| | |
|---|
| | | import javax.servlet.http.Cookie;
|
|---|
| | | import javax.servlet.http.HttpServletRequest;
|
|---|
| | |
|
|---|
| | | import org.apache.wicket.RequestCycle;
|
|---|
| | | import org.apache.wicket.protocol.http.WebResponse;
|
|---|
| | | import org.apache.wicket.resource.ContextRelativeResource;
|
|---|
| | | import org.apache.wicket.util.resource.ResourceStreamNotFoundException;
|
|---|
| | |
|---|
| | |
|
|---|
| | | import com.gitblit.Constants.AccessPermission;
|
|---|
| | | import com.gitblit.Constants.AccessRestrictionType;
|
|---|
| | | import com.gitblit.Constants.AuthenticationType;
|
|---|
| | | import com.gitblit.Constants.AuthorizationControl;
|
|---|
| | | import com.gitblit.Constants.FederationRequest;
|
|---|
| | | import com.gitblit.Constants.FederationStrategy;
|
|---|
| | |
|---|
| | | import com.gitblit.utils.ObjectCache;
|
|---|
| | | import com.gitblit.utils.StringUtils;
|
|---|
| | | import com.gitblit.utils.TimeUtils;
|
|---|
| | | import com.gitblit.utils.X509Utils.X509Metadata;
|
|---|
| | | import com.gitblit.wicket.GitBlitWebSession;
|
|---|
| | | import com.gitblit.wicket.WicketUtils;
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | |
|---|
| | | if (model != null) {
|
|---|
| | | // grab real user model and preserve certificate serial number
|
|---|
| | | UserModel user = getUserModel(model.username);
|
|---|
| | | logger.info(MessageFormat.format("{0} authenticated by client certificate from {1}",
|
|---|
| | | user.username, httpRequest.getRemoteAddr()));
|
|---|
| | | return user;
|
|---|
| | | if (user != null) {
|
|---|
| | | RequestCycle requestCycle = RequestCycle.get();
|
|---|
| | | if (requestCycle != null) {
|
|---|
| | | // flag the Wicket session, if this is a Wicket request
|
|---|
| | | GitBlitWebSession session = GitBlitWebSession.get();
|
|---|
| | | session.authenticationType = AuthenticationType.CERTIFICATE;
|
|---|
| | | }
|
|---|
| | | X509Metadata metadata = HttpUtils.getCertificateMetadata(httpRequest);
|
|---|
| | | logger.info(MessageFormat.format("{0} authenticated by client certificate {1} from {2}",
|
|---|
| | | user.username, metadata.serialNumber, httpRequest.getRemoteAddr()));
|
|---|
| | | return user;
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | // try to authenticate by cookie
|
|---|
| | |
|---|
| | | if (allowCookieAuthentication() && cookies != null && cookies.length > 0) {
|
|---|
| | | // Grab cookie from Browser Session
|
|---|
| | | UserModel user = authenticate(cookies);
|
|---|
| | | return user;
|
|---|
| | | if (user != null) {
|
|---|
| | | RequestCycle requestCycle = RequestCycle.get();
|
|---|
| | | if (requestCycle != null) {
|
|---|
| | | // flag the Wicket session, if this is a Wicket request
|
|---|
| | | GitBlitWebSession session = GitBlitWebSession.get();
|
|---|
| | | session.authenticationType = AuthenticationType.COOKIE;
|
|---|
| | | }
|
|---|
| | | logger.info(MessageFormat.format("{0} authenticated by cookie from {1}",
|
|---|
| | | user.username, httpRequest.getRemoteAddr()));
|
|---|
| | | return user;
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | | return null;
|
|---|
| | | }
|
|---|
