merge changes from branch 1.x

2025-11-11 07:55:47 +01:00 · 2014-02-18 21:25:29 +01:00
parent 81be1ef4ec 32fa25a322
commit ffc12f2fa1
16 changed files with 306 additions and 43 deletions
--- a/scm-core/src/main/java/sonia/scm/config/ScmConfiguration.java
+++ b/scm-core/src/main/java/sonia/scm/config/ScmConfiguration.java
@@ -42,6 +42,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import sonia.scm.event.ScmEventBus;
+import sonia.scm.util.HttpUtil;
 import sonia.scm.xml.XmlSetStringAdapter;

 //~--- JDK imports ------------------------------------------------------------
@@ -114,6 +115,7 @@ public class ScmConfiguration
   */
  public void load(ScmConfiguration other)
  {
+    this.realmDescription = other.realmDescription;
    this.dateFormat = other.dateFormat;
    this.pluginUrl = other.pluginUrl;
    this.anonymousAccessEnabled = other.anonymousAccessEnabled;
@@ -129,6 +131,7 @@ public class ScmConfiguration
    this.baseUrl = other.baseUrl;
    this.disableGroupingGrid = other.disableGroupingGrid;
    this.enableRepositoryArchive = other.enableRepositoryArchive;
+    this.skipFailedAuthenticators = other.skipFailedAuthenticators;
    this.loginAttemptLimit = other.loginAttemptLimit;
    this.loginAttemptLimitTimeout = other.loginAttemptLimitTimeout;
  }
@@ -287,6 +290,18 @@ public class ScmConfiguration
    return proxyUser;
  }

+  /**
+   * Returns the realm description.
+   *
+   *
+   * @return realm description
+   */
+  public String getRealmDescription()
+  {
+    return realmDescription;
+  }
+
+
  /**
   * Returns true if the anonymous access to the SCM-Manager is enabled.
   *
@@ -343,6 +358,19 @@ public class ScmConfiguration
    return forceBaseUrl;
  }

+  /**
+   * Returns true if failed authenticators are skipped.
+   *
+   *
+   * @return true if failed authenticators are skipped
+   * 
+   * @since 1.36
+   */
+  public boolean isSkipFailedAuthenticators()
+  {
+    return skipFailedAuthenticators;
+  }
+
  //~--- set methods ----------------------------------------------------------

  /**
@@ -544,6 +572,30 @@ public class ScmConfiguration
    this.proxyUser = proxyUser;
  }

+  /**
+   * Sets the realm description.
+   *
+   *
+   * @param realmDescription
+   */
+  public void setRealmDescription(String realmDescription)
+  {
+    this.realmDescription = realmDescription;
+  }
+
+  /**
+   * If set to true the authentication chain is not stopped, if an 
+   * authenticator finds the user but fails to authenticate the user.
+   *
+   * @param skipFailedAuthenticators true to skip failed authenticators
+   * 
+   * @since 1.36
+   */
+  public void setSkipFailedAuthenticators(boolean skipFailedAuthenticators)
+  {
+    this.skipFailedAuthenticators = skipFailedAuthenticators;
+  }
+
  //~--- fields ---------------------------------------------------------------

  /** Field description */
@@ -572,21 +624,6 @@ public class ScmConfiguration
  @XmlElement(name = "login-attempt-limit")
  private int loginAttemptLimit = -1;

-  /**
-   * Login attempt timeout.
-   *
-   * @since 1.34
-   */
-  @XmlElement(name = "login-attempt-limit-timeout")
-  private long loginAttemptLimitTimeout = TimeUnit.MINUTES.toSeconds(5l);
-
-  /** Field description */
-  private boolean enableProxy = false;
-
-  /** Field description */
-  @XmlElement(name = "plugin-url")
-  private String pluginUrl = DEFAULT_PLUGINURL;
-
  /** glob patterns for urls which are excluded from proxy */
  @XmlElement(name = "proxy-excludes")
  @XmlJavaTypeAdapter(XmlSetStringAdapter.class)
@@ -604,6 +641,36 @@ public class ScmConfiguration
  /** Field description */
  private String proxyUser;

