[Engine-patches] Change in ovirt-engine[master]: Introduction of filters to unify AAA flows for UI and REST-API

Alon Bar-Lev Sun, 08 Jun 2014 01:48:07 -0700

Alon Bar-Lev has posted comments on this change.

Change subject: Introduction of filters to unify AAA flows for UI and REST-API
......................................................................



Patch Set 52:

(6 comments)

http://gerrit.ovirt.org/#/c/28022/52/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java
File 
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java:

Line 11: 
Line 12: public class FiltersHelper {
Line 13: 
Line 14:     public static class Constants {
Line 15:         public static  final String REQUEST_AUTH_RECORD_KEY = 
"ovirt_aaa_auth_record";
-
Line 16:         public static final String REQUEST_SCHEMES_KEY = 
"ovirt_aaa_schemes";
Line 17:         public static final String REQUEST_PROFILE_KEY = 
"ovirt_aaa_profile";
Line 18:         public static final String HEADER_AUTHORIZATION = 
"Authorization";
Line 19:         public static final String HEADER_WWW_AUTHENTICATE = 
"WWW-Authenticate";


Line 17:         public static final String REQUEST_PROFILE_KEY = 
"ovirt_aaa_profile";
Line 18:         public static final String HEADER_AUTHORIZATION = 
"Authorization";
Line 19:         public static final String HEADER_WWW_AUTHENTICATE = 
"WWW-Authenticate";
Line 20:         public static final String HEADER_PREFER = "Prefer";
Line 21:         public static final String JSESSIONID_COOKIE = "JSESSIONID";
this ^ is header as well, no?
Line 22:     }
Line 23: 
Line 24:     public static BackendLocal getBackend(Context context) {
Line 25: 


http://gerrit.ovirt.org/#/c/28022/52/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/RestApiSessionMgmtFilter.java
File 
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/RestApiSessionMgmtFilter.java:

Line 57:             }
Line 58:         }
Line 59:         chain.doFilter(request, response);
Line 60:         try {
Line 61:             if (!persistentAuth && FiltersHelper.isAuthenticated(req)) 
{
I think I expect here:

 if (!persistentAuth) {
     if (FiltersHelper.isAuthenticated(req)) {

so the else will apply only if persistent auth... no? I also would have switch 
the conditions so you have the positive first.
Line 62:                 InitialContext ctx = new InitialContext();
Line 63:                 try {
Line 64:                     FiltersHelper.getBackend(ctx).runAction(
Line 65:                             VdcActionType.LogoutBySession,


Line 72:                     ctx.close();
Line 73:                 }
Line 74:             } else {
Line 75:                 HttpSession session = req.getSession(false);
Line 76:                 if (session != null && session.isNew() && 
session.getAttribute("async") != null && 
!Boolean.valueOf((boolean)session.getAttribute("async"))) {
please put "async" in constants, and prefix it with ovirt_aaa_
Line 77:                     
((HttpServletResponse)response).addHeader(FiltersHelper.Constants.JSESSIONID_COOKIE,
 session.getId());
Line 78:                 }
Line 79:             }
Line 80:         } catch (Exception ex) {


http://gerrit.ovirt.org/#/c/28022/52/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/constants/SessionConstants.java
File 
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/constants/SessionConstants.java:

Line 1: package org.ovirt.engine.core.common.constants;
Line 2: 
Line 3: public class SessionConstants {
Line 4: 
Line 5:     public final static String HTTP_SESSION_ENGINE_SESSION_ID_KEY = 
"engineSessionId";
please add ovirt_aaa prefix to the value.
Line 6: 


http://gerrit.ovirt.org/#/c/28022/52/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/security/auth/LoginValidator.java
File 
backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/security/auth/LoginValidator.java:

Line 36:     public void postProcess(ServerResponse response) {
Line 37:         HttpSession httpSession = getCurrentSession(false);
Line 38:         if (!current.get(MetaData.class).hasKey("async") ||
Line 39:                 (!(Boolean.TRUE.equals((Boolean) 
current.get(MetaData.class).get("async"))))) {
Line 40:             httpSession.setAttribute("async", false);
constant please, with ovirt_aaa_ prefix.

also, please explain why can't it be on request/response?
Line 41:         }
Line 42:         sessionHelper.clean();
Line 43:     }
Line 44: 


-- 
To view, visit http://gerrit.ovirt.org/28022
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073
Gerrit-PatchSet: 52
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com>
Gerrit-Reviewer: Alexander Wels <aw...@redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: Barak Azulay <bazu...@redhat.com>
Gerrit-Reviewer: Einav Cohen <eco...@redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com>
Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com>
Gerrit-Reviewer: Vojtech Szocs <vsz...@redhat.com>
Gerrit-Reviewer: Yair Zaslavsky <yzasl...@redhat.com>
Gerrit-Reviewer: automat...@ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: Yes
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

[Engine-patches] Change in ovirt-engine[master]: Introduction of filters to unify AAA flows for UI and REST-API

Reply via email to