Yair Zaslavsky has posted comments on this change. Change subject: aaa: Intorduce filters ......................................................................
Patch Set 22: (4 comments) http://gerrit.ovirt.org/#/c/28022/22/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java: Line 40: try { Line 41: userNameFormat = UserNameFormat.valueOf(filterConfig.getInitParameter("user-name-format")); Line 42: } catch (Exception ex) { Line 43: log.error(String.format("The value %1$s is not a valid UserNameFormat. setting UPN as default", filterConfig.getInitParameter("user-name-format"))); Line 44: userNameFormat = UserNameFormat.UPN; > . Done Line 45: } Line 46: Line 47: } Line 48: Line 78: } else if (userNameFormat == UserNameFormat.RESTAPI_SPECIFIC) { Line 79: separator = translateFrom.indexOf("\\"); Line 80: result.profile = translateFrom.substring(0, separator); Line 81: result.userName = translateFrom.substring(separator+1); Line 82: } > I do not care that if you are restapi specific then both are considered. now thati think about it, i am not sure the original code considered the issue you raised like profile\u...@example.com so parsing should be - that if rest-api specific i should look for the "\" and if not then parse according to last appearance of "@"? Line 83: return result; Line 84: } Line 85: Line 86: private void handleCredentials(HttpServletRequest request, String user, String password) { http://gerrit.ovirt.org/#/c/28022/22/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java: Line 64: FiltersHelper.Constants.SESSION_ENGINE_SESSION_ID_KEY, Line 65: engineSessionId Line 66: ); Line 67: req.setAttribute(FiltersHelper.Constants.REQUEST_USER_KEY, Line 68: returnValue.getActionReturnValue()); > but why? why can't the rest-api acquire the information out of the engine s ok, i'll fix that, as eventually BLL login is performed, db user is placed on the session, so yes, can be obtained from the rest-api where needed. thanks for insisting here, and sorry it took me some time :) Line 69: VdcQueryReturnValue result = Line 70: FiltersHelper.getBackend(context) Line 71: .runPublicQuery(VdcQueryType.GetConfigurationValue, Line 72: new GetConfigurationValueParameters(ConfigurationValues.ApplicationMode, http://gerrit.ovirt.org/#/c/28022/22/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SessionValidationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SessionValidationFilter.java: Line 48: if (!returnValue.getSucceeded()) { Line 49: httpSession.removeAttribute(FiltersHelper.Constants.SESSION_ENGINE_SESSION_ID_KEY); Line 50: } else { Line 51: request.setAttribute(FiltersHelper.Constants.REQUEST_USER_KEY, Line 52: returnValue.getReturnValue()); > because it is out of the scope of the aaa to handle something special for r see previous comment on this - i'll fix that. Line 53: } Line 54: } finally { Line 55: ctx.close(); Line 56: } -- To view, visit http://gerrit.ovirt.org/28022 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073 Gerrit-PatchSet: 22 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com> Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
