Gitblit devel
parent: de3474a1 | patch | commit | ignore whitespace
James Moger
2013-06-17 9b54923f4ee5411966016f91224e4f4f545f1416 
Option to auto-create accounts based on authenticated container principals (issue-246)
3 files modified
23 ■■■■■ changed files
releases.moxie 3 ●●●●● patch | view | raw | blame | history
src/main/distrib/data/gitblit.properties 7 ●●●●● patch | view | raw | blame | history
src/main/java/com/gitblit/GitBlit.java 13 ●●●●● patch | view | raw | blame | history 
 releases.moxie


@@ -66,6 +66,7 @@


     - Added weblogic.xml to WAR for deployment on WebLogic (issue 199)



     - Support username substitution in web.otherUrls (issue 213)



     - Option to force client-side basic authentication instead of form-based authentication if web.authenticateViewPages=true (issue 222)



     - Setting to automatically create an user account based on an authenticated user principal from the servlet container (issue-246)







    contributors:



    - Bandarupalli Satyanarayana



@@ -86,6 +87,7 @@


    - Matthias Bauer



    - Micha�l Pailloncy



    - Michael Schaefers



    - Oliver Doepner



    - Philip Boutros



    - Rafael Cavazin



    - Ryan Schneider



@@ -109,6 +111,7 @@


    - { name: 'git.daemonPort', defaultValue: 0 }



    - { name: 'git.defaultIncrementalPushTagPrefix', defaultValue: 'r' }



    - { name: 'mail.smtps', defaultValue: false }



    - { name: 'realm.container.autoCreateAccounts', defaultValue: 'false' }



    - { name: 'realm.salesforce.backingUserService', defaultValue: 'users.conf' }



    - { name: 'realm.salesforce.orgId', defaultValue: 0 }



    - { name: 'web.activityDurationChoices', defaultValue: '7 14 28 60 90 180' }





 src/main/distrib/data/gitblit.properties


@@ -1110,6 +1110,13 @@


# Advanced Realm Settings



#







# Auto-creates user accounts based on the servlet container principal.  This



# assumes that your Gitblit install is a protected resource and your container's



# authentication process intercepts all Gitblit requests.



#



# SINCE 1.3.0



realm.container.autoCreateAccounts = false







# The SalesforceUserService must be backed by another user service for standard user



# and team management.



# default: users.conf





 src/main/java/com/gitblit/GitBlit.java


@@ -827,13 +827,24 @@


        Principal principal = httpRequest.getUserPrincipal();


        if (principal != null) {


            String username = principal.getName();


            if (StringUtils.isEmpty(username)) {


            if (!StringUtils.isEmpty(username)) {


                UserModel user = getUserModel(username);


                if (user != null) {


                    // existing user


                    flagWicketSession(AuthenticationType.CONTAINER);


                    logger.debug(MessageFormat.format("{0} authenticated by servlet container principal from {1}",


                            user.username, httpRequest.getRemoteAddr()));


                    return user;


                } else if (settings.getBoolean(Keys.realm.container.autoCreateAccounts, true)) {


                    // auto-create user from an authenticated container principal


                    user = new UserModel(username.toLowerCase());


                    user.displayName = username;


                    user.password = Constants.EXTERNAL_ACCOUNT;


                    userService.updateUserModel(user);


                    flagWicketSession(AuthenticationType.CONTAINER);


                    logger.debug(MessageFormat.format("{0} authenticated and created by servlet container principal from {1}",


                            user.username, httpRequest.getRemoteAddr()));


                    return user;


                } else {


                    logger.warn(MessageFormat.format("Failed to find UserModel for {0}, attempted servlet container authentication from {1}",


                            principal.getName(), httpRequest.getRemoteAddr()));