFileDiffTooLarge = \uBE44\uAD50\uD558\uAE30\uC5D0 \uB108\uBB34 \uD07C
+gb.diffNewFile = \uC0C8 \uD30C\uC77C
+gb.diffDeletedFile = \uD30C\uC77C\uC774 \uC0AD\uC81C\uB428
+gb.diffRenamedFile = {0} \uC5D0\uC11C \uC774\uB984\uC774 \uBCC0\uACBD\uB428
+gb.diffCopiedFile = {0} \uC5D0\uC11C \uBCF5\uC0AC\uB428
+gb.diffTruncated = \uC704 \uD30C\uC77C\uC774\uD6C4 \uCC28\uC774 \uC81C\uAC70\uB428
+gb.opacityAdjust = \uBD88\uD22C\uBA85\uB3C4 \uC870\uC815
+gb.blinkComparator = \uC810\uBA78 \uBE44\uAD50\uAE30
+gb.imgdiffSubtract = Subtract (black = identical)
+gb.deleteRepositoryHeader = \uC800\uC7A5\uC18C \uC0AD\uC81C
+gb.deleteRepositoryDescription = \uC0AD\uC81C\uB41C \uC800\uC7A5\uC18C\uB294 \uBCF5\uAD6C\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.
+gb.show_whitespace = \uACF5\uBC31 \uBCF4\uAE30
+gb.ignore_whitespace = \uACF5\uBC31 \uBB34\uC2DC
+gb.allRepositories = \uBAA8\uB4E0 \uC800\uC7A5\uC18C
+gb.oid = \uC624\uBE0C\uC81D\uD2B8 id
+gb.filestore = \uD30C\uC77C\uC2A4\uD1A0\uC5B4
+gb.filestoreStats = \uD30C\uC77C\uC2A4\uD1A0\uC5B4\uC5D0 {1} \uC6A9\uB7C9\uC73C\uB85C {0} \uAC1C \uD30C\uC77C\uC774 \uC788\uC74C. ({2} \uB0A8\uC74C)
+gb.statusChangedOn = \uC0C1\uD0DC \uBCC0\uACBD\uC77C
+gb.statusChangedBy = \uC0C1\uD0DC \uBCC0\uACBD\uC790
+gb.filestoreHelp = \uD30C\uC77C\uC2A4\uD1A0\uC5B4 \uC0AC\uC6A9\uBC95?
+gb.editFile = \uD30C\uC77C \uC218\uC815
+gb.continueEditing = \uACC4\uC18D \uC218\uC815
+gb.commitChanges = \uCEE4\uBC0B \uBCC0\uD654
+gb.fileNotMergeable = {0} \uC744(\uB97C) \uCEE4\uBC0B\uD560 \uC218 \uC5C6\uC74C. \uC774 \uD30C\uC77C\uC740 \uC790\uB3D9\uC73C\uB85C \uBA38\uC9C0 \uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4.
+gb.fileCommitted = {0} \uAC00 \uC131\uACF5\uC801\uC73C\uB85C \uCEE4\uBC0B\uB418\uC5C8\uC5B4\uC694.
+gb.deletePatchset = {0} \uD328\uCE58\uC14B \uC0AD\uC81C
+gb.deletePatchsetSuccess = {0} \uD328\uCE58\uC14B\uC774 \uC0AD\uC81C\uB418\uC5C8\uC5B4\uC694.
+gb.deletePatchsetFailure = {0} \uD328\uCE58\uC14B \uC0AD\uC81C \uC624\uB958.
+gb.referencedByCommit = \uCEE4\uBC0B\uC5D0 \uCC38\uC870\uB428.
+gb.referencedByTicket = \uD2F0\uCF13\uC5D0 \uCC38\uC870\uB428.
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_nl.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_nl.properties
index f71d67d74..41656e8a9 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp_nl.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_nl.properties
@@ -218,7 +218,8 @@ gb.pages = paginas
 gb.workingCopy = werkkopie
 gb.workingCopyWarning = deze repositorie heeft een werkkopie en kan geen pushes ontvangen
 gb.query = query
-gb.queryHelp = Standaard query syntax wordt ondersteund.<p/><p/>Zie aub <a target="_new" href="http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">Lucene Query Parser Syntax</a> voor informatie.
+gb.queryHelp = Standaard query syntax wordt ondersteund.<p/><p/>Zie aub ${querySyntax} voor informatie.
+gb.querySyntax = Lucene Query Parser Syntax
 gb.queryResults = resultaten {0} - {1} ({2} hits)
 gb.noHits = geen hits
 gb.authored = geschreven
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_no.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_no.properties
index efc13a1ea..a02a30f33 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp_no.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_no.properties
@@ -218,7 +218,8 @@ gb.pages = sider
 gb.workingCopy = arbeidskopi
 gb.workingCopyWarning = dette repositoriet har en arbeidskopi, og kan ikke pushes til.
 gb.query = sp\u00F8rring
-gb.queryHelp = Standard lucene sp\u00F8rringssyntaks st\u00F8ttes.<p/><p/>Se <a target="_new" href="http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">Lucene Query Parser Syntax</a> for mer info.
+gb.queryHelp = Standard lucene sp\u00F8rringssyntaks st\u00F8ttes.<p/><p/>Se ${querySyntax} for mer info.
+gb.querySyntax = Lucene Query Parser Syntax
 gb.queryResults = resultater {0} - {1} ({2} treff)
 gb.noHits = ingen treff
 gb.authored = forfattet
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_pl.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_pl.properties
index b00d1ff8c..fee4b9759 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp_pl.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_pl.properties
@@ -217,7 +217,8 @@ gb.pages = Strony
 gb.workingCopy = Kopia robocza
 gb.workingCopyWarning = To repozytorium ma kopi\u0119 robocz\u0105 i nie mo\u017Ce otrzymywa\u0107 zmian
 gb.query = Szukaj
-gb.queryHelp = Standardowa sk\u0142adnia wyszukiwa\u0144 jest wspierana.<p/><p/>Na stronie <a target="_new" href="http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">Lucene Query Parser Syntax</a> dost\u0119pne s\u0105 dalsze szczeg\u00F3\u0142y.
+gb.queryHelp = Standardowa sk\u0142adnia wyszukiwa\u0144 jest wspierana.<p/><p/>Na stronie ${querySyntax} dost\u0119pne s\u0105 dalsze szczeg\u00F3\u0142y.
+gb.querySyntax = Lucene Query Parser Syntax
 gb.queryResults = Wyniki {0} - {1} ({2} wynik\u00F3w)
 gb.noHits = Brak wynik\u00F3w
 gb.authored = utworzy\u0142
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_pt_BR.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_pt_BR.properties
index 4d2ea553e..b573792f8 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp_pt_BR.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_pt_BR.properties
@@ -217,7 +217,8 @@ gb.pages = p
 gb.workingCopy = working copy
 gb.workingCopyWarning = este reposit�rio tem uma working copy e n�o pode receber pushes
 gb.query = query
-gb.queryHelp =  Standard query syntax � suportada.<p/><p/>Por favor veja <a target="_new" href="http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">Lucene Query Parser Syntax</a> para mais detalhes.
+gb.queryHelp = Standard query syntax � suportada.<p/><p/>Por favor veja ${querySyntax} para mais detalhes.
+gb.querySyntax = Lucene Query Parser Syntax
 gb.queryResults = resultados {0} - {1} ({2} hits)
 gb.noHits = sem hits
 gb.authored = foi autor de
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_zh_CN.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_zh_CN.properties
index b5e4f658c..c82e12fa6 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp_zh_CN.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_zh_CN.properties
@@ -218,7 +218,8 @@ gb.pages = \u9875\u9762
 gb.workingCopy = \u5de5\u4f5c\u526f\u672c
 gb.workingCopyWarning = \u6b64\u7248\u672c\u5e93\u5b58\u5728\u4e00\u4efd\u5de5\u4f5c\u526f\u672c\uff0c\u65e0\u6cd5\u8fdb\u884c\u63a8\u9001
 gb.query = \u67e5\u8be2
-gb.queryHelp = \u652f\u6301\u6807\u51c6\u67e5\u8be2\u683c\u5f0f.<p/><p/>\u8bf7\u67e5\u770b <a target="_new" href="http://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">Lucene \u67e5\u8be2\u5904\u7406\u5668\u683c\u5f0f</a> \u4ee5\u83b7\u53d6\u8be6\u7ec6\u5185\u5bb9\u3002
+gb.queryHelp = \u652f\u6301\u6807\u51c6\u67e5\u8be2\u683c\u5f0f.<p/><p/>\u8bf7\u67e5\u770b ${querySyntax} \u4ee5\u83b7\u53d6\u8be6\u7ec6\u5185\u5bb9\u3002
+gb.querySyntax = Lucene \u67e5\u8be2\u5904\u7406\u5668\u683c\u5f0f
 gb.queryResults = \u7ed3\u679c {0} - {1} ({2} \u6b21\u547d\u4e2d)
 gb.noHits = \u672a\u547d\u4e2d
 gb.authored = authored
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp_zh_TW.properties b/src/main/java/com/gitblit/wicket/GitBlitWebApp_zh_TW.properties
index bf2d2c328..631064694 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp_zh_TW.properties
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp_zh_TW.properties
@@ -219,7 +219,8 @@ gb.pages = \u6587\u4ef6
 gb.workingCopy = \u66ab\u5b58\u8907\u672c
 gb.workingCopyWarning = \u8a72\u7248\u672c\u5eab\u4ecd\u6709\u66ab\u5b58\u8907\u672c,\u56e0\u6b64\u7121\u6cd5\u63a5\u53d7\u63a8\u9001(push)
 gb.query = \u67e5\u8a62
-gb.queryHelp = \u652f\u63f4\u6a19\u6e96\u67e5\u8a62\u8a9e\u6cd5.<p/><p/>\u8a73\u60c5\u8acb\u53c3\u8003 <a target\ = "_new" href\ = "http\://lucene.apache.org/core/old_versioned_docs/versions/3_5_0/queryparsersyntax.html">Lucene Query Parser Syntax</a>
+gb.queryHelp = \u652f\u63f4\u6a19\u6e96\u67e5\u8a62\u8a9e\u6cd5.<p/><p/>\u8a73\u60c5\u8acb\u53c3\u8003 ${querySyntax}
+gb.querySyntax = Lucene Query Parser Syntax
 gb.queryResults = \u7d50\u679c {0} - {1} ({2} \u67e5\u8a62)
 gb.noHits = \u7121\u9ede\u64ca
 gb.authored = \u6388\u6b0a
@@ -781,3 +782,4 @@ gb.deletePatchsetSuccess = \u5df2\u522a\u9664 Patchset {0}.
 gb.deletePatchsetFailure = \u522a\u9664 Patchset {0} \u932f\u8aa4.
 gb.referencedByCommit = Referenced by commit.
 gb.referencedByTicket = Referenced by ticket.
+gb.emailClientCertificateSubject = \u4F3A\u670D\u5668 {0} \u9023\u7DDA\u6191\u8B49 
diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebSession.java b/src/main/java/com/gitblit/wicket/GitBlitWebSession.java
index 0e53f3156..0ae6d7d2b 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebSession.java
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebSession.java
@@ -71,9 +71,9 @@ public void cacheRequest(Class<? extends Page> pageClass) {
 		Request req = RequestCycle.get().getRequest();
 		IRequestParameters params = req.getRequestParameters();
 		PageParameters pageParams = new PageParameters();
-		params.getParameterNames().forEach(name->{
+		for(String name : params.getParameterNames()){
 			pageParams.add(name, params.getParameterValue(name));
-		});
+		}
 		requestUrl = GitBlitRequestUtils.toAbsoluteUrl(pageClass, pageParams);
 
 		
diff --git a/src/main/java/com/gitblit/wicket/GitblitParamUrlCodingStrategy.java b/src/main/java/com/gitblit/wicket/GitblitParamUrlCodingStrategy.java
deleted file mode 100644
index b87a2913d..000000000
--- a/src/main/java/com/gitblit/wicket/GitblitParamUrlCodingStrategy.java
+++ /dev/null
@@ -1,221 +0,0 @@
-///*
-// * Copyright 2011 gitblit.com.
-// *
-// * Licensed under the Apache License, Version 2.0 (the "License");
-// * you may not use this file except in compliance with the License.
-// * You may obtain a copy of the License at
-// *
-// *     http://www.apache.org/licenses/LICENSE-2.0
-// *
-// * Unless required by applicable law or agreed to in writing, software
-// * distributed under the License is distributed on an "AS IS" BASIS,
-// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// * See the License for the specific language governing permissions and
-// * limitations under the License.
-// */
-//package com.gitblit.wicket;
-//
-//import java.util.HashSet;
-//import java.util.Map;
-//import java.util.Set;
-//
-//import org.apache.wicket.IRequestTarget;
-//import org.apache.wicket.Page;
-//import org.apache.wicket.protocol.http.request.WebRequestCodingStrategy;
-//import org.apache.wicket.request.RequestParameters;
-//import org.apache.wicket.request.target.coding.MixedParamUrlCodingStrategy;
-//import org.apache.wicket.util.string.AppendingStringBuffer;
-//import org.slf4j.Logger;
-//import org.slf4j.LoggerFactory;
-//
-//import com.gitblit.IStoredSettings;
-//import com.gitblit.Keys;
-//import com.gitblit.utils.XssFilter;
-//
-///**
-// * Simple subclass of mixed parameter url coding strategy that works around the
-// * encoded forward-slash issue that is present in some servlet containers.
-// *
-// * https://issues.apache.org/jira/browse/WICKET-1303
-// * http://tomcat.apache.org/security-6.html
-// *
-// * @author James Moger
-// *
-// */
-//public class GitblitParamUrlCodingStrategy extends MixedParamUrlCodingStrategy {
-//
-//	private final String[] parameterNames;
-//
-//	private Logger logger = LoggerFactory.getLogger(GitblitParamUrlCodingStrategy.class);
-//
-//	private IStoredSettings settings;
-//
-//	private XssFilter xssFilter;
-//
-//	/**
-//	 * Construct.
-//	 *
-//	 * @param <C>
-//	 * @param mountPath
-//	 *            mount path (not empty)
-//	 * @param bookmarkablePageClass
-//	 *            class of mounted page (not null)
-//	 * @param parameterNames
-//	 *            the parameter names (not null)
-//	 */
-//	public <C extends Page> GitblitParamUrlCodingStrategy(
-//			IStoredSettings settings,
-//			XssFilter xssFilter,
-//			String mountPath,
-//			Class<C> bookmarkablePageClass, String[] parameterNames) {
-//
-//		super(mountPath, bookmarkablePageClass, parameterNames);
-//		this.parameterNames = parameterNames;
-//		this.settings = settings;
-//		this.xssFilter = xssFilter;
-//	}
-//
-//	/**
-//	 * Url encodes a string that is mean for a URL path (e.g., between slashes)
-//	 *
-//	 * @param string
-//	 *            string to be encoded
-//	 * @return encoded string
-//	 */
-//	@Override
-//	protected String urlEncodePathComponent(String string) {
-//		char altChar = settings.getChar(Keys.web.forwardSlashCharacter, '/');
-//		if (altChar != '/') {
-//			string = string.replace('/', altChar);
-//		}
-//		return super.urlEncodePathComponent(string);
-//	}
-//
-//	/**
-//	 * Returns a decoded value of the given value (taken from a URL path
-//	 * section)
-//	 *
-//	 * @param value
-//	 * @return Decodes the value
-//	 */
-//	@Override
-//	protected String urlDecodePathComponent(String value) {
-//		char altChar = settings.getChar(Keys.web.forwardSlashCharacter, '/');
-//		if (altChar != '/') {
-//			value = value.replace(altChar, '/');
-//		}
-//		return super.urlDecodePathComponent(value);
-//	}
-//
-//	/**
-//	 * Gets the decoded request target.
-//	 *
-//	 * @param requestParameters
-//	 *            the request parameters
-//	 * @return the decoded request target
-//	 */
-//	@Override
-//	public IRequestTarget decode(RequestParameters requestParameters) {
-//		Map<String, Object> parameterMap = (Map<String, Object>) requestParameters.getParameters();
-//		for (Map.Entry<String, Object> entry : parameterMap.entrySet()) {
-//			String parameter = entry.getKey();
-//			if (parameter.startsWith(WebRequestCodingStrategy.NAME_SPACE)) {
-//				// ignore Wicket parameters
-//				continue;
-//			}
-//
-//			// sanitize Gitblit request parameters
-//			Object o = entry.getValue();
-//			if (o instanceof String) {
-//				String value = o.toString();
-//				String safeValue = xssFilter.none(value);
-//				if (!value.equals(safeValue)) {
-//					logger.warn("XSS filter triggered on {} URL parameter: {}={}",
-//							getMountPath(), parameter, value);
-//					parameterMap.put(parameter, safeValue);
-//				}
-//			} else if (o instanceof String[]) {
-//				String[] values = (String[]) o;
-//				for (int i = 0; i < values.length; i++) {
-//					String value = values[i].toString();
-//					String safeValue = xssFilter.none(value);
-//					if (!value.equals(safeValue)) {
-//						logger.warn("XSS filter triggered on {} URL parameter: {}={}",
-//								getMountPath(), parameter, value);
-//						values[i] = safeValue;
-//					}
-//				}
-//			}
-//		}
-//
-//		return super.decode(requestParameters);
-//	}
-//
-//	/**
-//	 * @see org.apache.wicket.request.target.coding.AbstractRequestTargetUrlCodingStrategy#appendParameters(org.apache.wicket.util.string.AppendingStringBuffer,
-//	 *      java.util.Map)
-//	 */
-//	@Override
-//	protected void appendParameters(AppendingStringBuffer url, Map<String, ?> parameters)
-//	{
-//		if (!url.endsWith("/"))
-//		{
-//			url.append("/");
-//		}
-//
-//		Set<String> parameterNamesToAdd = new HashSet<String>(parameters.keySet());
-//
-//		// Find index of last specified parameter
-//		boolean foundParameter = false;
-//		int lastSpecifiedParameter = parameterNames.length;
-//		while (lastSpecifiedParameter != 0 && !foundParameter)
-//		{
-//			foundParameter = parameters.containsKey(parameterNames[--lastSpecifiedParameter]);
-//		}
-//
-//		if (foundParameter)
-//		{
-//			for (int i = 0; i <= lastSpecifiedParameter; i++)
-//			{
-//				String parameterName = parameterNames[i];
-//				final Object param = parameters.get(parameterName);
-//				String value = param instanceof String[] ? ((String[])param)[0] : ((param == null)
-//					? null : param.toString());
-//				if (value == null)
-//				{
-//					value = "";
-//				}
-//				if (!url.endsWith("/"))
-//				{
-//					url.append("/");
-//				}
-//				url.append(urlEncodePathComponent(value));
-//				parameterNamesToAdd.remove(parameterName);
-//			}
-//		}
-//
-//		if (!parameterNamesToAdd.isEmpty())
-//		{
-//			boolean first = true;
-//			for (String parameterName : parameterNamesToAdd)
-//			{
-//				final Object param = parameters.get(parameterName);
-//				if (param instanceof String[]) {
-//					String [] values = (String[]) param;
-//					for (String value : values) {
-//						url.append(first ? '?' : '&');
-//						url.append(urlEncodeQueryComponent(parameterName)).append("=").append(
-//								urlEncodeQueryComponent(value));
-//						first = false;
-//					}
-//				} else {
-//					url.append(first ? '?' : '&');
-//					String value = String.valueOf(param);
-//					url.append(urlEncodeQueryComponent(parameterName)).append("=").append(
-//						urlEncodeQueryComponent(value));
-//				}
-//				first = false;
-//			}
-//		}
-//	}
-//}
\ No newline at end of file
diff --git a/src/main/java/com/gitblit/wicket/pages/EditMilestonePage.java b/src/main/java/com/gitblit/wicket/pages/EditMilestonePage.java
index 5ba57b40d..9a14a2d46 100644
--- a/src/main/java/com/gitblit/wicket/pages/EditMilestonePage.java
+++ b/src/main/java/com/gitblit/wicket/pages/EditMilestonePage.java
@@ -120,7 +120,7 @@ public EditMilestonePage(PageParameters params) {
 			private static final long serialVersionUID = 1L;
 
 			@Override
-			protected void onSubmit(AjaxRequestTarget target) {
+			protected void onSubmit(AjaxRequestTarget target, Form<?> form) {
 				String name = nameModel.getObject();
 				if (StringUtils.isEmpty(name)) {
 					return;
diff --git a/src/main/java/com/gitblit/wicket/pages/EditRepositoryPage.html b/src/main/java/com/gitblit/wicket/pages/EditRepositoryPage.html
index 2c881efcc..b902369ab 100644
--- a/src/main/java/com/gitblit/wicket/pages/EditRepositoryPage.html
+++ b/src/main/java/com/gitblit/wicket/pages/EditRepositoryPage.html
@@ -3,9 +3,9 @@
       xmlns:wicket="http://wicket.apache.org/dtds.data/wicket-xhtml1.3-strict.dtd"  
       xml:lang="en"  
       lang="en"> 
+<body onload="document.getElementById('name').focus();">
 
 <wicket:extend>
-<body onload="document.getElementById('name').focus();">
 	<form style="padding-top:5px;" wicket:id="editForm">
 <div class="row">
 <div class="span12">
@@ -197,7 +197,8 @@ <h4><wicket:message key="gb.deleteRepositoryHeader"></wicket:message></h4>
 </div>
 
 </form>	
+</wicket:extend>
+
 </body>
 
-</wicket:extend>
 </html>
\ No newline at end of file
diff --git a/src/main/java/com/gitblit/wicket/pages/EditTicketPage.java b/src/main/java/com/gitblit/wicket/pages/EditTicketPage.java
index b3be019ba..d3520d55e 100644
--- a/src/main/java/com/gitblit/wicket/pages/EditTicketPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/EditTicketPage.java
@@ -263,7 +263,7 @@ public EditTicketPage(PageParameters params) {
 			private static final long serialVersionUID = 1L;
 
