Package com.gitblit.wicket

Examples of com.gitblit.wicket.GitBlitWebSession

48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
  protected GitBlitWebApp app() {
    return GitBlitWebApp.get();
  }

  private void login() {
    GitBlitWebSession session = GitBlitWebSession.get();
    if (session.isLoggedIn() && !session.isSessionInvalidated()) {
      // already have a session, refresh usermodel to pick up
      // any changes to permissions or roles (issue-186)
      UserModel user = app().users().getUserModel(session.getUser().username);

      if (user == null || user.disabled) {
        // user was deleted/disabled during session
        HttpServletResponse response = ((WebResponse) getRequestCycle().getResponse())
            .getHttpServletResponse();
        app().authentication().logout(response, user);
        session.setUser(null);
        session.invalidateNow();
        return;
      }

      // validate cookie during session (issue-361)
      if (user != null && app().settings().getBoolean(Keys.web.allowCookieAuthentication, true)) {
        HttpServletRequest request = ((WebRequest) getRequestCycle().getRequest())
            .getHttpServletRequest();
        String requestCookie = app().authentication().getCookie(request);
        if (!StringUtils.isEmpty(requestCookie) && !StringUtils.isEmpty(user.cookie)) {
          if (!requestCookie.equals(user.cookie)) {
            // cookie was changed during our session
            HttpServletResponse response = ((WebResponse) getRequestCycle().getResponse())
                .getHttpServletResponse();
            app().authentication().logout(response, user);
            session.setUser(null);
            session.invalidateNow();
            return;
          }
        }
      }
      session.setUser(user);
      return;
    }

    // try to authenticate by servlet request
    HttpServletRequest httpRequest = ((WebRequest) getRequestCycle().getRequest())
        .getHttpServletRequest();
    UserModel user = app().authentication().authenticate(httpRequest);

    // Login the user
    if (user != null) {
      // issue 62: fix session fixation vulnerability
      session.replaceSession();
      session.setUser(user);

      // Set Cookie
      WebResponse response = (WebResponse) getRequestCycle().getResponse();
      app().authentication().setCookie(response.getHttpServletResponse(), user);

      session.continueRequest();
    }
  }
View Full Code Here
91
92
93
94
95
96
97
98
99
100
101
102
    String restriction = app().settings().getString(Keys.git.defaultAccessRestriction, "PUSH");
    model.accessRestriction = AccessRestrictionType.fromName(restriction);
    String authorization = app().settings().getString(Keys.git.defaultAuthorizationControl, null);
    model.authorizationControl = AuthorizationControl.fromName(authorization);

    GitBlitWebSession session = GitBlitWebSession.get();
    UserModel user = session.getUser();
    if (user != null && user.canCreate() && !user.canAdmin()) {
      // personal create permissions, inject personal repository path
      model.name = user.getPersonalPath() + "/";
      model.projectPath = user.getPersonalPath();
      model.addOwner(user.username);
View Full Code Here
142
143
144
145
146
147
148
149
150
151
152
153
    final List<RegistrantAccessPermission> repositoryUsers = new ArrayList<RegistrantAccessPermission>();
    final List<RegistrantAccessPermission> repositoryTeams = new ArrayList<RegistrantAccessPermission>();
    List<String> preReceiveScripts = new ArrayList<String>();
    List<String> postReceiveScripts = new ArrayList<String>();

    GitBlitWebSession session = GitBlitWebSession.get();
    final UserModel user = session.getUser() == null ? UserModel.ANONYMOUS : session.getUser();
    final boolean allowEditName = isCreate || isAdmin || repositoryModel.isUsersPersonalRepository(user.username);

    if (isCreate) {
      if (user.canAdmin()) {
        super.setupPage(getString("gb.newRepository"), "");
View Full Code Here
626
627
628
629
630
631
632
633
634
635
636
637
   */
  private void checkPermissions(RepositoryModel model) {
    boolean authenticateAdmin = app().settings().getBoolean(Keys.web.authenticateAdminPages, true);
    boolean allowAdmin = app().settings().getBoolean(Keys.web.allowAdministration, true);

