From b79ade104858ce6714a7329b7629b331564a2ea5 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 26 Mar 2013 17:00:50 -0400
Subject: [PATCH] Integrate pull-request #76: enforce HTTP Basic authentication

---
 src/com/gitblit/EnforceAuthenticationFilter.java |   26 +++++++++++++++++++-------
 1 files changed, 19 insertions(+), 7 deletions(-)

diff --git a/src/com/gitblit/EnforceAuthenticationFilter.java b/src/com/gitblit/EnforceAuthenticationFilter.java
index 6dc454c..2a17996 100644
--- a/src/com/gitblit/EnforceAuthenticationFilter.java
+++ b/src/com/gitblit/EnforceAuthenticationFilter.java
@@ -1,7 +1,19 @@
-/**
- * 
- */
-package com.gitblit;
+/*
+ * Copyright 2013 Laurens Vrijnsen
+ * Copyright 2013 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */package com.gitblit;
 
 import java.io.IOException;
 import java.text.MessageFormat;
@@ -54,8 +66,8 @@
 		 * Determine whether to enforce the BASIC authentication:
 		 */
 		@SuppressWarnings("static-access")
-		Boolean mustForceAuth = GitBlit.self().getBoolean("web.authenticateViewPages", false)
-								&& GitBlit.self().getBoolean("web.enforceHttpBasicAuthentication", false);
+		Boolean mustForceAuth = GitBlit.self().getBoolean(Keys.web.authenticateViewPages, false)
+								&& GitBlit.self().getBoolean(Keys.web.enforceHttpBasicAuthentication, false);
 		
 		HttpServletRequest  HttpRequest  = (HttpServletRequest)request;
 		HttpServletResponse HttpResponse = (HttpServletResponse)response; 
@@ -63,7 +75,7 @@
 		
 		if (mustForceAuth && (user == null)) {
 			// not authenticated, enforce now:
-			logger.info(MessageFormat.format("EnforceAuthFilter: user not authenticated for URL {0}!", request.toString()));
+			logger.debug(MessageFormat.format("EnforceAuthFilter: user not authenticated for URL {0}!", request.toString()));
 			@SuppressWarnings("static-access")
 			String CHALLENGE = MessageFormat.format("Basic realm=\"{0}\"", GitBlit.self().getString("web.siteName",""));
 			HttpResponse.setHeader("WWW-Authenticate", CHALLENGE);

--
Gitblit v1.9.1