 			@Override
-			protected void onSubmit(AjaxRequestTarget target) {
+			protected void onSubmit(AjaxRequestTarget target, Form<?> form) {
 				long ticketId = 0L;
 				try {
 					String h = WicketUtils.getObject(getPageParameters());
diff --git a/src/main/java/com/gitblit/wicket/pages/EditUserPage.html b/src/main/java/com/gitblit/wicket/pages/EditUserPage.html
index 3bccdd590..48e5339f3 100644
--- a/src/main/java/com/gitblit/wicket/pages/EditUserPage.html
+++ b/src/main/java/com/gitblit/wicket/pages/EditUserPage.html
@@ -31,11 +31,12 @@
 				<tr><th><wicket:message key="gb.confirmPassword"></wicket:message></th><td class="edit"><input type="password" wicket:id="confirmPassword" size="30" tabindex="3" /></td></tr>
 				<tr><th><wicket:message key="gb.displayName"></wicket:message></th><td class="edit"><input type="text" wicket:id="displayName" size="30" tabindex="4" /></td></tr>
 				<tr><th><wicket:message key="gb.emailAddress"></wicket:message></th><td class="edit"><input type="text" wicket:id="emailAddress" size="30" tabindex="5" /></td></tr>
-				<tr><th><wicket:message key="gb.canAdmin"></wicket:message></th><td class="edit"><label class="checkbox"><input type="checkbox" wicket:id="canAdmin" tabindex="6" /> &nbsp;<span class="help-inline"><wicket:message key="gb.canAdminDescription"></wicket:message></span></label></td></tr>
-				<tr><th><wicket:message key="gb.canCreate"></wicket:message></th><td class="edit"><label class="checkbox"><input type="checkbox" wicket:id="canCreate" tabindex="7" /> &nbsp;<span class="help-inline"><wicket:message key="gb.canCreateDescription"></wicket:message></span></label></td></tr>
-				<tr><th><wicket:message key="gb.canFork"></wicket:message></th><td class="edit"><label class="checkbox"><input type="checkbox" wicket:id="canFork" tabindex="8" /> &nbsp;<span class="help-inline"><wicket:message key="gb.canForkDescription"></wicket:message></span></label></td></tr>
-				<tr><th><wicket:message key="gb.excludeFromFederation"></wicket:message></th><td class="edit"><label class="checkbox"><input type="checkbox" wicket:id="excludeFromFederation" tabindex="9" /> &nbsp;<span class="help-inline"><wicket:message key="gb.excludeFromFederationDescription"></wicket:message></span></label></td></tr>				
-				<tr><th><wicket:message key="gb.disableUser"></wicket:message></th><td class="edit"><label class="checkbox"><input type="checkbox" wicket:id="disabled" tabindex="10" /> &nbsp;<span class="help-inline"><wicket:message key="gb.disableUserDescription"></wicket:message></span></label></td></tr>
+				<tr><th><wicket:message key="gb.languagePreference"></wicket:message></th><td class="edit"><select wicket:id="language" ></select></td></tr>
+				<tr><th><wicket:message key="gb.canAdmin"></wicket:message></th><td class="edit"><label class="checkbox"><input type="checkbox" wicket:id="canAdmin" tabindex="7" /> &nbsp;<span class="help-inline"><wicket:message key="gb.canAdminDescription"></wicket:message></span></label></td></tr>
+				<tr><th><wicket:message key="gb.canCreate"></wicket:message></th><td class="edit"><label class="checkbox"><input type="checkbox" wicket:id="canCreate" tabindex="8" /> &nbsp;<span class="help-inline"><wicket:message key="gb.canCreateDescription"></wicket:message></span></label></td></tr>
+				<tr><th><wicket:message key="gb.canFork"></wicket:message></th><td class="edit"><label class="checkbox"><input type="checkbox" wicket:id="canFork" tabindex="9" /> &nbsp;<span class="help-inline"><wicket:message key="gb.canForkDescription"></wicket:message></span></label></td></tr>
+				<tr><th><wicket:message key="gb.excludeFromFederation"></wicket:message></th><td class="edit"><label class="checkbox"><input type="checkbox" wicket:id="excludeFromFederation" tabindex="10" /> &nbsp;<span class="help-inline"><wicket:message key="gb.excludeFromFederationDescription"></wicket:message></span></label></td></tr>				
+				<tr><th><wicket:message key="gb.disableUser"></wicket:message></th><td class="edit"><label class="checkbox"><input type="checkbox" wicket:id="disabled" tabindex="11" /> &nbsp;<span class="help-inline"><wicket:message key="gb.disableUserDescription"></wicket:message></span></label></td></tr>
 			</tbody>
 		</table>
 		</div>
diff --git a/src/main/java/com/gitblit/wicket/pages/EditUserPage.java b/src/main/java/com/gitblit/wicket/pages/EditUserPage.java
index 9cdb4c953..a26fc606e 100644
--- a/src/main/java/com/gitblit/wicket/pages/EditUserPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/EditUserPage.java
@@ -20,15 +20,18 @@
 import java.util.Collections;
 import java.util.Iterator;
 import java.util.List;
+import java.util.Locale;
 
 import org.apache.wicket.request.mapper.parameter.PageParameters;
 import org.apache.wicket.AttributeModifier;
 import org.apache.wicket.extensions.markup.html.form.palette.Palette;
 import org.apache.wicket.markup.html.form.Button;
 import org.apache.wicket.markup.html.form.CheckBox;
+import org.apache.wicket.markup.html.form.DropDownChoice;
 import org.apache.wicket.markup.html.form.Form;
 import org.apache.wicket.markup.html.form.TextField;
 import org.apache.wicket.model.CompoundPropertyModel;
+import org.apache.wicket.model.IModel;
 import org.apache.wicket.model.Model;
 import org.apache.wicket.model.util.CollectionModel;
 import org.apache.wicket.model.util.ListModel;
@@ -108,6 +111,30 @@ protected void setupPage(final UserModel userModel) {
 		final Palette<String> teams = new Palette<String>("teams", new ListModel<String>(
 				new ArrayList<String>(userTeams)), new CollectionModel<String>(app().users()
 				.getAllTeamNames()), new StringChoiceRenderer(), 10, false);
+		Locale locale = userModel.getPreferences().getLocale();
+		if (locale == null) {
+			locale = Locale.ENGLISH;
+		}
+
+		List<Language> languages = UserPage.getLanguages();
+		Language preferredLanguage = null;
+		if (locale != null) {
+			String localeCode = locale.getLanguage();
+			if (!StringUtils.isEmpty(locale.getCountry())) {
+				localeCode += "_" + locale.getCountry();
+			}
+
+			for (Language lang : languages) {
+				if (lang.code.equals(localeCode)) {
+					// language_COUNTRY match
+					preferredLanguage = lang;
+				} else if (preferredLanguage != null && lang.code.startsWith(locale.getLanguage())) {
+					// language match
+					preferredLanguage = lang;
+				}
+			}
+		}
+		final IModel<Language> language = Model.of(preferredLanguage);		
 		Form<UserModel> form = new Form<UserModel>("editForm", model) {
 
 			private static final long serialVersionUID = 1L;
@@ -123,6 +150,10 @@ protected void onSubmit() {
 					error(getString("gb.pleaseSetUsername"));
 					return;
 				}
+				Language lang = language.getObject();
+				if (lang != null) {
+					userModel.getPreferences().setLocale(lang.code);
+				}
 				// force username to lower-case
 				userModel.username = userModel.username.toLowerCase();
 				String username = userModel.username;
@@ -156,7 +187,7 @@ protected void onSubmit() {
 						}
 
 						// change the cookie
-						userModel.cookie = StringUtils.getSHA1(userModel.username + password);
+						userModel.cookie = userModel.createCookie();
 
 						// Optionally store the password MD5 digest.
 						String type = app().settings().getString(Keys.realm.passwordStorage, "md5");
@@ -250,7 +281,10 @@ protected void onSubmit() {
 		form.add(confirmPasswordField.setEnabled(editCredentials));
 		form.add(new TextField<String>("displayName").setEnabled(editDisplayName));
 		form.add(new TextField<String>("emailAddress").setEnabled(editEmailAddress));
+		
 
+		DropDownChoice<Language> choice = new DropDownChoice<Language>("language",language,languages	);
+		form.add( choice.setEnabled(languages.size()>0) );
 		if (userModel.canAdmin() && !userModel.canAdmin) {
 			// user inherits Admin permission
 			// display a disabled-yet-checked checkbox
diff --git a/src/main/java/com/gitblit/wicket/pages/EmptyRepositoryPage_cs.html b/src/main/java/com/gitblit/wicket/pages/EmptyRepositoryPage_cs.html
new file mode 100644
index 000000000..b67a4b9ad
--- /dev/null
+++ b/src/main/java/com/gitblit/wicket/pages/EmptyRepositoryPage_cs.html
@@ -0,0 +1,60 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml"  
+      xmlns:wicket="http://wicket.apache.org/dtds.data/wicket-xhtml1.3-strict.dtd"  
+      xml:lang="en"  
+      lang="en"> 
+
+<body>
+<wicket:extend>
+<div class="container">
+<div class="markdown">
+<div class="row">
+<div class="span10 offset1">	
+	<h3><center>Prázdné úložiště</center></h3>
+	<div class="alert alert-info">
+		<span wicket:id="repository" style="font-weight: bold;">[repository]</span> je prázdné úložiště a nemůže být prohlíženo pomocí Gitblitu.
+		<p></p>		
+		Prosím použijte push pro nahrání nějakách commitů do <span wicket:id="pushurl"></span>
+		<hr/>
+		Poté, co použijete push pro nahrání commitů, můžete <b>aktualizovat</b> tuto stránku pro prohlížení vašeho úložiště.
+	</div>
+		
+	<h3><center>Vytvoření nového úložiště z příkazové řádky</center></h3>
+
+	<pre wicket:id="createSyntax"></pre>
+
+	<h3><center>Nahrání existujícího úložiště s použitím push</center></h3>
+
+	<pre wicket:id="existingSyntax"></pre>
+	
+	<div class="span8 offset1">
+		<h2><center>Naučit se Git</center></h2>
+		<p>Pokud si nejste jisti jak použít tuto informaci, zvažte prohlédnutí <a href="http://book.git-scm.com">Git komunitní knihy</a>, abyste lépe porozuměli, jak použít Git.</p>
+
+		<h4>Open Source Git klienti</h4>
+		<table>
+		<tbody>
+			<tr><td><a href="http://git-scm.com">Git</a></td><td>oficiální, z příkazové řádky</td></tr>
+			<tr><td><a href="http://tortoisegit.googlecode.com">TortoiseGit</a></td><td>Integrace do Průzkumníka Windows (vyžaduje oficiální řádkový Git)</td></tr>
+			<tr><td><a href="http://eclipse.org/egit">Eclipse/EGit</a></td><td>Git pro Eclipse IDE (založený na JGit, jako Gitblit)</td></tr>
+			<tr><td><a href="https://code.google.com/p/gitextensions/">Git Extensions</a></td><td>C# frontend pro Git, který obsahuje integraci do Průzkumníka Windows a do Visual Studia</td></tr>
+			<tr><td><a href="http://rowanj.github.io/gitx/">GitX-dev</a></td><td>Mac OS X Git klient</td></tr>
+		</tbody>			
+		</table>
+
+		<h4>Komerční/Closed-Source Git klienti</h4>
+		<table>
+		<tbody>
+			<tr><td><a href="http://www.syntevo.com/smartgithg">SmartGit/Hg</a></td><td>Na Javě založený klient pro Git and Mercurial pro Windows, Mac a Linux</td></tr>
+			<tr><td><a href="http://www.sourcetreeapp.com/">SourceTree</a></td><td>Volný Git a Mercurial klient pro Windows a Mac</td></tr>
+			<tr><td><a href="http://www.git-tower.com/">Tower</a></td><td>Mac OS X Git klient</td></tr>
+		</tbody>
+		</table>
+	</div>
+</div>
+</div>
+</div>
+</div>
+</wicket:extend>	
+</body>
+</html>
diff --git a/src/main/java/com/gitblit/wicket/pages/FilestorePage.java b/src/main/java/com/gitblit/wicket/pages/FilestorePage.java
index 6fc7b6d7a..7351af7f7 100644
--- a/src/main/java/com/gitblit/wicket/pages/FilestorePage.java
+++ b/src/main/java/com/gitblit/wicket/pages/FilestorePage.java
@@ -274,7 +274,7 @@ public int compare(FilestoreModel o1, FilestoreModel o2) {
 					return o2.getChangedOn().compareTo(o1.getChangedOn());
 				}
 			});
-			return list.subList(Math.toIntExact(first), Math.toIntExact(first + count)).iterator();
+			return list.subList((int)first,(int)(first + count)).iterator();
 		}
 
 	}
diff --git a/src/main/java/com/gitblit/wicket/pages/Language.java b/src/main/java/com/gitblit/wicket/pages/Language.java
new file mode 100644
index 000000000..6eafb4dc6
--- /dev/null
+++ b/src/main/java/com/gitblit/wicket/pages/Language.java
@@ -0,0 +1,21 @@
+package com.gitblit.wicket.pages;
+
+import java.io.Serializable;
+
+public class Language implements Serializable {
+
+	private static final long serialVersionUID = 1L;
+
+	final String name;
+	final String code;
+
+	public Language(String name, String code) {
+		this.name = name;
+		this.code = code;
+	}
+
+	@Override
+	public String toString() {
+		return name + " (" + code + ")";
+	}
+}
\ No newline at end of file
diff --git a/src/main/java/com/gitblit/wicket/pages/LuceneSearchPage.html b/src/main/java/com/gitblit/wicket/pages/LuceneSearchPage.html
index d62b7b224..a386f425c 100644
--- a/src/main/java/com/gitblit/wicket/pages/LuceneSearchPage.html
+++ b/src/main/java/com/gitblit/wicket/pages/LuceneSearchPage.html
@@ -52,7 +52,9 @@ <h3><wicket:message key="gb.query"></wicket:message></h3>
 						</div>
 					</div>
 					<div style="margin-left:10px;" class="span2">
-						<wicket:message key="gb.queryHelp"></wicket:message>
+						<wicket:message key="gb.queryHelp">
+						  <a target="_new" wicket:id="querySyntax"><wicket:message key="gb.querySyntax"/></a>
+						</wicket:message>
 					</div>
 				</div>
 			</div>
diff --git a/src/main/java/com/gitblit/wicket/pages/LuceneSearchPage.java b/src/main/java/com/gitblit/wicket/pages/LuceneSearchPage.java
index 357b5036e..05d6f2e06 100644
--- a/src/main/java/com/gitblit/wicket/pages/LuceneSearchPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/LuceneSearchPage.java
@@ -27,6 +27,7 @@
 import org.apache.wicket.markup.html.form.CheckBox;
 import org.apache.wicket.markup.html.form.ListMultipleChoice;
 import org.apache.wicket.markup.html.form.TextField;
+import org.apache.wicket.markup.html.link.ExternalLink;
 import org.apache.wicket.markup.html.panel.Fragment;
 import org.apache.wicket.markup.repeater.Item;
 import org.apache.wicket.markup.repeater.data.DataView;
@@ -50,6 +51,8 @@
 
 public class LuceneSearchPage extends RootPage {
 
+	private final static String LUCENE_QUERY_SYNTAX_LINK = "https://lucene.apache.org/core/5_5_0/queryparser/org/apache/lucene/queryparser/classic/package-summary.html#package_description";
+
 	public LuceneSearchPage() {
 		super();
 		setup(null);
@@ -167,6 +170,7 @@ public void onSubmit() {
 		form.add(selections.setEnabled(luceneEnabled));
 		form.add(new TextField<String>("query", queryModel).setEnabled(luceneEnabled));
 		form.add(new CheckBox("allrepos", allreposModel));
+		form.add(new ExternalLink("querySyntax", LUCENE_QUERY_SYNTAX_LINK));
 		add(form.setEnabled(luceneEnabled));
 
 		// execute search
diff --git a/src/main/java/com/gitblit/wicket/pages/MyTicketsPage.java b/src/main/java/com/gitblit/wicket/pages/MyTicketsPage.java
index 70ab1d2f3..e008f2d33 100644
--- a/src/main/java/com/gitblit/wicket/pages/MyTicketsPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/MyTicketsPage.java
@@ -75,7 +75,16 @@ public MyTicketsPage(PageParameters params) {
 
         final String username = currentUser.getName();
 
-        final String[] statiiParam = (params == null) ? TicketsUI.openStatii : (String[]) params.getValues(Lucene.status.name()).stream().map(StringValue::toString).toArray();
+        final String[] statiiParam;
+        if(params == null){
+        	statiiParam = TicketsUI.openStatii;
+        }else{
+        	List<StringValue> statiiValues = params.getValues(Lucene.status.name());
+    		statiiParam = new String[statiiValues.size()];
+    		for (int i = 0; i < statiiValues.size(); i++) {
+    			statiiParam[i] = statiiValues.get(i).toString();
+    		}
+        }
         final String assignedToParam = (params == null) ? "" : params.get(Lucene.responsible.name()).toString();
         final String milestoneParam = (params == null) ? "" : params.get(Lucene.milestone.name()).toString();
         final String queryParam = (params == null) ? null : params.get("q").toString();
diff --git a/src/main/java/com/gitblit/wicket/pages/NewMilestonePage.java b/src/main/java/com/gitblit/wicket/pages/NewMilestonePage.java
index f78b1c449..833c6d473 100644
--- a/src/main/java/com/gitblit/wicket/pages/NewMilestonePage.java
+++ b/src/main/java/com/gitblit/wicket/pages/NewMilestonePage.java
@@ -87,7 +87,7 @@ public NewMilestonePage(PageParameters params) {
 			private static final long serialVersionUID = 1L;
 
 			@Override
-			protected void onSubmit(AjaxRequestTarget target) {
+			protected void onSubmit(AjaxRequestTarget target, Form<?> form) {
 				String name = nameModel.getObject();
 				if (StringUtils.isEmpty(name)) {
 					// invalid name
diff --git a/src/main/java/com/gitblit/wicket/pages/NewTicketPage.java b/src/main/java/com/gitblit/wicket/pages/NewTicketPage.java
index 45478bc8c..1fd5839d8 100644
--- a/src/main/java/com/gitblit/wicket/pages/NewTicketPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/NewTicketPage.java
@@ -191,7 +191,7 @@ public NewTicketPage(PageParameters params) {
 			private static final long serialVersionUID = 1L;
 
 			@Override
-			protected void onSubmit(AjaxRequestTarget target) {
+			protected void onSubmit(AjaxRequestTarget target, Form<?> form) {
 				String title = titleModel.getObject();
 				if (StringUtils.isEmpty(title)) {
 					return;
diff --git a/src/main/java/com/gitblit/wicket/pages/TicketsPage.java b/src/main/java/com/gitblit/wicket/pages/TicketsPage.java
index 560cd40d9..b7675ee5a 100644
--- a/src/main/java/com/gitblit/wicket/pages/TicketsPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/TicketsPage.java
@@ -87,13 +87,16 @@ public TicketsPage(PageParameters params) {
 
 		UserModel user = GitBlitWebSession.get().getUser();
 		boolean isAuthenticated = user != null && user.isAuthenticated;
-
-		final String [] statiiParam = (String[]) params.getValues(Lucene.status.name()).stream().map(StringValue::toString).toArray();
+		List<StringValue> statiiValues = params.getValues(Lucene.status.name());
+		final String[] statiiParam = new String[statiiValues.size()];
+		for (int i = 0; i < statiiValues.size(); i++) {
+			statiiParam[i] = statiiValues.get(i).toString();
+		}
 		final String assignedToParam = params.get(Lucene.responsible.name()).toString(null);
 		final String milestoneParam = params.get(Lucene.milestone.name()).toString(null);
 		final String queryParam = params.get("q").toString(null);
 		final String searchParam = params.get("s").toString(null);
-		final String sortBy = Lucene.fromString(params.get("sort").toString( Lucene.created.name())).name();
+		final String sortBy = Lucene.fromString(params.get("sort").toString(Lucene.created.name())).name();
 		final boolean desc = !"asc".equals(params.get("direction").toString("desc"));
 
 		// add search form
@@ -157,7 +160,8 @@ public TicketsPage(PageParameters params) {
 			if (currentMilestone == null) {
 				// milestone not found, create a temporary one
 				currentMilestone = new TicketMilestone(milestoneParam);
-				String q = QueryBuilder.q(Lucene.rid.matches(getRepositoryModel().getRID())).and(Lucene.milestone.matches(milestoneParam)).build();
+				String q = QueryBuilder.q(Lucene.rid.matches(getRepositoryModel().getRID()))
+						.and(Lucene.milestone.matches(milestoneParam)).build();
 				currentMilestone.tickets = app().tickets().queryFor(q, 1, 0, Lucene.number.name(), true);
 				milestones.add(currentMilestone);
 			}
@@ -173,8 +177,8 @@ public TicketsPage(PageParameters params) {
 			if (currentMilestone.due == null) {
 				milestonePanel.add(new Label("currentDueDate", getString("gb.notSpecified")));
 			} else {
-				milestonePanel.add(WicketUtils.createDateLabel("currentDueDate", currentMilestone.due, GitBlitWebSession
-						.get().getTimezone(), getTimeUtils(), false));
+				milestonePanel.add(WicketUtils.createDateLabel("currentDueDate", currentMilestone.due,
+						GitBlitWebSession.get().getTimezone(), getTimeUtils(), false));
 			}
 			Label label = new Label("progress");
 			WicketUtils.setCssStyle(label, "width:" + currentMilestone.getProgress() + "%;");
@@ -190,12 +194,14 @@ public TicketsPage(PageParameters params) {
 					TicketsPage.class,
 					queryParameters(null, currentMilestone.name, TicketsUI.closedStatii, null, sortBy, desc, 1)));
 
-			milestonePanel.add(new Label("totalTickets", MessageFormat.format(getString("gb.nTotalTickets"), currentMilestone.getTotalTickets())));
+			milestonePanel.add(new Label("totalTickets",
+					MessageFormat.format(getString("gb.nTotalTickets"), currentMilestone.getTotalTickets())));
 			add(milestonePanel);
 		}
 
 		Fragment milestoneDropdown = new Fragment("milestoneDropdown", "milestoneDropdownFragment", TicketsPage.this);
-		PageParameters resetMilestone = queryParameters(queryParam, null, statiiParam, assignedToParam, sortBy, desc, 1);
+		PageParameters resetMilestone = queryParameters(queryParam, null, statiiParam, assignedToParam, sortBy, desc,
+				1);
 		milestoneDropdown.add(new BookmarkablePageLink<Void>("resetMilestone", TicketsPage.class, resetMilestone));
 
 		ListDataProvider<TicketMilestone> milestonesDp = new ListDataProvider<TicketMilestone>(milestones);
@@ -205,15 +211,17 @@ public TicketsPage(PageParameters params) {
 			@Override
 			public void populateItem(final Item<TicketMilestone> item) {
 				final TicketMilestone tm = item.getModelObject();
-				PageParameters params = queryParameters(queryParam, tm.name, statiiParam, assignedToParam, sortBy, desc, 1);
-				item.add(new LinkPanel("milestoneLink", null, tm.name, TicketsPage.class, params).setRenderBodyOnly(true));
+				PageParameters params = queryParameters(queryParam, tm.name, statiiParam, assignedToParam, sortBy, desc,
+						1);
+				item.add(new LinkPanel("milestoneLink", null, tm.name, TicketsPage.class, params)
+						.setRenderBodyOnly(true));
 			}
 		};
 		milestoneDropdown.add(milestonesMenu);
 		milestonePanel.add(milestoneDropdown);
 
 		// search or query tickets
-		int page = Math.max(1,  WicketUtils.getPage(params));
+		int page = Math.max(1, WicketUtils.getPage(params));
 		int pageSize = app().settings().getInteger(Keys.tickets.perPage, 25);
 		List<QueryResult> results;
 		if (StringUtils.isEmpty(searchParam)) {
@@ -225,105 +233,44 @@ public void populateItem(final Item<TicketMilestone> item) {
 
