From 6ecf3907a012f5c12c6801f0d2ffe8b4e440c209 Mon Sep 17 00:00:00 2001
From: Paul Martin <paul@paulsputer.com>
Date: Tue, 05 Apr 2016 13:48:07 -0400
Subject: [PATCH] Merge pull request #1040 from gitblit/1037-EnforcePermissionsForTickets

---
 src/main/java/com/gitblit/servlet/AccessRestrictionFilter.java |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/main/java/com/gitblit/servlet/AccessRestrictionFilter.java b/src/main/java/com/gitblit/servlet/AccessRestrictionFilter.java
index b9cb088..e1d76db 100644
--- a/src/main/java/com/gitblit/servlet/AccessRestrictionFilter.java
+++ b/src/main/java/com/gitblit/servlet/AccessRestrictionFilter.java
@@ -133,10 +133,11 @@
 	/**
 	 * Allows authentication header to be altered based on the action requested
 	 * Default is WWW-Authenticate
+	 * @param httpRequest
 	 * @param action
 	 * @return authentication type header
 	 */
-	protected String getAuthenticationHeader(String action) {
+	protected String getAuthenticationHeader(HttpServletRequest httpRequest, String action) {
 		return "WWW-Authenticate";
 	}
 	
@@ -192,7 +193,7 @@
 						logger.info(MessageFormat.format("ARF: CREATE CHALLENGE {0}", fullUrl));
 					}
 					
-					httpResponse.setHeader(getAuthenticationHeader(urlRequestType), CHALLENGE);
+					httpResponse.setHeader(getAuthenticationHeader(httpRequest, urlRequestType), CHALLENGE);
 					httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
 					return;
 				} else {
@@ -239,7 +240,7 @@
 				if (runtimeManager.isDebugMode()) {
 					logger.info(MessageFormat.format("ARF: CHALLENGE {0}", fullUrl));
 				}
-				httpResponse.setHeader(getAuthenticationHeader(urlRequestType), CHALLENGE);
+				httpResponse.setHeader(getAuthenticationHeader(httpRequest, urlRequestType), CHALLENGE);
 				httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
 				return;
 			} else {

--
Gitblit v1.9.1