Yair Zaslavsky has uploaded a new change for review. Change subject: aaa: Pass password across filters so it will be known during LoginUserCommand ......................................................................
aaa: Pass password across filters so it will be known during LoginUserCommand As basic authentication passed auth record to Login filter, the passsword used for authentication was not passed, hence was not set in the session data container. Change-Id: Ie48f8f1408b17882337f4fd0a8c38f7829472cf2 Bug-Url: https://bugzilla.redhat.com/1141541 Topic: AAA Signed-off-by: Yair Zaslavsky <yzasl...@redhat.com> --- M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java 4 files changed, 7 insertions(+), 2 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/18/34818/1 diff --git a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java index 86eb36a..4cb46e0 100644 --- a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java +++ b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java @@ -133,6 +133,7 @@ outputMap.<ExtMap> get(Authn.InvokeKeys.AUTH_RECORD)); request.setAttribute(FiltersHelper.Constants.REQUEST_AUTH_TYPE_KEY, AuthType.CREDENTIALS); request.setAttribute(FiltersHelper.Constants.REQUEST_PROFILE_KEY, userProfile.profile.getName()); + request.setAttribute(FiltersHelper.Constants.REQUEST_PASSWORD_KEY, password); } else { if (outputMap.<Integer> get(Base.InvokeKeys.RESULT) != Base.InvokeResult.SUCCESS || outputMap.<Integer> get(Authn.InvokeKeys.RESULT) != Authn.AuthResult.SUCCESS) { diff --git a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java index d2dbbce..3198669 100644 --- a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java +++ b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java @@ -20,6 +20,7 @@ public final static String REQUEST_AUTH_TYPE_KEY = "ovirt_aaa_auth_type"; public final static String HEADER_AUTHORIZATION = "Authorization"; public static final String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate"; + public static final String REQUEST_PASSWORD_KEY = "ovirt_aaa_password"; public static final String HEADER_PREFER = "Prefer"; public static final String HEADER_JSESSIONID_COOKIE = "JSESSIONID"; } diff --git a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java index 30b6abc..14df8d6 100644 --- a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java +++ b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java @@ -49,6 +49,7 @@ LoginUserParameters( profileName, authRecord, + (String)request.getAttribute(FiltersHelper.Constants.REQUEST_PASSWORD_KEY), loginAsAdmin ? VdcActionType.LoginAdminUser : VdcActionType.LoginUser, (AuthType)request.getAttribute(FiltersHelper.Constants.REQUEST_AUTH_TYPE_KEY) ) diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java index e6135f4..18f6227 100644 --- a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java +++ b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java @@ -36,13 +36,14 @@ actionType = VdcActionType.LoginUser; } - public LoginUserParameters(String profileName, Object authRecord, AuthType authType) { - this(profileName, authRecord, VdcActionType.LoginUser, authType); + public LoginUserParameters(String profileName, Object authRecord, String password, AuthType authType) { + this(profileName, authRecord, password, VdcActionType.LoginUser, authType); } public LoginUserParameters( String profileName, Object authRecord, + String password, VdcActionType vdcActionType, AuthType authType ) { @@ -51,6 +52,7 @@ this.authInfo.authType = AuthType.CREDENTIALS; this.profileName = profileName; this.actionType = vdcActionType; + this.authInfo.password = password; } -- To view, visit http://gerrit.ovirt.org/34818 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ie48f8f1408b17882337f4fd0a8c38f7829472cf2 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzasl...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