 		// standard queries
 		add(new BookmarkablePageLink<Void>("changesQuery", TicketsPage.class,
-				queryParameters(
-						Lucene.type.matches(TicketModel.Type.Proposal.name()),
-						milestoneParam,
-						statiiParam,
-						assignedToParam,
-						sortBy,
-						desc,
-						1)));
+				queryParameters(Lucene.type.matches(TicketModel.Type.Proposal.name()), milestoneParam, statiiParam,
+						assignedToParam, sortBy, desc, 1)));
 
 		add(new BookmarkablePageLink<Void>("bugsQuery", TicketsPage.class,
-				queryParameters(
-						Lucene.type.matches(TicketModel.Type.Bug.name()),
-						milestoneParam,
-						statiiParam,
-						assignedToParam,
-						sortBy,
-						desc,
-						1)));
+				queryParameters(Lucene.type.matches(TicketModel.Type.Bug.name()), milestoneParam, statiiParam,
+						assignedToParam, sortBy, desc, 1)));
 
 		add(new BookmarkablePageLink<Void>("enhancementsQuery", TicketsPage.class,
-				queryParameters(
-						Lucene.type.matches(TicketModel.Type.Enhancement.name()),
-						milestoneParam,
-						statiiParam,
-						assignedToParam,
-						sortBy,
-						desc,
-						1)));
+				queryParameters(Lucene.type.matches(TicketModel.Type.Enhancement.name()), milestoneParam, statiiParam,
+						assignedToParam, sortBy, desc, 1)));
 
 		add(new BookmarkablePageLink<Void>("tasksQuery", TicketsPage.class,
-				queryParameters(
-						Lucene.type.matches(TicketModel.Type.Task.name()),
-						milestoneParam,
-						statiiParam,
-						assignedToParam,
-						sortBy,
-						desc,
-						1)));
+				queryParameters(Lucene.type.matches(TicketModel.Type.Task.name()), milestoneParam, statiiParam,
+						assignedToParam, sortBy, desc, 1)));
 
 		add(new BookmarkablePageLink<Void>("questionsQuery", TicketsPage.class,
-				queryParameters(
-						Lucene.type.matches(TicketModel.Type.Question.name()),
-						milestoneParam,
-						statiiParam,
-						assignedToParam,
-						sortBy,
-						desc,
-						1)));
-		
+				queryParameters(Lucene.type.matches(TicketModel.Type.Question.name()), milestoneParam, statiiParam,
+						assignedToParam, sortBy, desc, 1)));
+
 		add(new BookmarkablePageLink<Void>("maintenanceQuery", TicketsPage.class,
-				queryParameters(
-						Lucene.type.matches(TicketModel.Type.Maintenance.name()),
-						milestoneParam,
-						statiiParam,
-						assignedToParam,
-						sortBy,
-						desc,
-						1)));
+				queryParameters(Lucene.type.matches(TicketModel.Type.Maintenance.name()), milestoneParam, statiiParam,
+						assignedToParam, sortBy, desc, 1)));
 
 		add(new BookmarkablePageLink<Void>("resetQuery", TicketsPage.class,
-				queryParameters(
-						null,
-						milestoneParam,
-						TicketsUI.openStatii,
-						null,
-						null,
-						true,
-						1)));
+				queryParameters(null, milestoneParam, TicketsUI.openStatii, null, null, true, 1)));
 
 		if (isAuthenticated) {
 			add(new Label("userDivider"));
 			add(new BookmarkablePageLink<Void>("createdQuery", TicketsPage.class,
-					queryParameters(
-							Lucene.createdby.matches(user.username),
-							milestoneParam,
-							statiiParam,
-							assignedToParam,
-							sortBy,
-							desc,
-							1)));
+					queryParameters(Lucene.createdby.matches(user.username), milestoneParam, statiiParam,
+							assignedToParam, sortBy, desc, 1)));
 
 			add(new BookmarkablePageLink<Void>("watchedQuery", TicketsPage.class,
-					queryParameters(
-							Lucene.watchedby.matches(user.username),
-							milestoneParam,
-							statiiParam,
-							assignedToParam,
-							sortBy,
-							desc,
-							1)));
+					queryParameters(Lucene.watchedby.matches(user.username), milestoneParam, statiiParam,
+							assignedToParam, sortBy, desc, 1)));
 			add(new BookmarkablePageLink<Void>("mentionsQuery", TicketsPage.class,
-					queryParameters(
-							Lucene.mentions.matches(user.username),
-							milestoneParam,
-							statiiParam,
-							assignedToParam,
-							sortBy,
-							desc,
-							1)));
+					queryParameters(Lucene.mentions.matches(user.username), milestoneParam, statiiParam,
+							assignedToParam, sortBy, desc, 1)));
 		} else {
 			add(new Label("userDivider").setVisible(false));
 			add(new Label("createdQuery").setVisible(false));
@@ -355,7 +302,8 @@ public void populateItem(final Item<TicketMilestone> item) {
 			add(new Label("dynamicQueries").setVisible(false));
 		} else {
 			Fragment fragment = new Fragment("dynamicQueries", "dynamicQueriesFragment", TicketsPage.this);
-			ListDataProvider<TicketQuery> dynamicQueriesDp = new ListDataProvider<TicketQuery>(new ArrayList<TicketQuery>(dynamicQueries));
+			ListDataProvider<TicketQuery> dynamicQueriesDp = new ListDataProvider<TicketQuery>(
+					new ArrayList<TicketQuery>(dynamicQueries));
 			DataView<TicketQuery> dynamicQueriesList = new DataView<TicketQuery>("dynamicQuery", dynamicQueriesDp) {
 				private static final long serialVersionUID = 1L;
 
@@ -373,8 +321,10 @@ public void populateItem(final Item<TicketQuery> item) {
 					if (activeQuery.contains(tq.query)) {
 						// selected
 						String q = QueryBuilder.q(activeQuery).remove(tq.query).build();
-						PageParameters params = queryParameters(q, milestoneParam, statiiParam, assignedToParam, sortBy, desc, 1);
-						item.add(new LinkPanel("link", "active", tq.name, TicketsPage.class, params).setRenderBodyOnly(true));
+						PageParameters params = queryParameters(q, milestoneParam, statiiParam, assignedToParam, sortBy,
+								desc, 1);
+						item.add(new LinkPanel("link", "active", tq.name, TicketsPage.class, params)
+								.setRenderBodyOnly(true));
 						Label checked = new Label("checked");
 						WicketUtils.setCssClass(checked, "iconic-o-x");
 						item.add(checked);
@@ -382,8 +332,10 @@ public void populateItem(final Item<TicketQuery> item) {
 					} else {
 						// unselected
 						String q = QueryBuilder.q(queryParam).toSubquery().and(tq.query).build();
-						PageParameters params = queryParameters(q, milestoneParam, statiiParam, assignedToParam, sortBy, desc, 1);
-						item.add(new LinkPanel("link", null, tq.name, TicketsPage.class, params).setRenderBodyOnly(true));
+						PageParameters params = queryParameters(q, milestoneParam, statiiParam, assignedToParam, sortBy,
+								desc, 1);
+						item.add(new LinkPanel("link", null, tq.name, TicketsPage.class, params)
+								.setRenderBodyOnly(true));
 						item.add(new Label("checked").setVisible(false));
 					}
 				}
@@ -398,9 +350,12 @@ public void populateItem(final Item<TicketQuery> item) {
 		} else {
 			add(new Label("selectedStatii", StringUtils.flattenStrings(Arrays.asList(statiiParam), ",")));
 		}
-		add(new BookmarkablePageLink<Void>("openTickets", TicketsPage.class, queryParameters(queryParam, milestoneParam, TicketsUI.openStatii, assignedToParam, sortBy, desc, 1)));
-		add(new BookmarkablePageLink<Void>("closedTickets", TicketsPage.class, queryParameters(queryParam, milestoneParam, TicketsUI.closedStatii, assignedToParam, sortBy, desc, 1)));
-		add(new BookmarkablePageLink<Void>("allTickets", TicketsPage.class, queryParameters(queryParam, milestoneParam, null, assignedToParam, sortBy, desc, 1)));
+		add(new BookmarkablePageLink<Void>("openTickets", TicketsPage.class,
+				queryParameters(queryParam, milestoneParam, TicketsUI.openStatii, assignedToParam, sortBy, desc, 1)));
+		add(new BookmarkablePageLink<Void>("closedTickets", TicketsPage.class,
+				queryParameters(queryParam, milestoneParam, TicketsUI.closedStatii, assignedToParam, sortBy, desc, 1)));
+		add(new BookmarkablePageLink<Void>("allTickets", TicketsPage.class,
+				queryParameters(queryParam, milestoneParam, null, assignedToParam, sortBy, desc, 1)));
 
 		// by status
 		List<Status> statii = new ArrayList<Status>(Arrays.asList(Status.values()));
@@ -412,9 +367,11 @@ public void populateItem(final Item<TicketQuery> item) {
 			@Override
 			public void populateItem(final Item<Status> item) {
 				final Status status = item.getModelObject();
-				PageParameters p = queryParameters(queryParam, milestoneParam, new String [] { status.name().toLowerCase() }, assignedToParam, sortBy, desc, 1);
+				PageParameters p = queryParameters(queryParam, milestoneParam,
+						new String[] { status.name().toLowerCase() }, assignedToParam, sortBy, desc, 1);
 				String css = TicketsUI.getStatusClass(status);
-				item.add(new LinkPanel("statusLink", css, status.toString(), TicketsPage.class, p).setRenderBodyOnly(true));
+				item.add(new LinkPanel("statusLink", css, status.toString(), TicketsPage.class, p)
+						.setRenderBodyOnly(true));
 			}
 		};
 		add(statiiLinks);
@@ -446,12 +403,15 @@ public void populateItem(final Item<Status> item) {
 			@Override
 			public void populateItem(final Item<TicketResponsible> item) {
 				final TicketResponsible u = item.getModelObject();
-				PageParameters params = queryParameters(queryParam, milestoneParam, statiiParam, u.username, sortBy, desc, 1);
-				item.add(new LinkPanel("responsibleLink", null, u.displayname, TicketsPage.class, params).setRenderBodyOnly(true));
+				PageParameters params = queryParameters(queryParam, milestoneParam, statiiParam, u.username, sortBy,
+						desc, 1);
+				item.add(new LinkPanel("responsibleLink", null, u.displayname, TicketsPage.class, params)
+						.setRenderBodyOnly(true));
 			}
 		};
 		add(responsibleMenu);
-		PageParameters resetResponsibleParams = queryParameters(queryParam, milestoneParam, statiiParam, null, sortBy, desc, 1);
+		PageParameters resetResponsibleParams = queryParameters(queryParam, milestoneParam, statiiParam, null, sortBy,
+				desc, 1);
 		add(new BookmarkablePageLink<Void>("resetResponsible", TicketsPage.class, resetResponsibleParams));
 
 		List<TicketSort> sortChoices = new ArrayList<TicketSort>();
@@ -469,7 +429,7 @@ public void populateItem(final Item<TicketResponsible> item) {
 		sortChoices.add(new TicketSort(getString("gb.sortLowestPriority"), Lucene.priority.name(), false));
 		sortChoices.add(new TicketSort(getString("gb.sortHighestSeverity"), Lucene.severity.name(), true));
 		sortChoices.add(new TicketSort(getString("gb.sortLowestSeverity"), Lucene.severity.name(), false));
-		
+
 		TicketSort currentSort = sortChoices.get(0);
 		for (TicketSort ts : sortChoices) {
 			if (ts.sortBy.equals(sortBy) && desc == ts.desc) {
@@ -486,25 +446,26 @@ public void populateItem(final Item<TicketResponsible> item) {
 			@Override
 			public void populateItem(final Item<TicketSort> item) {
 				final TicketSort ts = item.getModelObject();
-				PageParameters params = queryParameters(queryParam, milestoneParam, statiiParam, assignedToParam, ts.sortBy, ts.desc, 1);
+				PageParameters params = queryParameters(queryParam, milestoneParam, statiiParam, assignedToParam,
+						ts.sortBy, ts.desc, 1);
 				item.add(new LinkPanel("sortLink", null, ts.name, TicketsPage.class, params).setRenderBodyOnly(true));
 			}
 		};
 		add(sortMenu);
 
-
 		// paging links
-		buildPager(queryParam, milestoneParam, statiiParam, assignedToParam, sortBy, desc, page, pageSize, results.size(), totalResults);
+		buildPager(queryParam, milestoneParam, statiiParam, assignedToParam, sortBy, desc, page, pageSize,
+				results.size(), totalResults);
 
 		add(new TicketListPanel("ticketList", results, false, false));
 
 		// new milestone link
 		RepositoryModel repositoryModel = getRepositoryModel();
-		final boolean acceptingUpdates = app().tickets().isAcceptingTicketUpdates(repositoryModel)
-				 && user != null && user.canAdmin(getRepositoryModel());
+		final boolean acceptingUpdates = app().tickets().isAcceptingTicketUpdates(repositoryModel) && user != null
+				&& user.canAdmin(getRepositoryModel());
 		if (acceptingUpdates) {
-			add(new LinkPanel("newMilestone", null, getString("gb.newMilestone"),
-				NewMilestonePage.class, WicketUtils.newRepositoryParameter(repositoryName)));
+			add(new LinkPanel("newMilestone", null, getString("gb.newMilestone"), NewMilestonePage.class,
+					WicketUtils.newRepositoryParameter(repositoryName)));
 		} else {
 			add(new Label("newMilestone").setVisible(false));
 		}
@@ -533,14 +494,17 @@ public int compare(TicketMilestone o1, TicketMilestone o2) {
 			}
 		});
 
-		DataView<TicketMilestone> openMilestonesList = milestoneList("openMilestonesList", openMilestones, acceptingUpdates);
+		DataView<TicketMilestone> openMilestonesList = milestoneList("openMilestonesList", openMilestones,
+				acceptingUpdates);
 		add(openMilestonesList);
 
-		DataView<TicketMilestone> closedMilestonesList = milestoneList("closedMilestonesList", closedMilestones, acceptingUpdates);
+		DataView<TicketMilestone> closedMilestonesList = milestoneList("closedMilestonesList", closedMilestones,
+				acceptingUpdates);
 		add(closedMilestonesList);
 	}
 
-	protected DataView<TicketMilestone> milestoneList(String wicketId, List<TicketMilestone> milestones, final boolean acceptingUpdates) {
+	protected DataView<TicketMilestone> milestoneList(String wicketId, List<TicketMilestone> milestones,
+			final boolean acceptingUpdates) {
 		ListDataProvider<TicketMilestone> milestonesDp = new ListDataProvider<TicketMilestone>(milestones);
 		DataView<TicketMilestone> milestonesList = new DataView<TicketMilestone>(wicketId, milestonesDp) {
 			private static final long serialVersionUID = 1L;
@@ -551,14 +515,15 @@ public void populateItem(final Item<TicketMilestone> item) {
 				item.add(entryPanel);
 
 				final TicketMilestone tm = item.getModelObject();
-				String [] states;
+				String[] states;
 				if (tm.isOpen()) {
 					states = TicketsUI.openStatii;
 				} else {
 					states = TicketsUI.closedStatii;
 				}
 				PageParameters params = queryParameters(null, tm.name, states, null, null, true, 1);
-				entryPanel.add(new LinkPanel("milestoneName", null, tm.name, TicketsPage.class, params).setRenderBodyOnly(true));
+				entryPanel.add(new LinkPanel("milestoneName", null, tm.name, TicketsPage.class, params)
+						.setRenderBodyOnly(true));
 
 				String css;
 				String status = tm.status.name();
@@ -582,11 +547,12 @@ public void populateItem(final Item<TicketMilestone> item) {
 				if (tm.due == null) {
 					entryPanel.add(new Label("milestoneDue", getString("gb.notSpecified")));
 				} else {
-					entryPanel.add(WicketUtils.createDatestampLabel("milestoneDue", tm.due, getTimeZone(), getTimeUtils()));
+					entryPanel.add(
+							WicketUtils.createDatestampLabel("milestoneDue", tm.due, getTimeZone(), getTimeUtils()));
 				}
 				if (acceptingUpdates) {
 					entryPanel.add(new LinkPanel("editMilestone", null, getString("gb.edit"), EditMilestonePage.class,
-						WicketUtils.newObjectParameter(repositoryName, tm.name)));
+							WicketUtils.newObjectParameter(repositoryName, tm.name)));
 				} else {
 					entryPanel.add(new Label("editMilestone").setVisible(false));
 				}
@@ -601,8 +567,7 @@ public void populateItem(final Item<TicketMilestone> item) {
 					milestonePanel.add(label);
 
 					milestonePanel.add(new LinkPanel("openTickets", null,
-							MessageFormat.format(getString("gb.nOpenTickets"), m.getOpenTickets()),
-							TicketsPage.class,
+							MessageFormat.format(getString("gb.nOpenTickets"), m.getOpenTickets()), TicketsPage.class,
 							queryParameters(null, tm.name, TicketsUI.openStatii, null, null, true, 1)));
 
 					milestonePanel.add(new LinkPanel("closedTickets", null,
@@ -610,7 +575,8 @@ public void populateItem(final Item<TicketMilestone> item) {
 							TicketsPage.class,
 							queryParameters(null, tm.name, TicketsUI.closedStatii, null, null, true, 1)));
 
-					milestonePanel.add(new Label("totalTickets", MessageFormat.format(getString("gb.nTotalTickets"), m.getTotalTickets())));
+					milestonePanel.add(new Label("totalTickets",
+							MessageFormat.format(getString("gb.nTotalTickets"), m.getTotalTickets())));
 					entryPanel.add(milestonePanel);
 				} else {
 					entryPanel.add(new Label("milestonePanel").setVisible(false));
@@ -620,14 +586,8 @@ public void populateItem(final Item<TicketMilestone> item) {
 		return milestonesList;
 	}
 
-	protected PageParameters queryParameters(
-			String query,
-			String milestone,
-			String[] states,
-			String assignedTo,
-			String sort,
-			boolean descending,
-			int page) {
+	protected PageParameters queryParameters(String query, String milestone, String[] states, String assignedTo,
+			String sort, boolean descending, int page) {
 
 		PageParameters params = WicketUtils.newRepositoryParameter(repositoryName);
 		if (!StringUtils.isEmpty(query)) {
@@ -665,23 +625,19 @@ protected String getPageName() {
 		return getString("gb.tickets");
 	}
 
-	protected void buildPager(
-			final String query,
-			final String milestone,
-			final String [] states,
-			final String assignedTo,
-			final String sort,
-			final boolean desc,
-			final int page,
-			int pageSize,
-			int count,
+	protected void buildPager(final String query, final String milestone, final String[] states,
+			final String assignedTo, final String sort, final boolean desc, final int page, int pageSize, int count,
 			int total) {
 
 		boolean showNav = total > (2 * pageSize);
 		boolean allowPrev = page > 1;
 		boolean allowNext = (pageSize * (page - 1) + count) < total;
-		add(new BookmarkablePageLink<Void>("prevLink", TicketsPage.class, queryParameters(query, milestone, states, assignedTo, sort, desc, page - 1)).setEnabled(allowPrev).setVisible(showNav));
-		add(new BookmarkablePageLink<Void>("nextLink", TicketsPage.class, queryParameters(query, milestone, states, assignedTo, sort, desc, page + 1)).setEnabled(allowNext).setVisible(showNav));
+		add(new BookmarkablePageLink<Void>("prevLink", TicketsPage.class,
+				queryParameters(query, milestone, states, assignedTo, sort, desc, page - 1)).setEnabled(allowPrev)
+						.setVisible(showNav));
+		add(new BookmarkablePageLink<Void>("nextLink", TicketsPage.class,
+				queryParameters(query, milestone, states, assignedTo, sort, desc, page + 1)).setEnabled(allowNext)
+						.setVisible(showNav));
 
 		if (total <= pageSize) {
 			add(new Label("pageLink").setVisible(false));
@@ -710,7 +666,8 @@ protected void buildPager(
 			@Override
 			public void populateItem(final Item<Integer> item) {
 				final Integer i = item.getModelObject();
-				LinkPanel link = new LinkPanel("page", null, "" + i, TicketsPage.class, queryParameters(query, milestone, states, assignedTo, sort, desc, i));
+				LinkPanel link = new LinkPanel("page", null, "" + i, TicketsPage.class,
+						queryParameters(query, milestone, states, assignedTo, sort, desc, i));
 				link.setRenderBodyOnly(true);
 				if (i == page) {
 					WicketUtils.setCssClass(item, "active");
diff --git a/src/main/java/com/gitblit/wicket/pages/UserPage.java b/src/main/java/com/gitblit/wicket/pages/UserPage.java
index 8908016cf..2f405e496 100644
--- a/src/main/java/com/gitblit/wicket/pages/UserPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/UserPage.java
@@ -166,12 +166,10 @@ protected void addDropDownMenus(List<NavLink> navLinks) {
 
 		navLinks.add(menu);
 	}
-
-	private void addPreferences(UserModel user) {
-		// add preferences
-		Form<Void> prefs = new Form<Void>("prefsForm");
-
-		List<Language> languages = Arrays.asList(
+	
+	public static List<Language> getLanguages(){
+		return  Arrays.asList(
+				new Language("Česky","cs"),
 				new Language("Deutsch","de"),
 				new Language("English","en"),
 				new Language("Español", "es"),
@@ -185,6 +183,13 @@ private void addPreferences(UserModel user) {
 				new Language("Português", "pt_BR"),
 				new Language("簡體中文", "zh_CN"),
 				new Language("正體中文", "zh_TW"));
+	}
+	
+	private void addPreferences(UserModel user) {
+		// add preferences
+		Form<Void> prefs = new Form<Void>("prefsForm");
+
+		List<Language> languages = getLanguages();
 
 		Locale locale = user.getPreferences().getLocale();
 		if (locale == null) {
@@ -273,7 +278,7 @@ private void addPreferences(UserModel user) {
 			private static final long serialVersionUID = 1L;
 
 			@Override
-			protected void onSubmit(AjaxRequestTarget target) {
+			protected void onSubmit(AjaxRequestTarget target, Form<?> form) {
 
 				UserModel user = GitBlitWebSession.get().getUser();
 
@@ -314,22 +319,4 @@ private void addSshKeys(final UserModel user) {
 		add(new Fragment("sshKeysLink", "sshKeysLinkFragment", UserPage.this).setRenderBodyOnly(true));
 		add(keysTab.setRenderBodyOnly(true));
 	}
-
-	private class Language implements Serializable {
-
-		private static final long serialVersionUID = 1L;
-
-		final String name;
-		final String code;
-
-		public Language(String name, String code) {
-			this.name = name;
-			this.code = code;
-		}
-
-		@Override
-		public String toString() {
-			return name + " (" + code +")";
-		}
-	}
 }
diff --git a/src/main/java/com/gitblit/wicket/panels/CommentPanel.java b/src/main/java/com/gitblit/wicket/panels/CommentPanel.java
index 4740130ae..3de073463 100644
--- a/src/main/java/com/gitblit/wicket/panels/CommentPanel.java
+++ b/src/main/java/com/gitblit/wicket/panels/CommentPanel.java
@@ -69,7 +69,7 @@ protected void onInitialize() {
 			private static final long serialVersionUID = 1L;
 
 			@Override
-			public void onSubmit(AjaxRequestTarget target) {
+			public void onSubmit(AjaxRequestTarget target, Form<?> form) {
 				String txt = markdownEditor.getText();
 				if (change == null) {
 					// new comment
diff --git a/src/main/java/com/gitblit/wicket/panels/RegistrantPermissionsPanel.java b/src/main/java/com/gitblit/wicket/panels/RegistrantPermissionsPanel.java
index ce288a841..0b0ce2ef1 100644
--- a/src/main/java/com/gitblit/wicket/panels/RegistrantPermissionsPanel.java
+++ b/src/main/java/com/gitblit/wicket/panels/RegistrantPermissionsPanel.java
@@ -254,7 +254,7 @@ protected void onUpdate(AjaxRequestTarget target) {
 			private static final long serialVersionUID = 1L;
 
 			@Override
-			protected void onSubmit(AjaxRequestTarget target) {
+			protected void onSubmit(AjaxRequestTarget target, Form<?> form) {
 				// add permission to our list
 				RegistrantAccessPermission rp = (RegistrantAccessPermission) getForm().getModel().getObject();
 				if (rp.permission == null) {
@@ -315,6 +315,9 @@ public String getIdValue(AccessPermission type, int index) {
 
 		@Override
 		public AccessPermission getObject(String id, IModel<? extends List<? extends AccessPermission>> choices) {
+			if(StringUtils.isEmpty(id)){
+				return null;
+			}
 			return choices.getObject().get(Integer.valueOf(id));
 		}
 	}
@@ -342,7 +345,7 @@ protected void onBeforeRender()
 		}
 
 		@Override
-		protected void onSubmit(AjaxRequestTarget target) {
+		protected void onSubmit(AjaxRequestTarget target, Form<?> form) {
 			RegistrantPermissionsPanel.this.activeState = buttonState;
 			target.add(RegistrantPermissionsPanel.this);
 		}
diff --git a/src/main/java/com/gitblit/wicket/panels/RepositoriesPanel.java b/src/main/java/com/gitblit/wicket/panels/RepositoriesPanel.java
index 57ae12709..3a1840727 100644
--- a/src/main/java/com/gitblit/wicket/panels/RepositoriesPanel.java
+++ b/src/main/java/com/gitblit/wicket/panels/RepositoriesPanel.java
@@ -431,7 +431,7 @@ public int compare(RepositoryModel o1, RepositoryModel o2) {
 					}
 				});
 			}
-			return list.subList(Math.toIntExact(first), Math.toIntExact(first + count)).iterator();
+			return list.subList((int)first, (int)(first + count)).iterator();
 		}
 
