From 62e0259129fa7147a3899244569c05f4e7fd3b7c Mon Sep 17 00:00:00 2001
From: Joel Johnson <joel.johnson@issinc.com>
Date: Tue, 14 Jul 2015 15:59:29 -0400
Subject: [PATCH] prevent session fixation for external authentication

---
 src/main/java/com/gitblit/wicket/panels/BasePanel.java |   15 +++++++++++++++
 1 files changed, 15 insertions(+), 0 deletions(-)

diff --git a/src/main/java/com/gitblit/wicket/panels/BasePanel.java b/src/main/java/com/gitblit/wicket/panels/BasePanel.java
index dda5797..73f8e47 100644
--- a/src/main/java/com/gitblit/wicket/panels/BasePanel.java
+++ b/src/main/java/com/gitblit/wicket/panels/BasePanel.java
@@ -22,6 +22,8 @@
 import org.apache.wicket.Component;
 import org.apache.wicket.markup.html.panel.Panel;
 import org.apache.wicket.model.Model;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import com.gitblit.Constants;
 import com.gitblit.Keys;
@@ -36,6 +38,8 @@
 
 	private transient TimeUtils timeUtils;
 
+	private transient Logger logger;
+
 	public BasePanel(String wicketId) {
 		super(wicketId);
 	}
@@ -44,6 +48,17 @@
 		return GitBlitWebApp.get();
 	}
 
+	protected Logger logger() {
+		if (logger == null) {
+			logger = LoggerFactory.getLogger(getClass());
+		}
+		return logger;
+	}
+
+	protected String getContextUrl() {
+		return getRequest().getRelativePathPrefixToContextRoot();
+	}
+
 	protected TimeZone getTimeZone() {
 		return app().settings().getBoolean(Keys.web.useClientTimezone, false) ? GitBlitWebSession.get()
 				.getTimezone() : app().getTimezone();

--
Gitblit v1.9.1