Tags: jchong-dalcomlab/gitblit
Tags
Set secure session cookies when redirecting from HTTP to HTTPS. So far for session cookies the secure property was only set when no HTTP port was opened. This changes to also set it when HTTP is redirected to the HTTPS port.
Fix user mention regular expression and group replacement. The regular expression used for user mentions used to work only inside sentences. Also, since it tested for whitespace, the whitespace would get replaced, too, which would join lines together. Instead the new regex uses boundary matchers to match against word boundaires. As these are not capturing only the actual user mention can be captured and is then replaced. Also, this way the regex can ignore punctuation like in "@jim, look at this." Since Gibtlit now requires Java 7 we can use named capture groups. This makes the use of a centrally defined regular expression much safer. The (admittedly only) group to capture the user name is named "user" and can be referenced by this name. By using the name instead of a group number, the regex could be changed without the code using it breaking because the group number changed. A simple test is added for user mentions, which unfortunately has to deal with the full markdown replacement, too. Fixes gitblit-org#985
Extend documentation in default.properties and LdapKeyManager.java.
Set list of offered SSH authentication methods. Make the SSH authentication methods used by the server configurable, so that for example password authentication can be turned off. For this, a `git.sshAuthenticationMethods` setting is added which is a space separated list of authentication method names. Only the methods listed will be enabled in the server. This is modeled after the option of the same name from sshd_config, but it does not offer listing multiple required methods. It leaves the door open, though, for a later extension to support such a multi-factor authentication. Since this also includes Kerberos authentication with GSS API, this obsoletes the `git.sshWithKrb5` property. The latter is removed. Instead, to enable Kerberos5 authentication, add the method name `gssapi-with-mic` to the authentication methods list.
PreviousNext