diff options
-rw-r--r-- | distrib/gitblit.properties | 6 | ||||
-rw-r--r-- | docs/04_releases.mkd | 1 | ||||
-rw-r--r-- | src/com/gitblit/EnforceAuthenticationFilter.java | 26 |
3 files changed, 26 insertions, 7 deletions
diff --git a/distrib/gitblit.properties b/distrib/gitblit.properties index 80790d30..ba4fa2c7 100644 --- a/distrib/gitblit.properties +++ b/distrib/gitblit.properties @@ -440,6 +440,12 @@ fanout.connectionLimit = 0 # RESTART REQUIRED
web.authenticateViewPages = false
+# if web.authenticateViewPages=true you may optionally require a client-side
+# basic authentication prompt instead of the standard form-based login.
+#
+# SINCE 1.3.0
+web.enforceHttpBasicAuthentication = false
+
# Require admin authentication for the admin functions and pages
#
# SINCE 0.5.0
diff --git a/docs/04_releases.mkd b/docs/04_releases.mkd index efce794d..7dd6b174 100644 --- a/docs/04_releases.mkd +++ b/docs/04_releases.mkd @@ -10,6 +10,7 @@ #### additions
+ - Option to force client-side basic authentication instead of form-based authentication if web.authenticateViewPages=true (github/furinzen)
- Optional periodic LDAP user and team pre-fetching & synchronization (github/mschaefers)
- Display name and version in Tomcat Manager (github/thefake)
- FogBugz post-receive hook script (github/djschny)
diff --git a/src/com/gitblit/EnforceAuthenticationFilter.java b/src/com/gitblit/EnforceAuthenticationFilter.java index 6dc454ce..2a17996e 100644 --- a/src/com/gitblit/EnforceAuthenticationFilter.java +++ b/src/com/gitblit/EnforceAuthenticationFilter.java @@ -1,7 +1,19 @@ -/** - * - */ -package com.gitblit; +/* + * Copyright 2013 Laurens Vrijnsen + * Copyright 2013 gitblit.com. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */package com.gitblit; import java.io.IOException; import java.text.MessageFormat; @@ -54,8 +66,8 @@ public class EnforceAuthenticationFilter implements Filter { * Determine whether to enforce the BASIC authentication: */ @SuppressWarnings("static-access") - Boolean mustForceAuth = GitBlit.self().getBoolean("web.authenticateViewPages", false) - && GitBlit.self().getBoolean("web.enforceHttpBasicAuthentication", false); + Boolean mustForceAuth = GitBlit.self().getBoolean(Keys.web.authenticateViewPages, false) + && GitBlit.self().getBoolean(Keys.web.enforceHttpBasicAuthentication, false); HttpServletRequest HttpRequest = (HttpServletRequest)request; HttpServletResponse HttpResponse = (HttpServletResponse)response; @@ -63,7 +75,7 @@ public class EnforceAuthenticationFilter implements Filter { if (mustForceAuth && (user == null)) { // not authenticated, enforce now: - logger.info(MessageFormat.format("EnforceAuthFilter: user not authenticated for URL {0}!", request.toString())); + logger.debug(MessageFormat.format("EnforceAuthFilter: user not authenticated for URL {0}!", request.toString())); @SuppressWarnings("static-access") String CHALLENGE = MessageFormat.format("Basic realm=\"{0}\"", GitBlit.self().getString("web.siteName","")); HttpResponse.setHeader("WWW-Authenticate", CHALLENGE); |