Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-13 17:05:43 +01:00
Code Issues Packages Projects Releases Activity

improve remember me

Browse Source
This commit is contained in:
Sebastian Sdorra
2013-04-24 08:33:32 +02:00
parent a71472d909
commit 2e7e4c457a
11 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
scm-webapp/src/main/java/sonia/scm/api/rest/resources/ChangePasswordResource.java
View File

@@ -65,6 +65,7 @@ import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import sonia.scm.security.Role;
/**
*
@@ -137,7 +138,7 @@ public class ChangePasswordResource
Response response = null;
Subject subject = SecurityUtils.getSubject();
if (!subject.isAuthenticated())
if (!subject.hasRole(Role.USER))
{
throw new ScmSecurityException("user is not authenticated");
}

7
scm-webapp/src/main/java/sonia/scm/filter/SecurityFilter.java
View File

@@ -111,7 +111,7 @@ public class SecurityFilter extends HttpFilter
chain.doFilter(new SecurityHttpServletRequestWrapper(request,
getUser(subject)), response);
}
else if (subject.isAuthenticated())
else if (subject.isAuthenticated() || subject.isRemembered())
{
response.sendError(HttpServletResponse.SC_FORBIDDEN);
}
@@ -142,8 +142,7 @@ public class SecurityFilter extends HttpFilter
*/
protected boolean hasPermission(Subject subject)
{
return ((configuration != null)
&& configuration.isAnonymousAccessEnabled()) || subject.isAuthenticated();
return ((configuration != null) && configuration.isAnonymousAccessEnabled()) || subject.isAuthenticated() || subject.isRemembered();
}
/**
@@ -158,7 +157,7 @@ public class SecurityFilter extends HttpFilter
{
User user = null;
if (subject.isAuthenticated())
if (subject.isAuthenticated() || subject.isRemembered())
{
user = subject.getPrincipals().oneByType(User.class);
}

3
scm-webapp/src/main/java/sonia/scm/search/SearchHandler.java
View File

@@ -55,6 +55,7 @@ import java.util.Collection;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response.Status;
import sonia.scm.security.Role;
/**
*
@@ -112,7 +113,7 @@ public class SearchHandler<T>
{
Subject subject = SecurityUtils.getSubject();
if (!subject.isAuthenticated())
if (!subject.hasRole(Role.USER))
{
throw new ScmSecurityException("Authentication is required");
}

2
scm-webapp/src/main/java/sonia/scm/user/DefaultUserManager.java
View File

@@ -169,7 +169,7 @@ public class DefaultUserManager extends AbstractUserManager
Subject subject = SecurityUtils.getSubject();
if (!subject.isAuthenticated())
if (!subject.hasRole(Role.USER))
{
throw new ScmSecurityException("user is not authenticated");
}

2
scm-webapp/src/main/java/sonia/scm/web/security/BasicSecurityContext.java
View File

@@ -227,7 +227,7 @@ public class BasicSecurityContext implements WebSecurityContext
T result = null;
Subject subject = SecurityUtils.getSubject();
if (subject.isAuthenticated())
if (subject.isAuthenticated() || subject.isRemembered())
{
PrincipalCollection pc = subject.getPrincipals();

2
scm-webapp/src/main/java/sonia/scm/web/security/DefaultAdministrationContext.java
View File

@@ -242,7 +242,7 @@ public class DefaultAdministrationContext implements AdministrationContext
{
String username = null;
if (subject.isAuthenticated())
if (subject.hasRole(Role.USER))
{
username = principal;
}