| | |
|---|
| | | import java.util.HashMap;
|
|---|
| | | import java.util.Map;
|
|---|
| | |
|
|---|
| | | import javax.servlet.Filter; |
|---|
| | | import javax.servlet.FilterChain;
|
|---|
| | | import javax.servlet.FilterConfig;
|
|---|
| | | import javax.servlet.ServletException;
|
|---|
| | |
|---|
| | | import org.slf4j.LoggerFactory;
|
|---|
| | |
|
|---|
| | | import com.gitblit.Constants;
|
|---|
| | | import com.gitblit.dagger.DaggerFilter;
|
|---|
| | | import com.gitblit.Constants.Role; |
|---|
| | | import com.gitblit.manager.IAuthenticationManager;
|
|---|
| | | import com.gitblit.models.UserModel;
|
|---|
| | | import com.gitblit.utils.DeepCopier;
|
|---|
| | | import com.gitblit.utils.StringUtils;
|
|---|
| | |
|
|---|
| | | import dagger.ObjectGraph;
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | | * The AuthenticationFilter is a servlet filter that preprocesses requests that
|
|---|
| | |
|---|
| | | * @author James Moger
|
|---|
| | | *
|
|---|
| | | */
|
|---|
| | | public abstract class AuthenticationFilter extends DaggerFilter {
|
|---|
| | | public abstract class AuthenticationFilter implements Filter { |
|---|
| | |
|
|---|
| | | protected static final String CHALLENGE = "Basic realm=\"" + Constants.NAME + "\"";
|
|---|
| | |
|
|---|
| | |
|---|
| | |
|
|---|
| | | protected IAuthenticationManager authenticationManager;
|
|---|
| | |
|
|---|
| | | protected AuthenticationFilter(IAuthenticationManager authenticationManager) { |
|---|
| | | this.authenticationManager = authenticationManager; |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override
|
|---|
| | | protected void inject(ObjectGraph dagger, FilterConfig filterConfig) {
|
|---|
| | | this.authenticationManager = dagger.get(IAuthenticationManager.class);
|
|---|
| | | public void init(FilterConfig filterConfig) throws ServletException { |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public void destroy() { |
|---|
| | | }
|
|---|
| | |
|
|---|
| | | /**
|
|---|
| | |
|---|
| | |
|
|---|
| | | @Override
|
|---|
| | | public boolean isUserInRole(String role) {
|
|---|
| | | if (role.equals(Constants.ADMIN_ROLE)) {
|
|---|
| | | if (role.equals(Role.ADMIN.getRole())) { |
|---|
| | | return user.canAdmin();
|
|---|
| | | }
|
|---|
| | | // Gitblit does not currently use actual roles in the traditional
|
|---|
