githubFork/gitblit.git - Solinfo Gitblit

			@@ -22,6 +22,7 @@
			import java.util.HashMap;
			import java.util.List;
			import java.util.Map;
			import java.util.concurrent.TimeUnit;

			import javax.servlet.http.Cookie;
			import javax.servlet.http.HttpServletRequest;
			@@ -108,10 +109,10 @@
			String realm = settings.getString(Keys.realm.userService, "${baseFolder}/users.conf");
			if (legacyRedirects.containsKey(realm)) {
			logger.warn("");
			logger.warn("#################################################################");
			logger.warn(Constants.BORDER2);
			logger.warn(" IUserService '{}' is obsolete!", realm);
			logger.warn(" Please set '{}={}'", "realm.authenticationProviders", legacyRedirects.get(realm));
			logger.warn("#################################################################");
			logger.warn(Constants.BORDER2);
			logger.warn("");

			// conditionally override specified authentication providers
			@@ -149,6 +150,13 @@

			@Override
			public AuthenticationManager stop() {
			for (AuthenticationProvider provider : authenticationProviders) {
			try {
			provider.stop();
			} catch (Exception e) {
			logger.error("Failed to stop " + provider.getClass().getSimpleName(), e);
			}
			}
			return this;
			}

			@@ -183,7 +191,7 @@
			if (principal != null) {
			String username = principal.getName();
			if (!StringUtils.isEmpty(username)) {
			boolean internalAccount = isInternalAccount(username);
			boolean internalAccount = userManager.isInternalAccount(username);
			UserModel user = userManager.getUserModel(username);
			if (user != null) {
			// existing user
			@@ -235,13 +243,18 @@
			return null;
			}

			UserModel user = null;

			// try to authenticate by cookie
			UserModel user = authenticate(httpRequest.getCookies());
			if (user != null) {
			flagWicketSession(AuthenticationType.COOKIE);
			logger.debug(MessageFormat.format("{0} authenticated by cookie from {1}",
			String cookie = getCookie(httpRequest);
			if (!StringUtils.isEmpty(cookie)) {
			user = userManager.getUserModel(cookie.toCharArray());
			if (user != null) {
			flagWicketSession(AuthenticationType.COOKIE);
			logger.debug(MessageFormat.format("{0} authenticated by cookie from {1}",
			user.username, httpRequest.getRemoteAddr()));
			return user;
			return user;
			}
			}

			// try to authenticate by BASIC
			@@ -266,26 +279,6 @@
			} else {
			logger.warn(MessageFormat.format("Failed login attempt for {0}, invalid credentials from {1}",
			username, httpRequest.getRemoteAddr()));
			}
			}
			}
			return null;
			}

			/**
			* Authenticate a user based on their cookie.
			*
			* @param cookies
			* @return a user object or null
			*/
			protected UserModel authenticate(Cookie[] cookies) {
			if (settings.getBoolean(Keys.web.allowCookieAuthentication, true)) {
			if (cookies != null && cookies.length > 0) {
			for (Cookie cookie : cookies) {
			if (cookie.getName().equals(Constants.NAME)) {
			String value = cookie.getValue();
			return userManager.getUserModel(value.toCharArray());
			}
			}
			}
			}
			@@ -322,19 +315,11 @@
			// can not authenticate empty password
			return null;
			}
			// check to see if this is the federation user
			// if (canFederate()) {
			// if (usernameDecoded.equalsIgnoreCase(Constants.FEDERATION_USER)) {
			// List<String> tokens = getFederationTokens();
			// if (tokens.contains(pw)) {
			// return getFederationUser();
			// }
			// }
			// }

			UserModel user = userManager.getUserModel(usernameDecoded);

			// try local authentication
			UserModel user = userManager.getUserModel(usernameDecoded);
			if (user != null) {
			if (user != null && user.isLocalAccount()) {
			UserModel returnedUser = null;
			if (user.password.startsWith(StringUtils.MD5_TYPE)) {
			// password digest
			@@ -373,6 +358,28 @@
			}

			/**
			* Returns the Gitlbit cookie in the request.
			*
			* @param request
			* @return the Gitblit cookie for the request or null if not found
			*/
			@Override
			public String getCookie(HttpServletRequest request) {
			if (settings.getBoolean(Keys.web.allowCookieAuthentication, true)) {
			Cookie[] cookies = request.getCookies();
			if (cookies != null && cookies.length > 0) {
			for (Cookie cookie : cookies) {
			if (cookie.getName().equals(Constants.NAME)) {
			String value = cookie.getValue();
			return value;
			}
			}
			}
			}
			return null;
			}

			/**
			* Sets a cookie for the specified user.
			*
			* @param response
			@@ -398,7 +405,8 @@
			} else {
			// create real cookie
			userCookie = new Cookie(Constants.NAME, cookie);
			userCookie.setMaxAge(Integer.MAX_VALUE);
			// expire the cookie in 7 days
			userCookie.setMaxAge((int) TimeUnit.DAYS.toSeconds(7));
			}
			}
			userCookie.setPath("/");
			@@ -489,23 +497,4 @@
			}
			return AuthenticationProvider.NULL_PROVIDER;
			}

			/**
			* Returns true if the username represents an internal account
			*
			* @param username
			* @return true if the specified username represents an internal account
			*/
			protected boolean isInternalAccount(String username) {
			return !StringUtils.isEmpty(username)
			&& (username.equalsIgnoreCase(Constants.FEDERATION_USER)
			\|\| username.equalsIgnoreCase(UserModel.ANONYMOUS.username));
			}

			// protected UserModel getFederationUser() {
			// // the federation user is an administrator
			// UserModel federationUser = new UserModel(Constants.FEDERATION_USER);
			// federationUser.canAdmin = true;
			// return federationUser;
			// }
			}