[Engine-patches] Change in ovirt-engine[master]: aaa: Intorduce filters

Mon, 26 May 2014 05:45:58 -0700 

Yair Zaslavsky has posted comments on this change.

Change subject: aaa: Intorduce filters
......................................................................


Patch Set 21:

(2 comments)

http://gerrit.ovirt.org/#/c/28022/21/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java
File 
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java:

Line 38:     }
Line 39: 
Line 40:     public static boolean isAuthenticated(HttpServletRequest request) {
Line 41:         HttpSession session = request.getSession(false);
Line 42:         return session != null && 
session.getAttribute(Constants.SESSION_ENGINE_SESSION_ID_KEY) != null;
> so bottom line... if we have invalid session id reference, user will not be
yes.
what is the conclusion? is the implementation here valid?
Line 43:     }
Line 44: 


http://gerrit.ovirt.org/#/c/28022/21/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java
File 
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java:

Line 55:                     InitialContext context = new InitialContext();
Line 56:                     try {
Line 57:                         HttpSession session = req.getSession(true);
Line 58:                         if 
(FiltersHelper.getBackend(context).login(params).getSucceeded()) {
Line 59:                             session.setAttribute(
> here do req.getSession(true).setAttribute()
Done
Line 60:                                     
FiltersHelper.Constants.SESSION_AUTHENTICATED_KEY,
Line 61:                                     engineSessionId
Line 62:                                     );
Line 63:                         }


-- 
To view, visit http://gerrit.ovirt.org/28022
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073
Gerrit-PatchSet: 21
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com>
Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com>
Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com>
Gerrit-Reviewer: automat...@ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: Yes
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to