From 3983a6e74d69ed38853c3e89616de3266dcca40d Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 23 Nov 2012 10:17:51 -0500
Subject: [PATCH] X509 certificate authentication based on Kevin Anderson's implementation

---
 src/com/gitblit/wicket/pages/BasePage.java |   17 ++++++++++-------
 1 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/com/gitblit/wicket/pages/BasePage.java b/src/com/gitblit/wicket/pages/BasePage.java
index ceeb912..05640ad 100644
--- a/src/com/gitblit/wicket/pages/BasePage.java
+++ b/src/com/gitblit/wicket/pages/BasePage.java
@@ -131,13 +131,16 @@
 	}	
 
 	private void login() {
-		Cookie[] cookies = ((WebRequest) getRequestCycle().getRequest()).getCookies();
-		UserModel user = null;
-		if (GitBlit.self().allowCookieAuthentication() && cookies != null && cookies.length > 0) {
-			// Grab cookie from Browser Session
-			user = GitBlit.self().authenticate(cookies);
-		} else {
-			user = GitBlit.self().authenticate(((WebRequest) getRequestCycle().getRequest()).getHttpServletRequest());
+		// try to authenticate by servlet request
+		UserModel user = GitBlit.self().authenticate(((WebRequest) getRequestCycle().getRequest()).getHttpServletRequest());
+
+		if (user == null) {
+			// try to authenticate by cookie
+			Cookie[] cookies = ((WebRequest) getRequestCycle().getRequest()).getCookies();
+			if (GitBlit.self().allowCookieAuthentication() && cookies != null && cookies.length > 0) {
+				// Grab cookie from Browser Session
+				user = GitBlit.self().authenticate(cookies);
+			}
 		}
 
 		// Login the user

--
Gitblit v1.9.1