From d6ccf989ab397a67ef30e96b82a2841539654d6e Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Sat, 08 Mar 2014 20:44:16 -0500
Subject: [PATCH] Listen for git daemon and fanout clients on all intefaces, by default

---
 src/main/java/com/gitblit/wicket/pages/SessionPage.java |   12 +++++++++++-
 1 files changed, 11 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/gitblit/wicket/pages/SessionPage.java b/src/main/java/com/gitblit/wicket/pages/SessionPage.java
index 22ae6e2..909342a 100644
--- a/src/main/java/com/gitblit/wicket/pages/SessionPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/SessionPage.java
@@ -56,8 +56,18 @@
 			// any changes to permissions or roles (issue-186)
 			UserModel user = app().users().getUserModel(session.getUser().username);
 
+			if (user.disabled) {
+				// user was disabled during session
+				HttpServletResponse response = ((WebResponse) getRequestCycle().getResponse())
+						.getHttpServletResponse();
+				app().authentication().logout(response, user);
+				session.setUser(null);
+				session.invalidateNow();
+				return;
+			}
+
 			// validate cookie during session (issue-361)
-			if (app().settings().getBoolean(Keys.web.allowCookieAuthentication, true)) {
+			if (user != null && app().settings().getBoolean(Keys.web.allowCookieAuthentication, true)) {
 				HttpServletRequest request = ((WebRequest) getRequestCycle().getRequest())
 						.getHttpServletRequest();
 				String requestCookie = app().authentication().getCookie(request);

--
Gitblit v1.9.1