From 2445d4b2b80671bdcefbd4ed81f394a5249ee13d Mon Sep 17 00:00:00 2001
From: mereth <mereth78@gmail.com>
Date: Mon, 18 Aug 2014 19:13:37 -0400
Subject: [PATCH] fix misstyped passwords leaked in log files with redmine auth provider

---
 src/main/java/com/gitblit/auth/WindowsAuthProvider.java |    8 +++++---
 1 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/main/java/com/gitblit/auth/WindowsAuthProvider.java b/src/main/java/com/gitblit/auth/WindowsAuthProvider.java
index 93cae04..ac15b28 100644
--- a/src/main/java/com/gitblit/auth/WindowsAuthProvider.java
+++ b/src/main/java/com/gitblit/auth/WindowsAuthProvider.java
@@ -158,9 +158,11 @@
        		groupNames.add(group.getFqn());
         }
 
-        if (groupNames.contains("BUILTIN\\Administrators")) {
-        	// local administrator
-        	user.canAdmin = true;
+       	if (settings.getBoolean(Keys.realm.windows.permitBuiltInAdministrators, true)) {
+       		if (groupNames.contains("BUILTIN\\Administrators")) {
+       			// local administrator
+       			user.canAdmin = true;
+       		}
         }
 
         // TODO consider mapping Windows groups to teams

--
Gitblit v1.9.1