Google Git
Sign in
gerrit / gerrit / 0185d428db3beb86cb4f23cc3f152cfe4b4b5808
commit0185d428db3beb86cb4f23cc3f152cfe4b4b5808[log] [tgz]
authorShawn O. Pearce <sop@google.com>Wed Nov 14 10:55:26 2012 -0800
committerShawn O. Pearce <sop@google.com>Thu Nov 15 23:36:49 2012 -0800
tree91b6388189b0898860d46e4cad6f05323b8824c9
parentf7d96cbb03cbef11dcb52cdbc7d9454868946d4a [diff]
Enable specific AccessPaths based on authentication

If the authentication method permits an AccessPath, add it to the
WebSession as a permitted path. Downstream from authentication a
CurrentUser can change its access path based on the entry point of
the request, allowing RefControl to make decisions around this as
expected, without running into the race condition of making user
before the real access method can be determined.

This allows authentication systems to decide on their own if the
REST_API was sufficiently protected from a potentially evil script.

Change-Id: Iefbe6745421f5f438bc06e2e4578a7207718b9a5
18 files changed
tree: 91b6388189b0898860d46e4cad6f05323b8824c9
  1. contrib/
  2. Documentation/
  3. gerrit-antlr/
  4. gerrit-cache-h2/
  5. gerrit-common/
  6. gerrit-extension-api/
  7. gerrit-gwtdebug/
  8. gerrit-gwtui/
  9. gerrit-httpd/
  10. gerrit-launcher/
  11. gerrit-main/
  12. gerrit-openid/
  13. gerrit-package-plugins/
  14. gerrit-patch-commonsnet/
  15. gerrit-patch-jgit/
  16. gerrit-pgm/
  17. gerrit-plugin-api/
  18. gerrit-plugin-archetype/
  19. gerrit-plugin-gwt-archetype/
  20. gerrit-plugin-gwtui/
  21. gerrit-plugin-js-archetype/
  22. gerrit-prettify/
  23. gerrit-reviewdb/
  24. gerrit-server/
  25. gerrit-sshd/
  26. gerrit-util-cli/
  27. gerrit-util-ssl/
  28. gerrit-war/
  29. ReleaseNotes/
  30. tools/
  31. .gitignore
  32. COPYING
  33. INSTALL
  34. pom.xml
  35. SUBMITTING_PATCHES