Yair Zaslavsky has posted comments on this change. Change subject: aaa: Intorduce filters ......................................................................
Patch Set 21: (2 comments) http://gerrit.ovirt.org/#/c/28022/21/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java: Line 107: ) Line 108: ); Line 109: if (outputMap.<Integer> get(Base.InvokeKeys.RESULT) == Base.InvokeResult.SUCCESS && Line 110: outputMap.<Integer> get(Authn.InvokeKeys.RESULT) == Authn.AuthResult.SUCCESS) { Line 111: request.getSession(true); IMHO this should be the place the session should be created if doesn't exist. If auth here fails, similar should be after successful BLL login at login filter. Thoughts? Line 112: request.setAttribute(FiltersHelper.Constants.REQUEST_AUTH_RECORD_KEY, Line 113: outputMap.<ExtMap> get(Authn.InvokeKeys.AUTH_RECORD)); Line 114: request.setAttribute(FiltersHelper.Constants.REQUEST_PROFILE_KEY, userProfile.profile); Line 115: } else { http://gerrit.ovirt.org/#/c/28022/21/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/invocation/CurrentPreProcessor.java File backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/invocation/CurrentPreProcessor.java: Line 22: public ServerResponse preProcess(HttpRequest request, ResourceMethod method) throws Failure, Line 23: WebApplicationException { Line 24: Line 25: HttpSession session = getCurrentSession(false); Line 26: if (session != null) { Used in order to pass values from the filter to the res-tapi. Line 27: current.set(session.getAttribute("app_mode")); Line 28: current.set(session.getAttribute("user")); Line 29: } Line 30: return null; -- To view, visit http://gerrit.ovirt.org/28022 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073 Gerrit-PatchSet: 21 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com> Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
