Alon Bar-Lev has posted comments on this change. Change subject: aaa: Introduce usage of Acct ......................................................................
Patch Set 4: (1 comment) http://gerrit.ovirt.org/#/c/27070/4/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java File backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java: Line 240: return false; Line 241: } Line 242: Line 243: DirectoryUser directoryUser = AuthzUtils.mapPrincipalRecord(profile.getAuthz(), principalRecord); Line 244: AcctUtils.reportRecords(Acct.ReportReason.PRINCIPAL_LOGIN_CREDENTIALS, authRecord, null); > hmm... yes you can report result only at the end of the credentials sequence. so you should move the entire handling to one place... not sure where it belongs within this mess. it should be quite simple... negotiate login authn -> optionally put authn/principal on session if not authenticated { credentials login authn -> optionally put authn/principal on session } if not authenticated { report result access denied } perform authz report result Line 245: Line 246: Line 247: // Check that the user exists in the database, if it doesn't exist then we need to add it now: Line 248: dbUser = -- To view, visit http://gerrit.ovirt.org/27070 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ief13d233d11b7ab32b328735b4f58ec7cffff567 Gerrit-PatchSet: 4 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
