diff --git a/src/main/scala/gitbucket/core/servlet/GitAuthenticationFilter.scala b/src/main/scala/gitbucket/core/servlet/GitAuthenticationFilter.scala
index 1136787..7e0ba97 100644
--- a/src/main/scala/gitbucket/core/servlet/GitAuthenticationFilter.scala
+++ b/src/main/scala/gitbucket/core/servlet/GitAuthenticationFilter.scala
@@ -18,9 +18,9 @@
   private val logger = LoggerFactory.getLogger(classOf[GitAuthenticationFilter])
 
   def init(config: FilterConfig) = {}
-  
+
   def destroy(): Unit = {}
-  
+
   def doFilter(req: ServletRequest, res: ServletResponse, chain: FilterChain): Unit = {
     val request  = req.asInstanceOf[HttpServletRequest]
     val response = res.asInstanceOf[HttpServletResponse]
@@ -85,11 +85,16 @@
                   auth <- Option(request.getHeader("Authorization"))
                   Array(username, password) = AuthUtil.decodeAuthHeader(auth).split(":", 2)
                   account <- authenticate(settings, username, password)
-                } yield if (isUpdating || repository.repository.isPrivate) {
+                } yield if (isUpdating) {
                   if (hasDeveloperRole(repository.owner, repository.name, Some(account))) {
                     request.setAttribute(Keys.Request.UserName, account.userName)
                     true
                   } else false
+                } else if(repository.repository.isPrivate){
+                  if (hasGuestRole(repository.owner, repository.name, Some(account))) {
+                    request.setAttribute(Keys.Request.UserName, account.userName)
+                    true
+                  } else false
                 } else true
                 passed.getOrElse(false)
               }
@@ -114,4 +119,4 @@
 
     action()
   }
-}
\ No newline at end of file
+}