From 4e84166db5c5538e3984d9d2d6bb1f9902e65ee0 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 04 Nov 2014 17:38:17 -0500
Subject: [PATCH] Merged #217 "Exclude SSLv3 from Gitblit GO https protocols"

---
 src/main/java/com/gitblit/servlet/RpcFilter.java |   26 ++++++++++++--------------
 1 files changed, 12 insertions(+), 14 deletions(-)

diff --git a/src/main/java/com/gitblit/servlet/RpcFilter.java b/src/main/java/com/gitblit/servlet/RpcFilter.java
index 02f419f..34474d5 100644
--- a/src/main/java/com/gitblit/servlet/RpcFilter.java
+++ b/src/main/java/com/gitblit/servlet/RpcFilter.java
@@ -18,8 +18,8 @@
 import java.io.IOException;
 import java.text.MessageFormat;
 
-import javax.inject.Inject;
-import javax.inject.Singleton;
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
@@ -27,13 +27,11 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import com.gitblit.Constants;
+import com.gitblit.Constants.RpcRequest;
 import com.gitblit.IStoredSettings;
 import com.gitblit.Keys;
-import com.gitblit.Constants.RpcRequest;
-import com.gitblit.Keys.web;
+import com.gitblit.manager.IAuthenticationManager;
 import com.gitblit.manager.IRuntimeManager;
-import com.gitblit.manager.ISessionManager;
 import com.gitblit.models.UserModel;
 
 /**
@@ -52,17 +50,19 @@
 @Singleton
 public class RpcFilter extends AuthenticationFilter {
 
-	private final IStoredSettings settings;
+	private IStoredSettings settings;
 
-	private final IRuntimeManager runtimeManager;
+	private IRuntimeManager runtimeManager;
 
 	@Inject
 	public RpcFilter(
+			IStoredSettings settings,
 			IRuntimeManager runtimeManager,
-			ISessionManager sessionManager) {
+			IAuthenticationManager authenticationManager) {
 
-		super(sessionManager);
-		this.settings = runtimeManager.getSettings();
+		super(authenticationManager);
+
+		this.settings = settings;
 		this.runtimeManager = runtimeManager;
 	}
 
@@ -138,10 +138,8 @@
 					return;
 				}
 				// valid user, but not for requested access. send 403.
-				if (runtimeManager.isDebugMode()) {
-					logger.info(MessageFormat.format("RPC: {0} forbidden to access {1}",
+				logger.warn(MessageFormat.format("RPC: {0} forbidden to access {1}",
 							user.username, fullUrl));
-				}
 				httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
 				return;
 			}

--
Gitblit v1.9.1