Alon Bar-Lev has posted comments on this change. Change subject: aaa: Introducing built-in extensions module ......................................................................
Patch Set 14: (2 comments) http://gerrit.ovirt.org/#/c/25253/14/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java File backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java: Line 228: } Line 229: Line 230: Line 231: // Check that the user exists in the database, if it doesn't exist then we need to add it now: Line 232: dbUser = getDbUserDAO().getByExternalId(directory.getProfileName(), directoryUser.getId()); are you sure this is correct? the external id should be based on the directory provider. for example, if we change the authentication from user/password to header, or to kerberos, the id of the user is the same regardless how it was authenticated. it is not that serious as the profile name can remain the same even if authenticator is modified.... but still for example authenticating using openid and ldap bind to same directory should result with same user, no? Line 233: if (dbUser == null) { Line 234: dbUser = new DbUser(directoryUser); Line 235: dbUser.setId(Guid.newGuid()); Line 236: String groupIds = DirectoryUtils.getGroupIdsFromUser(directoryUser); http://gerrit.ovirt.org/#/c/25253/14/backend/manager/modules/builtin-extensions/src/main/resources/META-INF/services/org.ovirt.engine.api.extensions.Extension File backend/manager/modules/builtin-extensions/src/main/resources/META-INF/services/org.ovirt.engine.api.extensions.Extension: Line 1: org.ovirt.engine.extensions.aaa.builtin.internal.InternalAuthenticator Line 2: org.ovirt.engine.extensions.aaa.builtin.internal.InternalDirectory Line 3: org.ovirt.engine.extensions.aaa.builtin.kerberosldap.KerberosLdapDirectory Line 4: org.ovirt.engine.extensions.aaa.builtin.kerberosldap.KerberosLdapAuthenticator add the header? -- To view, visit http://gerrit.ovirt.org/25253 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: If7ea408b46548ffdad1bf56fb8ab54b68722a480 Gerrit-PatchSet: 14 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
