From 13331ae61c7f08b4a202a531e005915147467bd8 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 19 Mar 2014 08:51:17 -0400
Subject: Exclude SSH repository urls from anonymous users

---
 src/main/java/com/gitblit/manager/ServicesManager.java | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/main/java/com/gitblit/manager')

diff --git a/src/main/java/com/gitblit/manager/ServicesManager.java b/src/main/java/com/gitblit/manager/ServicesManager.java
index 17724f2b..93121cfb 100644
--- a/src/main/java/com/gitblit/manager/ServicesManager.java
+++ b/src/main/java/com/gitblit/manager/ServicesManager.java
@@ -228,6 +228,10 @@ public class ServicesManager implements IManager {
 	}
 
 	public String getSshDaemonUrl(HttpServletRequest request, UserModel user, RepositoryModel repository) {
+		if (user == null || UserModel.ANONYMOUS.equals(user)) {
+			// SSH always requires authentication - anonymous access prohibited
+			return null;
+		}
 		if (sshDaemon != null) {
 			String bindInterface = settings.getString(Keys.git.sshBindInterface, "localhost");
 			if (bindInterface.equals("localhost")
-- 
cgit v1.2.3