Google Git
Sign in
gerrit / gerrit / 742a046fd07bc7227f7db44f29eeefc9f4a3cb2f
commit742a046fd07bc7227f7db44f29eeefc9f4a3cb2f[log] [tgz]
authorShawn Pearce <sop@google.com>Mon Mar 11 12:46:51 2013 -0700
committerShawn Pearce <sop@google.com>Mon Mar 11 12:46:51 2013 -0700
tree282ec0d7c413203888c713c5620523d14e226c66
parent353e384e9e77d73ce22712a585396a18becd47ba [diff]
Move RPC auth token from Authorization header to X-Gerrit-Auth

Servers that run with auth.type = HTTP or HTTP_LDAP are unable to
use the web UI because the Authorization code supplied by the UI
overrides the browser's native Authorization header and causes the
request to be blocked at the HTTP reverse proxy, before Gerrit even
sees the request.

Instead insert a unique token into X-Gerrit-Auth, leaving the HTTP
standard Authorization header unspecified and available for use in
HTTP reverse proxies.

Bug: issue 1743
Change-Id: Ice143405dc4d59ade56a6e4a385a4a0995e347ff
8 files changed
tree: 282ec0d7c413203888c713c5620523d14e226c66
  1. contrib/
  2. Documentation/
  3. gerrit-acceptance-tests/
  4. gerrit-antlr/
  5. gerrit-cache-h2/
  6. gerrit-common/
  7. gerrit-extension-api/
  8. gerrit-gwtdebug/
  9. gerrit-gwtui/
  10. gerrit-httpd/
  11. gerrit-launcher/
  12. gerrit-main/
  13. gerrit-openid/
  14. gerrit-package-plugins/
  15. gerrit-patch-commonsnet/
  16. gerrit-patch-jgit/
  17. gerrit-pgm/
  18. gerrit-plugin-api/
  19. gerrit-plugin-archetype/
  20. gerrit-plugin-gwt-archetype/
  21. gerrit-plugin-gwtui/
  22. gerrit-plugin-js-archetype/
  23. gerrit-prettify/
  24. gerrit-reviewdb/
  25. gerrit-server/
  26. gerrit-sshd/
  27. gerrit-util-cli/
  28. gerrit-util-ssl/
  29. gerrit-war/
  30. ReleaseNotes/
  31. tools/
  32. .gitignore
  33. COPYING
  34. INSTALL
  35. pom.xml
  36. SUBMITTING_PATCHES