From: James Moger <james.moger@gitblit.com>
Date: Thu, 29 Nov 2012 23:21:30 +0000 (-0500)
Subject: Track the authentication type in the session
X-Git-Tag: v1.2.0~56
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=8fef1f8128b35e7378b8af1d9d76a731a74851c5;p=gitblit.git

Track the authentication type in the session
---

diff --git a/src/com/gitblit/Constants.java b/src/com/gitblit/Constants.java
index cd6b0709..4669c4c9 100644
--- a/src/com/gitblit/Constants.java
+++ b/src/com/gitblit/Constants.java
@@ -397,7 +397,15 @@ public class Constants {
 			return ordinal() > s.ordinal();
 		}
 	}
-	
+
+	public static enum AuthenticationType {
+		CREDENTIALS, COOKIE, CERTIFICATE;
+		
+		public boolean isStandard() {
+			return ordinal() <= COOKIE.ordinal();
+		}
+	}
+
 	@Documented
 	@Retention(RetentionPolicy.RUNTIME)
 	public @interface Unused {
diff --git a/src/com/gitblit/GitBlit.java b/src/com/gitblit/GitBlit.java
index c8deee12..6a3f98b6 100644
--- a/src/com/gitblit/GitBlit.java
+++ b/src/com/gitblit/GitBlit.java
@@ -75,6 +75,7 @@ import org.slf4j.LoggerFactory;
 
 import com.gitblit.Constants.AccessPermission;
 import com.gitblit.Constants.AccessRestrictionType;
+import com.gitblit.Constants.AuthenticationType;
 import com.gitblit.Constants.AuthorizationControl;
 import com.gitblit.Constants.FederationRequest;
 import com.gitblit.Constants.FederationStrategy;
@@ -107,6 +108,7 @@ import com.gitblit.utils.MetricUtils;
 import com.gitblit.utils.ObjectCache;
 import com.gitblit.utils.StringUtils;
 import com.gitblit.utils.TimeUtils;
+import com.gitblit.wicket.GitBlitWebSession;
 import com.gitblit.wicket.WicketUtils;
 
 /**
@@ -569,6 +571,8 @@ public class GitBlit implements ServletContextListener {
 		UserModel model = HttpUtils.getUserModelFromCertificate(httpRequest, checkValidity, oids);
 		if (model != null) {
 			// grab real user model and preserve certificate serial number
+			GitBlitWebSession session = GitBlitWebSession.get();
+			session.authenticationType = AuthenticationType.CERTIFICATE;
 			UserModel user = getUserModel(model.username);
 			logger.info(MessageFormat.format("{0} authenticated by client certificate from {1}",
 					user.username, httpRequest.getRemoteAddr()));
@@ -580,7 +584,11 @@ public class GitBlit implements ServletContextListener {
 		if (allowCookieAuthentication() && cookies != null && cookies.length > 0) {
 			// Grab cookie from Browser Session
 			UserModel user = authenticate(cookies);
-			return user;
+			if (user != null) {
+				GitBlitWebSession session = GitBlitWebSession.get();
+				session.authenticationType = AuthenticationType.COOKIE;
+				return user;
+			}
 		}
 		return null;
 	}
diff --git a/src/com/gitblit/wicket/GitBlitWebSession.java b/src/com/gitblit/wicket/GitBlitWebSession.java
index 015d97ad..5195a1fd 100644
--- a/src/com/gitblit/wicket/GitBlitWebSession.java
+++ b/src/com/gitblit/wicket/GitBlitWebSession.java
@@ -29,6 +29,7 @@ import org.apache.wicket.protocol.http.WebRequestCycle;
 import org.apache.wicket.protocol.http.WebSession;
 import org.apache.wicket.protocol.http.request.WebClientInfo;
 
+import com.gitblit.Constants.AuthenticationType;
 import com.gitblit.models.UserModel;
 
 public final class GitBlitWebSession extends WebSession {
@@ -45,9 +46,12 @@ public final class GitBlitWebSession extends WebSession {
 	
 	private AtomicBoolean isForking;
 	
+	public AuthenticationType authenticationType;
+	
 	public GitBlitWebSession(Request request) {
 		super(request);
 		isForking = new AtomicBoolean();
+		authenticationType = AuthenticationType.CREDENTIALS;
 	}
 
 	public void invalidate() {