 	}
diff --git a/src/main/java/com/gitblit/wicket/panels/SshKeysPanel.java b/src/main/java/com/gitblit/wicket/panels/SshKeysPanel.java
index 1ca3bb8a8..3aeeb0bb5 100644
--- a/src/main/java/com/gitblit/wicket/panels/SshKeysPanel.java
+++ b/src/main/java/com/gitblit/wicket/panels/SshKeysPanel.java
@@ -48,11 +48,13 @@ public class SshKeysPanel extends BasePanel {
 	private static final long serialVersionUID = 1L;
 
 	private final UserModel user;
+	private final boolean canWriteKeys;
 
 	public SshKeysPanel(String wicketId, UserModel user) {
 		super(wicketId);
 
 		this.user = user;
+		this.canWriteKeys = app().keys().supportsWritingKeys(user);
 	}
 
 	@Override
@@ -90,6 +92,9 @@ public void onClick(AjaxRequestTarget target) {
 						}
 					}
 				};
+				if (!canWriteKeys) {
+					delete.setVisibilityAllowed(false);
+				}
 				item.add(delete);
 			}
 		};
@@ -123,7 +128,7 @@ public void onClick(AjaxRequestTarget target) {
 			private static final long serialVersionUID = 1L;
 
 			@Override
-			protected void onSubmit(AjaxRequestTarget target) {
+			protected void onSubmit(AjaxRequestTarget target, Form<?> form) {
 
 				UserModel user = GitBlitWebSession.get().getUser();
 				String data = keyData.getObject();
@@ -164,6 +169,10 @@ protected void onSubmit(AjaxRequestTarget target) {
 			}
 		});
 
+		if (! canWriteKeys) {
+			addKeyForm.setVisibilityAllowed(false);
+		}
+
 		add(addKeyForm);
 	}
 }
diff --git a/src/main/java/com/gitblit/wicket/resources/gitblit.css b/src/main/java/com/gitblit/wicket/resources/gitblit.css
index 10c9a0e88..5dabbec24 100644
--- a/src/main/java/com/gitblit/wicket/resources/gitblit.css
+++ b/src/main/java/com/gitblit/wicket/resources/gitblit.css
@@ -1963,6 +1963,7 @@ td.rightAlign {
 td.treeLinks {
 	text-align: right;
 	width: 13em;
+	white-space: nowrap;
 }
 
 span.help-inline {
diff --git a/src/main/java/login_cs.mkd b/src/main/java/login_cs.mkd
new file mode 100644
index 000000000..23948d31b
--- /dev/null
+++ b/src/main/java/login_cs.mkd
@@ -0,0 +1,3 @@
+## Přihlašte se prosím
+
+Zadejte prosím svoje přihlašovací údaje pro přístup na tuto stránku Gitblitu.
diff --git a/src/main/java/welcome_cs.mkd b/src/main/java/welcome_cs.mkd
new file mode 100644
index 000000000..355a94c1e
--- /dev/null
+++ b/src/main/java/welcome_cs.mkd
@@ -0,0 +1,3 @@
+## Vítejte v Gitblitu
+
+Rychá a snadná cesta pro hostování a prohlížení vašich [Git](http://www.git-scm.com) repozitářů.
diff --git a/src/site/rpc.mkd b/src/site/rpc.mkd
index 4b065bf05..e51fbaaec 100644
--- a/src/site/rpc.mkd
+++ b/src/site/rpc.mkd
@@ -62,6 +62,7 @@ The Gitblit API includes methods for retrieving and interpreting RSS feeds.  The
 <tr><td>Gitblit v1.3.1</td><td>6</td></tr>
 <tr><td>Gitblit v1.4.0</td><td>7</td></tr>
 <tr><td>Gitblit v1.6.0</td><td>8</td></tr>
+<tr><td>Gitblit v1.9.0</td><td>9</td></tr>
 </tbody>
 </table>
 
@@ -80,7 +81,7 @@ Use *SET_REPOSITORY_TEAM_PERMISSIONS* instead.
 <tr><td colspan='6'><em>web.enableRpcServlet=true</em></td></tr>
 <tr><td>GET_PROTOCOL</td><td>-</td><td>-</td><td>2</td><td>-</td><td>Integer</td></tr>
 <tr><td>LIST_REPOSITORIES</td><td>-</td><td>-</td><td>1</td><td>-</td><td>Map&lt;String, RepositoryModel&gt;</td></tr>
-<tr><td>LIST_BRANCHES</td><td>-</td><td>-</td><td>1</td><td>-</td><td>Map&lt;String, List&lt;String&gt;&gt;</td></tr>
+<tr><td>LIST_BRANCHES</td><td>[repository name]</td><td>-</td><td>9</td><td>-</td><td>Map&lt;String, List&lt;String&gt;&gt;</td></tr>
 <tr><td>LIST_SETTINGS</td><td>-</td><td><em>-</em></td><td>1</td><td>-</td><td>ServerSettings (basic keys)</td></tr>
 <tr><td>GET_USER</td><td>user name</td><td>-</td><td>6</td><td>-</td><td>UserModel</td></tr>
 <tr><td>FORK_REPOSITORY</td><td>repository name</td><td><em>-</em></td><td>8</td><td>-</td><td>-</td></tr>
diff --git a/src/site/setup_proxy.mkd b/src/site/setup_proxy.mkd
index 4cf263ddf..3d6283294 100644
--- a/src/site/setup_proxy.mkd
+++ b/src/site/setup_proxy.mkd
@@ -47,6 +47,7 @@ ProxyPreserveHost On
 
 # If your httpd frontend is https but you are proxying http Gitblit WAR or GO
 #Header edit Location ^http://([^/]+)/gitblit/ https://$1/gitblit/
+#Header edit Ajax-Location ^http://([^/]+)/gitblit/ https://$1/gitblit/
 
 # Additionally you will want to tell Gitblit the original scheme and port
 #RequestHeader set X-Forwarded-Proto https
diff --git a/src/test/java/com/gitblit/service/LuceneRepoIndexStoreTest.java b/src/test/java/com/gitblit/service/LuceneRepoIndexStoreTest.java
new file mode 100644
index 000000000..baac3516a
--- /dev/null
+++ b/src/test/java/com/gitblit/service/LuceneRepoIndexStoreTest.java
@@ -0,0 +1,267 @@
+/*
+ * Copyright 2017 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gitblit.service;
+
+import static org.junit.Assert.*;
+
+import java.io.File;
+import java.io.IOException;
+import java.nio.file.Path;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TemporaryFolder;
+
+import com.gitblit.utils.LuceneIndexStore;
+
+/**
+ * @author Florian Zschocke
+ *
+ */
+public class LuceneRepoIndexStoreTest
+{
+
+	private static final int LUCENE_VERSION = LuceneIndexStore.LUCENE_CODEC_VERSION;
+	private static final String LUCENE_DIR = "lucene";
+
+
+	@Rule
+	public TemporaryFolder baseFolder = new TemporaryFolder();
+
+
+	private String getIndexDir(int version)
+	{
+		return version + "_" + LUCENE_VERSION;
+	}
+
+
+	private String getLuceneIndexDir(int version)
+	{
+		return LUCENE_DIR + "/" + version + "_" + LUCENE_VERSION;
+	}
+
+
+	@Test
+	public void testGetConfigFile() throws IOException
+	{
+		int version = 1;
+		File repositoryFolder = baseFolder.getRoot();
+		LuceneRepoIndexStore li = new LuceneRepoIndexStore(repositoryFolder, version);
+		File confFile= li.getConfigFile();
+		File luceneDir = new File(repositoryFolder, getLuceneIndexDir(version) + "/gb_lucene.conf");
+		assertEquals(luceneDir, confFile);
+	}
+
+
+	@Test
+	public void testCreate()
+	{
+		int version = 0;
+		File repositoryFolder = baseFolder.getRoot();
+		File luceneDir = new File(repositoryFolder, getLuceneIndexDir(version));
+		assertFalse("Precondition failure: directory exists already", new File(repositoryFolder, LUCENE_DIR).exists());
+		assertFalse("Precondition failure: directory exists already", luceneDir.exists());
+
+		LuceneIndexStore li = new LuceneRepoIndexStore(repositoryFolder, version);
+		li.create();
+
+		assertTrue(luceneDir.exists());
+		assertTrue(luceneDir.isDirectory());
+	}
+
+	@Test
+	public void testCreateIndexDir()
+	{
+		int version = 7777;
+		File repositoryFolder = baseFolder.getRoot();
+		try {
+			baseFolder.newFolder(LUCENE_DIR);
+		} catch (IOException e) {
+			fail("Failed in setup of folder: " + e);
+		}
+		File luceneDir = new File(repositoryFolder, getLuceneIndexDir(version));
+
+		assertTrue("Precondition failure: directory does not exist", new File(repositoryFolder, LUCENE_DIR).exists());
+		assertFalse("Precondition failure: directory exists already", luceneDir.exists());
+
+		LuceneIndexStore li = new LuceneRepoIndexStore(repositoryFolder, version);
+		li.create();
+
+		assertTrue(luceneDir.exists());
+		assertTrue(luceneDir.isDirectory());
+
+		// Make sure nothing else was created.
+		assertEquals(0, luceneDir.list().length);
+		assertEquals(1, luceneDir.getParentFile().list().length);
+	}
+
+	@Test
+	public void testCreateIfNecessary()
+	{
+		int version = 7777888;
+		File repositoryFolder = baseFolder.getRoot();
+		File luceneDir = null;
+		try {
+			luceneDir = baseFolder.newFolder(LUCENE_DIR, getIndexDir(version));
+		} catch (IOException e) {
+			fail("Failed in setup of folder: " + e);
+		}
+		assertTrue("Precondition failure: directory does not exist", new File(repositoryFolder, LUCENE_DIR).exists());
+		assertTrue("Precondition failure: directory does not exist", luceneDir.exists());
+
+		LuceneIndexStore li = new LuceneRepoIndexStore(repositoryFolder, version);
+		li.create();
+
+		assertTrue(luceneDir.exists());
+		assertTrue(luceneDir.isDirectory());
+
+		// Make sure nothing else was created.
+		assertEquals(0, luceneDir.list().length);
+		assertEquals(1, luceneDir.getParentFile().list().length);
+	}
+
+
+	@Test
+	public void testDelete()
+	{
+		int version = 111222333;
+
+		File repositoryFolder = baseFolder.getRoot();
+		File luceneDir = null;
+		try {
+			luceneDir = baseFolder.newFolder(LUCENE_DIR, getIndexDir(version));
+		} catch (IOException e) {
+			fail("Failed in setup of folder: " + e);
+		}
+		assertTrue("Precondition failure: directory does not exist", luceneDir.exists());
+
+		LuceneIndexStore li = new LuceneRepoIndexStore(repositoryFolder, version);
+		assertTrue(li.delete());
+
+		assertFalse(luceneDir.exists());
+		assertTrue(new File(repositoryFolder, LUCENE_DIR).exists());
+	}
+
+
+	@Test
+	public void testDeleteNotExist()
+	{
+		int version = 0;
+
+		File repositoryFolder = baseFolder.getRoot();
+		try {
+			baseFolder.newFolder(LUCENE_DIR);
+		} catch (IOException e) {
+			fail("Failed in setup of folder: " + e);
+		}
+		File luceneDir = new File(repositoryFolder, getLuceneIndexDir(version));
+		assertTrue("Precondition failure: directory does not exist", new File(repositoryFolder, LUCENE_DIR).exists());
+		assertFalse("Precondition failure: directory does exist", luceneDir.exists());
+
+		LuceneIndexStore li = new LuceneRepoIndexStore(repositoryFolder, version);
+		assertTrue(li.delete());
+
+		assertFalse(luceneDir.exists());
+		assertTrue(new File(repositoryFolder, LUCENE_DIR).exists());
+	}
+
+
+	@Test
+	public void testDeleteWithFiles()
+	{
+		int version = 5;
+
+		File repositoryFolder = baseFolder.getRoot();
+		File luceneFolder = new File(baseFolder.getRoot(), LUCENE_DIR);
+		File luceneDir = null;
+
+		File otherDir = new File(luceneFolder, version + "_10");
+		File dbFile = null;
+		try {
+			luceneDir = baseFolder.newFolder(LUCENE_DIR, getIndexDir(version));
+			File file = new File(luceneDir, "_file1");
+			file.createNewFile();
+			file = new File(luceneDir, "_file2.db");
+			file.createNewFile();
+			file = new File(luceneDir, "conf.conf");
+			file.createNewFile();
+
+			otherDir.mkdirs();
+			dbFile = new File(otherDir, "_file2.db");
+			dbFile.createNewFile();
+			file = new File(otherDir, "conf.conf");
+			file.createNewFile();
+		}
+		catch (IOException e) {
+			fail("Failed in setup of folder: " + e);
+		}
+		assertTrue("Precondition failure: index directory does not exist", luceneDir.exists());
+		assertTrue("Precondition failure: other index directory does not exist", otherDir.exists());
+
+		LuceneIndexStore li = new LuceneRepoIndexStore(repositoryFolder, version);
+		li.delete();
+
+		assertFalse(luceneDir.exists());
+		assertTrue(luceneFolder.exists());
+		assertTrue(otherDir.exists());
+		assertTrue(dbFile.exists());
+	}
+
+
+
+	@Test
+	public void testGetPath() throws IOException
+	{
+		int version = 7;
+		File repositoryFolder = baseFolder.getRoot();
+		LuceneIndexStore li = new LuceneRepoIndexStore(repositoryFolder, version);
+		Path dir = li.getPath();
+		File luceneDir = new File(repositoryFolder, getLuceneIndexDir(version));
+		assertEquals(luceneDir.toPath(), dir);
+	}
+
+
+	@Test
+	public void testHasIndex() throws IOException
+	{
+		int version = 0;
+		File luceneFolder = new File(baseFolder.getRoot(), "lucene");
+
+		LuceneIndexStore li = new LuceneRepoIndexStore(luceneFolder, version);
+		assertFalse(li.hasIndex());
+
+		baseFolder.newFolder("lucene");
+		li = new LuceneIndexStore(luceneFolder, version);
+		assertFalse(li.hasIndex());
+
+		File luceneDir = baseFolder.newFolder("lucene", getIndexDir(version));
+		li = new LuceneIndexStore(luceneFolder, version);
+		assertFalse(li.hasIndex());
+
+		new File(luceneDir, "write.lock").createNewFile();
+		li = new LuceneIndexStore(luceneFolder, version);
+		assertFalse(li.hasIndex());
+
+		new File(luceneDir, "segments_1").createNewFile();
+		li = new LuceneIndexStore(luceneFolder, version);
+		System.out.println("Check " + luceneDir);
+		assertTrue(li.hasIndex());
+
+	}
+
+
+}
diff --git a/src/test/java/com/gitblit/tests/BranchTicketServiceTest.java b/src/test/java/com/gitblit/tests/BranchTicketServiceTest.java
index 0a5de1961..0e9d88746 100644
--- a/src/test/java/com/gitblit/tests/BranchTicketServiceTest.java
+++ b/src/test/java/com/gitblit/tests/BranchTicketServiceTest.java
@@ -59,7 +59,7 @@ protected ITicketService getService(boolean deleteAll) throws Exception {
 		IUserManager userManager = new UserManager(runtimeManager, pluginManager).start();
 		IRepositoryManager repositoryManager = new RepositoryManager(runtimeManager, pluginManager, userManager).start();
 
-		BranchTicketService service = new BranchTicketService(
+		BranchTicketService service = (BranchTicketService) new BranchTicketService(
 				runtimeManager,
 				pluginManager,
 				notificationManager,
diff --git a/src/test/java/com/gitblit/tests/FileTicketServiceTest.java b/src/test/java/com/gitblit/tests/FileTicketServiceTest.java
index 1fb2eed96..c4a63c410 100644
--- a/src/test/java/com/gitblit/tests/FileTicketServiceTest.java
+++ b/src/test/java/com/gitblit/tests/FileTicketServiceTest.java
@@ -58,7 +58,7 @@ protected ITicketService getService(boolean deleteAll) throws Exception {
 		IUserManager userManager = new UserManager(runtimeManager, pluginManager).start();
 		IRepositoryManager repositoryManager = new RepositoryManager(runtimeManager, pluginManager, userManager).start();
 
-		FileTicketService service = new FileTicketService(
+		FileTicketService service = (FileTicketService) new FileTicketService(
 				runtimeManager,
 				pluginManager,
 				notificationManager,
diff --git a/src/test/java/com/gitblit/tests/LdapAuthenticationTest.java b/src/test/java/com/gitblit/tests/LdapAuthenticationTest.java
index 2ade68192..4f79edfb8 100644
--- a/src/test/java/com/gitblit/tests/LdapAuthenticationTest.java
+++ b/src/test/java/com/gitblit/tests/LdapAuthenticationTest.java
@@ -18,25 +18,10 @@
 
 import static org.junit.Assume.*;
 
-import java.io.File;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.EnumSet;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.commons.io.FileUtils;
-import org.junit.AfterClass;
 import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Rule;
 import org.junit.Test;
-import org.junit.rules.TemporaryFolder;
 import org.junit.runner.RunWith;
 import org.junit.runners.Parameterized;
-import org.junit.runners.Parameterized.Parameter;
-import org.junit.runners.Parameterized.Parameters;
-
 import com.gitblit.Constants.AccountType;
 import com.gitblit.IStoredSettings;
 import com.gitblit.Keys;
@@ -50,26 +35,8 @@
 import com.gitblit.tests.mock.MemorySettings;
 import com.gitblit.utils.XssFilter;
 import com.gitblit.utils.XssFilter.AllowXssFilter;
-import com.unboundid.ldap.listener.InMemoryDirectoryServer;
-import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig;
-import com.unboundid.ldap.listener.InMemoryDirectoryServerSnapshot;
-import com.unboundid.ldap.listener.InMemoryListenerConfig;
-import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedRequest;
-import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedResult;
-import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedSearchEntry;
-import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedSearchRequest;
-import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedSearchResult;
-import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedSimpleBindResult;
-import com.unboundid.ldap.listener.interceptor.InMemoryOperationInterceptor;
-import com.unboundid.ldap.sdk.BindRequest;
-import com.unboundid.ldap.sdk.BindResult;
-import com.unboundid.ldap.sdk.LDAPException;
-import com.unboundid.ldap.sdk.LDAPResult;
-import com.unboundid.ldap.sdk.OperationType;
-import com.unboundid.ldap.sdk.ResultCode;
 import com.unboundid.ldap.sdk.SearchResult;
 import com.unboundid.ldap.sdk.SearchScope;
-import com.unboundid.ldap.sdk.SimpleBindRequest;
 import com.unboundid.ldif.LDIFReader;
 
 /**
@@ -80,68 +47,7 @@
  *
  */
 @RunWith(Parameterized.class)
-public class LdapAuthenticationTest extends GitblitUnitTest {
-
-	private static final String RESOURCE_DIR = "src/test/resources/ldap/";
-	private static final String DIRECTORY_MANAGER = "cn=Directory Manager";
-	private static final String USER_MANAGER = "cn=UserManager";
-	private static final String ACCOUNT_BASE = "OU=Users,OU=UserControl,OU=MyOrganization,DC=MyDomain";
-	private static final String GROUP_BASE  = "OU=Groups,OU=UserControl,OU=MyOrganization,DC=MyDomain";
-
-
-	/**
-	 * Enumeration of different test modes, representing different use scenarios.
-	 * With ANONYMOUS anonymous binds are used to search LDAP.
-	 * DS_MANAGER will use a DIRECTORY_MANAGER to search LDAP. Normal users are prohibited to search the DS.
-	 * With USR_MANAGER, a USER_MANAGER account is used to search in LDAP. This account can only search users
-	 * but not groups. Normal users can search groups, though.
-	 *
-	 */
-	enum AuthMode {
-		ANONYMOUS(1389),
-		DS_MANAGER(2389),
-		USR_MANAGER(3389);
-
-
-		private int ldapPort;
-		private InMemoryDirectoryServer ds;
-		private InMemoryDirectoryServerSnapshot dsSnapshot;
-
-		AuthMode(int port) {
-			this.ldapPort = port;
-		}
-
-		int ldapPort() {
-			return this.ldapPort;
-		}
-
-		void setDS(InMemoryDirectoryServer ds) {
-			if (this.ds == null) {
-				this.ds = ds;
-				this.dsSnapshot = ds.createSnapshot();
-			};
-		}
-
-		InMemoryDirectoryServer getDS() {
-			return ds;
-		}
-
-		void restoreSnapshot() {
-			ds.restoreSnapshot(dsSnapshot);
-		}
-	};
-
-
-
-	@Parameter
-	public AuthMode authMode;
-
-	@Rule
-	public TemporaryFolder folder = new TemporaryFolder();
-
-	private File usersConf;
-
-
+public class LdapAuthenticationTest extends LdapBasedUnitTest {
 
 	private LdapAuthProvider ldap;
 
@@ -149,87 +55,9 @@ void restoreSnapshot() {
 
 	private AuthenticationManager auth;
 
-	private MemorySettings settings;
-
-
-	/**
-	 * Run the tests with each authentication scenario once.
-	 */
-	@Parameters(name = "{0}")
-	public static Collection<Object[]> data() {
-		return Arrays.asList(new Object[][] { {AuthMode.ANONYMOUS}, {AuthMode.DS_MANAGER}, {AuthMode.USR_MANAGER} });
-	}
-
-
-
-	/**
-	 * Create three different in memory DS.
-	 *
-	 * Each DS has a different configuration:
-	 * The first allows anonymous binds.
-	 * The second requires authentication for all operations. It will only allow the DIRECTORY_MANAGER account
-	 * to search for users and groups.
-	 * The third one is like the second, but it allows users to search for users and groups, and restricts the
-	 * USER_MANAGER from searching for groups.
-	 */
-	@BeforeClass
-	public static void init() throws Exception {
-		InMemoryDirectoryServer ds;
-		InMemoryDirectoryServerConfig config = createInMemoryLdapServerConfig(AuthMode.ANONYMOUS);
-		config.setListenerConfigs(InMemoryListenerConfig.createLDAPConfig("default", AuthMode.ANONYMOUS.ldapPort()));
-		ds = createInMemoryLdapServer(config);
-		AuthMode.ANONYMOUS.setDS(ds);
-
-
-		config = createInMemoryLdapServerConfig(AuthMode.DS_MANAGER);
-		config.setListenerConfigs(InMemoryListenerConfig.createLDAPConfig("default", AuthMode.DS_MANAGER.ldapPort()));
-		config.setAuthenticationRequiredOperationTypes(EnumSet.allOf(OperationType.class));
-		ds = createInMemoryLdapServer(config);
-		AuthMode.DS_MANAGER.setDS(ds);
-
-
-		config = createInMemoryLdapServerConfig(AuthMode.USR_MANAGER);
-		config.setListenerConfigs(InMemoryListenerConfig.createLDAPConfig("default", AuthMode.USR_MANAGER.ldapPort()));
-		config.setAuthenticationRequiredOperationTypes(EnumSet.allOf(OperationType.class));
-		ds = createInMemoryLdapServer(config);
-		AuthMode.USR_MANAGER.setDS(ds);
-
-	}
-
-	@AfterClass
-	public static void destroy() throws Exception {
-		for (AuthMode am : AuthMode.values()) {
-			am.getDS().shutDown(true);
-		}
-	}
-
-	public static InMemoryDirectoryServer createInMemoryLdapServer(InMemoryDirectoryServerConfig config) throws Exception {
-		InMemoryDirectoryServer imds = new InMemoryDirectoryServer(config);
-		imds.importFromLDIF(true, RESOURCE_DIR + "sampledata.ldif");
-		imds.startListening();
-		return imds;
-	}
-
-	public static InMemoryDirectoryServerConfig createInMemoryLdapServerConfig(AuthMode authMode) throws Exception {
-		InMemoryDirectoryServerConfig config = new InMemoryDirectoryServerConfig("dc=MyDomain");
-		config.addAdditionalBindCredentials(DIRECTORY_MANAGER, "password");
-		config.addAdditionalBindCredentials(USER_MANAGER, "passwd");
-		config.setSchema(null);
-
-		config.addInMemoryOperationInterceptor(new AccessInterceptor(authMode));
-
-		return config;
-	}
-
-
 
