From b82a0f3d502c0f6861b0910c409f4992f3f32f86 Mon Sep 17 00:00:00 2001
From: Rafael Cavazin <rafaelcavazin@gmail.com>
Date: Thu, 06 Dec 2012 15:08:50 -0500
Subject: [PATCH] translation of lastest properties
---
src/com/gitblit/AuthenticationFilter.java | 50 ++++++++++++++++++--------------------------------
1 files changed, 18 insertions(+), 32 deletions(-)
diff --git a/src/com/gitblit/AuthenticationFilter.java b/src/com/gitblit/AuthenticationFilter.java
index 6b7a0af..eb6e95b 100644
--- a/src/com/gitblit/AuthenticationFilter.java
+++ b/src/com/gitblit/AuthenticationFilter.java
@@ -16,9 +16,7 @@
package com.gitblit;
import java.io.IOException;
-import java.nio.charset.Charset;
import java.security.Principal;
-import java.text.MessageFormat;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
@@ -33,7 +31,6 @@
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
-import org.eclipse.jgit.util.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -51,9 +48,7 @@
*/
public abstract class AuthenticationFilter implements Filter {
- protected static final String BASIC = "Basic";
-
- protected static final String CHALLENGE = BASIC + " realm=\"" + Constants.NAME + "\"";
+ protected static final String CHALLENGE = "Basic realm=\"" + Constants.NAME + "\"";
protected static final String SESSION_SECURED = "com.gitblit.secured";
@@ -69,6 +64,15 @@
@Override
public abstract void doFilter(final ServletRequest request, final ServletResponse response,
final FilterChain chain) throws IOException, ServletException;
+
+ /**
+ * Allow the filter to require a client certificate to continue processing.
+ *
+ * @return true, if a client certificate is required
+ */
+ protected boolean requiresClientCertificate() {
+ return false;
+ }
/**
* Returns the full relative url of the request.
@@ -94,30 +98,8 @@
* @return user
*/
protected UserModel getUser(HttpServletRequest httpRequest) {
- UserModel user = null;
- // look for client authorization credentials in header
- final String authorization = httpRequest.getHeader("Authorization");
- if (authorization != null && authorization.startsWith(BASIC)) {
- // Authorization: Basic base64credentials
- String base64Credentials = authorization.substring(BASIC.length()).trim();
- String credentials = new String(Base64.decode(base64Credentials),
- Charset.forName("UTF-8"));
- // credentials = username:password
- final String[] values = credentials.split(":");
-
- if (values.length == 2) {
- String username = values[0];
- char[] password = values[1].toCharArray();
- user = GitBlit.self().authenticate(username, password);
- if (user != null) {
- return user;
- }
- }
- if (GitBlit.isDebugMode()) {
- logger.info(MessageFormat.format("AUTH: invalid credentials ({0})", credentials));
- }
- }
- return null;
+ UserModel user = GitBlit.self().authenticate(httpRequest, requiresClientCertificate());
+ return user;
}
/**
@@ -170,8 +152,9 @@
public AuthenticatedRequest(HttpServletRequest req) {
super(req);
user = new UserModel("anonymous");
+ user.isAuthenticated = false;
}
-
+
UserModel getUser() {
return user;
}
@@ -188,8 +171,11 @@
@Override
public boolean isUserInRole(String role) {
if (role.equals(Constants.ADMIN_ROLE)) {
- return user.canAdmin;
+ return user.canAdmin();
}
+ // Gitblit does not currently use actual roles in the traditional
+ // servlet container sense. That is the reason this is marked
+ // deprecated, but I may want to revisit this.
return user.canAccessRepository(role);
}
--
Gitblit v1.9.1