From 4bcaea2e40ab1ee192888f7d29c334a2a3cd3699 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 17 Aug 2012 15:49:44 -0400
Subject: [PATCH] Fix performance logging null pointer on anonymous repository browsing
---
src/com/gitblit/LdapUserService.java | 48 +++++++++++++++++++++++++++++++-----------------
1 files changed, 31 insertions(+), 17 deletions(-)
diff --git a/src/com/gitblit/LdapUserService.java b/src/com/gitblit/LdapUserService.java
index 78b5f99..38376b8 100644
--- a/src/com/gitblit/LdapUserService.java
+++ b/src/com/gitblit/LdapUserService.java
@@ -27,14 +27,18 @@
import com.gitblit.models.TeamModel;
import com.gitblit.models.UserModel;
+import com.gitblit.utils.ArrayUtils;
import com.gitblit.utils.StringUtils;
import com.unboundid.ldap.sdk.Attribute;
+import com.unboundid.ldap.sdk.ExtendedResult;
import com.unboundid.ldap.sdk.LDAPConnection;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.LDAPSearchException;
+import com.unboundid.ldap.sdk.ResultCode;
import com.unboundid.ldap.sdk.SearchResult;
import com.unboundid.ldap.sdk.SearchResultEntry;
import com.unboundid.ldap.sdk.SearchScope;
+import com.unboundid.ldap.sdk.extensions.StartTLSExtendedRequest;
import com.unboundid.util.ssl.SSLUtil;
import com.unboundid.util.ssl.TrustAllTrustManager;
@@ -80,10 +84,22 @@
if (ldapPort == -1) // Default Port
ldapPort = 389;
- return new LDAPConnection(ldapUrl.getHost(), ldapPort, bindUserName, bindPassword);
+ LDAPConnection conn = new LDAPConnection(ldapUrl.getHost(), ldapPort, bindUserName, bindPassword);
+
+ if (ldapUrl.getScheme().equalsIgnoreCase("ldap+tls")) {
+ SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
+
+ ExtendedResult extendedResult = conn.processExtendedOperation(
+ new StartTLSExtendedRequest(sslUtil.createSSLContext()));
+
+ if (extendedResult.getResultCode() != ResultCode.SUCCESS) {
+ throw new LDAPException(extendedResult.getResultCode());
+ }
+ }
+ return conn;
}
} catch (URISyntaxException e) {
- logger.error("Bad LDAP URL, should be in the form: ldap(s)://<server>:<port>", e);
+ logger.error("Bad LDAP URL, should be in the form: ldap(s|+tls)://<server>:<port>", e);
} catch (GeneralSecurityException e) {
logger.error("Unable to create SSL Connection", e);
} catch (LDAPException e) {
@@ -140,17 +156,6 @@
return !settings.getBoolean(Keys.realm.ldap.maintainTeams, false);
}
- /**
- * Does the user service support cookie authentication?
- *
- * @return true or false
- */
- @Override
- public boolean supportsCookies() {
- // TODO cookies need to be reviewed
- return false;
- }
-
@Override
public UserModel authenticate(String username, char[] password) {
String simpleUsername = getSimpleUsername(username);
@@ -173,8 +178,11 @@
UserModel user = getUserModel(simpleUsername);
if (user == null) // create user object for new authenticated user
user = new UserModel(simpleUsername);
-
-
+
+ // create a user cookie
+ if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {
+ user.cookie = StringUtils.getSHA1(user.username + new String(password));
+ }
if (!supportsTeamMembershipChanges())
getTeamsFromLdap(ldapConnection, simpleUsername, loggingInUser, user);
@@ -227,7 +235,10 @@
user.displayName = displayName;
} else {
- user.displayName = userEntry.getAttribute(displayName).getValue();
+ Attribute attribute = userEntry.getAttribute(displayName);
+ if (attribute != null && attribute.hasValue()) {
+ user.displayName = attribute.getValue();
+ }
}
}
@@ -240,7 +251,10 @@
user.emailAddress = email;
} else {
- user.emailAddress = userEntry.getAttribute(email).getValue();
+ Attribute attribute = userEntry.getAttribute(email);
+ if (attribute != null && attribute.hasValue()) {
+ user.emailAddress = attribute.getValue();
+ }
}
}
}
--
Gitblit v1.9.1