Alon Bar-Lev has posted comments on this change. Change subject: aaa: Extracted session management outside of AdBroker package ......................................................................
Patch Set 6: (1 comment) http://gerrit.ovirt.org/#/c/25505/6/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java File backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java: Line 177: // verify that in auto login mode , user is not taken from session. Line 178: if (curUser != null && !StringUtils.isEmpty(curPassword)) { Line 179: loginName = curUser.getLoginName(); Line 180: password = curPassword; Line 181: } wow! I thought we handled this... what about the filter authentication? this was already in place? skip login based on header/principal at session? for SSO kerberos and such? see: AuthenticationFilter Line 182: // Perform the actual authentication: Line 183: try { Line 184: passwordAuthenticator.authenticate(loginName, password); Line 185: } catch (AAAExtensionException ex) { -- To view, visit http://gerrit.ovirt.org/25505 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I82003f1b91847d3f75d99e2b02eb238ab050d62e Gerrit-PatchSet: 6 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Martin Peřina <mper...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
