diff options
Diffstat (limited to 'gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java')
-rw-r--r-- | gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java index 5b39cb2f9e..3d9f4c8e1e 100644 --- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java +++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java @@ -18,11 +18,11 @@ import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED; import com.google.common.base.Objects; import com.google.common.base.Strings; +import com.google.gerrit.server.AccessPath; import com.google.gerrit.server.account.AccountCache; import com.google.gerrit.server.account.AccountException; import com.google.gerrit.server.account.AccountManager; import com.google.gerrit.server.account.AccountState; -import com.google.gerrit.server.account.AuthMethod; import com.google.gerrit.server.account.AuthRequest; import com.google.gerrit.server.account.AuthResult; import com.google.gerrit.server.config.AuthConfig; @@ -104,10 +104,9 @@ class ProjectBasicAuthFilter implements Filter { private boolean verify(HttpServletRequest req, Response rsp) throws IOException { final String hdr = req.getHeader(AUTHORIZATION); - if (hdr == null) { + if (hdr == null || !hdr.startsWith(LIT_BASIC)) { // Allow an anonymous connection through, or it might be using a // session cookie instead of basic authentication. - // return true; } @@ -143,8 +142,10 @@ class ProjectBasicAuthFilter implements Filter { try { AuthResult whoAuthResult = accountManager.authenticate(whoAuth); - session.get().setUserAccountId(whoAuthResult.getAccountId(), - AuthMethod.PASSWORD); + WebSession ws = session.get(); + ws.setUserAccountId(whoAuthResult.getAccountId()); + ws.setAccessPathOk(AccessPath.GIT, true); + ws.setAccessPathOk(AccessPath.REST_API, true); return true; } catch (AccountException e) { log.warn("Authentication failed for " + username, e); |