Yair Zaslavsky has posted comments on this change. Change subject: aaa: Intorduce filters ......................................................................
Patch Set 22: (4 comments) http://gerrit.ovirt.org/#/c/28022/22/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/ForceLoginFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/ForceLoginFilter.java: > it is not force login, but enforce authenticated or anything similar. it do renamed to ForceAuthFilter - what do you think? Line 1: package org.ovirt.engine.core.aaa.filters; Line 2: Line 3: import java.io.IOException; Line 4: import java.util.Arrays; http://gerrit.ovirt.org/#/c/28022/22/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/NegotiationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/NegotiationFilter.java: Line 28: /** Line 29: * This filter should be added to the {@code web.xml} file to the applications that want to use the authentication Line 30: * mechanism implemented in this package. Line 31: */ Line 32: public class NegotiationFilter implements Filter { Hi, Do you have any comments here? Also how do you recommend to test this? Line 33: Line 34: private static Log log = LogFactory.getLog(NegotiationFilter.class); Line 35: /** Line 36: * The authentication profiles used to perform the authentication process. http://gerrit.ovirt.org/#/c/28022/22/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/RestApiSessionMgmtFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/RestApiSessionMgmtFilter.java: Line 50: } catch (NumberFormatException ex) { Line 51: log.error("Session-TTL header was not passed. Not setting TTL value"); Line 52: } Line 53: } Line 54: if ((req.getHeader("Authorization") != null || !containsJsessionId(req))) { > to force us perform authentication. anyway, this got chnaged. Line 55: // No need to pass credentials again - if passed, login should be called Line 56: if (session != null) { Line 57: session.removeAttribute(FiltersHelper.Constants.SESSION_ENGINE_SESSION_ID_KEY); Line 58: } Line 59: } Line 60: } Line 61: chain.doFilter(request, response); Line 62: if (FiltersHelper.isAuthenticated(req)) { Line 63: session = req.getSession(false); > if (session != null) as you get with false, but if already authenticated we true, i'll change. Line 64: String engineSessionId = Line 65: (String) session.getAttribute(FiltersHelper.Constants.SESSION_ENGINE_SESSION_ID_KEY); Line 66: if (!persistentAuth Line 67: && (req.getAttribute(FiltersHelper.Constants.REQUEST_ALREADY_LOGGED_OUT_KEY) == null || -- To view, visit http://gerrit.ovirt.org/28022 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073 Gerrit-PatchSet: 22 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com> Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
