From 020a4d6dccfa25235a1481efc3e449a73a0d659a Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 24 Oct 2013 08:12:03 -0400
Subject: [PATCH] Merge pull request #119 from simonharrer/fix-locale-test-run-bug

---
 src/main/java/com/gitblit/AuthenticationFilter.java |   24 ++++++++++++------------
 1 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/src/main/java/com/gitblit/AuthenticationFilter.java b/src/main/java/com/gitblit/AuthenticationFilter.java
index eb6e95b..640bf17 100644
--- a/src/main/java/com/gitblit/AuthenticationFilter.java
+++ b/src/main/java/com/gitblit/AuthenticationFilter.java
@@ -28,6 +28,7 @@
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
@@ -35,16 +36,17 @@
 import org.slf4j.LoggerFactory;
 
 import com.gitblit.models.UserModel;
+import com.gitblit.utils.DeepCopier;
 import com.gitblit.utils.StringUtils;
 
 /**
  * The AuthenticationFilter is a servlet filter that preprocesses requests that
  * match its url pattern definition in the web.xml file.
- * 
+ *
  * http://en.wikipedia.org/wiki/Basic_access_authentication
- * 
+ *
  * @author James Moger
- * 
+ *
  */
 public abstract class AuthenticationFilter implements Filter {
 
@@ -57,17 +59,17 @@
 	/**
 	 * doFilter does the actual work of preprocessing the request to ensure that
 	 * the user may proceed.
-	 * 
+	 *
 	 * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest,
 	 *      javax.servlet.ServletResponse, javax.servlet.FilterChain)
 	 */
 	@Override
 	public abstract void doFilter(final ServletRequest request, final ServletResponse response,
 			final FilterChain chain) throws IOException, ServletException;
-	
+
 	/**
 	 * Allow the filter to require a client certificate to continue processing.
-	 * 
+	 *
 	 * @return true, if a client certificate is required
 	 */
 	protected boolean requiresClientCertificate() {
@@ -76,7 +78,7 @@
 
 	/**
 	 * Returns the full relative url of the request.
-	 * 
+	 *
 	 * @param httpRequest
 	 * @return url
 	 */
@@ -93,7 +95,7 @@
 
 	/**
 	 * Returns the user making the request, if the user has authenticated.
-	 * 
+	 *
 	 * @param httpRequest
 	 * @return user
 	 */
@@ -105,7 +107,6 @@
 	/**
 	 * Taken from Jetty's LoginAuthenticator.renewSessionOnAuthentication()
 	 */
-	@SuppressWarnings("unchecked")
 	protected void newSession(HttpServletRequest request, HttpServletResponse response) {
 		HttpSession oldSession = request.getSession(false);
 		if (oldSession != null && oldSession.getAttribute(SESSION_SECURED) == null) {
@@ -145,14 +146,13 @@
 	/**
 	 * Wraps a standard HttpServletRequest and overrides user principal methods.
 	 */
-	public static class AuthenticatedRequest extends ServletRequestWrapper {
+	public static class AuthenticatedRequest extends HttpServletRequestWrapper {
 
 		private UserModel user;
 
 		public AuthenticatedRequest(HttpServletRequest req) {
 			super(req);
-			user = new UserModel("anonymous");
-			user.isAuthenticated = false;
+			user = DeepCopier.copy(UserModel.ANONYMOUS);
 		}
 
 		UserModel getUser() {

--
Gitblit v1.9.1