 	@Before
 	public void setup() throws Exception {
-		authMode.restoreSnapshot();
-
-		usersConf = folder.newFile("users.conf");
-		FileUtils.copyFile(new File(RESOURCE_DIR + "users.conf"), usersConf);
-		settings = getSettings();
 		ldap = newLdapAuthentication(settings);
 		auth = newAuthenticationManager(settings);
 	}
@@ -251,68 +79,107 @@ private AuthenticationManager newAuthenticationManager(IStoredSettings settings)
 		return auth;
 	}
 
-	private MemorySettings getSettings() {
-		Map<String, Object> backingMap = new HashMap<String, Object>();
-		backingMap.put(Keys.realm.userService, usersConf.getAbsolutePath());
-		switch(authMode) {
-		case ANONYMOUS:
-			backingMap.put(Keys.realm.ldap.server, "ldap://localhost:" + authMode.ldapPort());
-			backingMap.put(Keys.realm.ldap.username, "");
-			backingMap.put(Keys.realm.ldap.password, "");
-			break;
-		case DS_MANAGER:
-			backingMap.put(Keys.realm.ldap.server, "ldap://localhost:" + authMode.ldapPort());
-			backingMap.put(Keys.realm.ldap.username, DIRECTORY_MANAGER);
-			backingMap.put(Keys.realm.ldap.password, "password");
-			break;
-		case USR_MANAGER:
-			backingMap.put(Keys.realm.ldap.server, "ldap://localhost:" + authMode.ldapPort());
-			backingMap.put(Keys.realm.ldap.username, USER_MANAGER);
-			backingMap.put(Keys.realm.ldap.password, "passwd");
-			break;
-		default:
-			throw new RuntimeException("Unimplemented AuthMode case!");
+	@Test
+	public void testAuthenticate() {
+		UserModel userOneModel = ldap.authenticate("UserOne", "userOnePassword".toCharArray());
+		assertNotNull(userOneModel);
+		assertNotNull(userOneModel.getTeam("git_admins"));
+		assertNotNull(userOneModel.getTeam("git_users"));
+
+		UserModel userOneModelFailedAuth = ldap.authenticate("UserOne", "userTwoPassword".toCharArray());
+		assertNull(userOneModelFailedAuth);
+
+		UserModel userTwoModel = ldap.authenticate("UserTwo", "userTwoPassword".toCharArray());
+		assertNotNull(userTwoModel);
+		assertNotNull(userTwoModel.getTeam("git_users"));
+		assertNull(userTwoModel.getTeam("git_admins"));
+		assertNotNull(userTwoModel.getTeam("git admins"));
 
-		}
-		backingMap.put(Keys.realm.ldap.maintainTeams, "true");
-		backingMap.put(Keys.realm.ldap.accountBase, ACCOUNT_BASE);
-		backingMap.put(Keys.realm.ldap.accountPattern, "(&(objectClass=person)(sAMAccountName=${username}))");
-		backingMap.put(Keys.realm.ldap.groupBase, GROUP_BASE);
-		backingMap.put(Keys.realm.ldap.groupMemberPattern, "(&(objectClass=group)(member=${dn}))");
-		backingMap.put(Keys.realm.ldap.admins, "UserThree @Git_Admins \"@Git Admins\"");
-		backingMap.put(Keys.realm.ldap.displayName, "displayName");
-		backingMap.put(Keys.realm.ldap.email, "email");
-		backingMap.put(Keys.realm.ldap.uid, "sAMAccountName");
-
-		MemorySettings ms = new MemorySettings(backingMap);
-		return ms;
+		UserModel userThreeModel = ldap.authenticate("UserThree", "userThreePassword".toCharArray());
+		assertNotNull(userThreeModel);
+		assertNotNull(userThreeModel.getTeam("git_users"));
+		assertNull(userThreeModel.getTeam("git_admins"));
+
+		UserModel userFourModel = ldap.authenticate("UserFour", "userFourPassword".toCharArray());
+		assertNotNull(userFourModel);
+		assertNotNull(userFourModel.getTeam("git_users"));
+		assertNull(userFourModel.getTeam("git_admins"));
+		assertNull(userFourModel.getTeam("git admins"));
 	}
 
+	@Test
+	public void testAdminPropertyTeamsInLdap() {
+		UserModel userOneModel = ldap.authenticate("UserOne", "userOnePassword".toCharArray());
+		assertNotNull(userOneModel);
+		assertNotNull(userOneModel.getTeam("git_admins"));
+		assertNull(userOneModel.getTeam("git admins"));
+		assertNotNull(userOneModel.getTeam("git_users"));
+		assertFalse(userOneModel.canAdmin);
+		assertTrue(userOneModel.canAdmin());
+		assertTrue(userOneModel.getTeam("git_admins").canAdmin);
+		assertFalse(userOneModel.getTeam("git_users").canAdmin);
+
+		UserModel userTwoModel = ldap.authenticate("UserTwo", "userTwoPassword".toCharArray());
+		assertNotNull(userTwoModel);
+		assertNotNull(userTwoModel.getTeam("git_users"));
+		assertNull(userTwoModel.getTeam("git_admins"));
+		assertNotNull(userTwoModel.getTeam("git admins"));
+		assertFalse(userTwoModel.canAdmin);
+		assertTrue(userTwoModel.canAdmin());
+		assertTrue(userTwoModel.getTeam("git admins").canAdmin);
+		assertFalse(userTwoModel.getTeam("git_users").canAdmin);
+
+		UserModel userThreeModel = ldap.authenticate("UserThree", "userThreePassword".toCharArray());
+		assertNotNull(userThreeModel);
+		assertNotNull(userThreeModel.getTeam("git_users"));
+		assertNull(userThreeModel.getTeam("git_admins"));
+		assertNull(userThreeModel.getTeam("git admins"));
+		assertTrue(userThreeModel.canAdmin);
+		assertTrue(userThreeModel.canAdmin());
+		assertFalse(userThreeModel.getTeam("git_users").canAdmin);
 
+		UserModel userFourModel = ldap.authenticate("UserFour", "userFourPassword".toCharArray());
+		assertNotNull(userFourModel);
+		assertNotNull(userFourModel.getTeam("git_users"));
+		assertNull(userFourModel.getTeam("git_admins"));
+		assertNull(userFourModel.getTeam("git admins"));
+		assertFalse(userFourModel.canAdmin);
+		assertFalse(userFourModel.canAdmin());
+		assertFalse(userFourModel.getTeam("git_users").canAdmin);
+	}
 
 	@Test
-	public void testAuthenticate() {
+	public void testAdminPropertyTeamsNotInLdap() {
+		settings.put(Keys.realm.ldap.maintainTeams, "false");
+
 		UserModel userOneModel = ldap.authenticate("UserOne", "userOnePassword".toCharArray());
 		assertNotNull(userOneModel);
 		assertNotNull(userOneModel.getTeam("git_admins"));
+		assertNull(userOneModel.getTeam("git admins"));
 		assertNotNull(userOneModel.getTeam("git_users"));
 		assertTrue(userOneModel.canAdmin);
-
-		UserModel userOneModelFailedAuth = ldap.authenticate("UserOne", "userTwoPassword".toCharArray());
-		assertNull(userOneModelFailedAuth);
+		assertTrue(userOneModel.canAdmin());
+		assertFalse(userOneModel.getTeam("git_admins").canAdmin);
+		assertFalse(userOneModel.getTeam("git_users").canAdmin);
 
 		UserModel userTwoModel = ldap.authenticate("UserTwo", "userTwoPassword".toCharArray());
 		assertNotNull(userTwoModel);
 		assertNotNull(userTwoModel.getTeam("git_users"));
 		assertNull(userTwoModel.getTeam("git_admins"));
 		assertNotNull(userTwoModel.getTeam("git admins"));
-		assertTrue(userTwoModel.canAdmin);
+		assertFalse(userTwoModel.canAdmin);
+		assertTrue(userTwoModel.canAdmin());
+		assertTrue(userTwoModel.getTeam("git admins").canAdmin);
+		assertFalse(userTwoModel.getTeam("git_users").canAdmin);
 
 		UserModel userThreeModel = ldap.authenticate("UserThree", "userThreePassword".toCharArray());
 		assertNotNull(userThreeModel);
 		assertNotNull(userThreeModel.getTeam("git_users"));
 		assertNull(userThreeModel.getTeam("git_admins"));
-		assertTrue(userThreeModel.canAdmin);
+		assertNull(userThreeModel.getTeam("git admins"));
+		assertFalse(userThreeModel.canAdmin);
+		assertFalse(userThreeModel.canAdmin());
+		assertFalse(userThreeModel.getTeam("git_users").canAdmin);
 
 		UserModel userFourModel = ldap.authenticate("UserFour", "userFourPassword".toCharArray());
 		assertNotNull(userFourModel);
@@ -320,6 +187,8 @@ public void testAuthenticate() {
 		assertNull(userFourModel.getTeam("git_admins"));
 		assertNull(userFourModel.getTeam("git admins"));
 		assertFalse(userFourModel.canAdmin);
+		assertFalse(userFourModel.canAdmin());
+		assertFalse(userFourModel.getTeam("git_users").canAdmin);
 	}
 
 	@Test
@@ -391,6 +260,17 @@ public void addingGroupsInLdapShouldNotUpdateGitBlitUsersAndGroups() throws Exce
 		assertEquals("Number of ldap groups in gitblit team model", 0, countLdapTeamsInUserManager());
 	}
 
+	@Test
+	public void addingGroupsInLdapShouldUpdateGitBlitUsersNotGroups2() throws Exception {
+		settings.put(Keys.realm.ldap.synchronize, "true");
+		settings.put(Keys.realm.ldap.maintainTeams, "false");
+		getDS().addEntries(LDIFReader.readEntries(RESOURCE_DIR + "adduser.ldif"));
+		getDS().addEntries(LDIFReader.readEntries(RESOURCE_DIR + "addgroup.ldif"));
+		ldap.sync();
+		assertEquals("Number of ldap users in gitblit user model", 6, countLdapUsersInUserManager());
+		assertEquals("Number of ldap groups in gitblit team model", 0, countLdapTeamsInUserManager());
+	}
+
 	@Test
 	public void addingGroupsInLdapShouldUpdateGitBlitUsersAndGroups() throws Exception {
 		// This test only makes sense if the authentication mode allows for synchronization.
@@ -402,13 +282,92 @@ public void addingGroupsInLdapShouldUpdateGitBlitUsersAndGroups() throws Excepti
 		assertEquals("Number of ldap groups in gitblit team model", 1, countLdapTeamsInUserManager());
 	}
 
+	@Test
+	public void syncUpdateUsersAndGroupsAdminProperty() throws Exception {
+		// This test only makes sense if the authentication mode allows for synchronization.
+		assumeTrue(authMode == AuthMode.ANONYMOUS || authMode == AuthMode.DS_MANAGER);
+
+		settings.put(Keys.realm.ldap.synchronize, "true");
+		ldap.sync();
+
+		UserModel user = userManager.getUserModel("UserOne");
+		assertNotNull(user);
+		assertFalse(user.canAdmin);
+		assertTrue(user.canAdmin());
+
+		user = userManager.getUserModel("UserTwo");
+		assertNotNull(user);
+		assertFalse(user.canAdmin);
+		assertTrue(user.canAdmin());
+
+		user = userManager.getUserModel("UserThree");
+		assertNotNull(user);
+		assertTrue(user.canAdmin);
+		assertTrue(user.canAdmin());
+
+		user = userManager.getUserModel("UserFour");
+		assertNotNull(user);
+		assertFalse(user.canAdmin);
+		assertFalse(user.canAdmin());
+
+		TeamModel team = userManager.getTeamModel("Git_Admins");
+		assertNotNull(team);
+		assertTrue(team.canAdmin);
+
+		team = userManager.getTeamModel("Git Admins");
+		assertNotNull(team);
+		assertTrue(team.canAdmin);
+
+		team = userManager.getTeamModel("Git_Users");
+		assertNotNull(team);
+		assertFalse(team.canAdmin);
+	}
+
+	@Test
+	public void syncNotUpdateUsersAndGroupsAdminProperty() throws Exception {
+		settings.put(Keys.realm.ldap.synchronize, "true");
+		settings.put(Keys.realm.ldap.maintainTeams, "false");
+		ldap.sync();
+
+		UserModel user = userManager.getUserModel("UserOne");
+		assertNotNull(user);
+		assertTrue(user.canAdmin);
+		assertTrue(user.canAdmin());
+
+		user = userManager.getUserModel("UserTwo");
+		assertNotNull(user);
+		assertFalse(user.canAdmin);
+		assertTrue(user.canAdmin());
+
+		user = userManager.getUserModel("UserThree");
+		assertNotNull(user);
+		assertFalse(user.canAdmin);
+		assertFalse(user.canAdmin());
+
+		user = userManager.getUserModel("UserFour");
+		assertNotNull(user);
+		assertFalse(user.canAdmin);
+		assertFalse(user.canAdmin());
+
+		TeamModel team = userManager.getTeamModel("Git_Admins");
+		assertNotNull(team);
+		assertFalse(team.canAdmin);
+
+		team = userManager.getTeamModel("Git Admins");
+		assertNotNull(team);
+		assertTrue(team.canAdmin);
+
+		team = userManager.getTeamModel("Git_Users");
+		assertNotNull(team);
+		assertFalse(team.canAdmin);
+	}
+
 	@Test
 	public void testAuthenticationManager() {
 		UserModel userOneModel = auth.authenticate("UserOne", "userOnePassword".toCharArray(), null);
 		assertNotNull(userOneModel);
 		assertNotNull(userOneModel.getTeam("git_admins"));
 		assertNotNull(userOneModel.getTeam("git_users"));
-		assertTrue(userOneModel.canAdmin);
 
 		UserModel userOneModelFailedAuth = auth.authenticate("UserOne", "userTwoPassword".toCharArray(), null);
 		assertNull(userOneModelFailedAuth);
@@ -418,13 +377,98 @@ public void testAuthenticationManager() {
 		assertNotNull(userTwoModel.getTeam("git_users"));
 		assertNull(userTwoModel.getTeam("git_admins"));
 		assertNotNull(userTwoModel.getTeam("git admins"));
-		assertTrue(userTwoModel.canAdmin);
 
 		UserModel userThreeModel = auth.authenticate("UserThree", "userThreePassword".toCharArray(), null);
 		assertNotNull(userThreeModel);
 		assertNotNull(userThreeModel.getTeam("git_users"));
 		assertNull(userThreeModel.getTeam("git_admins"));
+
+		UserModel userFourModel = auth.authenticate("UserFour", "userFourPassword".toCharArray(), null);
+		assertNotNull(userFourModel);
+		assertNotNull(userFourModel.getTeam("git_users"));
+		assertNull(userFourModel.getTeam("git_admins"));
+		assertNull(userFourModel.getTeam("git admins"));
+	}
+
+	@Test
+	public void testAuthenticationManagerAdminPropertyTeamsInLdap() {
+		UserModel userOneModel = auth.authenticate("UserOne", "userOnePassword".toCharArray(), null);
+		assertNotNull(userOneModel);
+		assertNotNull(userOneModel.getTeam("git_admins"));
+		assertNull(userOneModel.getTeam("git admins"));
+		assertNotNull(userOneModel.getTeam("git_users"));
+		assertFalse(userOneModel.canAdmin);
+		assertTrue(userOneModel.canAdmin());
+		assertTrue(userOneModel.getTeam("git_admins").canAdmin);
+		assertFalse(userOneModel.getTeam("git_users").canAdmin);
+
+		UserModel userOneModelFailedAuth = auth.authenticate("UserOne", "userTwoPassword".toCharArray(), null);
+		assertNull(userOneModelFailedAuth);
+
+		UserModel userTwoModel = auth.authenticate("UserTwo", "userTwoPassword".toCharArray(), null);
+		assertNotNull(userTwoModel);
+		assertNotNull(userTwoModel.getTeam("git_users"));
+		assertNull(userTwoModel.getTeam("git_admins"));
+		assertNotNull(userTwoModel.getTeam("git admins"));
+		assertFalse(userTwoModel.canAdmin);
+		assertTrue(userTwoModel.canAdmin());
+		assertTrue(userTwoModel.getTeam("git admins").canAdmin);
+		assertFalse(userTwoModel.getTeam("git_users").canAdmin);
+
+		UserModel userThreeModel = auth.authenticate("UserThree", "userThreePassword".toCharArray(), null);
+		assertNotNull(userThreeModel);
+		assertNotNull(userThreeModel.getTeam("git_users"));
+		assertNull(userThreeModel.getTeam("git_admins"));
+		assertNull(userThreeModel.getTeam("git admins"));
 		assertTrue(userThreeModel.canAdmin);
+		assertTrue(userThreeModel.canAdmin());
+		assertFalse(userThreeModel.getTeam("git_users").canAdmin);
+
+		UserModel userFourModel = auth.authenticate("UserFour", "userFourPassword".toCharArray(), null);
+		assertNotNull(userFourModel);
+		assertNotNull(userFourModel.getTeam("git_users"));
+		assertNull(userFourModel.getTeam("git_admins"));
+		assertNull(userFourModel.getTeam("git admins"));
+		assertFalse(userFourModel.canAdmin);
+		assertFalse(userFourModel.canAdmin());
+		assertFalse(userFourModel.getTeam("git_users").canAdmin);
+	}
+
+	@Test
+	public void testAuthenticationManagerAdminPropertyTeamsNotInLdap() {
+		settings.put(Keys.realm.ldap.maintainTeams, "false");
+
+		UserModel userOneModel = auth.authenticate("UserOne", "userOnePassword".toCharArray(), null);
+		assertNotNull(userOneModel);
+		assertNotNull(userOneModel.getTeam("git_admins"));
+		assertNull(userOneModel.getTeam("git admins"));
+		assertNotNull(userOneModel.getTeam("git_users"));
+		assertTrue(userOneModel.canAdmin);
+		assertTrue(userOneModel.canAdmin());
+		assertFalse(userOneModel.getTeam("git_admins").canAdmin);
+		assertFalse(userOneModel.getTeam("git_users").canAdmin);
+
+		UserModel userOneModelFailedAuth = auth.authenticate("UserOne", "userTwoPassword".toCharArray(), null);
+		assertNull(userOneModelFailedAuth);
+
+		UserModel userTwoModel = auth.authenticate("UserTwo", "userTwoPassword".toCharArray(), null);
+		assertNotNull(userTwoModel);
+		assertNotNull(userTwoModel.getTeam("git_users"));
+		assertNull(userTwoModel.getTeam("git_admins"));
+		assertNotNull(userTwoModel.getTeam("git admins"));
+		assertFalse(userTwoModel.canAdmin);
+		assertTrue(userTwoModel.canAdmin());
+		assertTrue(userTwoModel.getTeam("git admins").canAdmin);
+		assertFalse(userTwoModel.getTeam("git_users").canAdmin);
+
+		UserModel userThreeModel = auth.authenticate("UserThree", "userThreePassword".toCharArray(), null);
+		assertNotNull(userThreeModel);
+		assertNotNull(userThreeModel.getTeam("git_users"));
+		assertNull(userThreeModel.getTeam("git_admins"));
+		assertNull(userThreeModel.getTeam("git admins"));
+		assertFalse(userThreeModel.canAdmin);
+		assertFalse(userThreeModel.canAdmin());
+		assertFalse(userThreeModel.getTeam("git_users").canAdmin);
 
 		UserModel userFourModel = auth.authenticate("UserFour", "userFourPassword".toCharArray(), null);
 		assertNotNull(userFourModel);
@@ -432,6 +476,8 @@ public void testAuthenticationManager() {
 		assertNull(userFourModel.getTeam("git_admins"));
 		assertNull(userFourModel.getTeam("git admins"));
 		assertFalse(userFourModel.canAdmin);
+		assertFalse(userFourModel.canAdmin());
+		assertFalse(userFourModel.getTeam("git_users").canAdmin);
 	}
 
 	@Test
@@ -451,10 +497,12 @@ public void testBindWithUser() {
 	}
 
 
-	private InMemoryDirectoryServer getDS()
-	{
-		return authMode.getDS();
-	}
+
+
+
+
+
+
 
 	private int countLdapUsersInUserManager() {
 		int ldapAccountCount = 0;
@@ -476,120 +524,4 @@ private int countLdapTeamsInUserManager() {
 		return ldapAccountCount;
 	}
 
