| | |
|---|
| | | import org.slf4j.Logger;
|
|---|
| | | import org.slf4j.LoggerFactory;
|
|---|
| | |
|
|---|
| | | import com.gitblit.manager.ISessionManager;
|
|---|
| | | import com.gitblit.models.UserModel;
|
|---|
| | | import com.gitblit.utils.DeepCopier;
|
|---|
| | | import com.gitblit.utils.StringUtils;
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | | * The AuthenticationFilter is a servlet filter that preprocesses requests that
|
|---|
| | | * match its url pattern definition in the web.xml file.
|
|---|
| | | * |
|---|
| | | *
|
|---|
| | | * http://en.wikipedia.org/wiki/Basic_access_authentication
|
|---|
| | | * |
|---|
| | | *
|
|---|
| | | * @author James Moger
|
|---|
| | | * |
|---|
| | | *
|
|---|
| | | */
|
|---|
| | | public abstract class AuthenticationFilter implements Filter {
|
|---|
| | |
|
|---|
| | |
|---|
| | |
|
|---|
| | | protected transient Logger logger = LoggerFactory.getLogger(getClass());
|
|---|
| | |
|
|---|
| | | protected final ISessionManager sessionManager;
|
|---|
| | |
|
|---|
| | | protected AuthenticationFilter(ISessionManager sessionManager) {
|
|---|
| | | this.sessionManager = sessionManager;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | | * doFilter does the actual work of preprocessing the request to ensure that
|
|---|
| | | * the user may proceed.
|
|---|
| | | * |
|---|
| | | *
|
|---|
| | | * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest,
|
|---|
| | | * javax.servlet.ServletResponse, javax.servlet.FilterChain)
|
|---|
| | | */
|
|---|
| | | @Override
|
|---|
| | | public abstract void doFilter(final ServletRequest request, final ServletResponse response,
|
|---|
| | | final FilterChain chain) throws IOException, ServletException;
|
|---|
| | | |
|---|
| | |
|
|---|
| | | /**
|
|---|
| | | * Allow the filter to require a client certificate to continue processing.
|
|---|
| | | * |
|---|
| | | *
|
|---|
| | | * @return true, if a client certificate is required
|
|---|
| | | */
|
|---|
| | | protected boolean requiresClientCertificate() {
|
|---|
| | |
|---|
| | |
|
|---|
| | | /**
|
|---|
| | | * Returns the full relative url of the request.
|
|---|
| | | * |
|---|
| | | *
|
|---|
| | | * @param httpRequest
|
|---|
| | | * @return url
|
|---|
| | | */
|
|---|
| | |
|---|
| | |
|
|---|
| | | /**
|
|---|
| | | * Returns the user making the request, if the user has authenticated.
|
|---|
| | | * |
|---|
| | | *
|
|---|
| | | * @param httpRequest
|
|---|
| | | * @return user
|
|---|
| | | */
|
|---|
| | | protected UserModel getUser(HttpServletRequest httpRequest) {
|
|---|
| | | UserModel user = GitBlit.self().authenticate(httpRequest, requiresClientCertificate());
|
|---|
| | | UserModel user = sessionManager.authenticate(httpRequest, requiresClientCertificate());
|
|---|
| | | return user;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | |
|---|
| | |
|
|---|
| | | public AuthenticatedRequest(HttpServletRequest req) {
|
|---|
| | | super(req);
|
|---|
| | | user = new UserModel("anonymous");
|
|---|
| | | user.isAuthenticated = false;
|
|---|
| | | user = DeepCopier.copy(UserModel.ANONYMOUS);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | UserModel getUser() {
|
|---|
