From fbe265fa787e4be9cb63c6bae2ef30b9400d9afc Mon Sep 17 00:00:00 2001
From: Simon Harrer <simon.harrer@gmail.com>
Date: Thu, 18 Jul 2013 10:11:04 -0400
Subject: [PATCH] Fixes findbugs warning - dereferencing null in exception case

---
 src/main/java/com/gitblit/AuthenticationFilter.java |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/main/java/com/gitblit/AuthenticationFilter.java b/src/main/java/com/gitblit/AuthenticationFilter.java
index eb6e95b..388452e 100644
--- a/src/main/java/com/gitblit/AuthenticationFilter.java
+++ b/src/main/java/com/gitblit/AuthenticationFilter.java
@@ -28,6 +28,7 @@
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
@@ -35,6 +36,7 @@
 import org.slf4j.LoggerFactory;
 
 import com.gitblit.models.UserModel;
+import com.gitblit.utils.DeepCopier;
 import com.gitblit.utils.StringUtils;
 
 /**
@@ -105,7 +107,6 @@
 	/**
 	 * Taken from Jetty's LoginAuthenticator.renewSessionOnAuthentication()
 	 */
-	@SuppressWarnings("unchecked")
 	protected void newSession(HttpServletRequest request, HttpServletResponse response) {
 		HttpSession oldSession = request.getSession(false);
 		if (oldSession != null && oldSession.getAttribute(SESSION_SECURED) == null) {
@@ -145,14 +146,13 @@
 	/**
 	 * Wraps a standard HttpServletRequest and overrides user principal methods.
 	 */
-	public static class AuthenticatedRequest extends ServletRequestWrapper {
+	public static class AuthenticatedRequest extends HttpServletRequestWrapper {
 
 		private UserModel user;
 
 		public AuthenticatedRequest(HttpServletRequest req) {
 			super(req);
-			user = new UserModel("anonymous");
-			user.isAuthenticated = false;
+			user = DeepCopier.copy(UserModel.ANONYMOUS);
 		}
 
 		UserModel getUser() {

--
Gitblit v1.9.1