Integrate pull-request #76: enforce HTTP Basic authentication
diff --git a/distrib/gitblit.properties b/distrib/gitblit.properties
index 80790d3..ba4fa2c 100644
--- a/distrib/gitblit.properties
+++ b/distrib/gitblit.properties
@@ -440,6 +440,12 @@
# RESTART REQUIRED
web.authenticateViewPages = false
+# if web.authenticateViewPages=true you may optionally require a client-side
+# basic authentication prompt instead of the standard form-based login.
+#
+# SINCE 1.3.0
+web.enforceHttpBasicAuthentication = false
+
# Require admin authentication for the admin functions and pages
#
# SINCE 0.5.0
diff --git a/docs/04_releases.mkd b/docs/04_releases.mkd
index efce794..7dd6b17 100644
--- a/docs/04_releases.mkd
+++ b/docs/04_releases.mkd
@@ -10,6 +10,7 @@
#### additions
+ - Option to force client-side basic authentication instead of form-based authentication if web.authenticateViewPages=true (github/furinzen)
- Optional periodic LDAP user and team pre-fetching & synchronization (github/mschaefers)
- Display name and version in Tomcat Manager (github/thefake)
- FogBugz post-receive hook script (github/djschny)
diff --git a/src/com/gitblit/EnforceAuthenticationFilter.java b/src/com/gitblit/EnforceAuthenticationFilter.java
index 6dc454c..2a17996 100644
--- a/src/com/gitblit/EnforceAuthenticationFilter.java
+++ b/src/com/gitblit/EnforceAuthenticationFilter.java
@@ -1,7 +1,19 @@
-/**
- *
- */
-package com.gitblit;
+/*
+ * Copyright 2013 Laurens Vrijnsen
+ * Copyright 2013 gitblit.com.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */package com.gitblit;
import java.io.IOException;
import java.text.MessageFormat;
@@ -54,8 +66,8 @@
* Determine whether to enforce the BASIC authentication:
*/
@SuppressWarnings("static-access")
- Boolean mustForceAuth = GitBlit.self().getBoolean("web.authenticateViewPages", false)
- && GitBlit.self().getBoolean("web.enforceHttpBasicAuthentication", false);
+ Boolean mustForceAuth = GitBlit.self().getBoolean(Keys.web.authenticateViewPages, false)
+ && GitBlit.self().getBoolean(Keys.web.enforceHttpBasicAuthentication, false);
HttpServletRequest HttpRequest = (HttpServletRequest)request;
HttpServletResponse HttpResponse = (HttpServletResponse)response;
@@ -63,7 +75,7 @@
if (mustForceAuth && (user == null)) {
// not authenticated, enforce now:
- logger.info(MessageFormat.format("EnforceAuthFilter: user not authenticated for URL {0}!", request.toString()));
+ logger.debug(MessageFormat.format("EnforceAuthFilter: user not authenticated for URL {0}!", request.toString()));
@SuppressWarnings("static-access")
String CHALLENGE = MessageFormat.format("Basic realm=\"{0}\"", GitBlit.self().getString("web.siteName",""));
HttpResponse.setHeader("WWW-Authenticate", CHALLENGE);
