From e69804d4001796a49476089bcbe8f67c3c700497 Mon Sep 17 00:00:00 2001 From: James Moger <james.moger@gmail.com> Date: Mon, 26 Oct 2015 15:09:25 -0400 Subject: [PATCH] Merge pull request #947 from paulsputer/LogUpdateForAllAuthentication --- src/main/java/com/gitblit/manager/AuthenticationManager.java | 36 ++++++++++++++++++++---------------- 1 files changed, 20 insertions(+), 16 deletions(-) diff --git a/src/main/java/com/gitblit/manager/AuthenticationManager.java b/src/main/java/com/gitblit/manager/AuthenticationManager.java index 51aa221..7e0b07b 100644 --- a/src/main/java/com/gitblit/manager/AuthenticationManager.java +++ b/src/main/java/com/gitblit/manager/AuthenticationManager.java @@ -310,15 +310,12 @@ if (values.length == 2) { String username = values[0]; char[] password = values[1].toCharArray(); - user = authenticate(username, password); + user = authenticate(username, password, httpRequest.getRemoteAddr()); if (user != null) { flagRequest(httpRequest, AuthenticationType.CREDENTIALS, user.username); logger.debug(MessageFormat.format("{0} authenticated by BASIC request header from {1}", user.username, httpRequest.getRemoteAddr())); return validateAuthentication(user, AuthenticationType.CREDENTIALS); - } else { - logger.warn(MessageFormat.format("Failed login attempt for {0}, invalid credentials from {1}", - username, httpRequest.getRemoteAddr())); } } } @@ -445,7 +442,7 @@ * @return a user object or null */ @Override - public UserModel authenticate(String username, char[] password) { + public UserModel authenticate(String username, char[] password, String remoteIP) { if (StringUtils.isEmpty(username)) { // can not authenticate empty username return null; @@ -462,22 +459,29 @@ // try local authentication if (user != null && user.isLocalAccount()) { - return authenticateLocal(user, password); - } - - // try registered external authentication providers - for (AuthenticationProvider provider : authenticationProviders) { - if (provider instanceof UsernamePasswordAuthenticationProvider) { - UserModel returnedUser = provider.authenticate(usernameDecoded, password); - if (returnedUser != null) { - // user authenticated - returnedUser.accountType = provider.getAccountType(); - return validateAuthentication(returnedUser, AuthenticationType.CREDENTIALS); + UserModel returnedUser = authenticateLocal(user, password); + if (returnedUser != null) { + // user authenticated + return returnedUser; + } + } else { + // try registered external authentication providers + for (AuthenticationProvider provider : authenticationProviders) { + if (provider instanceof UsernamePasswordAuthenticationProvider) { + UserModel returnedUser = provider.authenticate(usernameDecoded, password); + if (returnedUser != null) { + // user authenticated + returnedUser.accountType = provider.getAccountType(); + return validateAuthentication(returnedUser, AuthenticationType.CREDENTIALS); + } } } } // could not authenticate locally or with a provider + logger.warn(MessageFormat.format("Failed login attempt for {0}, invalid credentials from {1}", username, + remoteIP != null ? remoteIP : "unknown")); + return null; } -- Gitblit v1.9.1