-
-
-
-	/**
-	 * Operation interceptor for the in memory DS. This interceptor
-	 * implements access restrictions for certain user/DN combinations.
-	 *
-	 * The USER_MANAGER is only allowed to search for users, but not for groups.
-	 * This is to test the original behaviour where the teams were searched under
-	 * the user binding.
-	 * When running in a DIRECTORY_MANAGER scenario, only the manager account
-	 * is allowed to search for users and groups, while a normal user may not do so.
-	 * This tests the scenario where a normal user cannot read teams and thus the
-	 * manager account needs to be used for all searches.
-	 *
-	 */
-	private static class AccessInterceptor extends InMemoryOperationInterceptor {
-		AuthMode authMode;
-		Map<Long,String> lastSuccessfulBindDN = new HashMap<>();
-		Map<Long,Boolean> resultProhibited = new HashMap<>();
-
-		public AccessInterceptor(AuthMode authMode) {
-			this.authMode = authMode;
-		}
-
-
-		@Override
-		public void processSimpleBindResult(InMemoryInterceptedSimpleBindResult bind) {
-			BindResult result = bind.getResult();
-			if (result.getResultCode() == ResultCode.SUCCESS) {
-				 BindRequest bindRequest = bind.getRequest();
-				 lastSuccessfulBindDN.put(bind.getConnectionID(), ((SimpleBindRequest)bindRequest).getBindDN());
-				 resultProhibited.remove(bind.getConnectionID());
-			}
-		}
-
-
-
-		@Override
-		public void processSearchRequest(InMemoryInterceptedSearchRequest request) throws LDAPException {
-			String bindDN = getLastBindDN(request);
-
-			if (USER_MANAGER.equals(bindDN)) {
-				if (request.getRequest().getBaseDN().endsWith(GROUP_BASE)) {
-					throw new LDAPException(ResultCode.NO_SUCH_OBJECT);
-				}
-			}
-			else if(authMode == AuthMode.DS_MANAGER && !DIRECTORY_MANAGER.equals(bindDN)) {
-				throw new LDAPException(ResultCode.NO_SUCH_OBJECT);
-			}
-		}
-
-
-		@Override
-		public void processSearchEntry(InMemoryInterceptedSearchEntry entry) {
-			String bindDN = getLastBindDN(entry);
-
-			boolean prohibited = false;
-
-			if (USER_MANAGER.equals(bindDN)) {
-				if (entry.getSearchEntry().getDN().endsWith(GROUP_BASE)) {
-					prohibited = true;
-				}
-			}
-			else if(authMode == AuthMode.DS_MANAGER && !DIRECTORY_MANAGER.equals(bindDN)) {
-				prohibited = true;
-			}
-
-			if (prohibited) {
-				// Found entry prohibited for bound user. Setting entry to null.
-				entry.setSearchEntry(null);
-				resultProhibited.put(entry.getConnectionID(), Boolean.TRUE);
-			}
-		}
-
-		@Override
-		public void processSearchResult(InMemoryInterceptedSearchResult result) {
-			String bindDN = getLastBindDN(result);
-
-			boolean prohibited = false;
-
-			Boolean rspb = resultProhibited.get(result.getConnectionID());
-			if (USER_MANAGER.equals(bindDN)) {
-				if (rspb != null && rspb) {
-					prohibited = true;
-				}
-			}
-			else if(authMode == AuthMode.DS_MANAGER && !DIRECTORY_MANAGER.equals(bindDN)) {
-				if (rspb != null && rspb) {
-					prohibited = true;
-				}
-			}
-
-			if (prohibited) {
-				// Result prohibited for bound user. Returning error
-				result.setResult(new LDAPResult(result.getMessageID(), ResultCode.INSUFFICIENT_ACCESS_RIGHTS));
-				resultProhibited.remove(result.getConnectionID());
-			}
-		}
-
-		private String getLastBindDN(InMemoryInterceptedResult result) {
-			String bindDN = lastSuccessfulBindDN.get(result.getConnectionID());
-			if (bindDN == null) {
-				return "UNKNOWN";
-			}
-			return bindDN;
-		}
-		private String getLastBindDN(InMemoryInterceptedRequest request) {
-			String bindDN = lastSuccessfulBindDN.get(request.getConnectionID());
-			if (bindDN == null) {
-				return "UNKNOWN";
-			}
-			return bindDN;
-		}
-	}
-
 }
diff --git a/src/test/java/com/gitblit/tests/LdapBasedUnitTest.java b/src/test/java/com/gitblit/tests/LdapBasedUnitTest.java
new file mode 100644
index 000000000..7aec50e6e
--- /dev/null
+++ b/src/test/java/com/gitblit/tests/LdapBasedUnitTest.java
@@ -0,0 +1,410 @@
+package com.gitblit.tests;
+
+import java.io.File;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.EnumSet;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.io.FileUtils;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Rule;
+import org.junit.rules.TemporaryFolder;
+import org.junit.runners.Parameterized.Parameter;
+import org.junit.runners.Parameterized.Parameters;
+
+import com.gitblit.Keys;
+import com.gitblit.tests.mock.MemorySettings;
+import com.unboundid.ldap.listener.InMemoryDirectoryServer;
+import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig;
+import com.unboundid.ldap.listener.InMemoryDirectoryServerSnapshot;
+import com.unboundid.ldap.listener.InMemoryListenerConfig;
+import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedRequest;
+import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedResult;
+import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedSearchEntry;
+import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedSearchRequest;
+import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedSearchResult;
+import com.unboundid.ldap.listener.interceptor.InMemoryInterceptedSimpleBindResult;
+import com.unboundid.ldap.listener.interceptor.InMemoryOperationInterceptor;
+import com.unboundid.ldap.sdk.BindRequest;
+import com.unboundid.ldap.sdk.BindResult;
+import com.unboundid.ldap.sdk.LDAPException;
+import com.unboundid.ldap.sdk.LDAPResult;
+import com.unboundid.ldap.sdk.OperationType;
+import com.unboundid.ldap.sdk.ResultCode;
+import com.unboundid.ldap.sdk.SimpleBindRequest;
+
+
+
+/**
+ * Base class for Unit (/Integration) tests that test going against an
+ * in-memory UnboundID LDAP server.
+ *
+ * This base class creates separate in-memory LDAP servers for different scenarios:
+ * - ANONYMOUS: anonymous bind to LDAP.
+ * - DS_MANAGER: The DIRECTORY_MANAGER is set as DN to bind as an admin.
+ *               Normal users are prohibited to search the DS, they can only bind.
+ * - USR_MANAGER: The USER_MANAGER is set as DN to bind as an admin.
+ *                This account can only search users but not groups. Normal users can search groups.
+ *
+ * @author Florian Zschocke
+ *
+ */
+public abstract class LdapBasedUnitTest extends GitblitUnitTest {
+
+	protected static final String RESOURCE_DIR = "src/test/resources/ldap/";
+	private static final String DIRECTORY_MANAGER = "cn=Directory Manager";
+	private static final String USER_MANAGER = "cn=UserManager";
+	protected static final String ACCOUNT_BASE = "OU=Users,OU=UserControl,OU=MyOrganization,DC=MyDomain";
+	private static final String GROUP_BASE = "OU=Groups,OU=UserControl,OU=MyOrganization,DC=MyDomain";
+	protected static final String DN_USER_ONE = "CN=UserOne,OU=US," + ACCOUNT_BASE;
+	protected static final String DN_USER_TWO = "CN=UserTwo,OU=US," + ACCOUNT_BASE;
+	protected static final String DN_USER_THREE = "CN=UserThree,OU=Canada," + ACCOUNT_BASE;
+
+
+	/**
+	 * Enumeration of different test modes, representing different use scenarios.
+	 * With ANONYMOUS anonymous binds are used to search LDAP.
+	 * DS_MANAGER will use a DIRECTORY_MANAGER to search LDAP. Normal users are prohibited to search the DS.
+	 * With USR_MANAGER, a USER_MANAGER account is used to search in LDAP. This account can only search users
+	 * but not groups. Normal users can search groups, though.
+	 *
+	 */
+	protected enum AuthMode {
+		ANONYMOUS,
+		DS_MANAGER,
+		USR_MANAGER;
+
+
+		private int ldapPort;
+		private InMemoryDirectoryServer ds;
+		private InMemoryDirectoryServerSnapshot dsSnapshot;
+		private BindTracker bindTracker;
+
+		void setLdapPort(int port) {
+			this.ldapPort = port;
+		}
+
+		int ldapPort() {
+			return this.ldapPort;
+		}
+
+		void setDS(InMemoryDirectoryServer ds) {
+			if (this.ds == null) {
+				this.ds = ds;
+				this.dsSnapshot = ds.createSnapshot();
+			};
+		}
+
+		InMemoryDirectoryServer getDS() {
+			return ds;
+		}
+
+		void setBindTracker(BindTracker bindTracker) {
+			this.bindTracker = bindTracker;
+		}
+
+		BindTracker getBindTracker() {
+			return bindTracker;
+		}
+
+		void restoreSnapshot() {
+			ds.restoreSnapshot(dsSnapshot);
+		}
+	}
+
+	@Parameter
+	public AuthMode authMode = AuthMode.ANONYMOUS;
+
+	@Rule
+	public TemporaryFolder folder = new TemporaryFolder();
+
+
+	protected File usersConf;
+
+	protected MemorySettings settings;
+
+
+	/**
+	 * Run the tests with each authentication scenario once.
+	 */
+	@Parameters(name = "{0}")
+	public static Collection<Object[]> data() {
+		return Arrays.asList(new Object[][] { {AuthMode.ANONYMOUS}, {AuthMode.DS_MANAGER}, {AuthMode.USR_MANAGER} });
+	}
+
+
+	/**
+	 * Create three different in memory DS.
+	 *
+	 * Each DS has a different configuration:
+	 * The first allows anonymous binds.
+	 * The second requires authentication for all operations. It will only allow the DIRECTORY_MANAGER account
+	 * to search for users and groups.
+	 * The third one is like the second, but it allows users to search for users and groups, and restricts the
+	 * USER_MANAGER from searching for groups.
+	 */
+	@BeforeClass
+	public static void ldapInit() throws Exception {
+		InMemoryDirectoryServer ds;
+		InMemoryDirectoryServerConfig config = createInMemoryLdapServerConfig(AuthMode.ANONYMOUS);
+		config.setListenerConfigs(InMemoryListenerConfig.createLDAPConfig("anonymous"));
+		ds = createInMemoryLdapServer(config);
+		AuthMode.ANONYMOUS.setDS(ds);
+		AuthMode.ANONYMOUS.setLdapPort(ds.getListenPort("anonymous"));
+
+
+		config = createInMemoryLdapServerConfig(AuthMode.DS_MANAGER);
+		config.setListenerConfigs(InMemoryListenerConfig.createLDAPConfig("ds_manager"));
+		config.setAuthenticationRequiredOperationTypes(EnumSet.allOf(OperationType.class));
+		ds = createInMemoryLdapServer(config);
+		AuthMode.DS_MANAGER.setDS(ds);
+		AuthMode.DS_MANAGER.setLdapPort(ds.getListenPort("ds_manager"));
+
+
+		config = createInMemoryLdapServerConfig(AuthMode.USR_MANAGER);
+		config.setListenerConfigs(InMemoryListenerConfig.createLDAPConfig("usr_manager"));
+		config.setAuthenticationRequiredOperationTypes(EnumSet.allOf(OperationType.class));
+		ds = createInMemoryLdapServer(config);
+		AuthMode.USR_MANAGER.setDS(ds);
+		AuthMode.USR_MANAGER.setLdapPort(ds.getListenPort("usr_manager"));
+
+	}
+
+	@AfterClass
+	public static void destroy() throws Exception {
+		for (AuthMode am : AuthMode.values()) {
+			am.getDS().shutDown(true);
+		}
+	}
+
+	public static InMemoryDirectoryServer createInMemoryLdapServer(InMemoryDirectoryServerConfig config) throws Exception {
+		InMemoryDirectoryServer imds = new InMemoryDirectoryServer(config);
+		imds.importFromLDIF(true, RESOURCE_DIR + "sampledata.ldif");
+		imds.startListening();
+		return imds;
+	}
+
+	public static InMemoryDirectoryServerConfig createInMemoryLdapServerConfig(AuthMode authMode) throws Exception {
+		InMemoryDirectoryServerConfig config = new InMemoryDirectoryServerConfig("dc=MyDomain");
+		config.addAdditionalBindCredentials(DIRECTORY_MANAGER, "password");
+		config.addAdditionalBindCredentials(USER_MANAGER, "passwd");
+		config.setSchema(null);
+
+		authMode.setBindTracker(new BindTracker());
+		config.addInMemoryOperationInterceptor(authMode.getBindTracker());
+		config.addInMemoryOperationInterceptor(new AccessInterceptor(authMode));
+
+		return config;
+	}
+
+
+
+	@Before
+	public void setupBase() throws Exception {
+		authMode.restoreSnapshot();
+		authMode.getBindTracker().reset();
+
+		usersConf = folder.newFile("users.conf");
+		FileUtils.copyFile(new File(RESOURCE_DIR + "users.conf"), usersConf);
+		settings = getSettings();
+	}
+
+
+	protected InMemoryDirectoryServer getDS() {
+		return authMode.getDS();
+	}
+
+
+
+	protected MemorySettings getSettings() {
+		Map<String, Object> backingMap = new HashMap<String, Object>();
+		backingMap.put(Keys.realm.userService, usersConf.getAbsolutePath());
+		backingMap.put(Keys.realm.ldap.server, "ldap://localhost:" + authMode.ldapPort());
+		switch(authMode) {
+		case ANONYMOUS:
+			backingMap.put(Keys.realm.ldap.username, "");
+			backingMap.put(Keys.realm.ldap.password, "");
+			break;
+		case DS_MANAGER:
+			backingMap.put(Keys.realm.ldap.username, DIRECTORY_MANAGER);
+			backingMap.put(Keys.realm.ldap.password, "password");
+			break;
+		case USR_MANAGER:
+			backingMap.put(Keys.realm.ldap.username, USER_MANAGER);
+			backingMap.put(Keys.realm.ldap.password, "passwd");
+			break;
+		default:
+			throw new RuntimeException("Unimplemented AuthMode case!");
+
+		}
+		backingMap.put(Keys.realm.ldap.maintainTeams, "true");
+		backingMap.put(Keys.realm.ldap.accountBase, ACCOUNT_BASE);
+		backingMap.put(Keys.realm.ldap.accountPattern, "(&(objectClass=person)(sAMAccountName=${username}))");
+		backingMap.put(Keys.realm.ldap.groupBase, GROUP_BASE);
+		backingMap.put(Keys.realm.ldap.groupMemberPattern, "(&(objectClass=group)(member=${dn}))");
+		backingMap.put(Keys.realm.ldap.admins, "UserThree @Git_Admins \"@Git Admins\"");
+		backingMap.put(Keys.realm.ldap.displayName, "displayName");
+		backingMap.put(Keys.realm.ldap.email, "email");
+		backingMap.put(Keys.realm.ldap.uid, "sAMAccountName");
+
+		MemorySettings ms = new MemorySettings(backingMap);
+		return ms;
+	}
+
+
+
+
+	/**
+	 * Operation interceptor for the in memory DS. This interceptor
+	 * tracks bind requests.
+	 *
+	 */
+	protected static class BindTracker extends InMemoryOperationInterceptor {
+		private Map<Integer,String> lastSuccessfulBindDNs = new HashMap<>();
+		private String lastSuccessfulBindDN;
+
+
+		@Override
+		public void processSimpleBindResult(InMemoryInterceptedSimpleBindResult bind) {
+			BindResult result = bind.getResult();
+			if (result.getResultCode() == ResultCode.SUCCESS) {
+				 BindRequest bindRequest = bind.getRequest();
+				 lastSuccessfulBindDNs.put(bind.getMessageID(), ((SimpleBindRequest)bindRequest).getBindDN());
+				 lastSuccessfulBindDN = ((SimpleBindRequest)bindRequest).getBindDN();
+			}
+		}
+
+		String getLastSuccessfulBindDN() {
+			return lastSuccessfulBindDN;
+		}
+
+		String getLastSuccessfulBindDN(int messageID) {
+			return lastSuccessfulBindDNs.get(messageID);
+		}
+
+		void reset() {
+			lastSuccessfulBindDNs = new HashMap<>();
+			lastSuccessfulBindDN = null;
+		}
+	}
+
+
+
+	/**
+	 * Operation interceptor for the in memory DS. This interceptor
+	 * implements access restrictions for certain user/DN combinations.
+	 *
+	 * The USER_MANAGER is only allowed to search for users, but not for groups.
+	 * This is to test the original behaviour where the teams were searched under
+	 * the user binding.
+	 * When running in a DIRECTORY_MANAGER scenario, only the manager account
+	 * is allowed to search for users and groups, while a normal user may not do so.
+	 * This tests the scenario where a normal user cannot read teams and thus the
+	 * manager account needs to be used for all searches.
+	 *
+	 */
+	protected static class AccessInterceptor extends InMemoryOperationInterceptor {
+		AuthMode authMode;
+		Map<Long,String> lastSuccessfulBindDN = new HashMap<>();
+		Map<Long,Boolean> resultProhibited = new HashMap<>();
+
+		public AccessInterceptor(AuthMode authMode) {
+			this.authMode = authMode;
+		}
+
+
+		@Override
+		public void processSimpleBindResult(InMemoryInterceptedSimpleBindResult bind) {
+			BindResult result = bind.getResult();
+			if (result.getResultCode() == ResultCode.SUCCESS) {
+				 BindRequest bindRequest = bind.getRequest();
+				 lastSuccessfulBindDN.put(bind.getConnectionID(), ((SimpleBindRequest)bindRequest).getBindDN());
+				 resultProhibited.remove(bind.getConnectionID());
+			}
+		}
+
+
+
+		@Override
+		public void processSearchRequest(InMemoryInterceptedSearchRequest request) throws LDAPException {
+			String bindDN = getLastBindDN(request);
+
+			if (USER_MANAGER.equals(bindDN)) {
+				if (request.getRequest().getBaseDN().endsWith(GROUP_BASE)) {
+					throw new LDAPException(ResultCode.NO_SUCH_OBJECT);
+				}
+			}
+			else if(authMode == AuthMode.DS_MANAGER && !DIRECTORY_MANAGER.equals(bindDN)) {
+				throw new LDAPException(ResultCode.NO_SUCH_OBJECT);
+			}
+		}
+
+
+		@Override
+		public void processSearchEntry(InMemoryInterceptedSearchEntry entry) {
+			String bindDN = getLastBindDN(entry);
+
+			boolean prohibited = false;
+
+			if (USER_MANAGER.equals(bindDN)) {
+				if (entry.getSearchEntry().getDN().endsWith(GROUP_BASE)) {
+					prohibited = true;
+				}
+			}
+			else if(authMode == AuthMode.DS_MANAGER && !DIRECTORY_MANAGER.equals(bindDN)) {
+				prohibited = true;
+			}
+
+			if (prohibited) {
+				// Found entry prohibited for bound user. Setting entry to null.
+				entry.setSearchEntry(null);
+				resultProhibited.put(entry.getConnectionID(), Boolean.TRUE);
+			}
+		}
+
+		@Override
+		public void processSearchResult(InMemoryInterceptedSearchResult result) {
+			String bindDN = getLastBindDN(result);
+
+			boolean prohibited = false;
+
+			Boolean rspb = resultProhibited.get(result.getConnectionID());
+			if (USER_MANAGER.equals(bindDN)) {
+				if (rspb != null && rspb) {
+					prohibited = true;
+				}
+			}
+			else if(authMode == AuthMode.DS_MANAGER && !DIRECTORY_MANAGER.equals(bindDN)) {
+				if (rspb != null && rspb) {
+					prohibited = true;
+				}
+			}
+
+			if (prohibited) {
+				// Result prohibited for bound user. Returning error
+				result.setResult(new LDAPResult(result.getMessageID(), ResultCode.INSUFFICIENT_ACCESS_RIGHTS));
+				resultProhibited.remove(result.getConnectionID());
+			}
+		}
+
+		private String getLastBindDN(InMemoryInterceptedResult result) {
+			String bindDN = lastSuccessfulBindDN.get(result.getConnectionID());
+			if (bindDN == null) {
+				return "UNKNOWN";
+			}
+			return bindDN;
+		}
+		private String getLastBindDN(InMemoryInterceptedRequest request) {
+			String bindDN = lastSuccessfulBindDN.get(request.getConnectionID());
+			if (bindDN == null) {
+				return "UNKNOWN";
+			}
+			return bindDN;
+		}
+	}
+
+}
diff --git a/src/test/java/com/gitblit/tests/LdapConnectionTest.java b/src/test/java/com/gitblit/tests/LdapConnectionTest.java
new file mode 100644
index 000000000..3da547772
--- /dev/null
+++ b/src/test/java/com/gitblit/tests/LdapConnectionTest.java
@@ -0,0 +1,280 @@
+package com.gitblit.tests;
+
+import static org.junit.Assume.assumeTrue;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+
+import com.gitblit.Keys;
+import com.gitblit.ldap.LdapConnection;
+import com.unboundid.ldap.sdk.BindResult;
+import com.unboundid.ldap.sdk.LDAPException;
+import com.unboundid.ldap.sdk.ResultCode;
+import com.unboundid.ldap.sdk.SearchRequest;
+import com.unboundid.ldap.sdk.SearchResult;
+import com.unboundid.ldap.sdk.SearchResultEntry;
+import com.unboundid.ldap.sdk.SearchScope;
+
+/*
+ * Test for the LdapConnection
+ *
+ * @author Florian Zschocke
+ *
+ */
+@RunWith(Parameterized.class)
+public class LdapConnectionTest extends LdapBasedUnitTest {
+
+	@Test
+	public void testEscapeLDAPFilterString() {
+		// This test is independent from authentication mode, so run only once.
+		assumeTrue(authMode == AuthMode.ANONYMOUS);
+
+		// From: https://www.owasp.org/index.php/Preventing_LDAP_Injection_in_Java
+		assertEquals("No special characters to escape", "Hi This is a test #çà", LdapConnection.escapeLDAPSearchFilter("Hi This is a test #çà"));
+		assertEquals("LDAP Christams Tree", "Hi \\28This\\29 = is \\2a a \\5c test # ç à ô", LdapConnection.escapeLDAPSearchFilter("Hi (This) = is * a \\ test # ç à ô"));
+
+		assertEquals("Injection", "\\2a\\29\\28userPassword=secret", LdapConnection.escapeLDAPSearchFilter("*)(userPassword=secret"));
+	}
+
+
+	@Test
+	public void testConnect() {
+		// This test is independent from authentication mode, so run only once.
+		assumeTrue(authMode == AuthMode.ANONYMOUS);
+
+		LdapConnection conn = new LdapConnection(settings);
+		try {
+			assertTrue(conn.connect());
+		} finally {
+			conn.close();
+		}
+	}
+
+
+	@Test
+	public void testBindAnonymous() {
+		// This test tests for anonymous bind, so run only in authentication mode ANONYMOUS.
+		assumeTrue(authMode == AuthMode.ANONYMOUS);
+
+		LdapConnection conn = new LdapConnection(settings);
+		try {
+			assertTrue(conn.connect());
+
+			BindResult br = conn.bind();
+			assertNotNull(br);
+			assertEquals(ResultCode.SUCCESS, br.getResultCode());
+			assertEquals("", authMode.getBindTracker().getLastSuccessfulBindDN(br.getMessageID()));
+
+		} finally {
+			conn.close();
+		}
+	}
+
+
+	@Test
+	public void testBindAsAdmin() {
+		// This test tests for anonymous bind, so run only in authentication mode DS_MANAGER.
+		assumeTrue(authMode == AuthMode.DS_MANAGER);
+
+		LdapConnection conn = new LdapConnection(settings);
+		try {
+			assertTrue(conn.connect());
+
+			BindResult br = conn.bind();
+			assertNotNull(br);
+			assertEquals(ResultCode.SUCCESS, br.getResultCode());
+			assertEquals(settings.getString(Keys.realm.ldap.username, "UNSET"), authMode.getBindTracker().getLastSuccessfulBindDN(br.getMessageID()));
+
+		} finally {
+			conn.close();
+		}
+	}
+
+
+	@Test
+	public void testBindToBindpattern() {
+		LdapConnection conn = new LdapConnection(settings);
+		try {
+			assertTrue(conn.connect());
+
+			String bindPattern = "CN=${username},OU=Canada," + ACCOUNT_BASE;
+
+			BindResult br = conn.bind(bindPattern, "UserThree", "userThreePassword");
+			assertNotNull(br);
+			assertEquals(ResultCode.SUCCESS, br.getResultCode());
+			assertEquals("CN=UserThree,OU=Canada," + ACCOUNT_BASE, authMode.getBindTracker().getLastSuccessfulBindDN(br.getMessageID()));
+
+			br = conn.bind(bindPattern, "UserFour", "userThreePassword");
+			assertNull(br);
+
+			br = conn.bind(bindPattern, "UserTwo", "userTwoPassword");
+			assertNull(br);
+
+		} finally {
+			conn.close();
+		}
+	}
+
+
+	@Test
+	public void testRebindAsUser() {
+		LdapConnection conn = new LdapConnection(settings);
+		try {
+			assertTrue(conn.connect());
+
+			assertFalse(conn.rebindAsUser());
+
+			BindResult br = conn.bind();
+			assertNotNull(br);
+			assertFalse(conn.rebindAsUser());
+
+
+			String bindPattern = "CN=${username},OU=Canada," + ACCOUNT_BASE;
+			br = conn.bind(bindPattern, "UserThree", "userThreePassword");
+			assertNotNull(br);
+			assertFalse(conn.rebindAsUser());
+
+			br = conn.bind();
+			assertNotNull(br);
+			assertTrue(conn.rebindAsUser());
+			assertEquals(ResultCode.SUCCESS, br.getResultCode());
+			assertEquals("CN=UserThree,OU=Canada," + ACCOUNT_BASE, authMode.getBindTracker().getLastSuccessfulBindDN());
+
+		} finally {
+			conn.close();
+		}
+	}
+
+
+
+	@Test
+	public void testSearchRequest() throws LDAPException {
+		LdapConnection conn = new LdapConnection(settings);
+		try {
+			assertTrue(conn.connect());
+			BindResult br = conn.bind();
+			assertNotNull(br);
+
+			SearchRequest req;
+			SearchResult result;
+			SearchResultEntry entry;
+
+			req = new SearchRequest(ACCOUNT_BASE, SearchScope.BASE, "(CN=UserOne)");
+			result = conn.search(req);
+			assertNotNull(result);
+			assertEquals(0, result.getEntryCount());
+
+			req = new SearchRequest(ACCOUNT_BASE, SearchScope.ONE, "(CN=UserTwo)");
+			result = conn.search(req);
+			assertNotNull(result);
+			assertEquals(0, result.getEntryCount());
+
+			req = new SearchRequest(ACCOUNT_BASE, SearchScope.SUB, "(CN=UserThree)");
+			result = conn.search(req);
+			assertNotNull(result);
+			assertEquals(1, result.getEntryCount());
+			entry = result.getSearchEntries().get(0);
+			assertEquals("CN=UserThree,OU=Canada," + ACCOUNT_BASE, entry.getDN());
+
+			req = new SearchRequest(ACCOUNT_BASE, SearchScope.SUBORDINATE_SUBTREE, "(CN=UserFour)");
+			result = conn.search(req);
+			assertNotNull(result);
+			assertEquals(1, result.getEntryCount());
+			entry = result.getSearchEntries().get(0);
+			assertEquals("CN=UserFour,OU=Canada," + ACCOUNT_BASE, entry.getDN());
+
+		} finally {
+			conn.close();
+		}
+	}
+
+
+	@Test
+	public void testSearch() throws LDAPException {
+		LdapConnection conn = new LdapConnection(settings);
+		try {
+			assertTrue(conn.connect());
+			BindResult br = conn.bind();
+			assertNotNull(br);
+
+			SearchResult result;
+			SearchResultEntry entry;
+
+			result = conn.search(ACCOUNT_BASE, false, "(CN=UserOne)", null);
+			assertNotNull(result);
+			assertEquals(1, result.getEntryCount());
+			entry = result.getSearchEntries().get(0);
+			assertEquals("CN=UserOne,OU=US," + ACCOUNT_BASE, entry.getDN());
+
+			result = conn.search(ACCOUNT_BASE, true, "(&(CN=UserOne)(surname=One))", null);
+			assertNotNull(result);
+			assertEquals(1, result.getEntryCount());
+			entry = result.getSearchEntries().get(0);
+			assertEquals("CN=UserOne,OU=US," + ACCOUNT_BASE, entry.getDN());
+
+			result = conn.search(ACCOUNT_BASE, true, "(&(CN=UserOne)(surname=Two))", null);
+			assertNotNull(result);
+			assertEquals(0, result.getEntryCount());
+
+			result = conn.search(ACCOUNT_BASE, true, "(surname=Two)", Arrays.asList("givenName", "surname"));
+			assertNotNull(result);
+			assertEquals(1, result.getEntryCount());
+			entry = result.getSearchEntries().get(0);
+			assertEquals("CN=UserTwo,OU=US," + ACCOUNT_BASE, entry.getDN());
+			assertEquals(2, entry.getAttributes().size());
+			assertEquals("User", entry.getAttributeValue("givenName"));
+			assertEquals("Two", entry.getAttributeValue("surname"));
+
+			result = conn.search(ACCOUNT_BASE, true, "(personalTitle=Mr*)", null);
+			assertNotNull(result);
+			assertEquals(3, result.getEntryCount());
+			ArrayList<String> names = new ArrayList<>(3);
+			names.add(result.getSearchEntries().get(0).getAttributeValue("surname"));
+			names.add(result.getSearchEntries().get(1).getAttributeValue("surname"));
