Alon Bar-Lev has posted comments on this change. Change subject: aaa: Intorduce filters ......................................................................
Patch Set 7: (7 comments) http://gerrit.ovirt.org/#/c/28022/7/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java: Line 27: HttpServletRequest req = (HttpServletRequest) request; Line 28: HttpSession session = req.getSession(); Line 29: //If there is an attempt to perform basic authentication and there is an Line 30: //error in fetching the credentials - return UNAUTHORIZED error code Line 31: //In other cases - continue to the next filter is this comment relevant? Line 32: if (!FiltersHelper.isAuthenticated(req)) { Line 33: chain.doFilter(request, response); Line 34: String headerValue = req.getHeader("Authorization"); Line 35: if (headerValue != null && headerValue.startsWith("Basic")) { Line 31: //In other cases - continue to the next filter Line 32: if (!FiltersHelper.isAuthenticated(req)) { Line 33: chain.doFilter(request, response); Line 34: String headerValue = req.getHeader("Authorization"); Line 35: if (headerValue != null && headerValue.startsWith("Basic")) { "Basic " Line 36: String credentials = headerValue.substring("Basic".length()).trim(); Line 37: String userPass = new String(Base64.decodeBase64(credentials), Charset.defaultCharset().toString()); Line 38: String[] creds = userPass.split(":", 2); Line 39: if (creds != null && creds.length == 2) { Line 32: if (!FiltersHelper.isAuthenticated(req)) { Line 33: chain.doFilter(request, response); Line 34: String headerValue = req.getHeader("Authorization"); Line 35: if (headerValue != null && headerValue.startsWith("Basic")) { Line 36: String credentials = headerValue.substring("Basic".length()).trim(); you do not need to trim, the base64 should eat these. Line 37: String userPass = new String(Base64.decodeBase64(credentials), Charset.defaultCharset().toString()); Line 38: String[] creds = userPass.split(":", 2); Line 39: if (creds != null && creds.length == 2) { Line 40: storeCredentialsOnSession(session, creds[0], creds[1], getSeparator(creds[0])); Line 36: String credentials = headerValue.substring("Basic".length()).trim(); Line 37: String userPass = new String(Base64.decodeBase64(credentials), Charset.defaultCharset().toString()); Line 38: String[] creds = userPass.split(":", 2); Line 39: if (creds != null && creds.length == 2) { Line 40: storeCredentialsOnSession(session, creds[0], creds[1], getSeparator(creds[0])); I do not understand why you do not attempt to perform the login here... Line 41: } Line 42: } Line 43: } Line 44: chain.doFilter(request, response); Line 47: Line 48: private int getSeparator(String qualified) { Line 49: return qualified.lastIndexOf("@") != -1 Line 50: ? qualified.lastIndexOf("@") Line 51: : qualified.indexOf("\\"); what is the \\? Line 52: } Line 53: Line 54: private void storeCredentialsOnSession(HttpSession session, String qualified, String password, int index) { Line 55: boolean result = true; http://gerrit.ovirt.org/#/c/28022/7/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java: Line 17: public final static String PROFILE_KEY = "profile"; Line 18: public final static String PASSWORD_KEY = "password"; Line 19: public final static String AUTH_RECORD_KEY = "auth_record"; Line 20: public final static String UNAUTHORIZED_KEY = "unauthorized"; Line 21: public static final String SCHEMES_KEY = "schemes"; keep consistent? Line 22: } Line 23: Line 24: public static BackendLocal getBackend(Context context) { Line 25: http://gerrit.ovirt.org/#/c/28022/7/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SessionValidationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SessionValidationFilter.java: Line 47: log.debug("", ex); Line 48: } Line 49: } finally { Line 50: FiltersHelper.closeContext(ctx); Line 51: chain.doFilter(request, response); continue my previous comment... I think this should be: doFilter() { try { } finally { } chain.doFilter(request, response); } this way if you throw exception, you get automatic jboss error, and doFilter will not be called. Line 52: } Line 53: } Line 54: } Line 55: -- To view, visit http://gerrit.ovirt.org/28022 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073 Gerrit-PatchSet: 7 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com> Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
