[Engine-patches] Change in ovirt-engine[master]: aaa: Intorduce filters

yzaslavs Sun, 25 May 2014 03:38:17 -0700

Yair Zaslavsky has posted comments on this change.

Change subject: aaa: Intorduce filters
......................................................................



Patch Set 9:

(5 comments)

http://gerrit.ovirt.org/#/c/28022/9/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java
File 
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java:

Line 51:                 String[] creds =  new String(
Line 52:                         
Base64.decodeBase64(headerValue.substring("Basic".length())),
Line 53:                         Charset.forName("UTF-8")
Line 54:                     ).split(":", 2);
Line 55:                 handleCredentials(request, creds);
> these are the terms of basic authentication
ok
Line 56:             }
Line 57:         }
Line 58:         chain.doFilter(request, response);
Line 59:     }


Line 70:     }
Line 71: 
Line 72:     // private void handleCredentials(ServletRequest request, String 
qualified, String password, int index) {
Line 73:     private void handleCredentials(ServletRequest request, String[] 
creds) {
Line 74:         if (creds != null && creds.length == 2 && 
getSeparator(creds[0]) != -1) {
> if creds are null you should not call this function.
Done
Line 75:             int index = getSeparator(creds[0]);
Line 76:             String user = null, profileName = null;
Line 77:             if (creds[0].charAt(index) == '@') {
Line 78:                     // UPN format: user@profile


Line 88:             if (profile == null) {
Line 89:                 String msg = String.format("Error in obtaining profile 
%1$s", profileName);
Line 90:                 log.error(msg);
Line 91:                 throw new RuntimeException(msg);
Line 92:             }
> either ignore errors and continue as unauthenticated or treat errors and re
ok
Line 93: 
Line 94:             ExtMap outputMap = profile.getAuthn().invoke(new 
ExtMap().mput(
Line 95:                     Base.InvokeKeys.COMMAND,
Line 96:                     Authn.InvokeCommands.AUTHENTICATE_CREDENTIALS


http://gerrit.ovirt.org/#/c/28022/9/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/NegotiationFilter.java
File 
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/NegotiationFilter.java:

Line 54:         String capsParam = 
filterConfig.getInitParameter(CAPABILITIES_PARAMETER);
Line 55:         if (capsParam == null) {
Line 56:             caps = 0;
Line 57:         } else {
Line 58:             for (String nego : capsParam.trim().split("\\|")) {
> " *\\| *"
Done
Line 59:                 try {
Line 60:                     caps |= 
Authn.Capabilities.class.getField(nego).getInt(null);
Line 61:                 } catch (IllegalArgumentException | 
IllegalAccessException | NoSuchFieldException ex) {
Line 62:                     log.error(String.format("Error calculating authn 
capabilities while accessing constant  %1$s", nego));


http://gerrit.ovirt.org/#/c/28022/9/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SessionValidationFilter.java
File 
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SessionValidationFilter.java:

Line 40:                     httpSession.setAttribute(
Line 41:                             FiltersHelper.Constants.AUTHENTICATED_KEY,
Line 42:                             
FiltersHelper.getBackend(ctx).runPublicQuery(VdcQueryType.ValidateSession, 
parameters).getSucceeded()
Line 43:                             );
Line 44:                     FiltersHelper.closeContext(ctx);
> no... it should be:
once again, we're going back to this debate :)
InitialContext CTOR throws naming extension. where do you handle that in the 
code snippet you suggested? where is the try block that surrounds the CTOR?

Unfortunately , Context is not autoclosable :/
Line 45:                 } catch (Exception ex) {
Line 46:                     log.error(String.format("An error has occurred 
while session validation. Message is %1$s", ex.getMessage()));
Line 47:                     if (log.isDebugEnabled()) {
Line 48:                         log.debug("", ex);


-- 
To view, visit http://gerrit.ovirt.org/28022
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073
Gerrit-PatchSet: 9
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com>
Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com>
Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com>
Gerrit-Reviewer: automat...@ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: Yes
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

[Engine-patches] Change in ovirt-engine[master]: aaa: Intorduce filters

Reply via email to