From 99063821d5281d3b30af99b953bf654311d327cd Mon Sep 17 00:00:00 2001
From: Sebastian Sdorra <sebastian.sdorra@cloudogu.com>
Date: Sun, 17 Feb 2013 13:59:00 +0100
Subject: [PATCH] protect mustache resources

---
 .../src/main/java/sonia/scm/ScmSecurityModule.java | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/scm-webapp/src/main/java/sonia/scm/ScmSecurityModule.java b/scm-webapp/src/main/java/sonia/scm/ScmSecurityModule.java
index 50d3184b3a..68c1c5eefe 100644
--- a/scm-webapp/src/main/java/sonia/scm/ScmSecurityModule.java
+++ b/scm-webapp/src/main/java/sonia/scm/ScmSecurityModule.java
@@ -30,14 +30,19 @@
  */
 
 
+
 package sonia.scm;
 
 //~--- non-JDK imports --------------------------------------------------------
 
+import com.google.inject.name.Names;
+
 import org.apache.shiro.guice.web.ShiroWebModule;
 
 import sonia.scm.security.ScmRealm;
 
+import static org.apache.shiro.guice.web.ShiroWebModule.ROLES;
+
 //~--- JDK imports ------------------------------------------------------------
 
 import javax.servlet.ServletContext;
@@ -69,6 +74,15 @@ public class ScmSecurityModule extends ShiroWebModule
   @Override
   protected void configureShiroWeb()
   {
+
+    // bind realm
     bindRealm().to(ScmRealm.class);
+
+    // bind constant
+    bindConstant().annotatedWith(Names.named("shiro.loginUrl")).to(
+      "/index.html");
+
+    // disable access to mustache resources
+    addFilterChain("/**.mustache", config(ROLES, "nobody"));
   }
 }