2 files changed, 3 insertions, 14 deletions

diff --git a/src/main/java/com/gitblit/manager/AuthenticationManager.java b/src/main/java/com/gitblit/manager/AuthenticationManager.java
index 0d7e9274..49787631 100644
--- a/src/main/java/com/gitblit/manager/AuthenticationManager.java
+++ b/src/main/java/com/gitblit/manager/AuthenticationManager.java
@@ -204,7 +204,7 @@ public class AuthenticationManager implements IAuthenticationManager {
 		// Check if this request has already been authenticated, and trust that instead of re-processing
 		String reqAuthUser = (String) httpRequest.getAttribute(Constants.ATTRIB_AUTHUSER);
 		if (!StringUtils.isEmpty(reqAuthUser)) {
-			logger.warn("Called servlet authenticate when request is already authenticated.");
+			logger.debug("Called servlet authenticate when request is already authenticated.");
 			return userManager.getUserModel(reqAuthUser);
 		}
 
diff --git a/src/main/java/com/gitblit/servlet/RpcFilter.java b/src/main/java/com/gitblit/servlet/RpcFilter.java
index 34474d55..355bcb96 100644
--- a/src/main/java/com/gitblit/servlet/RpcFilter.java
+++ b/src/main/java/com/gitblit/servlet/RpcFilter.java
@@ -128,7 +128,7 @@ public class RpcFilter extends AuthenticationFilter {
 				return;

 			} else {

 				// check user access for request

-				if (user.canAdmin() || canAccess(user, requestType)) {

+				if (user.canAdmin() || !adminRequest) {

 					// authenticated request permitted.

 					// pass processing to the restricted servlet.

 					newSession(authenticatedRequest, httpResponse);

@@ -153,15 +153,4 @@ public class RpcFilter extends AuthenticationFilter {
 		// pass processing to the restricted servlet.

 		chain.doFilter(authenticatedRequest, httpResponse);

 	}

-

-	private boolean canAccess(UserModel user, RpcRequest requestType) {

-		switch (requestType) {

-		case GET_PROTOCOL:

-			return true;

-		case LIST_REPOSITORIES:

-			return true;

-		default:

-			return user.canAdmin();

-		}

-	}

-}
\ No newline at end of file
+}