From 27ae9095639bb228a1b7ff86a3ebe4264abf05be Mon Sep 17 00:00:00 2001
From: mschaefers <mschaefers@scoop-gmbh.de>
Date: Thu, 29 Nov 2012 12:33:09 -0500
Subject: [PATCH] feature: when using LdapUserService one can configure Gitblit to fetch all users from ldap that can possibly login. This allows to see newly generated LDAP users instantly in Gitblit. By now an LDAP user had to log in once to appear in GitBlit.
---
src/com/gitblit/authority/GitblitAuthority.java | 100 ++++++++++++++++++++++++++++++++-----------------
1 files changed, 65 insertions(+), 35 deletions(-)
diff --git a/src/com/gitblit/authority/GitblitAuthority.java b/src/com/gitblit/authority/GitblitAuthority.java
index 6d219b7..5ee6af5 100644
--- a/src/com/gitblit/authority/GitblitAuthority.java
+++ b/src/com/gitblit/authority/GitblitAuthority.java
@@ -17,6 +17,7 @@
import java.awt.BorderLayout;
import java.awt.Container;
+import java.awt.Desktop;
import java.awt.Dimension;
import java.awt.EventQueue;
import java.awt.FlowLayout;
@@ -35,6 +36,7 @@
import java.io.FileWriter;
import java.io.FilenameFilter;
import java.io.IOException;
+import java.net.URI;
import java.security.PrivateKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
@@ -296,6 +298,24 @@
File caKeystore = new File(folder, X509Utils.CA_KEY_STORE);
if (!caKeystore.exists()) {
+
+ if (!X509Utils.unlimitedStrength) {
+ // prompt to confirm user understands JCE Standard Strength encryption
+ int res = JOptionPane.showConfirmDialog(GitblitAuthority.this, Translation.get("gb.jceWarning"),
+ Translation.get("gb.warning"), JOptionPane.YES_NO_OPTION, JOptionPane.WARNING_MESSAGE);
+ if (res != JOptionPane.YES_OPTION) {
+ if (Desktop.isDesktopSupported()) {
+ if (Desktop.getDesktop().isSupported(Desktop.Action.BROWSE)) {
+ try {
+ Desktop.getDesktop().browse(URI.create("http://www.oracle.com/technetwork/java/javase/downloads/index.html"));
+ } catch (IOException e) {
+ }
+ }
+ }
+ System.exit(1);
+ }
+ }
+
// show certificate defaults dialog
certificateDefaultsButton.doClick();
@@ -307,16 +327,9 @@
private boolean prepareX509Infrastructure() {
if (caKeystorePassword == null) {
- JPasswordField pass = new JPasswordField(10){
- private static final long serialVersionUID = 1L;
-
- public void addNotify()
- {
- super.addNotify();
- requestFocusInWindow();
- }
- };
+ JPasswordField pass = new JPasswordField(10);
pass.setText(caKeystorePassword);
+ pass.addAncestorListener(new RequestFocusListener());
JPanel panel = new JPanel(new BorderLayout());
panel.add(new JLabel(Translation.get("gb.enterKeystorePassword")), BorderLayout.NORTH);
panel.add(pass, BorderLayout.CENTER);
@@ -329,6 +342,7 @@
}
X509Metadata metadata = new X509Metadata("localhost", caKeystorePassword);
+ setMetadataDefaults(metadata);
X509Utils.prepareX509Infrastructure(metadata, folder, this);
return true;
}
@@ -396,29 +410,11 @@
}
Date notAfter = metadata.notAfter;
- metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);
- if (StringUtils.isEmpty(metadata.serverHostname)) {
- metadata.serverHostname = Constants.NAME;
- }
- UserModel user = ucm.user;
-
- // set default values from config file
- File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
- FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
- if (certificatesConfigFile.exists()) {
- try {
- config.load();
- } catch (Exception e) {
- Utils.showException(GitblitAuthority.this, e);
- }
- NewCertificateConfig certificateConfig = NewCertificateConfig.KEY.parse(config);
- certificateConfig.update(metadata);
- }
-
- // restore expiration date
+ setMetadataDefaults(metadata);
metadata.notAfter = notAfter;
// set user's specified OID values
+ UserModel user = ucm.user;
if (!StringUtils.isEmpty(user.organizationalUnit)) {
metadata.oids.put("OU", user.organizationalUnit);
}
@@ -442,12 +438,8 @@
if (ucm.expires == null || metadata.notAfter.before(ucm.expires)) {
ucm.expires = metadata.notAfter;
}
- ucm.update(config);
- try {
- config.save();
- } catch (Exception e) {
- Utils.showException(GitblitAuthority.this, e);
- }
+
+ updateAuthorityConfig(ucm);
// refresh user
ucm.certs = null;
@@ -818,4 +810,42 @@
}
return false;
}
+
+ private void setMetadataDefaults(X509Metadata metadata) {
+ metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);
+ if (StringUtils.isEmpty(metadata.serverHostname)) {
+ metadata.serverHostname = Constants.NAME;
+ }
+
+ // set default values from config file
+ File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
+ FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
+ if (certificatesConfigFile.exists()) {
+ try {
+ config.load();
+ } catch (Exception e) {
+ Utils.showException(GitblitAuthority.this, e);
+ }
+ NewCertificateConfig certificateConfig = NewCertificateConfig.KEY.parse(config);
+ certificateConfig.update(metadata);
+ }
+ }
+
+ private void updateAuthorityConfig(UserCertificateModel ucm) {
+ File certificatesConfigFile = new File(folder, X509Utils.CA_CONFIG);
+ FileBasedConfig config = new FileBasedConfig(certificatesConfigFile, FS.detect());
+ if (certificatesConfigFile.exists()) {
+ try {
+ config.load();
+ } catch (Exception e) {
+ Utils.showException(GitblitAuthority.this, e);
+ }
+ }
+ ucm.update(config);
+ try {
+ config.save();
+ } catch (Exception e) {
+ Utils.showException(GitblitAuthority.this, e);
+ }
+ }
}
--
Gitblit v1.9.1