    GitBlitWebSession session = GitBlitWebSession.get();
    UserModel user = session.getUser();

    if (allowAdmin) {
      if (authenticateAdmin) {
        if (user == null) {
          // No Login Available
View Full Code Here
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
  }

  private void loginUser(UserModel user) {
    if (user != null) {
      // Set the user into the session
      GitBlitWebSession session = GitBlitWebSession.get();
      // issue 62: fix session fixation vulnerability
      session.replaceSession();
      session.setUser(user);

      // Set Cookie
      if (app().settings().getBoolean(Keys.web.allowCookieAuthentication, false)) {
        WebResponse response = (WebResponse) getRequestCycle().getResponse();
        app().authentication().setCookie(response.getHttpServletResponse(), user);
      }

      if (!session.continueRequest()) {
        PageParameters params = getPageParameters();
        if (params == null) {
          // redirect to this page
          setResponsePage(getClass());
        } else {
View Full Code Here
568
569
570
571
572
573
574
575
576
577
578
579
    public UserMenu(String id, String markupId, MarkupContainer markupProvider) {
      super(id, markupId, markupProvider);
      setRenderBodyOnly(true);

      GitBlitWebSession session = GitBlitWebSession.get();
      UserModel user = session.getUser();
      boolean editCredentials = app().authentication().supportsCredentialChanges(user);
      boolean standardLogin = session.authenticationType.isStandard();

      if (app().settings().getBoolean(Keys.web.allowGravatar, true)) {
        add(new GravatarImage("username", user, "navbarGravatar", 20, false));
View Full Code Here
23
24
25
26
27
28
29
30
31
32
33
34
35
36
public class LogoutPage extends BasePage {

  public LogoutPage() {
    super();
    GitBlitWebSession session = GitBlitWebSession.get();
    UserModel user = session.getUser();
    app().authentication().logout(((WebResponse) getResponse()).getHttpServletResponse(), user);
    session.invalidate();

    /*
     * Now check whether the authentication was realized via the Authorization in the header.
     * If so, it is likely to be cached by the browser, and cannot be undone. Effectively, this means
     * that you cannot log out...
View Full Code Here
344
345
346
347
348
349
350
351
352
  protected void flagWicketSession(AuthenticationType authenticationType) {
    RequestCycle requestCycle = RequestCycle.get();
    if (requestCycle != null) {
      // flag the Wicket session, if this is a Wicket request
      GitBlitWebSession session = GitBlitWebSession.get();
      session.authenticationType = authenticationType;
    }
  }
View Full Code Here
454
455
456
457
458
459
460
461
462
463
464
   * @param user
   */
  @Override
  public void setCookie(HttpServletResponse response, UserModel user) {
    if (settings.getBoolean(Keys.web.allowCookieAuthentication, true)) {
      GitBlitWebSession session = GitBlitWebSession.get();
      boolean standardLogin = session.authenticationType.isStandard();

      if (standardLogin) {
        Cookie userCookie;
        if (user == null) {
View Full Code Here
101
102
103
104
105
106
107
108
109
110
111
112
    String restriction = app().settings().getString(Keys.git.defaultAccessRestriction, "PUSH");
    model.accessRestriction = AccessRestrictionType.fromName(restriction);
    String authorization = app().settings().getString(Keys.git.defaultAuthorizationControl, null);
    model.authorizationControl = AuthorizationControl.fromName(authorization);

    GitBlitWebSession session = GitBlitWebSession.get();
    UserModel user = session.getUser();
    if (user != null && user.canCreate() && !user.canAdmin()) {
      // personal create permissions, inject personal repository path
      model.name = user.getPersonalPath() + "/";
      model.projectPath = user.getPersonalPath();
      model.addOwner(user.username);
View Full Code Here
TOP

Related Classes of com.gitblit.wicket.GitBlitWebSession

  • com.gitblit.manager.AuthenticationManager
  • com.gitblit.wicket.pages.EditRepositoryPage
  • com.gitblit.wicket.pages.ForkPage
  • com.gitblit.wicket.pages.LogoutPage
  • com.gitblit.wicket.pages.RawPage
  • com.gitblit.wicket.pages.RootPage
  • com.gitblit.wicket.pages.RootPage$UserMenu
  • com.gitblit.wicket.pages.SessionPage
  • com.gitblit.wicket.panels.RepositoryNamePanel
  • org.apache.wicket.PageParameters
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.