[Engine-patches] Change in ovirt-engine[master]: Introduction of filters to unify AAA flows for UI and REST-API

Mon, 02 Jun 2014 10:28:39 -0700 

Alon Bar-Lev has posted comments on this change.

Change subject: Introduction of filters to unify AAA flows for UI and REST-API
......................................................................


Patch Set 44:

> 2, InvalidateSessionIfAuthorizationHeaderFilter - potential issue: typical 
> web browser _always and unconditionally_ sends HTTP "Authorization" header 
> once it's set for given origin, what will happen if this HTTP header will be 
> present in each request? Will this make REST API persistent session mechanism 
> unusable?

as far as we understand there is no change in behaviour.

> 10, what is the purpose of BasicAuthenticationFilter & NegotiationFilter in 
> context of WebAdmin & UserPortal web application? (I think I'm missing 
> something)

1. allow basic authentication at that context as well, sync the entire feature 
set across application.

2. allow negotiation authentication, such as SPNEGO, OpenID, apache context, 
SSOs.

What that should be important is that the authentication is determined by the 
chain of filters before application gets control with single exception which is 
the interactive login page.

-- 
To view, visit http://gerrit.ovirt.org/28022
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073
Gerrit-PatchSet: 44
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com>
Gerrit-Reviewer: Alexander Wels <aw...@redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com>
Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com>
Gerrit-Reviewer: Vojtech Szocs <vsz...@redhat.com>
Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com>
Gerrit-Reviewer: automat...@ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: No
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to