From a2ce62e1f360e9cdb2221cfa3b091c02bda857eb Mon Sep 17 00:00:00 2001
From: Laurens Vrijnsen <laurens.vrijnsen@sioux.eu>
Date: Fri, 22 Mar 2013 07:36:52 -0400
Subject: [PATCH] Added enforced HTTP Basic Authentication

---
 src/com/gitblit/wicket/AuthorizationStrategy.java |   15 +++++++++++++++
 1 files changed, 15 insertions(+), 0 deletions(-)

diff --git a/src/com/gitblit/wicket/AuthorizationStrategy.java b/src/com/gitblit/wicket/AuthorizationStrategy.java
index 21bd1b7..51183a2 100644
--- a/src/com/gitblit/wicket/AuthorizationStrategy.java
+++ b/src/com/gitblit/wicket/AuthorizationStrategy.java
@@ -15,10 +15,16 @@
  */
 package com.gitblit.wicket;
 
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletResponse;
+
 import org.apache.wicket.Component;
 import org.apache.wicket.RestartResponseException;
 import org.apache.wicket.authorization.IUnauthorizedComponentInstantiationListener;
 import org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy;
+import org.apache.wicket.protocol.http.WebResponse;
+import org.apache.wicket.protocol.http.servlet.AbortWithWebErrorCodeException;
 
 import com.gitblit.GitBlit;
 import com.gitblit.Keys;
@@ -78,8 +84,17 @@
 
 	@Override
 	public void onUnauthorizedInstantiation(Component component) {
+		
 		if (component instanceof BasePage) {
 			throw new RestartResponseException(RepositoriesPage.class);
 		}
+		/*** DISABLED CODE ***
+		if (component instanceof BasePage) {
+			HttpServletResponse response = ((WebResponse)component.getResponse()).getHttpServletResponse();
+			response.setHeader("WWW-Authenticate", "Basic realm=test");
+			throw new AbortWithWebErrorCodeException(HttpServletResponse.SC_UNAUTHORIZED);
+			
+		} 
+		*** END DISABLED ***/
 	}
 }

--
Gitblit v1.9.1