fix login bug with enabled anonymous access

2025-11-11 07:55:47 +01:00 · 2011-01-13 20:26:20 +01:00
parent f9dcf08f31
commit f7b9803b20
1 changed files with 35 additions and 34 deletions
--- a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
@@ -41,6 +41,7 @@ import com.google.inject.Singleton;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import sonia.scm.SCMContext;
 import sonia.scm.ScmState;
 import sonia.scm.Type;
 import sonia.scm.repository.RepositoryManager;
@@ -78,6 +79,40 @@ public class AuthenticationResource

  //~--- methods --------------------------------------------------------------

+  /**
+   * Method description
+   *
+   *
+   * @param request
+   * @param response
+   * @param username
+   * @param password
+   *
+   * @return
+   */
+  @POST
+  @Path("login")
+  public ScmState authenticate(@Context HttpServletRequest request,
+                               @Context HttpServletResponse response,
+                               @FormParam("username") String username,
+                               @FormParam("password") String password)
+  {
+    ScmState state = null;
+    User user = securityContext.authenticate(request, response, username,
+                  password);
+
+    if ((user != null) &&!SCMContext.USER_ANONYMOUS.equals(user.getName()))
+    {
+      state = new ScmState(securityContext, repositoryManger.getTypes());
+    }
+    else
+    {
+      throw new WebApplicationException(Response.Status.UNAUTHORIZED);
+    }
+
+    return state;
+  }
+
  /**
   * Method description
   *
@@ -112,40 +147,6 @@ public class AuthenticationResource

  //~--- get methods ----------------------------------------------------------

-  /**
-   * Method description
-   *
-   *
-   * @param request
-   * @param response
-   * @param username
-   * @param password
-   *
-   * @return
-   */
-  @POST
-  @Path("login")
-  public ScmState getState(@Context HttpServletRequest request,
-                           @Context HttpServletResponse response,
-                           @FormParam("username") String username,
-                           @FormParam("password") String password)
-  {
-    ScmState state = null;
-    User user = securityContext.authenticate(request, response, username,
-                  password);
-
-    if (user != null)
-    {
-      state = new ScmState(securityContext, repositoryManger.getTypes());
-    }
-    else
-    {
-      throw new WebApplicationException(Response.Status.UNAUTHORIZED);
-    }
-
-    return state;
-  }
-
  /**
   * Method description
   *