diff options
| author | Julien Lancelot <julien.lancelot@sonarsource.com> | 2016-06-21 14:03:15 +0200 |
|---|---|---|
| committer | Julien Lancelot <julien.lancelot@sonarsource.com> | 2016-06-29 08:39:32 +0200 |
| commit | d82358c63d0fb979fb3cc27429a42ec833dc161a (patch) | |
| tree | 0aa9f14c9def2eaf3be840009c80dfd4520fc881 /server/sonar-web | |
| parent | cd8f9c0a390181fb1bf25a6e9e3bab509dd7ebc7 (diff) | |
| download | sonarqube-d82358c63d0fb979fb3cc27429a42ec833dc161a.tar.gz sonarqube-d82358c63d0fb979fb3cc27429a42ec833dc161a.zip | |
SONAR-7763 Allow authentication using basic HTTP authentication in Java
Diffstat (limited to 'server/sonar-web')
| -rw-r--r-- | server/sonar-web/src/main/webapp/WEB-INF/lib/authenticated_system.rb | 27 |
1 files changed, 1 insertions, 26 deletions
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/lib/authenticated_system.rb b/server/sonar-web/src/main/webapp/WEB-INF/lib/authenticated_system.rb index 02f70471036..c9be7f12c8a 100644 --- a/server/sonar-web/src/main/webapp/WEB-INF/lib/authenticated_system.rb +++ b/server/sonar-web/src/main/webapp/WEB-INF/lib/authenticated_system.rb @@ -8,7 +8,7 @@ module AuthenticatedSystem # Accesses the current user from the session. # Future calls avoid the database because nil is not equal to false. def current_user - @current_user ||= (login_from_java_user_session || login_from_basic_auth) unless @current_user == false + @current_user ||= login_from_java_user_session unless @current_user == false end # Store the given user @@ -124,31 +124,6 @@ module AuthenticatedSystem self.current_user = User.find_by_id(user_id) if user_id end - # Called from #current_user. Now, attempt to login by basic authentication information. - def login_from_basic_auth - authenticate_with_http_basic do |login, password| - # The access token is sent as the login of Basic authentication. To distinguish with regular logins, - # the convention is that the password is empty - if password.empty? && login.present? - # authentication by access token - token_authenticator = Java::OrgSonarServerPlatform::Platform.component(Java::OrgSonarServerUsertoken::UserTokenAuthenticator.java_class) - authenticated_login = token_authenticator.authenticate(login) - if authenticated_login.isPresent() - user = User.find_active_by_login(authenticated_login.get()) - if user - user.token_authenticated=true - result = user - end - end - else - # regular Basic authentication with login and password - result = User.authenticate(login, password, servlet_request) - end - raise Errors::AccessDenied unless login.blank? || result - self.current_user = result - end - end - # # Logout # |