From f1c3a882d12aede461e3c8ca3ebd298bdb28bc5d Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Sun, 02 Dec 2012 13:16:39 -0500
Subject: [PATCH] Corrected certificatge bundle unit test

---
 src/com/gitblit/GitBlit.java |   29 ++++++++++++++++++++++-------
 1 files changed, 22 insertions(+), 7 deletions(-)

diff --git a/src/com/gitblit/GitBlit.java b/src/com/gitblit/GitBlit.java
index 6a3f98b..69135c4 100644
--- a/src/com/gitblit/GitBlit.java
+++ b/src/com/gitblit/GitBlit.java
@@ -58,6 +58,7 @@
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 
+import org.apache.wicket.RequestCycle;
 import org.apache.wicket.protocol.http.WebResponse;
 import org.apache.wicket.resource.ContextRelativeResource;
 import org.apache.wicket.util.resource.ResourceStreamNotFoundException;
@@ -108,6 +109,7 @@
 import com.gitblit.utils.ObjectCache;
 import com.gitblit.utils.StringUtils;
 import com.gitblit.utils.TimeUtils;
+import com.gitblit.utils.X509Utils.X509Metadata;
 import com.gitblit.wicket.GitBlitWebSession;
 import com.gitblit.wicket.WicketUtils;
 
@@ -571,12 +573,19 @@
 		UserModel model = HttpUtils.getUserModelFromCertificate(httpRequest, checkValidity, oids);
 		if (model != null) {
 			// grab real user model and preserve certificate serial number
-			GitBlitWebSession session = GitBlitWebSession.get();
-			session.authenticationType = AuthenticationType.CERTIFICATE;
 			UserModel user = getUserModel(model.username);
-			logger.info(MessageFormat.format("{0} authenticated by client certificate from {1}",
-					user.username, httpRequest.getRemoteAddr()));
-			return user;
+			if (user != null) {
+				RequestCycle requestCycle = RequestCycle.get();
+				if (requestCycle != null) {
+					// flag the Wicket session, if this is a Wicket request
+					GitBlitWebSession session = GitBlitWebSession.get();
+					session.authenticationType = AuthenticationType.CERTIFICATE;
+				}
+				X509Metadata metadata = HttpUtils.getCertificateMetadata(httpRequest);
+				logger.info(MessageFormat.format("{0} authenticated by client certificate {1} from {2}",
+						user.username, metadata.serialNumber, httpRequest.getRemoteAddr()));
+				return user;
+			}
 		}
 		
 		// try to authenticate by cookie
@@ -585,8 +594,14 @@
 			// Grab cookie from Browser Session
 			UserModel user = authenticate(cookies);
 			if (user != null) {
-				GitBlitWebSession session = GitBlitWebSession.get();
-				session.authenticationType = AuthenticationType.COOKIE;
+				RequestCycle requestCycle = RequestCycle.get();
+				if (requestCycle != null) {
+					// flag the Wicket session, if this is a Wicket request
+					GitBlitWebSession session = GitBlitWebSession.get();
+					session.authenticationType = AuthenticationType.COOKIE;
+				}
+				logger.info(MessageFormat.format("{0} authenticated by cookie from {1}",
+						user.username, httpRequest.getRemoteAddr()));
 				return user;
 			}
 		}

--
Gitblit v1.9.1