Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-13 00:45:44 +01:00
Code Issues Packages Projects Releases Activity

improve remember me

Browse Source
This commit is contained in:
Sebastian Sdorra
2013-04-24 08:33:32 +02:00
parent a71472d909
commit 2e7e4c457a
11 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scm-core/src/main/java/sonia/scm/repository/PermissionUtil.java
View File

@@ -183,7 +183,7 @@ public final class PermissionUtil
Subject subject = SecurityUtils.getSubject(); Subject subject = SecurityUtils.getSubject();
if (subject.isAuthenticated()) if (subject.isAuthenticated() || subject.isRemembered())
{ {
String username = subject.getPrincipal().toString(); String username = subject.getPrincipal().toString();

2
scm-core/src/main/java/sonia/scm/util/SecurityUtil.java
View File

@@ -87,7 +87,7 @@ public final class SecurityUtil
{ {
Subject subject = SecurityUtils.getSubject(); Subject subject = SecurityUtils.getSubject();
if (!subject.isAuthenticated()) if (!subject.hasRole(Role.USER))
{ {
throw new ScmSecurityException("user is not authenticated"); throw new ScmSecurityException("user is not authenticated");
} }

3
scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java
View File

@@ -65,6 +65,7 @@ import javax.servlet.FilterChain;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import sonia.scm.security.Role;
/** /**
* Abstract http filter to check repository permissions. * Abstract http filter to check repository permissions.
@@ -255,7 +256,7 @@ public abstract class PermissionFilter extends HttpFilter
private void sendAccessDenied(HttpServletResponse response, Subject subject) private void sendAccessDenied(HttpServletResponse response, Subject subject)
throws IOException throws IOException
{ {
if (subject.isAuthenticated()) if (subject.hasRole(Role.USER))
{ {
response.sendError(HttpServletResponse.SC_FORBIDDEN); response.sendError(HttpServletResponse.SC_FORBIDDEN);
} }

4
scm-plugin-backend/src/main/java/sonia/scm/plugin/rest/SubjectWrapper.java
View File

@@ -73,7 +73,7 @@ public class SubjectWrapper
{ {
String name; String name;
if (subject.isAuthenticated()) if (subject.isAuthenticated() || subject.isRemembered())
{ {
name = (String) subject.getPrincipal(); name = (String) subject.getPrincipal();
} }
@@ -104,7 +104,7 @@ public class SubjectWrapper
*/ */
public boolean isAuthenticated() public boolean isAuthenticated()
{ {
return subject.isAuthenticated(); return subject.isAuthenticated() || subject.isRemembered();
} }
//~--- fields --------------------------------------------------------------- //~--- fields ---------------------------------------------------------------

2
scm-samples/scm-sample-hello/src/main/java/sample/hello/HelloResource.java
View File

@@ -66,7 +66,7 @@ public class HelloResource
Subject subject = SecurityUtils.getSubject(); Subject subject = SecurityUtils.getSubject();
String displayName = "Unknown"; String displayName = "Unknown";
if (subject.isAuthenticated()) if (subject.isAuthenticated() || subject.isRemembered())
{ {
displayName = displayName =
subject.getPrincipals().oneByType(User.class).getDisplayName(); subject.getPrincipals().oneByType(User.class).getDisplayName();

3
scm-webapp/src/main/java/sonia/scm/api/rest/resources/ChangePasswordResource.java
View File

@@ -65,6 +65,7 @@ import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException; import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import sonia.scm.security.Role;
/** /**
* *
@@ -137,7 +138,7 @@ public class ChangePasswordResource
Response response = null; Response response = null;
Subject subject = SecurityUtils.getSubject(); Subject subject = SecurityUtils.getSubject();
if (!subject.isAuthenticated()) if (!subject.hasRole(Role.USER))
{ {
throw new ScmSecurityException("user is not authenticated"); throw new ScmSecurityException("user is not authenticated");
} }

7
scm-webapp/src/main/java/sonia/scm/filter/SecurityFilter.java
View File

@@ -111,7 +111,7 @@ public class SecurityFilter extends HttpFilter
chain.doFilter(new SecurityHttpServletRequestWrapper(request, chain.doFilter(new SecurityHttpServletRequestWrapper(request,
getUser(subject)), response); getUser(subject)), response);
} }
else if (subject.isAuthenticated()) else if (subject.isAuthenticated() || subject.isRemembered())
{ {
response.sendError(HttpServletResponse.SC_FORBIDDEN); response.sendError(HttpServletResponse.SC_FORBIDDEN);
} }
@@ -142,8 +142,7 @@ public class SecurityFilter extends HttpFilter
*/ */
protected boolean hasPermission(Subject subject) protected boolean hasPermission(Subject subject)
{ {
return ((configuration != null) return ((configuration != null) && configuration.isAnonymousAccessEnabled()) || subject.isAuthenticated() || subject.isRemembered();
&& configuration.isAnonymousAccessEnabled()) || subject.isAuthenticated();
} }
/** /**
@@ -158,7 +157,7 @@ public class SecurityFilter extends HttpFilter
{ {
User user = null; User user = null;
if (subject.isAuthenticated()) if (subject.isAuthenticated() || subject.isRemembered())
{ {
user = subject.getPrincipals().oneByType(User.class); user = subject.getPrincipals().oneByType(User.class);
} }

3
scm-webapp/src/main/java/sonia/scm/search/SearchHandler.java
View File

@@ -55,6 +55,7 @@ import java.util.Collection;
import javax.ws.rs.WebApplicationException; import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response.Status; import javax.ws.rs.core.Response.Status;
import sonia.scm.security.Role;
/** /**
* *
@@ -112,7 +113,7 @@ public class SearchHandler<T>
{ {
Subject subject = SecurityUtils.getSubject(); Subject subject = SecurityUtils.getSubject();
if (!subject.isAuthenticated()) if (!subject.hasRole(Role.USER))
{ {
throw new ScmSecurityException("Authentication is required"); throw new ScmSecurityException("Authentication is required");
} }

2
scm-webapp/src/main/java/sonia/scm/user/DefaultUserManager.java
View File

@@ -169,7 +169,7 @@ public class DefaultUserManager extends AbstractUserManager
Subject subject = SecurityUtils.getSubject(); Subject subject = SecurityUtils.getSubject();
if (!subject.isAuthenticated()) if (!subject.hasRole(Role.USER))
{ {
throw new ScmSecurityException("user is not authenticated"); throw new ScmSecurityException("user is not authenticated");
} }

2
scm-webapp/src/main/java/sonia/scm/web/security/BasicSecurityContext.java
View File

@@ -227,7 +227,7 @@ public class BasicSecurityContext implements WebSecurityContext
T result = null; T result = null;
Subject subject = SecurityUtils.getSubject(); Subject subject = SecurityUtils.getSubject();
if (subject.isAuthenticated()) if (subject.isAuthenticated() || subject.isRemembered())
{ {
PrincipalCollection pc = subject.getPrincipals(); PrincipalCollection pc = subject.getPrincipals();

2
scm-webapp/src/main/java/sonia/scm/web/security/DefaultAdministrationContext.java
View File

@@ -242,7 +242,7 @@ public class DefaultAdministrationContext implements AdministrationContext
{ {
String username = null; String username = null;
if (subject.isAuthenticated()) if (subject.hasRole(Role.USER))
{ {
username = principal; username = principal;
} }