Alon Bar-Lev has posted comments on this change. Change subject: aaa: Intorduce filters ......................................................................
Patch Set 19: (3 comments) http://gerrit.ovirt.org/#/c/28022/19/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java: Line 76: result.profile = translateFrom.substring(separator+1); Line 77: } else if (userNameFormat == UserNameFormat.RESTAPI_SPECIFIC && translateFrom.indexOf("@") == -1) { Line 78: separator = translateFrom.indexOf("\\"); Line 79: result.profile = translateFrom.substring(0, separator); Line 80: result.userName = translateFrom.substring(separator+1); but it also supports the '@' notation, no? Line 81: } Line 82: return result; Line 83: } Line 84: http://gerrit.ovirt.org/#/c/28022/19/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java: Line 32: try { Line 33: ctx.close(); Line 34: } catch (NamingException e) { Line 35: } Line 36: } > right :) so remove? Line 37: Line 38: public static boolean isAuthenticated(HttpServletRequest request) { Line 39: HttpSession session = request.getSession(false); Line 40: return session != null && Boolean.valueOf((Boolean) session.getAttribute(Constants.AUTHENTICATED_KEY)); http://gerrit.ovirt.org/#/c/28022/19/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/RestApiSessionMgmtFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/RestApiSessionMgmtFilter.java: Line 29: Line 30: @Override Line 31: public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, Line 32: ServletException { Line 33: try { you must begin all in if already authenticated so you do nothing.... Line 34: HttpServletRequest req = (HttpServletRequest) request; Line 35: HttpServletResponse resp = (HttpServletResponse) response; Line 36: boolean persistentAuth = "persistent-auth".equals(req.getHeader("Prefer")); Line 37: if (persistentAuth && (req.getHeader("Authorization") != null || !containsJessionId(req))) { -- To view, visit http://gerrit.ovirt.org/28022 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073 Gerrit-PatchSet: 19 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com> Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
