Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2026-01-26 09:19:12 +01:00
Code Issues Packages Projects Releases Activity

Fix hg anonymous access by sending authenticate header

Browse Source 
If anonymous access is enabled and read requests are granted
to hg repositories for the anonymous user, write requests
fail also for users with write requests, because no
authentication header has been sent along with the 401.
This fixes this issue in the default cgi servlet.
This commit is contained in:
René Pfeuffer
2023-05-19 12:11:08 +02:00
committed by Konstantin Schaper
parent 01bff1ce95
commit 30affae76d
2 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
gradle/changelog/hg_anonymous_mode.yaml Normal file
View File

@@ -0,0 +1,2 @@
- type: fixed
description: Broken HG write access when anonymous users have read access

7
scm-webapp/src/main/java/sonia/scm/web/cgi/DefaultCGIExecutor.java
View File

@@ -36,6 +36,7 @@ import org.slf4j.LoggerFactory;
import sonia.scm.SCMContext;
import sonia.scm.config.ScmConfiguration;
import sonia.scm.security.Authentications;
import sonia.scm.util.HttpUtil;
import sonia.scm.util.IOUtil;
import sonia.scm.util.SystemUtil;
@@ -444,7 +445,11 @@ public class DefaultCGIExecutor extends AbstractCGIExecutor
if (status < 304) {
response.setStatus(status);
} else {
response.sendError(status);
if (status == 401 && Authentications.isAuthenticatedSubjectAnonymous()) {
HttpUtil.sendUnauthorized(response, configuration.getRealmDescription());
} else {
response.sendError(status);
}
}
}