Persist cookies in ConfigUserService. Update LDAPUserService to generate cookies.

src/com/gitblit/ConfigUserService.java

@@ -64,6 +64,8 @@ public class ConfigUserService implements IUserService {
 	private static final String DISPLAYNAME = "displayName";
 	
 	private static final String EMAILADDRESS = "emailAddress";
+	
+	private static final String COOKIE = "cookie";
 
 	private static final String REPOSITORY = "repository";
 
@@ -163,11 +165,13 @@ public class ConfigUserService implements IUserService {
 	 * @return cookie value
 	 */
 	@Override
-	public char[] getCookie(UserModel model) {
+	public String getCookie(UserModel model) {
+		if (!StringUtils.isEmpty(model.cookie)) {
+			return model.cookie;
+		}
 		read();
 		UserModel storedModel = users.get(model.username.toLowerCase());
-		String cookie = StringUtils.getSHA1(model.username + storedModel.password);
-		return cookie.toCharArray();
+		return storedModel.cookie;
 	}
 
 	/**
@@ -715,6 +719,9 @@ public class ConfigUserService implements IUserService {
 			if (!StringUtils.isEmpty(model.password)) {
 				config.setString(USER, model.username, PASSWORD, model.password);
 			}
+			if (!StringUtils.isEmpty(model.cookie)) {
+				config.setString(USER, model.username, COOKIE, model.cookie);
+			}
 			if (!StringUtils.isEmpty(model.displayName)) {
 				config.setString(USER, model.username, DISPLAYNAME, model.displayName);
 			}
@@ -820,6 +827,10 @@ public class ConfigUserService implements IUserService {
 					user.password = config.getString(USER, username, PASSWORD);					
 					user.displayName = config.getString(USER, username, DISPLAYNAME);
 					user.emailAddress = config.getString(USER, username, EMAILADDRESS);
+					user.cookie = config.getString(USER, username, COOKIE);
+					if (StringUtils.isEmpty(user.cookie) && !StringUtils.isEmpty(user.password)) {
+						user.cookie = StringUtils.getSHA1(user.username + user.password);
+					}
 
 					// user roles
 					Set<String> roles = new HashSet<String>(Arrays.asList(config.getStringList(
@@ -836,7 +847,9 @@ public class ConfigUserService implements IUserService {
 
 					// update cache
 					users.put(user.username, user);
-					cookies.put(StringUtils.getSHA1(user.username + user.password), user);
+					if (!StringUtils.isEmpty(user.cookie)) {
+						cookies.put(user.cookie, user);
+					}
 				}
 
 				// load the teams

src/com/gitblit/FileUserService.java

@@ -133,13 +133,16 @@ public class FileUserService extends FileSettings implements IUserService {
 	 * @return cookie value
 	 */
 	@Override
-	public char[] getCookie(UserModel model) {
+	public String getCookie(UserModel model) {
+		if (!StringUtils.isEmpty(model.cookie)) {
+			return model.cookie;
+		}
 		Properties allUsers = super.read();
 		String value = allUsers.getProperty(model.username);
 		String[] roles = value.split(",");
 		String password = roles[0];
 		String cookie = StringUtils.getSHA1(model.username + password);
-		return cookie.toCharArray();
+		return cookie;
 	}
 
 	/**

src/com/gitblit/GitBlit.java

@@ -512,9 +512,15 @@ public class GitBlit implements ServletContextListener {
 				userCookie = new Cookie(Constants.NAME, "");
 			} else {
 				// set cookie for login
-				char[] cookie = userService.getCookie(user);
-				userCookie = new Cookie(Constants.NAME, new String(cookie));
-				userCookie.setMaxAge(Integer.MAX_VALUE);
+				String cookie = userService.getCookie(user);
+				if (StringUtils.isEmpty(cookie)) {
+					// create empty cookie
+					userCookie = new Cookie(Constants.NAME, "");
+				} else {
+					// create real cookie
+					userCookie = new Cookie(Constants.NAME, cookie);
+					userCookie.setMaxAge(Integer.MAX_VALUE);
+				}
 			}
 			userCookie.setPath("/");
 			response.addCookie(userCookie);

src/com/gitblit/GitblitUserService.java

@@ -138,7 +138,7 @@ public class GitblitUserService implements IUserService {
 	}
 
 	@Override
-	public char[] getCookie(UserModel model) {
+	public String getCookie(UserModel model) {
 		return serviceImpl.getCookie(model);
 	}
 

src/com/gitblit/IUserService.java

@@ -84,7 +84,7 @@ public interface IUserService {
 	 * @param model
 	 * @return cookie value
 	 */
-	char[] getCookie(UserModel model);
+	String getCookie(UserModel model);
 
 	/**
 	 * Authenticate a user based on their cookie.

src/com/gitblit/LdapUserService.java

@@ -27,6 +27,7 @@ import org.slf4j.LoggerFactory;
 
 import com.gitblit.models.TeamModel;
 import com.gitblit.models.UserModel;
+import com.gitblit.utils.ArrayUtils;
 import com.gitblit.utils.StringUtils;
 import com.unboundid.ldap.sdk.Attribute;
 import com.unboundid.ldap.sdk.LDAPConnection;
@@ -140,17 +141,6 @@ public class LdapUserService extends GitblitUserService {
 		return !settings.getBoolean(Keys.realm.ldap.maintainTeams, false);
 	}
 
-	/**
-	 * Does the user service support cookie authentication?
-	 * 
-	 * @return true or false
-	 */
-	@Override
-	public boolean supportsCookies() {
-		// TODO cookies need to be reviewed
-		return false;
-	}
-
 	@Override
 	public UserModel authenticate(String username, char[] password) {
 		String simpleUsername = getSimpleUsername(username);
@@ -173,8 +163,11 @@ public class LdapUserService extends GitblitUserService {
 					UserModel user = getUserModel(simpleUsername);
 					if (user == null)	// create user object for new authenticated user
 						user = new UserModel(simpleUsername);
-					
-					
+
+					// create a user cookie
+					if (StringUtils.isEmpty(user.cookie) && !ArrayUtils.isEmpty(password)) {
+						user.cookie = StringUtils.getSHA1(user.username + new String(password));
+					}
 					
 					if (!supportsTeamMembershipChanges())
 						getTeamsFromLdap(ldapConnection, simpleUsername, loggingInUser, user);

src/com/gitblit/utils/ArrayUtils.java

@@ -29,7 +29,11 @@ public class ArrayUtils {
 	public static boolean isEmpty(byte [] array) {
 		return array == null || array.length == 0;
 	}
-	
+
+	public static boolean isEmpty(char [] array) {
+		return array == null || array.length == 0;
+	}
+
 	public static boolean isEmpty(Object [] array) {
 		return array == null || array.length == 0;
 	}