| | |
|---|
| | | import javax.servlet.ServletRequest;
|
|---|
| | | import javax.servlet.ServletResponse;
|
|---|
| | | import javax.servlet.http.HttpServletRequest;
|
|---|
| | | import javax.servlet.http.HttpServletRequestWrapper;
|
|---|
| | | import javax.servlet.http.HttpServletResponse;
|
|---|
| | | import javax.servlet.http.HttpSession;
|
|---|
| | |
|
|---|
| | |
|---|
| | | import org.slf4j.LoggerFactory;
|
|---|
| | |
|
|---|
| | | import com.gitblit.models.UserModel;
|
|---|
| | | import com.gitblit.utils.DeepCopier;
|
|---|
| | | import com.gitblit.utils.StringUtils;
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | |
|---|
| | | /**
|
|---|
| | | * Taken from Jetty's LoginAuthenticator.renewSessionOnAuthentication()
|
|---|
| | | */
|
|---|
| | | @SuppressWarnings("unchecked")
|
|---|
| | | protected void newSession(HttpServletRequest request, HttpServletResponse response) {
|
|---|
| | | HttpSession oldSession = request.getSession(false);
|
|---|
| | | if (oldSession != null && oldSession.getAttribute(SESSION_SECURED) == null) {
|
|---|
| | |
|---|
| | | /**
|
|---|
| | | * Wraps a standard HttpServletRequest and overrides user principal methods.
|
|---|
| | | */
|
|---|
| | | public static class AuthenticatedRequest extends ServletRequestWrapper {
|
|---|
| | | public static class AuthenticatedRequest extends HttpServletRequestWrapper {
|
|---|
| | |
|
|---|
| | | private UserModel user;
|
|---|
| | |
|
|---|
| | | public AuthenticatedRequest(HttpServletRequest req) {
|
|---|
| | | super(req);
|
|---|
| | | user = new UserModel("anonymous");
|
|---|
| | | user.isAuthenticated = false;
|
|---|
| | | user = DeepCopier.copy(UserModel.ANONYMOUS);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | UserModel getUser() {
|
|---|
