Set secure session cookies when redirecting from HTTP to HTTPS.
So far for session cookies the secure property was only set when no
HTTP port was opened. This changes to also set it when HTTP is redirected
to the HTTPS port.
Support serving repositories over the SSH transport
Gitblit would greatly benefit from an integrated SSH server. This would
complete the transport trifecta.
Change-Id: I6fb95abe65655fa74d47ea71522d8d9a1541450c
Define manager interfaces and update all of Gitblit to use managers
These manager interfaces define how the GitBlit singleton will
eventually be split into smaller component managers. The Wicket app and
all servlets have been updated to request the needed managers. There
are _very_ few method signature changes - although there are a handful.
This is a surgical sharding of responsibility based on a proof of
concept refactor. Instead of random references to GittBlit.self()
there are now precise references to the manager interface required to
accomplish some task. Some tasks may require references to multiple
managers.
The code is now littered with calls to GitBlit.getManager(class) and
those familiar with the code-base will no doubt notice the duplication
of methods from IUserService in IUserManager and the addition of
implementation methods in the GitBlit context class. When the
GitBlit class is broken apart and the existing external authentication
user service classes are refactored to AuthenticationService classes,
this will again simplify and flatten. But in order to safely and
cleanly modularize the stable code-base we will have to live with a
little duplication for a short while.
Change-Id: I7314ec8acaab2dcc6092785ed4434cc09fdbbe16
Reorganized to Apache Standard Directory Layout & integrated Moxie
This is a massive commit which reorganizes the entire project structure
(although it is still monolithic), removes the Build classes, and
switches to Moxie, a smarter Ant build tookit based on the original
Gitblit Build classes.
The Ant build script will likely require additional fine-tuning, but
this is big step forward.
Migrated to JUnit4-style tests.
Replaced assertTrue with assertEquals where appropriate.
Start Gitblit instance with dedicated unit testing settings file and
user service.
Integrated RPC, Federation, and Git servlet unit tests into suite.
If an object id was not specified Gitblit used HEAD to perform the
operation. This breaks under some conditions like working with a
repository that does not have any commits on master but does have
commits on a vcs-import branch.
The new approach is to centralize the resolution of unspecified object
ids to a common method which resolves HEAD first but uses the most
recently modified branch if HEAD points to nothing.
This commit also includes a non-functional method for creating an empty
branch. I couldn't figure out how to make JGit create an orphaned
branch.
* Build script overhaul including building & publishing GO, WAR, Docs,
and Site.
* Restored JGit 0.12.1 dependency and backported Blame. Got tired of
waiting for JGit 1.0.0 Maven artifacts.
* Changed Summary Page layout
* Optional cookie authentication
* Added icons for log, tags, and branches panels.
* Show last commit author and short message on branches panel.
* Unit testing.
* Documentation.
Reorganization of resources. Dropped most hard-coded webapp
configuration in favor of common web.xml file. Still contemplating
configuring git servlet from web.xml too.
Added AccessRestrictionFilter and simplified authentication.
Replaced servlet container basic authentication with a custom servlet
filter which performs the same function. The advantage to this is
that the servlet container is now divorced from the webapp.
The login service (realm) also simplified a great deal and removes its
Jetty dependencies.
Additionally, the basic authorization pop-up will be displayed as
needed based on the repository's access restriction. This was
necessary for view-restricted repositories with the RSS feature. Its
also necessary for completely open repositories as before it would
prompt for credentials.
Improved feed syndication feature.