[Engine-patches] Change in ovirt-engine[master]: aaa: Fixing recursive for kerberos ldap authz

Mon, 07 Jul 2014 05:51:32 -0700 

Yair Zaslavsky has uploaded a new change for review.

Change subject: aaa: Fixing recursive for kerberos ldap authz
......................................................................

aaa: Fixing recursive for kerberos ldap authz

the behavior of fetching recursively all groups matches
RESOLVE_GROUPS_RECURSIVE , and not RESOLVE_GROUPS

Topic: AAA
Change-Id: I2ca8d6ffb24f9e6f7137602e3ab85e8708ecddf5
Signed-off-by: Yair Zaslavsky <yzasl...@redhat.com>
---
M 
backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java
1 file changed, 5 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/42/29642/1

diff --git 
a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java
 
b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java
index 00a8000..911396f 100644
--- 
a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java
+++ 
b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java
@@ -117,7 +117,7 @@
                         null,
                         getDirectoryName(),
                         queryData,
-                        (input.<Integer> get(Authz.InvokeKeys.QUERY_FLAGS, 0) 
& Authz.QueryFlags.RESOLVE_GROUPS) != 0
+                                (input.<Integer> 
get(Authz.InvokeKeys.QUERY_FLAGS, 0) & 
Authz.QueryFlags.RESOLVE_GROUPS_RECURSIVE) != 0
                 )
         );
         List<LdapUser> ldapUsers = (List<LdapUser>) 
ldapResult.getReturnValue();
@@ -246,7 +246,10 @@
                 ).mput(
                         Authz.ContextKeys.AVAILABLE_NAMESPACES,
                         Arrays.asList(NAMESPACE)
-                        );
+                ).mput(
+                        Authz.ContextKeys.CAPABILITIES,
+                        Authz.Capabilities.RECURSIVE_GROUP_RESOLUTION
+                );
     }
 
     private ExtMap mapLdapUser(LdapUser user) {


-- 
To view, visit http://gerrit.ovirt.org/29642
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I2ca8d6ffb24f9e6f7137602e3ab85e8708ecddf5
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to