Alon Bar-Lev has posted comments on this change. Change subject: aaa: Intorduce filters ......................................................................
Patch Set 8: (4 comments) http://gerrit.ovirt.org/#/c/28022/8/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java: Line 23: public class BasicAuthenticationFilter implements Filter { Line 24: Line 25: private static enum UserNameFormat { Line 26: UPN, Line 27: DOWN_LEVEL_LOGON_NAME > I have found this on microsoft site. yes as our application supports the xxx@profile notation. the exception is only restapi. windows should have nothing to do with it. Line 28: }; Line 29: Line 30: private static Log log = LogFactory.getLog(BasicAuthenticationFilter.class); Line 31: private UserNameFormat userNameFormat; Line 62: Line 63: private int getSeparator(String qualified) { Line 64: int result = -1; Line 65: if (userNameFormat == UserNameFormat.UPN && qualified.indexOf("\\") == -1) { Line 66: result = qualified.lastIndexOf("@"); > not sure if i understand, at previous round you told me to check for the do yes and no... :) for example if user enters DOMAIN1\user1@profile2 this is valid account for Windows using SAM Account. now... you claim that the following should also be accepted by the restapi: profile2\DOMAIN1\user1 ok... I see I was confused... the profile is at beginning... Line 67: } else if (userNameFormat == UserNameFormat.DOWN_LEVEL_LOGON_NAME && qualified.indexOf("@") == -1) { Line 68: result = qualified.lastIndexOf("\\"); Line 69: } Line 70: return result; http://gerrit.ovirt.org/#/c/28022/8/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java: Line 37: Line 38: public static boolean isAuthenticated(HttpServletRequest request) { Line 39: HttpSession session = request.getSession(false); Line 40: return session != null && session.getAttribute(Constants.AUTHENTICATED_KEY) != null Line 41: && (boolean) session.getAttribute(Constants.AUTHENTICATED_KEY); > I store boolean and not string here, but of course I can change this. it works for Boolean as well.... check it out. Line 42: } Line 43: http://gerrit.ovirt.org/#/c/28022/8/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java File backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java: > I'm not against that. ok, although it will make review easier.... as now I cannot understand what actually happens at every stage. Line 1: package org.ovirt.engine.core.bll; Line 2: Line 3: import java.text.ParseException; Line 4: import java.text.SimpleDateFormat; -- To view, visit http://gerrit.ovirt.org/28022 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073 Gerrit-PatchSet: 8 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com> Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
