[Engine-patches] Change in ovirt-engine[master]: aaa: Intorduce filters

Sat, 24 May 2014 11:34:20 -0700 

Alon Bar-Lev has posted comments on this change.

Change subject: aaa: Intorduce filters
......................................................................


Patch Set 13:

(2 comments)

all comments from patch#7 still valid.

also, I would like to see the web.xml changes.

http://gerrit.ovirt.org/#/c/28022/13/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/RestApiSessionMgmtFilter.java
File 
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/RestApiSessionMgmtFilter.java:

Line 34:         HttpServletResponse resp = (HttpServletResponse) response;
Line 35:         boolean persistentAuth = 
"persistent-auth".equals(req.getHeader("Prefer"));
Line 36:         if (persistentAuth && req.getHeader("Authorization") != null) 
{ //No need to pass credentials again - if passed, login should be called
Line 37:             if (req.getSession(false) != null) {
Line 38:                 
req.getSession().setAttribute(FiltersHelper.Constants.AUTHENTICATED_KEY, 
"false");
can you please explain why to put false? the absent of property is a good 
marker... what is it used to?
Line 39:             }
Line 40:         }
Line 41:         chain.doFilter(request, response);
Line 42:         HttpSession session = req.getSession(false);


Line 44:             String engineSessionId =
Line 45:                     (String) 
session.getAttribute(FiltersHelper.Constants.ENGINE_SESSION_ID_KEY);
Line 46:             if (!persistentAuth) {
Line 47:                 try {
Line 48:                     InitialContext ctx = new InitialContext();
finally?
Line 49:                     VdcActionParametersBase params = new 
VdcActionParametersBase();
Line 50:                     params.setSessionId(engineSessionId);
Line 51:                     
FiltersHelper.getBackend(ctx).runAction(VdcActionType.LogoutBySession, params);
Line 52:                     session.invalidate();


-- 
To view, visit http://gerrit.ovirt.org/28022
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073
Gerrit-PatchSet: 13
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com>
Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com>
Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com>
Gerrit-Reviewer: automat...@ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: Yes
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to