diff options
Diffstat (limited to 'java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java')
-rw-r--r-- | java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java b/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java index ca780d0a9d..7fcd4f8de9 100644 --- a/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java +++ b/java/com/google/gerrit/httpd/ProjectBasicAuthFilter.java @@ -22,6 +22,7 @@ import com.google.common.base.MoreObjects; import com.google.common.base.Strings; import com.google.common.flogger.FluentLogger; import com.google.common.io.BaseEncoding; +import com.google.gerrit.common.Nullable; import com.google.gerrit.entities.Account; import com.google.gerrit.extensions.client.GitBasicAuthPolicy; import com.google.gerrit.extensions.registration.DynamicItem; @@ -144,7 +145,7 @@ class ProjectBasicAuthFilter implements Filter { if (gitBasicAuthPolicy == GitBasicAuthPolicy.HTTP || gitBasicAuthPolicy == GitBasicAuthPolicy.HTTP_LDAP) { if (PasswordVerifier.checkPassword(who.externalIds(), username, password)) { - return succeedAuthentication(who); + return succeedAuthentication(who, null); } } @@ -157,11 +158,11 @@ class ProjectBasicAuthFilter implements Filter { try { AuthResult whoAuthResult = accountManager.authenticate(whoAuth); - setUserIdentified(whoAuthResult.getAccountId()); + setUserIdentified(whoAuthResult.getAccountId(), whoAuthResult); return true; } catch (NoSuchUserException e) { if (PasswordVerifier.checkPassword(who.externalIds(), username, password)) { - return succeedAuthentication(who); + return succeedAuthentication(who, null); } logger.atWarning().withCause(e).log(authenticationFailedMsg(username, req)); rsp.sendError(SC_UNAUTHORIZED); @@ -183,8 +184,8 @@ class ProjectBasicAuthFilter implements Filter { } } - private boolean succeedAuthentication(AccountState who) { - setUserIdentified(who.account().id()); + private boolean succeedAuthentication(AccountState who, @Nullable AuthResult whoAuthResult) { + setUserIdentified(who.account().id(), whoAuthResult); return true; } @@ -201,11 +202,15 @@ class ProjectBasicAuthFilter implements Filter { return String.format("Authentication from %s failed for %s", req.getRemoteAddr(), username); } - private void setUserIdentified(Account.Id id) { + private void setUserIdentified(Account.Id id, @Nullable AuthResult whoAuthResult) { WebSession ws = session.get(); ws.setUserAccountId(id); ws.setAccessPathOk(AccessPath.GIT, true); ws.setAccessPathOk(AccessPath.REST_API, true); + + if (whoAuthResult != null) { + ws.login(whoAuthResult, false); + } } private String encoding(HttpServletRequest req) { |