Ravi Nori has uploaded a new change for review. Change subject: core, webadmin: Modify webadmin to use enginesso for authentication ......................................................................
core, webadmin: Modify webadmin to use enginesso for authentication Add webadmin side code to support authentication using engine sso Change-Id: Iff0aee9d0f5ee606ff7f397cab69017ca7d9df08 Bug-Url: https://bugzilla.redhat.com/1092744 Signed-off-by: Ravi Nori <rn...@redhat.com> --- A backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/CreateUserSessionCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LogoutUserCommand.java A backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/CreateUserSessionParameters.java M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/VdcActionType.java M backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/servlets/EngineSSOServlet.java M backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/utils/SSOUtils.java A backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOAuthorizationException.java A backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOLoginFilter.java A backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOLoginServlet.java A backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOPermissionsRoleManager.java A backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOUtils.java M frontend/webadmin/modules/webadmin/src/main/webapp/WEB-INF/web.xml 12 files changed, 465 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/19/36619/1 diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/CreateUserSessionCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/CreateUserSessionCommand.java new file mode 100644 index 0000000..5ee7501 --- /dev/null +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/CreateUserSessionCommand.java @@ -0,0 +1,45 @@ +package org.ovirt.engine.core.bll.aaa; + +import org.apache.commons.codec.binary.Base64; +import org.ovirt.engine.core.bll.CommandBase; +import org.ovirt.engine.core.bll.utils.PermissionSubject; +import org.ovirt.engine.core.common.action.CreateUserSessionParameters; + +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; +import java.util.Collections; +import java.util.List; + +public class CreateUserSessionCommand<T extends CreateUserSessionParameters> extends CommandBase<T> { + public CreateUserSessionCommand(T parameters) { + super(parameters); + setCurrentUser(parameters.getUser()); + } + + @Override + protected void executeCommand() { + String engineSessionId = null; + try { + byte s[] = new byte[64]; + SecureRandom.getInstance("SHA1PRNG").nextBytes(s); + engineSessionId = new Base64(0).encodeToString(s); + } catch (NoSuchAlgorithmException e) { + throw new RuntimeException(e); + } + SessionDataContainer.getInstance().setUser(engineSessionId, getParameters().getUser()); + getReturnValue().setActionReturnValue(engineSessionId); + setSucceeded(true); + } + + @Override + protected boolean isUserAuthorizedToRunAction() { + return true; + } + + @Override + public List<PermissionSubject> getPermissionCheckSubjects() { + // Not needed for admin operations. + return Collections.emptyList(); + } + +} diff --git a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LogoutUserCommand.java b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LogoutUserCommand.java index 669ffd6..c471294 100644 --- a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LogoutUserCommand.java +++ b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LogoutUserCommand.java @@ -44,6 +44,10 @@ } SessionDataContainer.getInstance().removeSessionOnLogout(getParameters().getSessionId()); } + + if (SessionDataContainer.getInstance().getUser(getParameters().getSessionId(), false) != null) { + SessionDataContainer.getInstance().removeSessionOnLogout(getParameters().getSessionId()); + } setSucceeded(true); } diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/CreateUserSessionParameters.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/CreateUserSessionParameters.java new file mode 100644 index 0000000..c4a5b63 --- /dev/null +++ b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/CreateUserSessionParameters.java @@ -0,0 +1,28 @@ +package org.ovirt.engine.core.common.action; + +import org.ovirt.engine.core.common.businessentities.aaa.DbUser; + +public class CreateUserSessionParameters extends VdcActionParametersBase { + + /** + * + */ + private static final long serialVersionUID = 5238452182295928273L; + private DbUser user; + + public CreateUserSessionParameters(DbUser user) { + this.user = user; + } + + public CreateUserSessionParameters() { + } + + public void setUser(DbUser user) { + this.user = user; + } + + public DbUser getUser() { + return user; + } + +} diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/VdcActionType.