+			names.add(result.getSearchEntries().get(2).getAttributeValue("surname"));
+			assertTrue(names.contains("One"));
+			assertTrue(names.contains("Two"));
+			assertTrue(names.contains("Three"));
+
+		} finally {
+			conn.close();
+		}
+	}
+
+
+	@Test
+	public void testSearchUser() throws LDAPException {
+		LdapConnection conn = new LdapConnection(settings);
+		try {
+			assertTrue(conn.connect());
+			BindResult br = conn.bind();
+			assertNotNull(br);
+
+			SearchResult result;
+			SearchResultEntry entry;
+
+			result = conn.searchUser("UserOne");
+			assertNotNull(result);
+			assertEquals(1, result.getEntryCount());
+			entry = result.getSearchEntries().get(0);
+			assertEquals("CN=UserOne,OU=US," + ACCOUNT_BASE, entry.getDN());
+
+			result = conn.searchUser("UserFour", Arrays.asList("givenName", "surname"));
+			assertNotNull(result);
+			assertEquals(1, result.getEntryCount());
+			entry = result.getSearchEntries().get(0);
+			assertEquals("CN=UserFour,OU=Canada," + ACCOUNT_BASE, entry.getDN());
+			assertEquals(2, entry.getAttributes().size());
+			assertEquals("User", entry.getAttributeValue("givenName"));
+			assertEquals("Four", entry.getAttributeValue("surname"));
+
+		} finally {
+			conn.close();
+		}
+	}
+
+}
diff --git a/src/test/java/com/gitblit/tests/LdapPublicKeyManagerTest.java b/src/test/java/com/gitblit/tests/LdapPublicKeyManagerTest.java
new file mode 100644
index 000000000..c426254f1
--- /dev/null
+++ b/src/test/java/com/gitblit/tests/LdapPublicKeyManagerTest.java
@@ -0,0 +1,723 @@
+/*
+ * Copyright 2016 Florian Zschocke
+ * Copyright 2016 gitblit.com
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gitblit.tests;
+
+import static org.junit.Assume.assumeTrue;
+
+import java.security.GeneralSecurityException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.Signature;
+import java.security.spec.ECGenParameterSpec;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.sshd.common.util.SecurityUtils;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+
+import com.gitblit.Keys;
+import com.gitblit.Constants.AccessPermission;
+import com.gitblit.transport.ssh.LdapKeyManager;
+import com.gitblit.transport.ssh.SshKey;
+import com.unboundid.ldap.sdk.LDAPException;
+import com.unboundid.ldap.sdk.Modification;
+import com.unboundid.ldap.sdk.ModificationType;
+
+/**
+ * Test LdapPublicKeyManager going against an in-memory UnboundID
+ * LDAP server.
+ *
+ * @author Florian Zschocke
+ *
+ */
+@RunWith(Parameterized.class)
+public class LdapPublicKeyManagerTest extends LdapBasedUnitTest {
+
+	private static Map<String,KeyPair> keyPairs = new HashMap<>(10);
+	private static KeyPairGenerator rsaGenerator;
+	private static KeyPairGenerator dsaGenerator;
+	private static KeyPairGenerator ecGenerator;
+
+
+
+	@BeforeClass
+	public static void init() throws GeneralSecurityException {
+		rsaGenerator = SecurityUtils.getKeyPairGenerator("RSA");
+		dsaGenerator = SecurityUtils.getKeyPairGenerator("DSA");
+		ecGenerator = SecurityUtils.getKeyPairGenerator("ECDSA");
+	}
+
+
+
+	@Test
+	public void testGetKeys() throws LDAPException {
+		String keyRsaOne = getRsaPubKey("UserOne@example.com");
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", keyRsaOne));
+
+		String keyRsaTwo = getRsaPubKey("UserTwo@example.com");
+		String keyDsaTwo = getDsaPubKey("UserTwo@example.com");
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", keyRsaTwo, keyDsaTwo));
+
+		String keyRsaThree = getRsaPubKey("UserThree@example.com");
+		String keyDsaThree = getDsaPubKey("UserThree@example.com");
+		String keyEcThree  = getEcPubKey("UserThree@example.com");
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", keyEcThree, keyRsaThree, keyDsaThree));
+
+		LdapKeyManager kmgr = new LdapKeyManager(settings);
+
+		List<SshKey> keys = kmgr.getKeys("UserOne");
+		assertNotNull(keys);
+		assertTrue(keys.size() == 1);
+		assertEquals(keyRsaOne, keys.get(0).getRawData());
+
+
+		keys = kmgr.getKeys("UserTwo");
+		assertNotNull(keys);
+		assertTrue(keys.size() == 2);
+		if (keyRsaTwo.equals(keys.get(0).getRawData())) {
+			assertEquals(keyDsaTwo, keys.get(1).getRawData());
+		} else if (keyDsaTwo.equals(keys.get(0).getRawData())) {
+			assertEquals(keyRsaTwo, keys.get(1).getRawData());
+		} else {
+			fail("Mismatch in UserTwo keys.");
+		}
+
+
+		keys = kmgr.getKeys("UserThree");
+		assertNotNull(keys);
+		assertTrue(keys.size() == 3);
+		assertEquals(keyEcThree, keys.get(0).getRawData());
+		assertEquals(keyRsaThree, keys.get(1).getRawData());
+		assertEquals(keyDsaThree, keys.get(2).getRawData());
+
+		keys = kmgr.getKeys("UserFour");
+		assertNotNull(keys);
+		assertTrue(keys.size() == 0);
+	}
+
+
+	@Test
+	public void testGetKeysAttributeName() throws LDAPException {
+		settings.put(Keys.realm.ldap.sshPublicKey, "sshPublicKey");
+
+		String keyRsaOne = getRsaPubKey("UserOne@example.com");
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", keyRsaOne));
+
+		String keyDsaTwo = getDsaPubKey("UserTwo@example.com");
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "publicsshkey", keyDsaTwo));
+
+		String keyRsaThree = getRsaPubKey("UserThree@example.com");
+		String keyDsaThree = getDsaPubKey("UserThree@example.com");
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", keyRsaThree));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "publicsshkey", keyDsaThree));
+
+
+		LdapKeyManager kmgr = new LdapKeyManager(settings);
+
+		List<SshKey> keys = kmgr.getKeys("UserOne");
+		assertNotNull(keys);
+		assertEquals(1, keys.size());
+		assertEquals(keyRsaOne, keys.get(0).getRawData());
+
+		keys = kmgr.getKeys("UserTwo");
+		assertNotNull(keys);
+		assertEquals(0, keys.size());
+
+		keys = kmgr.getKeys("UserThree");
+		assertNotNull(keys);
+		assertEquals(1, keys.size());
+		assertEquals(keyRsaThree, keys.get(0).getRawData());
+
+		keys = kmgr.getKeys("UserFour");
+		assertNotNull(keys);
+		assertEquals(0, keys.size());
+
+
+		settings.put(Keys.realm.ldap.sshPublicKey, "publicsshkey");
+
+		keys = kmgr.getKeys("UserOne");
+		assertNotNull(keys);
+		assertEquals(0, keys.size());
+
+		keys = kmgr.getKeys("UserTwo");
+		assertNotNull(keys);
+		assertEquals(1, keys.size());
+		assertEquals(keyDsaTwo, keys.get(0).getRawData());
+
+		keys = kmgr.getKeys("UserThree");
+		assertNotNull(keys);
+		assertEquals(1, keys.size());
+		assertEquals(keyDsaThree, keys.get(0).getRawData());
+
+		keys = kmgr.getKeys("UserFour");
+		assertNotNull(keys);
+		assertEquals(0, keys.size());
+	}
+
+
+	@Test
+	public void testGetKeysPrefixed() throws LDAPException {
+		// This test is independent from authentication mode, so run only once.
+		assumeTrue(authMode == AuthMode.ANONYMOUS);
+
+		String keyRsaOne = getRsaPubKey("UserOne@example.com");
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", keyRsaOne));
+
+		String keyRsaTwo = getRsaPubKey("UserTwo@example.com");
+		String keyDsaTwo = getDsaPubKey("UserTwo@example.com");
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "altSecurityIdentities", keyRsaTwo));
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "altSecurityIdentities", "SSHKey: " + keyDsaTwo));
+
+		String keyRsaThree = getRsaPubKey("UserThree@example.com");
+		String keyDsaThree = getDsaPubKey("UserThree@example.com");
+		String keyEcThree =  getEcPubKey("UserThree@example.com");
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", " SshKey :\r\n" + keyRsaThree));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", "	sshkey: " + keyDsaThree));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", "ECDSAKey	:\n " + keyEcThree));
+
+
+		LdapKeyManager kmgr = new LdapKeyManager(settings);
+
+		settings.put(Keys.realm.ldap.sshPublicKey, "altSecurityIdentities");
+
+		List<SshKey> keys = kmgr.getKeys("UserOne");
+		assertNotNull(keys);
+		assertEquals(0, keys.size());
+
+		keys = kmgr.getKeys("UserTwo");
+		assertNotNull(keys);
+		assertEquals(1, keys.size());
+		assertEquals(keyRsaTwo, keys.get(0).getRawData());
+
+		keys = kmgr.getKeys("UserThree");
+		assertNotNull(keys);
+		assertEquals(0, keys.size());
+
+		keys = kmgr.getKeys("UserFour");
+		assertNotNull(keys);
+		assertEquals(0, keys.size());
+
+
+
+		settings.put(Keys.realm.ldap.sshPublicKey, "altSecurityIdentities:SSHKey");
+
+		keys = kmgr.getKeys("UserOne");
+		assertNotNull(keys);
+		assertEquals(0, keys.size());
+
+		keys = kmgr.getKeys("UserTwo");
+		assertNotNull(keys);
+		assertEquals(1, keys.size());
+		assertEquals(keyDsaTwo, keys.get(0).getRawData());
+
+		keys = kmgr.getKeys("UserThree");
+		assertNotNull(keys);
+		assertEquals(2, keys.size());
+		assertEquals(keyRsaThree, keys.get(0).getRawData());
+		assertEquals(keyDsaThree, keys.get(1).getRawData());
+
+		keys = kmgr.getKeys("UserFour");
+		assertNotNull(keys);
+		assertEquals(0, keys.size());
+
+
+
+		settings.put(Keys.realm.ldap.sshPublicKey, "altSecurityIdentities:ECDSAKey");
+
+		keys = kmgr.getKeys("UserOne");
+		assertNotNull(keys);
+		assertEquals(0, keys.size());
+
+		keys = kmgr.getKeys("UserTwo");
+		assertNotNull(keys);
+		assertEquals(0, keys.size());
+
+		keys = kmgr.getKeys("UserThree");
+		assertNotNull(keys);
+		assertEquals(1, keys.size());
+		assertEquals(keyEcThree, keys.get(0).getRawData());
+
+		keys = kmgr.getKeys("UserFour");
+		assertNotNull(keys);
+		assertEquals(0, keys.size());
+	}
+
+
+	@Test
+	public void testGetKeysPermissions() throws LDAPException {
+		// This test is independent from authentication mode, so run only once.
+		assumeTrue(authMode == AuthMode.ANONYMOUS);
+
+		String keyRsaOne = getRsaPubKey("UserOne@example.com");
+		String keyRsaTwo = getRsaPubKey("");
+		String keyDsaTwo = getDsaPubKey("UserTwo at example.com");
+		String keyRsaThree = getRsaPubKey("UserThree@example.com");
+		String keyDsaThree = getDsaPubKey("READ key for user 'Three' @example.com");
+		String keyEcThree =  getEcPubKey("UserThree@example.com");
+
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", keyRsaOne));
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", "  	 " + keyRsaTwo));
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", "no-agent-forwarding " + keyDsaTwo));
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", " command=\"sh /etc/netstart tun0 \" " + keyRsaThree));
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", " command=\"netstat -nult\",environment=\"gb=\\\"What now\\\"\" " + keyDsaThree));
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "sshPublicKey", "environment=\"SSH=git\",command=\"netstat -nult\",environment=\"gbPerms=VIEW\" " + keyEcThree));
+
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", "environment=\"gbPerm=R\" " + keyRsaOne));
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", " restrict,environment=\"gbperm=V\" 	 " + keyRsaTwo));
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", "restrict,environment=\"GBPerm=RW\",pty " + keyDsaTwo));
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", " environment=\"gbPerm=CLONE\",environment=\"X=\\\" Y \\\"\" " + keyRsaThree));
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", " environment=\"A = B \",from=\"*.example.com,!pc.example.com\",environment=\"gbPerm=VIEW\" " + keyDsaThree));
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", "environment=\"SSH=git\",environment=\"gbPerm=PUSH\",environment=\"XYZ='Ali Baba'\" " + keyEcThree));
+
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", "environment=\"gbPerm=R\",environment=\"josh=\\\"mean\\\"\",tunnel=\"0\" " + keyRsaOne));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", " environment=\" gbPerm = V \" 	 " + keyRsaTwo));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", "command=\"sh echo \\\"Nope, not you!\\\" \",user-rc,environment=\"gbPerm=RW\" " + keyDsaTwo));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", "environment=\"gbPerm=VIEW\",command=\"sh /etc/netstart tun0 \",environment=\"gbPerm=CLONE\",no-pty " + keyRsaThree));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", "	command=\"netstat -nult\",environment=\"gbPerm=VIEW\" " + keyDsaThree));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "sshPublicKey", "environment=\"SSH=git\",command=\"netstat -nult\",environment=\"gbPerm=PUSH\" " + keyEcThree));
+
+
+		LdapKeyManager kmgr = new LdapKeyManager(settings);
+
+		List<SshKey> keys = kmgr.getKeys("UserOne");
+		assertNotNull(keys);
+		assertEquals(6, keys.size());
+		for (SshKey key : keys) {
+			assertEquals(AccessPermission.PUSH, key.getPermission());
+		}
+
+		keys = kmgr.getKeys("UserTwo");
+		assertNotNull(keys);
+		assertEquals(6, keys.size());
+		int seen = 0;
+		for (SshKey key : keys) {
+			if (keyRsaOne.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 0;
+			}
+			else if (keyRsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 1;
+			}
+			else if (keyDsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 2;
+			}
+			else if (keyRsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 3;
+			}
+			else if (keyDsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 4;
+			}
+			else if (keyEcThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 5;
+			}
+		}
+		assertEquals(63, seen);
+
+		keys = kmgr.getKeys("UserThree");
+		assertNotNull(keys);
+		assertEquals(6, keys.size());
+		seen = 0;
+		for (SshKey key : keys) {
+			if (keyRsaOne.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 0;
+			}
+			else if (keyRsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 1;
+			}
+			else if (keyDsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 2;
+			}
+			else if (keyRsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 3;
+			}
+			else if (keyDsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 4;
+			}
+			else if (keyEcThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 5;
+			}
+		}
+		assertEquals(63, seen);
+	}
+
+
+	@Test
+	public void testGetKeysPrefixedPermissions() throws LDAPException {
+		// This test is independent from authentication mode, so run only once.
+		assumeTrue(authMode == AuthMode.ANONYMOUS);
+
+		String keyRsaOne = getRsaPubKey("UserOne@example.com");
+		String keyRsaTwo = getRsaPubKey("UserTwo at example.com");
+		String keyDsaTwo = getDsaPubKey("UserTwo@example.com");
+		String keyRsaThree = getRsaPubKey("example.com: user Three");
+		String keyDsaThree = getDsaPubKey("");
+		String keyEcThree =  getEcPubKey("  ");
+
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "altSecurityIdentities",          "permitopen=\"host:220\"" + keyRsaOne));
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "altSecurityIdentities", "sshkey:" + "  	 " + keyRsaTwo));
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "altSecurityIdentities", "SSHKEY :" + "no-agent-forwarding " + keyDsaTwo));
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "altSecurityIdentities", "pubkey: " + " command=\"sh /etc/netstart tun0 \" " + keyRsaThree));
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "altSecurityIdentities", "pubkey: " + " command=\"netstat -nult\",environment=\"gb=\\\"What now\\\"\" " + keyDsaThree));
+		getDS().modify(DN_USER_ONE, new Modification(ModificationType.ADD, "altSecurityIdentities", "pubkey: " + "environment=\"SSH=git\",command=\"netstat -nult\",environment=\"gbPerms=VIEW\" " + keyEcThree));
+
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "altSecurityIdentities", "SSHkey: " + "environment=\"gbPerm=R\" " + keyRsaOne));
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "altSecurityIdentities", "SSHKey : " + " restrict,environment=\"gbPerm=V\",permitopen=\"sshkey: 220\" " + keyRsaTwo));
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "altSecurityIdentities", "SSHkey: " + "permitopen=\"sshkey: 443\",restrict,environment=\"gbPerm=RW\",pty " + keyDsaTwo));
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "altSecurityIdentities", "pubkey: " + "environment=\"gbPerm=CLONE\",permitopen=\"pubkey: 29184\",environment=\"X=\\\" Y \\\"\" " + keyRsaThree));
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "altSecurityIdentities", "pubkey: " + " environment=\"A = B \",from=\"*.example.com,!pc.example.com\",environment=\"gbPerm=VIEW\" " + keyDsaThree));
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "altSecurityIdentities", "pubkey: " + "environment=\"SSH=git\",environment=\"gbPerm=PUSH\",environemnt=\"XYZ='Ali Baba'\" " + keyEcThree));
+
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", "SSHkey: " + "environment=\"gbPerm=R\",environment=\"josh=\\\"mean\\\"\",tunnel=\"0\" " + keyRsaOne));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", "SSHkey : " + " environment=\" gbPerm = V \" 	 " + keyRsaTwo));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", "SSHkey: " + "command=\"sh echo \\\"Nope, not you! \\b (bell)\\\" \",user-rc,environment=\"gbPerm=RW\" " + keyDsaTwo));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", "pubkey: " + "environment=\"gbPerm=VIEW\",command=\"sh /etc/netstart tun0 \",environment=\"gbPerm=CLONE\",no-pty " + keyRsaThree));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", "pubkey: " + "	command=\"netstat -nult\",environment=\"gbPerm=VIEW\" " + keyDsaThree));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", "pubkey: " + "environment=\"SSH=git\",command=\"netstat -nult\",environment=\"gbPerm=PUSH\" " + keyEcThree));
+
+		// Weird stuff, not to specification but shouldn't make it stumble.
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", "opttest: " + "permitopen=host:443,command=,environment=\"gbPerm=CLONE\",no-pty= " + keyRsaThree));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", " opttest: " + "	cmd=git,environment=\"gbPerm=\\\"VIEW\\\"\" " + keyDsaThree));
+		getDS().modify(DN_USER_THREE, new Modification(ModificationType.ADD, "altSecurityIdentities", "	opttest:" + "environment=,command=netstat,environment=gbperm=push " + keyEcThree));
+
+
+		LdapKeyManager kmgr = new LdapKeyManager(settings);
+
+		settings.put(Keys.realm.ldap.sshPublicKey, "altSecurityIdentities:SSHkey");
+
+		List<SshKey> keys = kmgr.getKeys("UserOne");
+		assertNotNull(keys);
+		assertEquals(2, keys.size());
+		int seen = 0;
+		for (SshKey key : keys) {
+			assertEquals(AccessPermission.PUSH, key.getPermission());
+			if (keyRsaOne.equals(key.getRawData())) {
+				seen += 1 << 0;
+			}
+			else if (keyRsaTwo.equals(key.getRawData())) {
+				seen += 1 << 1;
+			}
+			else if (keyDsaTwo.equals(key.getRawData())) {
+				seen += 1 << 2;
+			}
+			else if (keyRsaThree.equals(key.getRawData())) {
+				seen += 1 << 3;
+			}
+			else if (keyDsaThree.equals(key.getRawData())) {
+				seen += 1 << 4;
+			}
+			else if (keyEcThree.equals(key.getRawData())) {
+				seen += 1 << 5;
+			}
+		}
+		assertEquals(6, seen);
+
+		keys = kmgr.getKeys("UserTwo");
+		assertNotNull(keys);
+		assertEquals(3, keys.size());
+		seen = 0;
+		for (SshKey key : keys) {
+			if (keyRsaOne.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 0;
+			}
+			else if (keyRsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 1;
+			}
+			else if (keyDsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 2;
+			}
+			else if (keyRsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 3;
+			}
+			else if (keyDsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 4;
+			}
+			else if (keyEcThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 5;
+			}
+		}
+		assertEquals(7, seen);
+
+		keys = kmgr.getKeys("UserThree");
+		assertNotNull(keys);
+		assertEquals(3, keys.size());
+		seen = 0;
+		for (SshKey key : keys) {
+			if (keyRsaOne.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 0;
+			}
+			else if (keyRsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 1;
+			}
+			else if (keyDsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 2;
+			}
+			else if (keyRsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 3;
+			}
+			else if (keyDsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 4;
+			}
+			else if (keyEcThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 5;
+			}
+		}
+		assertEquals(7, seen);
+
+
+
+		settings.put(Keys.realm.ldap.sshPublicKey, "altSecurityIdentities:pubKey");
+
+		keys = kmgr.getKeys("UserOne");
+		assertNotNull(keys);
+		assertEquals(3, keys.size());
+		seen = 0;
+		for (SshKey key : keys) {
+			assertEquals(AccessPermission.PUSH, key.getPermission());
+			if (keyRsaOne.equals(key.getRawData())) {
+				seen += 1 << 0;
+			}
+			else if (keyRsaTwo.equals(key.getRawData())) {
+				seen += 1 << 1;
+			}
+			else if (keyDsaTwo.equals(key.getRawData())) {
+				seen += 1 << 2;
+			}
+			else if (keyRsaThree.equals(key.getRawData())) {
+				seen += 1 << 3;
+			}
+			else if (keyDsaThree.equals(key.getRawData())) {
+				seen += 1 << 4;
+			}
+			else if (keyEcThree.equals(key.getRawData())) {
+				seen += 1 << 5;
+			}
+		}
+		assertEquals(56, seen);
+
+		keys = kmgr.getKeys("UserTwo");
+		assertNotNull(keys);
+		assertEquals(3, keys.size());
+		seen = 0;
+		for (SshKey key : keys) {
+			if (keyRsaOne.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 0;
+			}
+			else if (keyRsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 1;
+			}
+			else if (keyDsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 2;
+			}
+			else if (keyRsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 3;
+			}
+			else if (keyDsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 4;
+			}
+			else if (keyEcThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 5;
+			}
+		}
+		assertEquals(56, seen);
+
+		keys = kmgr.getKeys("UserThree");
+		assertNotNull(keys);
+		assertEquals(3, keys.size());
+		seen = 0;
+		for (SshKey key : keys) {
+			if (keyRsaOne.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 0;
+			}
+			else if (keyRsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 1;
+			}
+			else if (keyDsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 2;
+			}
+			else if (keyRsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 3;
+			}
+			else if (keyDsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 4;
+			}
+			else if (keyEcThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 5;
+			}
+		}
+		assertEquals(56, seen);
+
+
+		settings.put(Keys.realm.ldap.sshPublicKey, "altSecurityIdentities:opttest");
+		keys = kmgr.getKeys("UserThree");
+		assertNotNull(keys);
+		assertEquals(3, keys.size());
+		seen = 0;
+		for (SshKey key : keys) {
+			if (keyRsaOne.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 0;
+			}
+			else if (keyRsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 1;
+			}
+			else if (keyDsaTwo.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 2;
+			}
+			else if (keyRsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.CLONE, key.getPermission());
+				seen += 1 << 3;
+			}
+			else if (keyDsaThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.VIEW, key.getPermission());
+				seen += 1 << 4;
+			}
+			else if (keyEcThree.equals(key.getRawData())) {
+				assertEquals(AccessPermission.PUSH, key.getPermission());
+				seen += 1 << 5;
+			}
+		}
+		assertEquals(56, seen);
+
+	}
+
+
+	@Test
+	public void testKeyValidity() throws LDAPException, GeneralSecurityException {
+		LdapKeyManager kmgr = new LdapKeyManager(settings);
+
+		String comment = "UserTwo@example.com";
+		String keyDsaTwo = getDsaPubKey(comment);
+		getDS().modify(DN_USER_TWO, new Modification(ModificationType.ADD, "sshPublicKey", keyDsaTwo));
+
+
+		List<SshKey> keys = kmgr.getKeys("UserTwo");
+		assertNotNull(keys);
+		assertEquals(1, keys.size());
+		SshKey sshKey = keys.get(0);
+		assertEquals(keyDsaTwo, sshKey.getRawData());
+
+		Signature signature = SecurityUtils.getSignature("DSA");
+		signature.initSign(getDsaKeyPair(comment).getPrivate());
+		byte[] message = comment.getBytes();
+		signature.update(message);
+		byte[] sigBytes = signature.sign();
+
+		signature.initVerify(sshKey.getPublicKey());
+		signature.update(message);
+		assertTrue("Verify failed with retrieved SSH key.", signature.verify(sigBytes));
+	}
+
+
+
+
+
+
+
+
+	private KeyPair getDsaKeyPair(String comment) {
+		return getKeyPair("DSA", comment, dsaGenerator);
+	}
+
+	private KeyPair getKeyPair(String type, String comment, KeyPairGenerator generator) {
+		String kpkey = type + ":" + comment;
+		KeyPair kp = keyPairs.get(kpkey);
+		if (kp == null) {
+			if ("EC".equals(type)) {
+				ECGenParameterSpec ecSpec = new ECGenParameterSpec("P-384");
+				try {
+					ecGenerator.initialize(ecSpec);
+				} catch (InvalidAlgorithmParameterException e) {
+					kp = generator.generateKeyPair();
+					e.printStackTrace();
+				}
+				kp = ecGenerator.generateKeyPair();
+			} else {
+				kp = generator.generateKeyPair();
+			}
+			keyPairs.put(kpkey, kp);
+		}
+
+		return kp;
+	}
+
+
+	private String getRsaPubKey(String comment) {
+		return getPubKey("RSA", comment, rsaGenerator);
+	}
+
+	private String getDsaPubKey(String comment) {
+		return getPubKey("DSA", comment, dsaGenerator);
+	}
+
+	private String getEcPubKey(String comment) {
+		return getPubKey("EC", comment, ecGenerator);
+	}
+
+	private String getPubKey(String type, String comment, KeyPairGenerator generator) {
+		KeyPair kp = getKeyPair(type, comment, generator);
+		if (kp == null) {
+			return null;
+		}
+
+		SshKey sk = new SshKey(kp.getPublic());
+		sk.setComment(comment);
+		return sk.getRawData();
+	}
+
+}
diff --git a/src/test/java/com/gitblit/tests/MarkdownUtilsTest.java b/src/test/java/com/gitblit/tests/MarkdownUtilsTest.java
index e40f1057a..bc7aad49a 100644
--- a/src/test/java/com/gitblit/tests/MarkdownUtilsTest.java
+++ b/src/test/java/com/gitblit/tests/MarkdownUtilsTest.java
@@ -15,8 +15,14 @@
  */
 package com.gitblit.tests;
 
