Alon Bar-Lev has posted comments on this change. Change subject: core, engine: Services for providing info to the Console Proxy ......................................................................
Patch Set 3: Code-Review-1 we are not using security domains of jboss, we have our own filters to perform authentication and authorization. as you do not discuss design, I understand the reaction, but if you do not discuss, you probably invest a lot of effort with incorrect design. we do not use passwords for application-application authentication, but certificates/public keys. proper solution is to establish a session using tls/ssl with client certificate issued by the internal ca. in case we have issues with making httpd accept the client certificate, we think of a solution. -- To view, visit http://gerrit.ovirt.org/35887 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I53c721da21cefcf4069d14c7016b6f7d97f9eac9 Gerrit-PatchSet: 3 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Vitor de Lima <vdel...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Arik Hadas <aha...@redhat.com> Gerrit-Reviewer: Eli Mesika <emes...@redhat.com> Gerrit-Reviewer: Omer Frenkel <ofren...@redhat.com> Gerrit-Reviewer: Shahar Havivi <shav...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