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/VdcActionType.java index 3165e6b..b467378 100644 --- a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/VdcActionType.java +++ b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/VdcActionType.java @@ -175,6 +175,7 @@ LoginAdminUser(418, ActionGroup.LOGIN, false, QuotaDependency.NONE), AddUser(419, ActionGroup.MANIPULATE_USERS, false, QuotaDependency.NONE), AddGroup(420, ActionGroup.MANIPULATE_USERS, false, QuotaDependency.NONE), + CreateUserSession(421, ActionGroup.LOGIN, false, QuotaDependency.NONE), // Tags AddTag(501, false, QuotaDependency.NONE), RemoveTag(502, false, QuotaDependency.NONE), diff --git a/backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/servlets/EngineSSOServlet.java b/backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/servlets/EngineSSOServlet.java index ef873b1..6852a01 100644 --- a/backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/servlets/EngineSSOServlet.java +++ b/backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/servlets/EngineSSOServlet.java @@ -31,6 +31,12 @@ if (StringUtils.isEmpty(request.getParameter(SSOUtils.MODULE))) { throw new RuntimeException("No module name found in request."); } + if (StringUtils.isNotEmpty(request.getParameter(SSOUtils.REAUTHENTICATE))) { + HttpSession existingSession = request.getSession(false); + if (existingSession != null) { + existingSession.invalidate(); + } + } HttpSession session = request.getSession(true); if (SSOUtils.isUserAuthenticated(session)) { request.getRequestDispatcher("/sso-redirect").forward(request, response); diff --git a/backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/utils/SSOUtils.java b/backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/utils/SSOUtils.java index 02ff0b1..27e91f1 100644 --- a/backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/utils/SSOUtils.java +++ b/backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/utils/SSOUtils.java @@ -18,6 +18,7 @@ public static final String SSO_PRINCIPAL_RECORD_ATTR_NAME = "PRINCIPAL_RECORD"; public static final String SSO_AUTH_RECORD_ATTR_NAME = "AUTH_RECORD"; public static final String MODULE = "module"; + public static final String REAUTHENTICATE = "reauthenticate"; public static final String USER_GROUP_MANAGER = "user_group_manager"; public static final String EXTENSION_MANAGER = "ext_manager"; public static final String SSO_LOCAL_CONFIG = "localConfig"; diff --git a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOAuthorizationException.java b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOAuthorizationException.java new file mode 100644 index 0000000..95afefe --- /dev/null +++ b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOAuthorizationException.java @@ -0,0 +1,13 @@ +package org.ovirt.engine.core.utils.servlet; + +public class SSOAuthorizationException extends Exception { + private static final long serialVersionUID = 3399862373159832066L; + + public SSOAuthorizationException(String msg) { + super(msg); + } + + public SSOAuthorizationException(String msg, Exception ex) { + super(msg, ex); + } +} diff --git a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOLoginFilter.java b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOLoginFilter.java new file mode 100644 index 0000000..7719741 --- /dev/null +++ b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOLoginFilter.java @@ -0,0 +1,64 @@ +package org.ovirt.engine.core.utils.servlet; + +import org.ovirt.engine.core.common.constants.SessionConstants; + +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import java.io.IOException; + +public class SSOLoginFilter implements Filter { + + private String loginUrl; + private String ssoUrl; + private String ssoReauthenticateUrl; + + @Override + public void init(FilterConfig filterConfig) throws ServletException { + String strVal = filterConfig.getInitParameter("login-url"); + if (strVal == null) { + throw new RuntimeException("No login-url init parameter