Alon Bar-Lev has posted comments on this change. Change subject: aaa: Intorduce filters ......................................................................
Patch Set 9: (4 comments) http://gerrit.ovirt.org/#/c/28022/9/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java: Line 51: String[] creds = new String( Line 52: Base64.decodeBase64(headerValue.substring("Basic".length())), Line 53: Charset.forName("UTF-8") Line 54: ).split(":", 2); Line 55: handleCredentials(request, creds); > well, not sure if the correct term for the first part of creds is "user". a these are the terms of basic authentication the fact that we parse the "user" into "our domain" and "our user" is irrelevant at this point. Line 56: } Line 57: } Line 58: chain.doFilter(request, response); Line 59: } Line 66: } else if (userNameFormat == UserNameFormat.RESTAPI_SPECIFIC && qualified.indexOf("@") == -1) { Line 67: result = qualified.indexOf("\\"); Line 68: } Line 69: return result; Line 70: } > copy & paste of logic from REST-API code that i still need to remove. i can please do not copy & paste legacy while you create something new. Line 71: Line 72: // private void handleCredentials(ServletRequest request, String qualified, String password, int index) { Line 73: private void handleCredentials(ServletRequest request, String[] creds) { Line 74: if (creds != null && creds.length == 2 && getSeparator(creds[0]) != -1) { Line 88: if (profile == null) { Line 89: String msg = String.format("Error in obtaining profile %1$s", profileName); Line 90: log.error(msg); Line 91: throw new RuntimeException(msg); Line 92: } > Well, I cannot login if profile == null. either ignore errors and continue as unauthenticated or treat errors and return http error, but be consistent. Line 93: Line 94: ExtMap outputMap = profile.getAuthn().invoke(new ExtMap().mput( Line 95: Base.InvokeKeys.COMMAND, Line 96: Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS http://gerrit.ovirt.org/#/c/28022/9/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SessionValidationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SessionValidationFilter.java: Line 40: httpSession.setAttribute( Line 41: FiltersHelper.Constants.AUTHENTICATED_KEY, Line 42: FiltersHelper.getBackend(ctx).runPublicQuery(VdcQueryType.ValidateSession, parameters).getSucceeded() Line 43: ); Line 44: FiltersHelper.closeContext(ctx); > if in finally - the code will be no... it should be: InitialContext ctx = new InitialContext(); try { } finally { ctx.close(); } Line 45: } catch (Exception ex) { Line 46: log.error(String.format("An error has occurred while session validation. Message is %1$s", ex.getMessage())); Line 47: if (log.isDebugEnabled()) { Line 48: log.debug("", ex); -- To view, visit http://gerrit.ovirt.org/28022 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073 Gerrit-PatchSet: 9 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com> Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
