Added enforced HTTP Basic Authentication

Laurens Vrijnsen

2013-03-22 a2ce62e1f360e9cdb2221cfa3b091c02bda857eb

 src/com/gitblit/wicket/AuthorizationStrategy.java

@@ -15,10 +15,16 @@
 */

package com.gitblit.wicket;



import java.io.IOException;



import javax.servlet.http.HttpServletResponse;



import org.apache.wicket.Component;

import org.apache.wicket.RestartResponseException;

import org.apache.wicket.authorization.IUnauthorizedComponentInstantiationListener;

import org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy;

import org.apache.wicket.protocol.http.WebResponse;

import org.apache.wicket.protocol.http.servlet.AbortWithWebErrorCodeException;



import com.gitblit.GitBlit;

import com.gitblit.Keys;

@@ -78,8 +84,17 @@


   @Override

   public void onUnauthorizedInstantiation(Component component) {

		
      if (component instanceof BasePage) {

         throw new RestartResponseException(RepositoriesPage.class);

      }

      /*** DISABLED CODE ***

      if (component instanceof BasePage) {

         HttpServletResponse response = ((WebResponse)component.getResponse()).getHttpServletResponse();

         response.setHeader("WWW-Authenticate", "Basic realm=test");

         throw new AbortWithWebErrorCodeException(HttpServletResponse.SC_UNAUTHORIZED);

			
      } 
      *** END DISABLED ***/

   }

}