specified."); + } else { + loginUrl = strVal; + } + strVal = filterConfig.getInitParameter("sso-url"); + if (strVal == null) { + throw new RuntimeException("No sso-url init parameter specified."); + } else { + ssoUrl = strVal; + ssoReauthenticateUrl = strVal + "&reauthenticate=true"; + } + } + + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, + ServletException { + HttpServletRequest req = (HttpServletRequest) request; + String url = req.getRequestURL().toString(); + if (url.indexOf(loginUrl) != -1) { + request.getRequestDispatcher(loginUrl).forward(request, response); + } else { + HttpSession session = req.getSession(false); + if (session != null && session.getAttribute(SessionConstants.HTTP_SESSION_ENGINE_SESSION_ID_KEY) != null) { + if (SSOUtils.isSessionValid((String) session.getAttribute(SessionConstants.HTTP_SESSION_ENGINE_SESSION_ID_KEY))) { + chain.doFilter(request, response); + } else { + ((HttpServletResponse) response).sendRedirect(ssoReauthenticateUrl); + } + } else { + ((HttpServletResponse) response).sendRedirect(ssoUrl); + } + } + } + + @Override + public void destroy() { + } + +} diff --git a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOLoginServlet.java b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOLoginServlet.java new file mode 100644 index 0000000..0a13145 --- /dev/null +++ b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOLoginServlet.java @@ -0,0 +1,67 @@ +package org.ovirt.engine.core.utils.servlet; + +import org.apache.commons.lang.StringUtils; +import org.ovirt.engine.core.common.constants.SessionConstants; +import org.ovirt.engine.core.compat.Guid; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import java.io.IOException; + +public class SSOLoginServlet extends HttpServlet { + private static final long serialVersionUID = 9210030009170727847L; + + private Logger log = LoggerFactory.getLogger(getClass()); + private boolean loginAsAdmin = false; + private String moduleUrl; + + @Override + public void init() throws ServletException { + String strVal = getServletConfig().getInitParameter("login-as-admin"); + if (strVal != null) { + loginAsAdmin = Boolean.parseBoolean(strVal); + } + strVal = getServletConfig().getInitParameter("module-url"); + if (strVal == null) { + throw new RuntimeException("No module-url init parameter specified."); + } else { + moduleUrl = strVal; + } + } + + @Override + protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + if (StringUtils.isEmpty(request.getParameter("userId"))) { + throw new RuntimeException("No user id found in request."); + } + + Guid userId = Guid.createGuidFromString(request.getParameter("userId")); + String username = request.getParameter("username"); + String email = request.getParameter("email"); + String[] groupIds = request.getParameterValues("groupId"); + if (groupIds == null) { + groupIds = new String[0]; + } + try { + SSOUtils.checkUserAndGroupsAuthorization(userId, username, groupIds); + boolean isAdmin = SSOUtils.isAdminUser(userId, groupIds); + if (loginAsAdmin && !isAdmin) { + throw new SSOAuthorizationException( + String.format("The user %s is not authorized to perform login", username)); + } + HttpSession httpSession = request.getSession(true); + httpSession.setAttribute( + SessionConstants.HTTP_SESSION_ENGINE_SESSION_ID_KEY, + SSOUtils.attachUserToSession(userId, username, email, groupIds, isAdmin)); + } catch (SSOAuthorizationException ex) { + log.error(ex.getMessage()); + } + response.sendRedirect(moduleUrl); + } + +} diff --git a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOPermissionsRoleManager.java b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOPermissionsRoleManager.java new file mode 100644 index 0000000..bdcb7b6 --- /dev/null +++ b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOPermissionsRoleManager.java @@ -0,0 +1,103 @@ +package org.ovirt.engine.core.utils.servlet; + +import org.ovirt.engine.core.common.VdcObjectType; +import org.ovirt.engine.core.common.businessentities.ActionGroup; +import org.ovirt.engine.core.common.businessentities.Role; +import org.ovirt.engine.core.common.businessentities.RoleType; +import org.ovirt.engine.core.common.config.Config; +import org.ovirt.engine.core.common.config.ConfigValues; +import org.ovirt.engine.core.common.mode.ApplicationMode; +import org.ovirt.engine.core.compat.Guid; + +import javax.naming.InitialContext; +import javax.naming.NamingException; +import