diff --git a/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/repository/GitUtil.java b/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/repository/GitUtil.java
index 6dd4996b47..29ebf9d6e7 100644
--- a/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/repository/GitUtil.java
+++ b/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/repository/GitUtil.java
@@ -36,6 +36,7 @@ package sonia.scm.repository;
 //~--- non-JDK imports --------------------------------------------------------
 
 import com.google.common.annotations.VisibleForTesting;
+import com.google.common.base.Strings;
 import com.google.common.collect.ArrayListMultimap;
 import com.google.common.collect.Multimap;
 
@@ -66,9 +67,12 @@ import sonia.scm.util.Util;
 import java.io.File;
 import java.io.IOException;
 
+import java.util.Locale;
 import java.util.Map;
 import java.util.concurrent.TimeUnit;
 
+import javax.servlet.http.HttpServletRequest;
+
 /**
  *
  * @author Sebastian Sdorra
@@ -94,6 +98,9 @@ public final class GitUtil
   /** Field description */
   private static final String DIRECTORY_REFS = "refs";
 
+  /** Field description */
+  private static final String HEADER_USERAGENT = "User-Agent";
+
   /** Field description */
   private static final String PREFIX_HEADS = "refs/heads/";
 
@@ -109,6 +116,9 @@ public final class GitUtil
   /** Field description */
   private static final int TIMEOUT = 5;
 
+  /** Field description */
+  private static final String USERAGENT_GIT = "git/";
+
   /** the logger for GitUtil */
   private static final Logger logger = LoggerFactory.getLogger(GitUtil.class);
 
@@ -652,6 +662,20 @@ public final class GitUtil
     return name;
   }
 
+  /**
+   * Returns true if the request comes from a git client.
+   *
+   *
+   * @param request servlet request
+   *
+   * @return true if the client is git
+   */
+  public static boolean isGitClient(HttpServletRequest request)
+  {
+    return Strings.nullToEmpty(request.getHeader(HEADER_USERAGENT)).toLowerCase(
+      Locale.ENGLISH).startsWith(USERAGENT_GIT);
+  }
+
   /**
    * Method description
    *
diff --git a/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitBasicAuthenticationFilter.java b/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitBasicAuthenticationFilter.java
new file mode 100644
index 0000000000..b69ce418c4
--- /dev/null
+++ b/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitBasicAuthenticationFilter.java
@@ -0,0 +1,109 @@
+/**
+ * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer. 2. Redistributions in
+ * binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution. 3. Neither the name of SCM-Manager;
+ * nor the names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.web;
+
+//~--- non-JDK imports --------------------------------------------------------
+
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
+
+import org.eclipse.jgit.http.server.GitSmartHttpTools;
+
+import sonia.scm.config.ScmConfiguration;
+import sonia.scm.repository.GitUtil;
+import sonia.scm.web.filter.AutoLoginModule;
+import sonia.scm.web.filter.BasicAuthenticationFilter;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import java.io.IOException;
+
+import java.util.Set;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ */
+@Singleton
+public class GitBasicAuthenticationFilter extends BasicAuthenticationFilter
+{
+
+  /** Field description */
+  private static final String MESSAGE_FAILED_AUTHENTICATION =
+    "Invalid username or password.";
+
+  //~--- constructors ---------------------------------------------------------
+
+  /**
+   * Constructs ...
+   *
+   *
+   * @param configuration
+   * @param autoLoginModules
+   */
+  @Inject
+  public GitBasicAuthenticationFilter(ScmConfiguration configuration,
+    Set<AutoLoginModule> autoLoginModules)
+  {
+    super(configuration, autoLoginModules);
+  }
+
+  //~--- methods --------------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @param request
+   * @param response
+   *
+   * @throws IOException
+   */
+  @Override
+  protected void sendFailedAuthenticationError(HttpServletRequest request,
+    HttpServletResponse response)
+    throws IOException
+  {
+    if (GitUtil.isGitClient(request))
+    {
+      GitSmartHttpTools.sendError(request, response,
+        HttpServletResponse.SC_FORBIDDEN, MESSAGE_FAILED_AUTHENTICATION);
+    }
+    else
+    {
+      super.sendFailedAuthenticationError(request, response);
+    }
+  }
+}
diff --git a/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitPermissionFilter.java b/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitPermissionFilter.java
index c277c0cf7f..88c6f52d21 100644
--- a/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitPermissionFilter.java
+++ b/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitPermissionFilter.java
@@ -38,13 +38,19 @@ package sonia.scm.web;
 import com.google.inject.Inject;
 import com.google.inject.Singleton;
 
