summaryrefslogtreecommitdiffstats
path: root/src/main/java/com/gitblit/manager/AuthenticationManager.java
Commit message (Collapse)AuthorAgeFilesLines
* Delete password from memory in AuthenticationManagerFlorian Zschocke2020-04-051-19/+23
| | | | | | Zero out the password to remove it from memory after use. This is only a first step, implementing it for one method: `AuthenticationManager.authenticate(String, char[], String)`.
* 🦟 fix: Password hash upgrade kills existing passwordsFlorian Zschocke2020-04-051-17/+26
| | | | | | | | | | The upgrade of a MD5 stored password hash to a PBKDF password hash destroys the stored password. The has check zeroes out the password that is tested, so that the new hash is built over the zeroed out value. This fix prevents that an also adds a check to the test. Fixes #1335
* Use the new PasswordHash classes.Florian Zschocke2019-11-051-35/+22
| | | | | | Integrate the `PasswordHash` class and subclass in the user and password editing and authentication. Replaces the old code and the previous `SecurePasswordHashingUtils` class.
* fix commentMartin Spielmann2017-01-071-1/+1
|
* Update AuthenticationManager to update weakly stored passwords on loginMartin Spielmann2017-01-071-6/+35
|
* Added possibility to use secure hashes to store passwordsMartin Spielmann2017-01-011-0/+10
| | | | Addresses #1166
* Set secure user cookies and only for HTTP.Florian Zschocke2016-12-101-0/+14
| | | | | | | | | Mark the user authentication cookie to be only used for HTTP, making it inaccessible for JavaScript engines. If only HTTPS is used and no HTTP (i.e. also if HTTP is redirected to HTTPS) then mark the user cookie to be sent only over secure connections.
* Merge pull request #990 from dbywalec/authenthication-of-federation-userJames Moger2016-01-161-0/+6
|\ | | | | Fix authentication failure warning log messages for FEDERATION_USER
| * Fix authentication failure warning log messages for FEDERATION_USERDariusz Bywalec2016-01-041-0/+6
| | | | | | | | | | | | | | | | | | | | The AuthenticationManager did not encounter for FEDERATION_USER and would unnecessarily generate a lot of failure warning log messages, e.g: Failed login attempt for $gitblit, invalid credentials from XXX.XX.XX.XX A simple condition will prematurely return null bypassing the regular authentication path and immediately make the authentication be routed via FederationManager.
* | Lower log level of servlet authenticate when request is already authenticatedDariusz Bywalec2016-01-041-1/+1
|/ | | | | | | | | When calling a servlet which has already been authenticated, the server would produce a lot of superfluous log entries, e.g: Called servlet authenticate when request is already authenticated. The log level for this log entry has been lowered down to DEBUG.
* implement an HTTP header AuthenticationProviderJoel Johnson2015-12-091-2/+20
|
* Log update for Fail2Ban usagePaul Martin2015-10-251-16/+20
| | | | | + Adds standard logging for all authentication providers + Updates help page to use default GitBlit SSH port
* prevent session fixation for external authenticationJoel Johnson2015-07-141-10/+25
| | | | | + use request instead of session to flag authentication status and user, for external authentication types
* Invalid kerberos patches, works now and with a test.Fabrice Bacchella2015-05-261-0/+29
|
* A patch that allows to extract a new user informations from the HTTP sessionFabrice Bacchella2015-05-151-0/+48
| | | | if the webapp container can fill it.
* Merge branch 'ticket/129' into developJames Moger2014-09-301-16/+11
|\
| * Remove Wicket references from non-Wicket packagesJames Moger2014-09-301-16/+11
| |
* | Allow authentication providers to control user and team role changesJames Moger2014-09-261-0/+23
| |
* | Merge branch 'ticket/187' into developJames Moger2014-09-251-2/+35
|\|
| * Restrict Gitblit cookie to the context pathJames Moger2014-09-251-2/+35
| |
* | Annotate managers with @SingletonJames Moger2014-07-031-1/+3
| |
* | Use Guice annotations, not javax.inject annotationsJames Moger2014-07-031-1/+1
| |
* | Embrace @Inject for Managers, Servlets, and FiltersJames Moger2014-07-031-0/+2
|/
* Handle ssh keys as objects, not strings, and improve the ls and rm key commandsJames Moger2014-04-101-6/+6
| | | | "gitblit keys ls" now defaults to showing an indexed list of fingerprints which almost matches the output of "sshadd -l". The indexes are useful specifying key(s) to remove using "gitblit keys rm <index>". This is an important improvement for key management.
* Revise SSH public key integration with AuthenticationManagerJames Moger2014-04-101-11/+14
|
* Establish ssh keys folder, support multiple keys, revise key authenticatorJames Moger2014-04-101-1/+1
|
* SSHD: Add support for git pack commandsDavid Ostrovsky2014-04-101-0/+29
| | | | | | | | | | | Add git-upload-pack and git-receive-pack commands. Conflicts: src/main/java/com/gitblit/manager/ServicesManager.java src/main/java/com/gitblit/transport/ssh/CommandDispatcher.java src/main/java/com/gitblit/transport/ssh/SshCommandFactory.java Change-Id: I8c057b41f1dfad6d004e6aa91f96c8c673be9be2
* Fix authentication security hole with external providersJames Moger2014-03-181-29/+44
|
* Implement user "disabled" flag as an alternative to deleting the accountJames Moger2014-03-041-8/+29
|
* API adjustments and elimination of duplicate config optionsJames Moger2014-02-191-0/+7
|
* issue-361: Reset user cookie after administrative password changeJames Moger2014-01-281-26/+35
| | | | | | | Cookies were not reset on administrative password change of a user account. This allowed accounts with changed passwords to continue authenticating. Cookies are now reset on password changes, they are validated on each page request, AND they will now expire 7 days after generation.
* Fix external authentication failureJames Moger2013-12-111-2/+3
| | | | Change-Id: I0f415941a4bfd5e63d85c60613cea0c7d10cbb49
* Added filesystem write permission check (issue-345)James Moger2013-11-291-2/+2
| | | | Change-Id: I0a3aced3b8e9887347888c85e469b74fc70931ad
* Refactor managers and authentication for federationJames Moger2013-11-291-29/+1
| | | | Change-Id: I5ff18b2768095fb14e7fbece2e756115829abbde
* Refactor user services and separate authentication (issue-281)James Moger2013-11-291-0/+511
Change-Id: I336e005e02623fc5e11a4f8b4408bea5465a43fd
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-12 19:48:09 +0000