[Engine-patches] Change in ovirt-engine[master]: aaa: Changes at AuthenticationFilter

Thu, 24 Apr 2014 06:28:26 -0700 

Yair Zaslavsky has uploaded a new change for review.

Change subject: aaa: Changes at AuthenticationFilter
......................................................................

aaa: Changes at AuthenticationFilter

1. Handle negotiation_incomplete
2. Do not add suffix

Change-Id: Ie80504ebd4d4dbd6dd6d0ede22a379fbbe246662
topic: AAA
Signed-off-by: Yair Zaslavsky <yzasl...@redhat.com>
---
M 
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthenticationFilter.java
1 file changed, 12 insertions(+), 11 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/50/27050/1

diff --git 
a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthenticationFilter.java
 
b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthenticationFilter.java
index 7ba9b6d..c8c830a 100644
--- 
a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthenticationFilter.java
+++ 
b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthenticationFilter.java
@@ -140,22 +140,23 @@
                             )
                     );
             if 
(output.get(Authn.InvokeKeys.RESULT).equals(Authn.AuthResult.SUCCESS)) {
-                String name = new 
StringBuilder(output.<ExtMap>get(Authn.InvokeKeys.AUTH_RECORD).<String>get(Authn.AuthRecord.PRINCIPAL))
-                    .append("@")
-                    .append(profile.getName())
-                    .toString();
+                String name =
+                        output.<ExtMap> 
get(Authn.InvokeKeys.AUTH_RECORD).<String> get(Authn.AuthRecord.PRINCIPAL);
                 session.setAttribute(AUTHENTICATED_ATTR, true);
-                session.setAttribute(NAME_ATTR, name);
+                session.setAttribute(NAME_ATTR,
+                        name);
                 session.removeAttribute(STACK_ATTR);
                 req = new AuthenticatedRequestWrapper(req, name);
                 chain.doFilter(req, rsp);
-                return;
-            }
 
-            // The negotiation finished, but the authentication failed, so we 
need to clear the current authenticator
-            // from the stack and try with the next one:
-            stack.pop();
-            session.setAttribute(STACK_ATTR, stack);
+            } else if 
(!output.get(Authn.InvokeKeys.RESULT).equals(Authn.AuthResult.NEGOTIATION_INCOMPLETE))
+            {
+                // The negotiation finished, but the authentication failed, so 
we need to clear the current
+                // authenticator
+                // from the stack and try with the next one:
+                stack.pop();
+                session.setAttribute(STACK_ATTR, stack);
+            }
         }
 
         // If we are here then there are no more authenticators to try so we 
need to invalidate the session and reject


-- 
To view, visit http://gerrit.ovirt.org/27050
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ie80504ebd4d4dbd6dd6d0ede22a379fbbe246662
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to