+import org.eclipse.jgit.http.server.GitSmartHttpTools;
+
+import sonia.scm.config.ScmConfiguration;
+import sonia.scm.repository.GitUtil;
 import sonia.scm.repository.RepositoryProvider;
 import sonia.scm.web.filter.ProviderPermissionFilter;
 
 //~--- JDK imports ------------------------------------------------------------
 
+import java.io.IOException;
+
 import javax.servlet.http.HttpServletRequest;
-import sonia.scm.config.ScmConfiguration;
+import javax.servlet.http.HttpServletResponse;
 
 /**
  *
@@ -66,24 +72,52 @@ public class GitPermissionFilter extends ProviderPermissionFilter
   /** Field description */
   public static final String URI_REF_INFO = "/info/refs";
 
+  /** Field description */
+  private static final String MESSAGE_NOT_ENOUGH_PRIVILEGES =
+    "You do not have enough access privileges for this operation.";
+
   //~--- constructors ---------------------------------------------------------
 
   /**
    * Constructs ...
    *
-   *
-   *
-   * @param securityContextProvider
+   * @param configuration
    * @param repositoryProvider
    */
   @Inject
-  public GitPermissionFilter(
-          ScmConfiguration configuration,
-          RepositoryProvider repositoryProvider)
+  public GitPermissionFilter(ScmConfiguration configuration,
+    RepositoryProvider repositoryProvider)
   {
     super(configuration, repositoryProvider);
   }
 
+  //~--- methods --------------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @param request
+   * @param response
+   *
+   * @throws IOException
+   */
+  @Override
+  protected void sendNotEnoughPrivilegesError(HttpServletRequest request,
+    HttpServletResponse response)
+    throws IOException
+  {
+    if (GitUtil.isGitClient(request))
+    {
+      GitSmartHttpTools.sendError(request, response,
+        HttpServletResponse.SC_FORBIDDEN, MESSAGE_NOT_ENOUGH_PRIVILEGES);
+    }
+    else
+    {
+      super.sendNotEnoughPrivilegesError(request, response);
+    }
+  }
+
   //~--- get methods ----------------------------------------------------------
 
   /**
@@ -100,8 +134,8 @@ public class GitPermissionFilter extends ProviderPermissionFilter
     String uri = request.getRequestURI();
 
     return uri.endsWith(URI_RECEIVE_PACK)
-           || (uri.endsWith(URI_REF_INFO)
-               && PARAMETER_VALUE_RECEIVE.equals(
-                   request.getParameter(PARAMETER_SERVICE)));
+      || (uri.endsWith(URI_REF_INFO)
+        && PARAMETER_VALUE_RECEIVE.equals(
+          request.getParameter(PARAMETER_SERVICE)));
   }
 }
diff --git a/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitServletModule.java b/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitServletModule.java
index fd7300817b..fdb1ae52d9 100644
--- a/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitServletModule.java
+++ b/scm-plugins/scm-git-plugin/src/main/java/sonia/scm/web/GitServletModule.java
@@ -40,7 +40,6 @@ import com.google.inject.servlet.ServletModule;
 import org.eclipse.jgit.transport.ScmTransportProtocol;
 
 import sonia.scm.plugin.ext.Extension;
-import sonia.scm.web.filter.BasicAuthenticationFilter;
 
 /**
  *
@@ -68,7 +67,7 @@ public class GitServletModule extends ServletModule
     bind(ScmTransportProtocol.class);
 
     // serlvelts and filters
-    filter(PATTERN_GIT).through(BasicAuthenticationFilter.class);
+    filter(PATTERN_GIT).through(GitBasicAuthenticationFilter.class);
     filter(PATTERN_GIT).through(GitPermissionFilter.class);
     serve(PATTERN_GIT).with(ScmGitServlet.class);
   }