summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJames Moger <james.moger@gitblit.com>2015-10-05 08:12:43 -0400
committerJames Moger <james.moger@gitblit.com>2015-10-05 08:12:43 -0400
commit4e54686d9346dc33a1cffd4a06c5c4ff9945f25e (patch)
tree15345c9c555471fcacbe228fc26bac3e1c756a9e /src
parent1c261bd5fbe8f4750f17678f85f98cf101439b71 (diff)
parentbe49ef9b1b2ab0ee251085efd5930b6f99bbced9 (diff)
downloadgitblit-4e54686d9346dc33a1cffd4a06c5c4ff9945f25e.tar.gz
gitblit-4e54686d9346dc33a1cffd4a06c5c4ff9945f25e.zip
Merge branch 'topic/pr-934' into develop
Diffstat (limited to 'src')
-rw-r--r--src/main/distrib/data/defaults.properties6
-rw-r--r--src/main/java/com/gitblit/transport/ssh/SshKrbAuthenticator.java10
2 files changed, 16 insertions, 0 deletions
diff --git a/src/main/distrib/data/defaults.properties b/src/main/distrib/data/defaults.properties
index f88407f4..4606f5fc 100644
--- a/src/main/distrib/data/defaults.properties
+++ b/src/main/distrib/data/defaults.properties
@@ -154,6 +154,12 @@ git.sshKrb5Keytab =
# SINCE 1.7.0
git.sshKrb5ServicePrincipalName =
+# Strip the domain suffix from a kerberos username.
+# e.g. james@bigbox would be "james"
+#
+# SINCE 1.7.0
+git.sshKrb5StripDomain = true
+
# SSH backend NIO2|MINA.
#
# The Apache Mina project recommends using the NIO2 backend.
diff --git a/src/main/java/com/gitblit/transport/ssh/SshKrbAuthenticator.java b/src/main/java/com/gitblit/transport/ssh/SshKrbAuthenticator.java
index 4afc00fc..b6d233cf 100644
--- a/src/main/java/com/gitblit/transport/ssh/SshKrbAuthenticator.java
+++ b/src/main/java/com/gitblit/transport/ssh/SshKrbAuthenticator.java
@@ -31,6 +31,8 @@ public class SshKrbAuthenticator extends GSSAuthenticator {
protected final Logger log = LoggerFactory.getLogger(getClass());
protected final IAuthenticationManager authManager;
+ protected final boolean stripDomain;
+
public SshKrbAuthenticator(IStoredSettings settings, IAuthenticationManager authManager) {
this.authManager = authManager;
@@ -44,6 +46,8 @@ public class SshKrbAuthenticator extends GSSAuthenticator {
if(! servicePrincipalName.isEmpty()) {
setServicePrincipalName(servicePrincipalName);
}
+
+ this.stripDomain = settings.getBoolean(Keys.git.sshKrb5StripDomain, false);
}
@Override
@@ -55,6 +59,12 @@ public class SshKrbAuthenticator extends GSSAuthenticator {
return true;
}
String username = identity.toLowerCase(Locale.US);
+ if (stripDomain) {
+ int p = username.indexOf('@');
+ if (p > 0) {
+ username = username.substring(0, p);
+ }
+ }
UserModel user = authManager.authenticate(username);
if (user != null) {
client.setUser(user);