Google Git
Sign in
gerrit / gerrit / e143def387ec426dd96ab9ea359dd8f8f2319575
commite143def387ec426dd96ab9ea359dd8f8f2319575[log] [tgz]
authorShawn O. Pearce <sop@google.com>Mon Dec 13 10:22:53 2010 -0800
committerShawn O. Pearce <sop@google.com>Mon Dec 13 10:22:53 2010 -0800
tree1638155d11c31d3cb1c2fe3ab5a35212128455b2
parent4a400e486e298996120ca60e3ca526dc93f2b1cb [diff]
Fix push over HTTP

Authentication was broken for push over HTTP when using the internal
Jetty daemon, as the ProjectQoSFilter was installed in front of the
ProjectDigestFilter and asked for the user identity in order to know
which type of queue to schedule the request onto.  This caused the
ProjectQoSFilter to always authenticate the request as ANONYMOUS,
which later caused it to reject the push because Gerrit never
permits an anonymous user to push to a project.

Moving the ProjectQoSFilter after all other filters (but just before
the servlet itself) fixes this issue.  Fortunately Guice allows
us to register the filter after the servlet, which means we just
needed to flip the order the modules are installed into the injector.

Change-Id: Ie59db01e731e4269a968f10bb5d17e94afe6518e
Signed-off-by: Shawn O. Pearce <sop@google.com>
1 file changed
tree: 1638155d11c31d3cb1c2fe3ab5a35212128455b2
  1. contrib/
  2. Documentation/
  3. gerrit-common/
  4. gerrit-gwtdebug/
  5. gerrit-gwtui/
  6. gerrit-httpd/
  7. gerrit-launcher/
  8. gerrit-main/
  9. gerrit-patch-commonsnet/
  10. gerrit-patch-jgit/
  11. gerrit-pgm/
  12. gerrit-prettify/
  13. gerrit-reviewdb/
  14. gerrit-server/
  15. gerrit-sshd/
  16. gerrit-util-cli/
  17. gerrit-util-ssl/
  18. gerrit-war/
  19. ReleaseNotes/
  20. tools/
  21. .gitignore
  22. COPYING
  23. INSTALL
  24. pom.xml
  25. SUBMITTING_PATCHES