[FIXED JENKINS-32197] Add paths listed by the delegate servlet contai…

…ner to the "non-authenticated" paths Improved the checking mechanism Also added "bitbucket-hook"
jenkinsci · Dec 25, 2015 · 36840af · 36840af
1 parent ea53516
commit 36840af
Showing 1 changed file with 7 additions and 10 deletions.
diff --git a/src/main/java/com/github/farmgeek4life/jenkins/negotiatesso/NegSecFilter.java b/src/main/java/com/github/farmgeek4life/jenkins/negotiatesso/NegSecFilter.java
@@ -65,8 +65,7 @@ public final class NegSecFilter extends NegotiateSecurityFilter {
     private boolean redirectEnabled = false;
     private String redirect = "yourdomain.com";
     private boolean allowLocalhost = true;
-    private String pathsNotAuthenticated = "/userContent";
-    private String pathWildCardsNotAuthenticated = "/notifyCommit"; // "/git/notifyCommit;/subversion/*/notifyCommit"
+    private final String pathsNotAuthenticated = "userContent;cli;git;jnlpJars;subversion;whoAmI;bitbucket-hook;";
 
     /**
      * Add call to advertise Jenkins headers, as appropriate.
@@ -91,15 +90,13 @@ public void doFilter(final ServletRequest request, final ServletResponse respons
 
         StringTokenizer notAuthPathsTokenizer = new StringTokenizer(pathsNotAuthenticated, ";");
         while (notAuthPathsTokenizer.hasMoreTokens()) {
-            if (requestURI.startsWith(contextPath + notAuthPathsTokenizer.nextToken())) {
-                chain.doFilter(request, response);
-                return;
+            String token = notAuthPathsTokenizer.nextToken();
+            if (token.length() < 1) {
+                continue;
             }
-        }
-
-        StringTokenizer notAuthPathWildCardsTokenizer = new StringTokenizer(pathWildCardsNotAuthenticated, ";");
-        while (notAuthPathWildCardsTokenizer.hasMoreTokens()) {
-            if (requestURI.contains(notAuthPathWildCardsTokenizer.nextToken())) {
+
+            String matchString = contextPath + "/" + token;
+            if (requestURI.equals(matchString) || requestURI.startsWith(matchString + "/")) {
                 chain.doFilter(request, response);
                 return;
             }