From 2654d99368054b7f8cfaec056b599cac4cfb53d9 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 30 Sep 2014 09:48:27 -0400
Subject: [PATCH] Merge branch 'ticket/196' into develop

---
 src/main/java/com/gitblit/wicket/pages/SessionPage.java |   36 +++++++++++++++++++++++++++++++++++-
 1 files changed, 35 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/gitblit/wicket/pages/SessionPage.java b/src/main/java/com/gitblit/wicket/pages/SessionPage.java
index d2fcfa0..7717854 100644
--- a/src/main/java/com/gitblit/wicket/pages/SessionPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/SessionPage.java
@@ -16,6 +16,7 @@
 package com.gitblit.wicket.pages;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 import org.apache.wicket.PageParameters;
 import org.apache.wicket.markup.html.WebPage;
@@ -24,6 +25,7 @@
 
 import com.gitblit.Keys;
 import com.gitblit.models.UserModel;
+import com.gitblit.utils.StringUtils;
 import com.gitblit.wicket.GitBlitWebApp;
 import com.gitblit.wicket.GitBlitWebSession;
 
@@ -53,6 +55,36 @@
 			// already have a session, refresh usermodel to pick up
 			// any changes to permissions or roles (issue-186)
 			UserModel user = app().users().getUserModel(session.getUser().username);
+
+			if (user == null || user.disabled) {
+				// user was deleted/disabled during session
+				HttpServletRequest request = ((WebRequest) getRequestCycle().getRequest())
+						.getHttpServletRequest();
+				HttpServletResponse response = ((WebResponse) getRequestCycle().getResponse())
+						.getHttpServletResponse();
+				app().authentication().logout(request, response, user);
+				session.setUser(null);
+				session.invalidateNow();
+				return;
+			}
+
+			// validate cookie during session (issue-361)
+			if (user != null && app().settings().getBoolean(Keys.web.allowCookieAuthentication, true)) {
+				HttpServletRequest request = ((WebRequest) getRequestCycle().getRequest())
+						.getHttpServletRequest();
+				String requestCookie = app().authentication().getCookie(request);
+				if (!StringUtils.isEmpty(requestCookie) && !StringUtils.isEmpty(user.cookie)) {
+					if (!requestCookie.equals(user.cookie)) {
+						// cookie was changed during our session
+						HttpServletResponse response = ((WebResponse) getRequestCycle().getResponse())
+								.getHttpServletResponse();
+						app().authentication().logout(request, response, user);
+						session.setUser(null);
+						session.invalidateNow();
+						return;
+					}
+				}
+			}
 			session.setUser(user);
 			return;
 		}
@@ -69,8 +101,10 @@
 			session.setUser(user);
 
 			// Set Cookie
+			WebRequest request = (WebRequest) getRequestCycle().getRequest();
 			WebResponse response = (WebResponse) getRequestCycle().getResponse();
-			app().authentication().setCookie(response.getHttpServletResponse(), user);
+			app().authentication().setCookie(request.getHttpServletRequest(),
+					response.getHttpServletResponse(), user);
 
 			session.continueRequest();
 		}

--
Gitblit v1.9.1