Use Guice-Servlet rather than custom code and expose the Injector
This is a fairly functional variation of Gitblit with one notable
exception:
The security filters are not working properly.
This is a design flaw in Guice that I have reported upstream [1]. The
general idea is that Guice-Servlet filters are not properly wrapping the
ServletRequest. This has historically been a problem for Guice-Servlet
servlets but Google has fixed most of those issues. Unfortunately, all
the same flaws reported against the servlet delegation also exist in
Guice-Servlet filter delegation. :(
[1]: https://code.google.com/p/google-guice/issues/detail?id=807