Integrate pull-request #76: enforce HTTP Basic authentication

diff --git a/distrib/gitblit.properties b/distrib/gitblit.properties
index 80790d301d8da3f431e96d0b2ea662422eed9f18..ba4fa2c7e937181564193aeacc7e4cff0b4b1419 100644 (file)
--- a/distrib/gitblit.properties
+++ b/distrib/gitblit.properties
@@ -440,6 +440,12 @@ fanout.connectionLimit = 0
 # RESTART REQUIRED\r
 web.authenticateViewPages = false\r
 \r
+# if web.authenticateViewPages=true you may optionally require a client-side\r
+# basic authentication prompt instead of the standard form-based login. \r
+#\r
+# SINCE 1.3.0\r
+web.enforceHttpBasicAuthentication = false\r
+\r
 # Require admin authentication for the admin functions and pages\r
 #\r
 # SINCE 0.5.0\r

diff --git a/docs/04_releases.mkd b/docs/04_releases.mkd
index efce794de7e076e9fd580ffab880a7cc568e70f8..7dd6b17436665aa51a0f7443a39236a8456e2c69 100644 (file)
--- a/docs/04_releases.mkd
+++ b/docs/04_releases.mkd
@@ -10,6 +10,7 @@
 \r
 #### additions\r
 \r
+ - Option to force client-side basic authentication instead of form-based authentication if web.authenticateViewPages=true (github/furinzen)\r
  - Optional periodic LDAP user and team pre-fetching & synchronization (github/mschaefers)\r
  - Display name and version in Tomcat Manager (github/thefake) \r
  - FogBugz post-receive hook script (github/djschny)\r

diff --git a/src/com/gitblit/EnforceAuthenticationFilter.java b/src/com/gitblit/EnforceAuthenticationFilter.java
index 6dc454ce7929c54050d17e8afa874404b58f514c..2a17996ecb87947fb9a5612d49b9ceeb4316a671 100644 (file)
--- a/src/com/gitblit/EnforceAuthenticationFilter.java
+++ b/src/com/gitblit/EnforceAuthenticationFilter.java
@@ -1,7 +1,19 @@
-/**
- * 
- */
-package com.gitblit;
+/*
+ * Copyright 2013 Laurens Vrijnsen
+ * Copyright 2013 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */package com.gitblit;
 
 import java.io.IOException;
 import java.text.MessageFormat;
@@ -54,8 +66,8 @@ public class EnforceAuthenticationFilter implements Filter {
                 * Determine whether to enforce the BASIC authentication:
                 */
                @SuppressWarnings("static-access")
-               Boolean mustForceAuth = GitBlit.self().getBoolean("web.authenticateViewPages", false)
-                                                               && GitBlit.self().getBoolean("web.enforceHttpBasicAuthentication", false);
+               Boolean mustForceAuth = GitBlit.self().getBoolean(Keys.web.authenticateViewPages, false)
+                                                               && GitBlit.self().getBoolean(Keys.web.enforceHttpBasicAuthentication, false);
                
                HttpServletRequest  HttpRequest  = (HttpServletRequest)request;
                HttpServletResponse HttpResponse = (HttpServletResponse)response; 
@@ -63,7 +75,7 @@ public class EnforceAuthenticationFilter implements Filter {
                
                if (mustForceAuth && (user == null)) {
                        // not authenticated, enforce now:
-                       logger.info(MessageFormat.format("EnforceAuthFilter: user not authenticated for URL {0}!", request.toString()));
+                       logger.debug(MessageFormat.format("EnforceAuthFilter: user not authenticated for URL {0}!", request.toString()));
                        @SuppressWarnings("static-access")
                        String CHALLENGE = MessageFormat.format("Basic realm=\"{0}\"", GitBlit.self().getString("web.siteName",""));
                        HttpResponse.setHeader("WWW-Authenticate", CHALLENGE);