Google Git
Sign in
gerrit/plugins/download-commands/63e7cf5f24045ede2ee9e5a220e594716b2b6ce4^!/.
commit
63e7cf5f24045ede2ee9e5a220e594716b2b6ce4
[log]
author
Edwin Kempin <edwin.kempin@sap.com>
Tue Jun 30 13:58:41 2015 +0200
committer
Edwin Kempin <edwin.kempin@sap.com>
Tue Jun 30 14:11:02 2015 +0200
tree
d3e09606946cfdcd28e7954ffeb3eaa7cb049f96
parent
baa09c2e265a2b264a5fb4571e7eefda04def0c4 [diff]
Include '/a' into HttpScheme URLs to trigger authentication

There are 2 HTTP download schemes, AnonymousHttpScheme and HttpScheme.
Since HttpScheme is not anonymous its URLs should include the '/a'
prefix to trigger user authentication.

Not having the '/a' prefix may lead to problems when a part of the
project is visible to Anonymous Users. In this case authentication is
never triggered. This is because for HTTP the first request is always
anonymous and then the server must say that authentication is
required. Only then the client can send user credrentials. If a
project is (partly) visible to Anonymous Users then the first
anonymous request is always successful and authentication never
happens. If the user is not authenticated refs which are not visible
to Anonymous Users, but for which the user has read access, are not
visible.

Change-Id: Ib16b8184f590a9d9896dbf56bd9e3bbf25d57c76
Signed-off-by: Edwin Kempin <edwin.kempin@sap.com>

diff --git a/src/main/java/com/googlesource/gerrit/plugins/download/scheme/HttpScheme.java b/src/main/java/com/googlesource/gerrit/plugins/download/scheme/HttpScheme.java
index af75046..01b0293 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/download/scheme/HttpScheme.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/download/scheme/HttpScheme.java

@@ -69,6 +69,7 @@
       r.append("@");
       r.append(host);
       r.append(base.substring(s));
+      r.append("a/");
     } else {
       return null;
     }