Set AuthMethod on every request not just initial login

The WebSession needs the current authentication method all of the time, not just during an initial login. Change-Id: I54a442d6e525fdf4fa5b4675dfcaa2aacb4ab44c
2012-06-19 18:19:38 -07:00
parent ead5078200
commit ec689b4b80
4 changed files with 12 additions and 4 deletions
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/CacheBasedWebSession.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/CacheBasedWebSession.java
@@ -93,6 +93,7 @@ public final class CacheBasedWebSession implements WebSession {
      key = null;
      val = null;
    }
    authMethod = isSignedIn() ? AuthMethod.COOKIE : AuthMethod.NONE;
    if (isSignedIn() && val.needsCookieRefresh()) {
      // Cookie is more than half old. Send the cookie again to the
@@ -166,9 +167,10 @@ public final class CacheBasedWebSession implements WebSession {
  }
  /** Set the user account for this current request only. */
-  public void setUserAccountId(Account.Id id) {
+  public void setUserAccountId(Account.Id id, AuthMethod method) {
    key = new Key("id:" + id);
    val = new Val(id, 0, false, null, "", 0);
    authMethod = method;
  }
  public void logout() {
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ContainerAuthFilter.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ContainerAuthFilter.java
@@ -19,6 +19,7 @@ import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
 import com.google.gerrit.server.account.AccountCache;
 import com.google.gerrit.server.account.AccountState;
 import com.google.gerrit.server.account.AuthMethod;
 import com.google.gerrit.server.config.GerritServerConfig;
 import com.google.inject.Inject;
 import com.google.inject.Provider;
@@ -99,7 +100,9 @@ class ContainerAuthFilter implements Filter {
      rsp.sendError(SC_UNAUTHORIZED);
      return false;
    }
-    session.get().setUserAccountId(who.getAccount().getId());
+    session.get().setUserAccountId(
        who.getAccount().getId(),
        AuthMethod.PASSWORD);
    return true;
  }
 }
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectDigestFilter.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/ProjectDigestFilter.java
@@ -22,6 +22,7 @@ import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
 import com.google.gerrit.server.account.AccountCache;
 import com.google.gerrit.server.account.AccountState;
 import com.google.gerrit.server.account.AuthMethod;
 import com.google.gerrit.server.config.CanonicalWebUrl;
 import com.google.gerrit.server.config.GerritServerConfig;
 import com.google.gwtjsonrpc.server.SignedToken;
@@ -164,7 +165,9 @@ class ProjectDigestFilter implements Filter {
    if (expect.equals(response)) {
      try {
        if (tokens.checkToken(nonce, "") != null) {
-          session.get().setUserAccountId(who.getAccount().getId());
+          session.get().setUserAccountId(
              who.getAccount().getId(),
              AuthMethod.PASSWORD);
          return true;
        } else {
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/WebSession.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/WebSession.java
@@ -40,7 +40,7 @@ public interface WebSession {
  public void setAccessPath(AccessPath path);
  /** Set the user account for this current request only. */
-  public void setUserAccountId(Account.Id id);
+  public void setUserAccountId(Account.Id id, AuthMethod method);
  public void logout();
 }