javax.sql.DataSource; +import java.sql.CallableStatement; +import java.sql.Connection; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.util.ArrayList; +import java.util.List; +import java.util.UUID; + +public class SSOPermissionsRoleManager { + + public static final String DATA_SOURCE = "java:/ENGINEDataSource"; + private DataSource ds; + + public SSOPermissionsRoleManager() { + try { + ds = (DataSource) new InitialContext().lookup(DATA_SOURCE); + if (ds == null) { + throw new RuntimeException("Failed to obtain data source"); + } + } catch (NamingException ex) { + throw new RuntimeException("Error looking up resource " + DATA_SOURCE); + } + } + + public Guid getEntityPermissionsForUserAndGroups(Guid userId, + String groupIds, + ActionGroup actionGroup, + Guid objectId, + VdcObjectType vdcObjectType, + boolean ignoreEveryone) throws SQLException { + Guid id = null; + try ( + Connection connection = ds.getConnection(); + CallableStatement cs = connection.prepareCall("SELECT * FROM get_entity_permissions_for_user_and_groups(?, ?, ?, ?, ?, ?)"); + ) { + cs.setObject(1, userId.getUuid()); + cs.setString(2, groupIds); + cs.setInt(3, actionGroup.getId()); + cs.setObject(4, objectId.getUuid()); + cs.setInt(5, vdcObjectType.getValue()); + cs.setBoolean(6, ignoreEveryone); + + try (ResultSet rs = cs.executeQuery();) { + if (rs.next()) { + id = new Guid((UUID) rs.getObject(1)); + } + } + } + return id; + } + + public List<Role> getAnyAdminRoleForUserAndGroups(Guid userId, String groupIds) throws SQLException { + Integer appMode = Config.<Integer> getValue(ConfigValues.ApplicationMode); + List<Role> roles = new ArrayList<>(); + try ( + Connection connection = ds.getConnection(); + CallableStatement cs = connection.prepareCall("SELECT * FROM GetAnyAdminRoleByUserIdAndGroupIds(?, ?, ?)"); + ) { + cs.setObject(1, userId.getUuid()); + cs.setString(2, groupIds); + cs.setInt(3, appMode.intValue()); + + try (ResultSet rs = cs.executeQuery();) { + while (rs.next()) { + Role role = new Role(); + role.setdescription(rs.getString("description")); + role.setId(getGuid(rs, "id")); + role.setname(rs.getString("name")); + role.setis_readonly(rs.getBoolean("is_readonly")); + role.setType(RoleType.getById(rs.getInt("role_type"))); + role.setAllowsViewingChildren(rs.getBoolean("allows_viewing_children")); + role.setAppMode(ApplicationMode.from(rs.getInt("app_mode"))); + roles.add(role); + } + } + } + return roles; + } + + private static Guid getGuid(ResultSet resultSet, String columnName) throws SQLException { + Guid defaultValue = Guid.Empty; + UUID uuid = (UUID) resultSet.getObject(columnName); + if (uuid == null || resultSet.wasNull()) { + return defaultValue; + } + return new Guid(uuid); + } + +} diff --git a/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOUtils.java b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOUtils.java new file mode 100644 index 0000000..26a2188 --- /dev/null +++ b/backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/servlet/SSOUtils.java @@ -0,0 +1,98 @@ +package org.ovirt.engine.core.utils.servlet; + +import org.apache.commons.lang.StringUtils; +import org.ovirt.engine.core.common.VdcObjectType; +import org.ovirt.engine.core.common.action.CreateUserSessionParameters; +import org.ovirt.engine.core.common.action.VdcActionType; +import org.ovirt.engine.core.common.action.VdcReturnValueBase; +import org.ovirt.engine.core.common.businessentities.ActionGroup; +import org.ovirt.engine.core.common.businessentities.Role; +import org.ovirt.engine.core.common.businessentities.aaa.DbUser; +import org.ovirt.engine.core.common.interfaces.BackendLocal; +import org.ovirt.engine.core.common.queries.VdcQueryParametersBase; +import org.ovirt.engine.core.common.queries.VdcQueryReturnValue; +import org.ovirt.engine.core.common.queries.VdcQueryType; +import org.ovirt.engine.core.compat.Guid; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.naming.Context; +import javax.naming.InitialContext; +import java.sql.SQLException; +import java.util.Arrays; +import java.util.Collection; +import java.util.List; + +public class SSOUtils { + private static final Guid BOTTOM_OBJECT_ID = new Guid("BBB00000-0000-0000-0000-123456789BBB"); + private static BackendLocal backend; + private static SSOPermissionsRoleManager permissionsRoleManager; + private static Logger log = LoggerFactory.getLogger(SSOUtils.class); + + static { + // Lookup the backend bean: + try { + Context initial = new InitialContext(); + backend = (BackendLocal) initial.lookup("java:global/engine/bll/Backend!org.ovirt.engine.core.common.interfaces.BackendLocal"); + } + catch (Exception exception) { + throw new RuntimeException("Can't find reference to backend bean.", exception); + } + + permissionsRoleManager = new SSOPermissionsRoleManager(); + } + + public static boolean isSessionValid(String session) { + VdcQueryReturnValue returnValue = backend.runPublicQuery( + VdcQueryType.ValidateSession, + new VdcQueryParametersBase(session)); + return returnValue.getSucceeded(); + } + + public static String attachUserToSession(Guid userId, String username, String email, String[] groupIds, boolean isAdmin) { + String engineSessionId = null; + DbUser user = new DbUser(); + user.setId(userId); + user.setLoginName(username); + user.setEmail(email); + user.setGroupIds((Collection) Arrays.asList(groupIds)); + user.setAdmin(isAdmin); + VdcReturnValueBase retVal = backend.runAction(VdcActionType.CreateUserSession, new CreateUserSessionParameters(user)); + if (retVal.getSucceeded()) { + engineSessionId = (String) retVal.getActionReturnValue(); + } + return engineSessionId; + } + + public static void checkUserAndGroupsAuthorization(Guid userId, + String username, + String[] groupIds) throws SSOAuthorizationException { + try { + if (permissionsRoleManager.getEntityPermissionsForUserAndGroups(userId, + StringUtils.join(groupIds, ","), + ActionGroup.LOGIN, + BOTTOM_OBJECT_ID, + VdcObjectType.Bottom, + true) == null) { + throw new SSOAuthorizationException(String.format("The user %s is not authorized to perform login", username)); + } + } catch (SQLException ex) { + log.error("Internal Database Error", ex); + throw new SSOAuthorizationException("Internal Database Error", ex); + } + } + + public static boolean isAdminUser(Guid userId, String[] groupIds) throws SSOAuthorizationException { + try { + List<Role> userRoles = permissionsRoleManager.getAnyAdminRoleForUserAndGroups(userId, StringUtils.join(groupIds, ",")); + if (!userRoles.isEmpty()) { + log.debug("User logged to admin using role '{}'", userRoles.get(0).getname()); + return true; + } + } catch (SQLException ex) { + log.error("Internal Database Error", ex); + throw new SSOAuthorizationException("Internal Database Error", ex); + } + return false; + } +} diff --git a/frontend/webadmin/modules/webadmin/src/main/webapp/WEB-INF/web.xml b/frontend/webadmin/modules/webadmin/src/main/webapp/WEB-INF/web.xml index a88f172..42a43dd 100644 --- a/frontend/webadmin/modules/webadmin/src/main/webapp/WEB-INF/web.xml +++ b/frontend/webadmin/modules/webadmin/src/main/webapp/WEB-INF/web.xml @@ -21,6 +21,24 @@ <param-name>contextToRootModifier</param-name> <param-value>..</param-value> </context-param> + + <filter> + <filter-name>SSOLoginFilter</filter-name> + <filter-class>org.ovirt.engine.core.utils.servlet.SSOLoginFilter</filter-class> + <init-param> + <param-name>login-url</param-name> + <param-value>/public/login</param-value> + </init-param> + <init-param> + <param-name>sso-url</param-name> + <param-value>/ovirt-engine/sso?module=webadmin</param-value> + </init-param> + </filter> + <filter-mapping> + <filter-name>SSOLoginFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> + <filter> <filter-name>SessionValidationFilter</filter-name> <filter-class>org.ovirt.engine.core.aaa.filters.SessionValidationFilter</filter-class> @@ -100,6 +118,23 @@ <url-pattern>/*</url-pattern> </filter-mapping> + <servlet> + <servlet-name>login</servlet-name> + <servlet-class>org.ovirt.engine.core.utils.servlet.SSOLoginServlet</servlet-class> + <init-param> + <param-name>login-as-admin</param-name> + <param-value>true</param-value> + </init-param> + <init-param> + <param-name>module-url</param-name> + <param-value>/ovirt-engine/webadmin/WebAdmin.html</param-value> + </init-param> + </servlet> + <servlet-mapping> + <servlet-name>login</servlet-name> + <url-pattern>/public/login</url-pattern> + </servlet-mapping> + <servlet-mapping> <servlet-name>WebAdminHostPageServlet</servlet-name> <url-pattern>/WebAdmin.html</url-pattern> -- To view, visit http://gerrit.ovirt.org/36619 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Iff0aee9d0f5ee606ff7f397cab69017ca7d9df08 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Ravi Nori <rn...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
