Option to auto-create accounts based on authenticated container principals (issue...

author James Moger <james.moger@gitblit.com>

Mon, 17 Jun 2013 19:56:14 +0000 (15:56 -0400)

committer James Moger <james.moger@gitblit.com>

Mon, 17 Jun 2013 19:56:14 +0000 (15:56 -0400)
author James Moger <james.moger@gitblit.com>
Mon, 17 Jun 2013 19:56:14 +0000 (15:56 -0400)
committer James Moger <james.moger@gitblit.com>
Mon, 17 Jun 2013 19:56:14 +0000 (15:56 -0400)
diff --git a/releases.moxie b/releases.moxie

index f419992e64357faac7d37c041022fad64a05b10e..50a54e7ee312a5b2959d1916f479fa246a952e31 100644 (file)
--- a/releases.moxie
+++ b/releases.moxie
@@ -66,6 +66,7 @@ r17: {
          - Added weblogic.xml to WAR for deployment on WebLogic (issue 199)\r
          - Support username substitution in web.otherUrls (issue 213)\r
          - Option to force client-side basic authentication instead of form-based authentication if web.authenticateViewPages=true (issue 222)\r
+        - Setting to automatically create an user account based on an authenticated user principal from the servlet container (issue-246)\r
  \r
      contributors:\r
         - Bandarupalli Satyanarayana\r
@@ -86,6 +87,7 @@ r17: {
         - Matthias Bauer\r
         - Micha�l Pailloncy\r
         - Michael Schaefers\r
+       - Oliver Doepner\r
         - Philip Boutros\r
         - Rafael Cavazin\r
         - Ryan Schneider\r
@@ -109,6 +111,7 @@ r17: {
         - { name: 'git.daemonPort', defaultValue: 0 }\r
      - { name: 'git.defaultIncrementalPushTagPrefix', defaultValue: 'r' }\r
         - { name: 'mail.smtps', defaultValue: false }\r
+       - { name: 'realm.container.autoCreateAccounts', defaultValue: 'false' }\r
         - { name: 'realm.salesforce.backingUserService', defaultValue: 'users.conf' }\r
         - { name: 'realm.salesforce.orgId', defaultValue: 0 }\r
         - { name: 'web.activityDurationChoices', defaultValue: '7 14 28 60 90 180' }\r
diff --git a/src/main/distrib/data/gitblit.properties b/src/main/distrib/data/gitblit.properties

index 1671507f192c581362160ff8453db2f04dd8321a..412bcae2e81012bc5acecbd7c0760b3cf75493ac 100644 (file)
--- a/src/main/distrib/data/gitblit.properties
+++ b/src/main/distrib/data/gitblit.properties
@@ -1110,6 +1110,13 @@ federation.sets =
  # Advanced Realm Settings\r
  #\r
  \r
+# Auto-creates user accounts based on the servlet container principal.  This\r
+# assumes that your Gitblit install is a protected resource and your container's\r
+# authentication process intercepts all Gitblit requests.\r
+#\r
+# SINCE 1.3.0\r
+realm.container.autoCreateAccounts = false\r
+\r
  # The SalesforceUserService must be backed by another user service for standard user\r
  # and team management.\r
  # default: users.conf\r
diff --git a/src/main/java/com/gitblit/GitBlit.java b/src/main/java/com/gitblit/GitBlit.java

index c538acea36b27c7573149f23cc8ea756ca55453c..25ffaba80fc9b316c643e91ef47a587d6aa50e8c 100644 (file)
--- a/src/main/java/com/gitblit/GitBlit.java
+++ b/src/main/java/com/gitblit/GitBlit.java
@@ -827,13 +827,24 @@ public class GitBlit implements ServletContextListener {
                 Principal principal = httpRequest.getUserPrincipal();
                 if (principal != null) {
                         String username = principal.getName();
-                       if (StringUtils.isEmpty(username)) {
+                       if (!StringUtils.isEmpty(username)) {
                                 UserModel user = getUserModel(username);
                                 if (user != null) {
+                                       // existing user
                                         flagWicketSession(AuthenticationType.CONTAINER);
                                         logger.debug(MessageFormat.format("{0} authenticated by servlet container principal from {1}",
                                                         user.username, httpRequest.getRemoteAddr()));
                                         return user;
+                               } else if (settings.getBoolean(Keys.realm.container.autoCreateAccounts, true)) {
+                                       // auto-create user from an authenticated container principal
+                                       user = new UserModel(username.toLowerCase());
+                                       user.displayName = username;
+                                       user.password = Constants.EXTERNAL_ACCOUNT;
+                                       userService.updateUserModel(user);
+                                       flagWicketSession(AuthenticationType.CONTAINER);
+                                       logger.debug(MessageFormat.format("{0} authenticated and created by servlet container principal from {1}",
+                                                       user.username, httpRequest.getRemoteAddr()));
+                                       return user;
                                 } else {
                                         logger.warn(MessageFormat.format("Failed to find UserModel for {0}, attempted servlet container authentication from {1}",
                                                         principal.getName(), httpRequest.getRemoteAddr()));
author	James Moger <james.moger@gitblit.com>
	Mon, 17 Jun 2013 19:56:14 +0000 (15:56 -0400)
committer	James Moger <james.moger@gitblit.com>
	Mon, 17 Jun 2013 19:56:14 +0000 (15:56 -0400)
releases.moxie		patch \| blob \| history
src/main/distrib/data/gitblit.properties		patch \| blob \| history
src/main/java/com/gitblit/GitBlit.java		patch \| blob \| history