+import java.util.HashMap;
+import java.util.Map;
+
 import org.junit.Test;
 
+import com.gitblit.IStoredSettings;
+import com.gitblit.Keys;
+import com.gitblit.tests.mock.MemorySettings;
 import com.gitblit.utils.MarkdownUtils;
 
 public class MarkdownUtilsTest extends GitblitUnitTest {
@@ -39,4 +45,70 @@ public void testMarkdown() throws Exception {
 		assertEquals("<table><tr><td>&lt;test&gt;</td></tr></table>",
 				MarkdownUtils.transformMarkdown("<table><tr><td>&lt;test&gt;</td></tr></table>"));
 	}
-}
\ No newline at end of file
+
+
+	@Test
+	public void testUserMentions() {
+		IStoredSettings settings = getSettings();
+		String repositoryName = "test3";
+		String mentionHtml = "<strong><a href=\"http://localhost/user/%1$s\">@%1$s</a></strong>";
+
+		String input = "@j.doe";
+		String output = "<p>" + String.format(mentionHtml, "j.doe") + "</p>";
+		assertEquals(output, MarkdownUtils.transformGFM(settings, input, repositoryName));
+
+		input = " @j.doe";
+		output = "<p>" + String.format(mentionHtml, "j.doe") + "</p>";
+		assertEquals(output, MarkdownUtils.transformGFM(settings, input, repositoryName));
+
+		input = "@j.doe.";
+		output = "<p>" + String.format(mentionHtml, "j.doe") + ".</p>";
+		assertEquals(output, MarkdownUtils.transformGFM(settings, input, repositoryName));
+
+		input = "To @j.doe: ask @jim.beam!";
+		output = "<p>To " + String.format(mentionHtml, "j.doe")
+				+ ": ask " + String.format(mentionHtml, "jim.beam") + "!</p>";
+		assertEquals(output, MarkdownUtils.transformGFM(settings, input, repositoryName));
+
+		input =   "@sta.rt\n"
+				+ "\n"
+				+ "User mentions in tickets are broken.\n"
+				+ "So:\n"
+				+ "@mc_guyver can fix this.\n"
+				+ "@j.doe, can you test after the fix by @m+guyver?\n"
+				+ "Please review this, @jim.beam!\n"
+				+ "Was reported by @jill and @j!doe from jane@doe yesterday.\n"
+				+ "\n"
+				+ "@jack.daniels can vote for john@wayne.name hopefully.\n"
+				+ "@en.de";
+		output =  "<p>"	+ String.format(mentionHtml, "sta.rt") + "</p>"
+				+ "<p>"	+ "User mentions in tickets are broken.<br/>"
+				+ "So:<br/>"
+				+ String.format(mentionHtml, "mc_guyver") + " can fix this.<br/>"
+				+ String.format(mentionHtml, "j.doe") + ", can you test after the fix by " + String.format(mentionHtml, "m+guyver") + "?<br/>"
+				+ "Please review this, " + String.format(mentionHtml, "jim.beam") + "!<br/>"
+				+ "Was reported by " + String.format(mentionHtml, "jill")
+				+ " and " + String.format(mentionHtml, "j!doe")
+				+ " from <a href=\"mailto:&#106;a&#110;&#x65;&#x40;&#x64;&#x6f;&#101;\">&#106;a&#110;&#x65;&#x40;&#x64;&#x6f;&#101;</a> yesterday." 
+				+ "</p>"
+				+ "<p>" + String.format(mentionHtml, "jack.daniels") + " can vote for "
+				+ "<a href=\"mailto:&#x6a;&#x6f;h&#110;&#x40;&#119;a&#121;&#110;&#101;.&#110;a&#x6d;&#101;\">&#x6a;&#x6f;h&#110;&#x40;&#119;a&#121;&#110;&#101;.&#110;a&#x6d;&#101;</a> hopefully.<br/>"
+				+ String.format(mentionHtml, "en.de")
+				+ "</p>";
+		assertEquals(output, MarkdownUtils.transformGFM(settings, input, repositoryName));
+
+	}
+
+
+
+
+	private MemorySettings getSettings() {
+		Map<String, Object> backingMap = new HashMap<String, Object>();
+
+		backingMap.put(Keys.web.canonicalUrl, "http://localhost");
+		backingMap.put(Keys.web.shortCommitIdLength, "7");
+
+		MemorySettings ms = new MemorySettings(backingMap);
+		return ms;
+	}
+}
diff --git a/src/test/java/com/gitblit/tests/RedisTicketServiceTest.java b/src/test/java/com/gitblit/tests/RedisTicketServiceTest.java
index 48011ade2..5f3cb94fc 100644
--- a/src/test/java/com/gitblit/tests/RedisTicketServiceTest.java
+++ b/src/test/java/com/gitblit/tests/RedisTicketServiceTest.java
@@ -66,7 +66,7 @@ protected ITicketService getService(boolean deleteAll) throws Exception {
 		IUserManager userManager = new UserManager(runtimeManager, pluginManager).start();
 		IRepositoryManager repositoryManager = new RepositoryManager(runtimeManager, pluginManager, userManager).start();
 
-		RedisTicketService service = new RedisTicketService(
+		RedisTicketService service = (RedisTicketService) new RedisTicketService(
 				runtimeManager,
 				pluginManager,
 				notificationManager,
diff --git a/src/test/java/com/gitblit/tests/SshKeysDispatcherTest.java b/src/test/java/com/gitblit/tests/SshKeysDispatcherTest.java
index 23e617952..4784e4685 100644
--- a/src/test/java/com/gitblit/tests/SshKeysDispatcherTest.java
+++ b/src/test/java/com/gitblit/tests/SshKeysDispatcherTest.java
@@ -37,7 +37,7 @@ public void testKeysListCommand() throws Exception {
 		String result = testSshCommand("keys ls -L");
 		List<SshKey> keys = getKeyManager().getKeys(username);
 		assertEquals(String.format("There are %d keys!", keys.size()), 2, keys.size());
-		assertEquals(keys.get(0).getRawData() + "\n" + keys.get(1).getRawData(), result);
+		assertEquals(String.format("%s%n%s", keys.get(0).getRawData(), keys.get(1).getRawData()), result);
 	}
 
 	@Test
@@ -64,9 +64,9 @@ public void testKeysRmAllByIndexCommand() throws Exception {
 		assertEquals(String.format("There are %d keys!", keys.size()), 0, keys.size());
 		try {
 			testSshCommand("keys ls -L");
-			assertTrue("Authentication worked without a public key?!", false);
+			fail("Authentication worked without a public key?!");
 		} catch (AssertionError e) {
-			assertTrue(true);
+			// expected
 		}
 	}
 
@@ -77,9 +77,9 @@ public void testKeysRmAllCommand() throws Exception {
 		assertEquals(String.format("There are %d keys!", keys.size()), 0, keys.size());
 		try {
 			testSshCommand("keys ls -L");
-			assertTrue("Authentication worked without a public key?!", false);
+			fail("Authentication worked without a public key?!");
 		} catch (AssertionError e) {
-			assertTrue(true);
+			// expected
 		}
 	}
 
@@ -96,9 +96,9 @@ public void testKeysAddCommand() throws Exception {
 		StringBuilder sb = new StringBuilder();
 		for (SshKey sk : keys) {
 			sb.append(sk.getRawData());
-			sb.append('\n');
+			sb.append(System.getProperty("line.separator", "\n"));
 		}
-		sb.setLength(sb.length() - 1);
+		sb.setLength(sb.length() - System.getProperty("line.separator", "\n").length());
 		assertEquals(sb.toString(), result);
 	}
 
diff --git a/src/test/java/com/gitblit/tests/UITicketTest.java b/src/test/java/com/gitblit/tests/UITicketTest.java
index 54aa1e1e7..e89c32fcf 100644
--- a/src/test/java/com/gitblit/tests/UITicketTest.java
+++ b/src/test/java/com/gitblit/tests/UITicketTest.java
@@ -83,7 +83,7 @@ protected ITicketService getService(boolean deleteAll) throws Exception {
 		IUserManager userManager = new UserManager(runtimeManager, pluginManager).start();
 		IRepositoryManager repositoryManager = new RepositoryManager(runtimeManager, pluginManager, userManager).start();
 
-		BranchTicketService service = new BranchTicketService(
+		BranchTicketService service = (BranchTicketService) new BranchTicketService(
 				runtimeManager,
 				pluginManager,
 				notificationManager,
diff --git a/src/test/java/com/gitblit/utils/LuceneIndexStoreTest.java b/src/test/java/com/gitblit/utils/LuceneIndexStoreTest.java
new file mode 100644
index 000000000..4d66c5dc7
--- /dev/null
+++ b/src/test/java/com/gitblit/utils/LuceneIndexStoreTest.java
@@ -0,0 +1,245 @@
+/*
+ * Copyright 2017 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.gitblit.utils;
+
+import static org.junit.Assert.*;
+
+import java.io.File;
+import java.io.IOException;
+import java.nio.file.Path;
+
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TemporaryFolder;
+
+
+/**
+ * @author Florian Zschocke
+ *
+ */
+public class LuceneIndexStoreTest
+{
+
+	private final int LUCENE_VERSION = LuceneIndexStore.LUCENE_CODEC_VERSION;
+
+	@Rule
+	public TemporaryFolder baseFolder = new TemporaryFolder();
+
+	private String getIndexDir(int version)
+	{
+		return version + "_" + LUCENE_VERSION;
+	}
+
+
+
+	@Test
+	public void testCreate()
+	{
+		int version = 0;
+		File luceneFolder = new File(baseFolder.getRoot(), "tickets/lucene");
+		assertFalse("Precondition failure: directory exists already", luceneFolder.exists());
+
+		LuceneIndexStore li = new LuceneIndexStore(luceneFolder, version);
+		li.create();
+
+		File luceneDir = new File(luceneFolder, getIndexDir(version));
+		assertTrue(luceneDir.exists());
+	}
+
+	@Test
+	public void testCreateIndexDir()
+	{
+		int version = 111222;
+		File luceneFolder = null;
+		try {
+			luceneFolder = baseFolder.newFolder("tickets", "lucene");
+		}
+		catch (IOException e) {
+			fail("Failed in setup of folder: " + e);
+		}
+		assertTrue("Precondition failure: directory does not exist", luceneFolder.exists());
+
+		LuceneIndexStore li = new LuceneIndexStore(luceneFolder, version);
+		li.create();
+
+		File luceneDir = new File(luceneFolder, getIndexDir(version));
+		assertTrue(luceneDir.exists());
+		assertTrue(luceneDir.isDirectory());
+
+		// Make sure nothing else was created.
+		assertEquals(0, luceneDir.list().length);
+		assertEquals(1, luceneDir.getParentFile().list().length);
+		assertEquals(1, luceneDir.getParentFile().getParentFile().list().length);
+	}
+
+	@Test
+	public void testCreateIfNecessary()
+	{
+		int version = 1;
+		File luceneFolder = new File(baseFolder.getRoot(), "tickets/lucene");
+		File luceneDir = null;
+		try {
+			luceneDir = baseFolder.newFolder("tickets", "lucene", getIndexDir(version));
+		}
+		catch (IOException e) {
+			fail("Failed in setup of folder: " + e);
+		}
+		assertTrue("Precondition failure: directory does not exist", luceneDir.exists());
+
+		LuceneIndexStore li = new LuceneIndexStore(luceneFolder, version);
+		li.create();
+
+		assertTrue(luceneDir.exists());
+		assertTrue(luceneDir.isDirectory());
+
+		// Make sure nothing else was created.
+		assertEquals(0, luceneDir.list().length);
+		assertEquals(1, luceneDir.getParentFile().list().length);
+		assertEquals(1, luceneDir.getParentFile().getParentFile().list().length);
+	}
+
+	@Test
+	public void testDelete()
+	{
+		int version = 111222333;
+		File luceneFolder = new File(baseFolder.getRoot(), "repo1/lucene");
+		File luceneDir = null;
+		try {
+			luceneDir = baseFolder.newFolder("repo1", "lucene", getIndexDir(version));
+		}
+		catch (IOException e) {
+			fail("Failed in setup of folder: " + e);
+		}
+		assertTrue("Precondition failure: index directory does not exist", luceneDir.exists());
+
+		LuceneIndexStore li = new LuceneIndexStore(luceneFolder, version);
+		assertTrue(li.delete());
+
+		assertFalse(luceneDir.exists());
+		assertTrue(luceneFolder.exists());
+	}
+
+	@Test
+	public void testDeleteNotExist()
+	{
+		int version = 0;
+
+		File luceneFolder = null;
+		try {
+			luceneFolder = baseFolder.newFolder("repo1", "lucene");
+		}
+		catch (IOException e) {
+			fail("Failed in setup of folder: " + e);
+		}
+		File luceneDir = new File(luceneFolder, getIndexDir(version));
+		assertFalse("Precondition failure: index directory exists already", luceneDir.exists());
+
+		LuceneIndexStore li = new LuceneIndexStore(luceneFolder, version);
+		assertTrue(li.delete());
+
+		assertFalse(luceneDir.exists());
+		assertTrue(luceneFolder.exists());
+	}
+
+	@Test
+	public void testDeleteWithFiles()
+	{
+		int version = 111222333;
+
+		File luceneFolder = new File(baseFolder.getRoot(), "tickets/lucene");
+		File luceneDir = null;
+
+		File otherDir = new File(baseFolder.getRoot(), "tickets/lucene/" + version + "_10");
+		File dbFile = null;
+		try {
+			luceneDir = baseFolder.newFolder("tickets", "lucene", getIndexDir(version));
+			File file = new File(luceneDir, "_file1");
+			file.createNewFile();
+			file = new File(luceneDir, "_file2.db");
+			file.createNewFile();
+			file = new File(luceneDir, "conf.conf");
+			file.createNewFile();
+
+			otherDir.mkdirs();
+			dbFile = new File(otherDir, "_file2.db");
+			dbFile.createNewFile();
+			file = new File(otherDir, "conf.conf");
+			file.createNewFile();
+		}
+		catch (IOException e) {
+			fail("Failed in setup of folder: " + e);
+		}
+		assertTrue("Precondition failure: index directory does not exist", luceneDir.exists());
+		assertTrue("Precondition failure: other index directory does not exist", otherDir.exists());
+
+		LuceneIndexStore li = new LuceneIndexStore(luceneFolder, version);
+		li.delete();
+
+		assertFalse(luceneDir.exists());
+		assertTrue(luceneFolder.exists());
+		assertTrue(otherDir.exists());
+		assertTrue(dbFile.exists());
+	}
+
+
+
+
+	@Test
+	public void testGetPath() throws IOException
+	{
+		int version = 2;
+		File luceneFolder = baseFolder.newFolder("tickets", "lucene");
+		LuceneIndexStore li = new LuceneIndexStore(luceneFolder, version);
+		Path dir = li.getPath();
+		File luceneDir = new File(luceneFolder, getIndexDir(version));
+		assertEquals(luceneDir.toPath(), dir);
+	}
+
+
+
+	@Test
+	public void testHasIndex() throws IOException
+	{
+		int version = 0;
+		File luceneFolder = new File(baseFolder.getRoot(), "ticktock/lucene");
+
+		LuceneIndexStore li = new LuceneIndexStore(luceneFolder, version);
+		assertFalse(li.hasIndex());
+
+		baseFolder.newFolder("ticktock");
+		li = new LuceneIndexStore(luceneFolder, version);
+		assertFalse(li.hasIndex());
+
+		baseFolder.newFolder("ticktock", "lucene");
+		li = new LuceneIndexStore(luceneFolder, version);
+		assertFalse(li.hasIndex());
+
+		File luceneDir = baseFolder.newFolder("ticktock", "lucene", getIndexDir(version));
+		li = new LuceneIndexStore(luceneFolder, version);
+		assertFalse(li.hasIndex());
+
+		new File(luceneDir, "write.lock").createNewFile();
+		li = new LuceneIndexStore(luceneFolder, version);
+		assertFalse(li.hasIndex());
+
+		new File(luceneDir, "segments_1").createNewFile();
+		li = new LuceneIndexStore(luceneFolder, version);
+		assertTrue(li.hasIndex());
+
+	}
+
+}
diff --git a/src/test/java/com/gitblit/utils/SecureRandomTest.java b/src/test/java/com/gitblit/utils/SecureRandomTest.java
new file mode 100644
index 000000000..c4098c2ff
--- /dev/null
+++ b/src/test/java/com/gitblit/utils/SecureRandomTest.java
@@ -0,0 +1,33 @@
+package com.gitblit.utils;
+
+import static org.junit.Assert.*;
+
+import java.util.Arrays;
+
+import org.junit.Test;
+
+public class SecureRandomTest {
+
+	@Test
+	public void testRandomBytes() {
+		SecureRandom sr = new SecureRandom();
+		byte[] bytes1 = sr.randomBytes(10);
+		assertEquals(10, bytes1.length);
+		byte[] bytes2 = sr.randomBytes(10);
+		assertEquals(10, bytes2.length);
+		assertFalse(Arrays.equals(bytes1, bytes2));
+
+		assertEquals(0, sr.randomBytes(0).length);
+		assertEquals(200, sr.randomBytes(200).length);
+	}
+
+	@Test
+	public void testNextBytes() {
+		SecureRandom sr = new SecureRandom();
+		byte[] bytes1 = new byte[32];
+		sr.nextBytes(bytes1);
+		byte[] bytes2 = new byte[32];
+		sr.nextBytes(bytes2);
+		assertFalse(Arrays.equals(bytes1, bytes2));
+	}
+}
diff --git a/src/test/resources/ldap/users.conf b/src/test/resources/ldap/users.conf
index 7d1e31979..a2390fa96 100644
--- a/src/test/resources/ldap/users.conf
+++ b/src/test/resources/ldap/users.conf
@@ -10,7 +10,7 @@
 	displayName = Mrs. User Three
 	emailAddress = userthree@gitblit.com
 	accountType = LDAP
-	role = "#admin"
+	role = "#none"
 [user "userfive"]
 	password = "#externalAccount"
 	cookie = 220bafef069b8b399b2597644015b6b0f4667982
@@ -31,7 +31,7 @@
 	displayName = Mr. User Two
 	emailAddress = usertwo@gitblit.com
 	accountType = LDAP
-	role = "#admin"
+	role = "#none"
 [user "basic"]
 	password = MD5:f17aaabc20bfe045075927934fed52d2
 	cookie = dd94709528bb1c83d08f3088d4043f4742891f4f
@@ -63,6 +63,6 @@
 	user = userthree
 	user = userfour
 [team "Git Admins"]
-	role = "#none"
+	role = "#admin"
 	accountType = LOCAL
 	user = usertwo