Trigger basic HTTP authentication only when Basic authorization header is present (#16107).

git-svn-id: http://svn.redmine.org/redmine/trunk@12915 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Jean-Philippe Lang <jp_lang@yahoo.fr> 2014-02-22 12:09:58 +0000
committer: Jean-Philippe Lang <jp_lang@yahoo.fr> 2014-02-22 12:09:58 +0000
commit: 58ff842d34d7e93df149a6beda0f822a7b144615 (patch)
tree: 391918a2096e5f70b8d432d49aa7d0ce9d65468b /app/controllers/application_controller.rb
parent: 98e299857bc410bbd72ac61cc5f9b6d8f5a7893a (diff)
download: redmine-58ff842d34d7e93df149a6beda0f822a7b144615.tar.gz
redmine-58ff842d34d7e93df149a6beda0f822a7b144615.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index b297aa738..43257b2bf 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -119,7 +119,7 @@ class ApplicationController < ActionController::Base
       if (key = api_key_from_request)
         # Use API key
         user = User.find_by_api_key(key)
-      else
+      elsif request.authorization.to_s =~ /\ABasic /i
         # HTTP Basic, either username/password or API key/random
         authenticate_with_http_basic do |username, password|
           user = User.try_to_login(username, password) || User.find_by_api_key(username)
author	Jean-Philippe Lang <jp_lang@yahoo.fr>	2014-02-22 12:09:58 +0000
committer	Jean-Philippe Lang <jp_lang@yahoo.fr>	2014-02-22 12:09:58 +0000
commit	58ff842d34d7e93df149a6beda0f822a7b144615 (patch)
tree	391918a2096e5f70b8d432d49aa7d0ce9d65468b /app/controllers/application_controller.rb
parent	98e299857bc410bbd72ac61cc5f9b6d8f5a7893a (diff)
download	redmine-58ff842d34d7e93df149a6beda0f822a7b144615.tar.gz redmine-58ff842d34d7e93df149a6beda0f822a7b144615.zip