Disallow credential changes for container authenticated sessions

author: James Moger <james.moger@gitblit.com> 2013-06-17 15:57:45 -0400
committer: James Moger <james.moger@gitblit.com> 2013-06-17 15:57:45 -0400
commit: 2f64a2810e14fb990fb7333d257864e67d49acd8 (patch)
tree: df3c55f9794bc4a0587231c663e8d1ca8b1c7090
parent: 9b54923f4ee5411966016f91224e4f4f545f1416 (diff)
download: gitblit-2f64a2810e14fb990fb7333d257864e67d49acd8.tar.gz
gitblit-2f64a2810e14fb990fb7333d257864e67d49acd8.zip
1 files changed, 9 insertions, 1 deletions
diff --git a/src/main/java/com/gitblit/GitBlit.java b/src/main/java/com/gitblit/GitBlit.java
index 25ffaba8..ef739780 100644
--- a/src/main/java/com/gitblit/GitBlit.java
+++ b/src/main/java/com/gitblit/GitBlit.java
@@ -681,7 +681,15 @@ public class GitBlit implements ServletContextListener {
 	 * @return true if the user service supports credential changes
 	 */
 	public boolean supportsCredentialChanges(UserModel user) {
-		return (user != null && user.isLocalAccount()) || userService.supportsCredentialChanges();
+		if (user == null) {
+			return false;
+		} else if (!Constants.EXTERNAL_ACCOUNT.equals(user.password)) {
+			// credentials likely maintained by Gitblit
+			return userService.supportsCredentialChanges();
+		} else {
+			// credentials are externally maintained
+			return false;
+		}
 	}
 
 	/**
author	James Moger <james.moger@gitblit.com>	2013-06-17 15:57:45 -0400
committer	James Moger <james.moger@gitblit.com>	2013-06-17 15:57:45 -0400
commit	2f64a2810e14fb990fb7333d257864e67d49acd8 (patch)
tree	df3c55f9794bc4a0587231c663e8d1ca8b1c7090
parent	9b54923f4ee5411966016f91224e4f4f545f1416 (diff)
download	gitblit-2f64a2810e14fb990fb7333d257864e67d49acd8.tar.gz gitblit-2f64a2810e14fb990fb7333d257864e67d49acd8.zip