+  /**
+   * Skip failed authenticators.
+   *
+   * @since 1.36
+   */
+  @XmlElement(name = "skip-failed-authenticators")
+  private boolean skipFailedAuthenticators = false;
+
+  /** Field description */
+  @XmlElement(name = "plugin-url")
+  private String pluginUrl = DEFAULT_PLUGINURL;
+
+  /**
+   * Login attempt timeout.
+   *
+   * @since 1.34
+   */
+  @XmlElement(name = "login-attempt-limit-timeout")
+  private long loginAttemptLimitTimeout = TimeUnit.MINUTES.toSeconds(5l);
+
+  /** Field description */
+  private boolean enableProxy = false;
+
+  /**
+   *
+   * Authentication realm for basic authentication.
+   *
+   */
+  private String realmDescription = HttpUtil.AUTHENTICATION_REALM;
+
  /** Field description */
  private boolean enableRepositoryArchive = false;

--- a/scm-core/src/main/java/sonia/scm/util/HttpUtil.java
+++ b/scm-core/src/main/java/sonia/scm/util/HttpUtil.java
@@ -416,7 +416,7 @@ public final class HttpUtil
    throws IOException
  {

-    sendUnauthorized(null, response);
+    sendUnauthorized(null, response, AUTHENTICATION_REALM);
  }

  /**
@@ -427,17 +427,50 @@ public final class HttpUtil
   * @param response http response
   *
   * @throws IOException
-   *
-   * @since 1.19
   */
  public static void sendUnauthorized(HttpServletRequest request,
    HttpServletResponse response)
    throws IOException
+  {
+    sendUnauthorized(request, response, AUTHENTICATION_REALM);
+  }
+
+  /**
+   * Send an unauthorized header back to the client
+   *
+   *
+   * @param response - the http response
+   * @param realmDescription - realm description
+   *
+   * @throws IOException
+   */
+  public static void sendUnauthorized(HttpServletResponse response, String realmDescription)
+    throws IOException
+  {
+    sendUnauthorized(null, response, realmDescription);
+  }
+
+  /**
+   * Send an unauthorized header back to the client
+   *
+   *
+   * @param request http request
+   * @param response http response
+   * @param realmDescription realm description
+   *
+   * @throws IOException
+   *
+   * @since 1.19
+   */
+  public static void sendUnauthorized(HttpServletRequest request,
+    HttpServletResponse response,
+    String realmDescription)
+    throws IOException
  {
    if ((request == null) ||!isWUIRequest(request))
    {
      response.setHeader(HEADER_WWW_AUTHENTICATE,
-        "Basic realm=\"".concat(AUTHENTICATION_REALM).concat("\""));
+        "Basic realm=\"".concat(realmDescription).concat("\""));

    }
    else if (logger.isTraceEnabled())
--- a/scm-core/src/main/java/sonia/scm/web/filter/BasicAuthenticationFilter.java
+++ b/scm-core/src/main/java/sonia/scm/web/filter/BasicAuthenticationFilter.java
@@ -203,7 +203,7 @@ public class BasicAuthenticationFilter extends AutoLoginFilter

    if (Strings.isNullOrEmpty(authentication))
    {
-      HttpUtil.sendUnauthorized(request, response);
+      HttpUtil.sendUnauthorized(request, response, configuration.getRealmDescription());
    }
    else
    {
--- a/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java
+++ b/scm-core/src/main/java/sonia/scm/web/filter/PermissionFilter.java
@@ -245,7 +245,7 @@ public abstract class PermissionFilter extends HttpFilter
    }
    else
    {
-      HttpUtil.sendUnauthorized(response);
+      HttpUtil.sendUnauthorized(response, configuration.getRealmDescription());
    }
  }