[Engine-patches] Change in ovirt-engine[master]: aaa: add support for basic athentication

Mon, 09 Feb 2015 10:33:18 -0800 

Alon Bar-Lev has posted comments on this change.

Change subject: aaa: add support for basic athentication
......................................................................


Patch Set 8:

(2 comments)

http://gerrit.ovirt.org/#/c/37299/8/backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/servlets/ExternalAuthServlet.java
File 
backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/servlets/ExternalAuthServlet.java:

Line 18: 
Line 19:     @Override
Line 20:     protected void service(HttpServletRequest request, 
HttpServletResponse response)
Line 21:             throws ServletException, IOException {
Line 22:         Credentials credentials = getUserCredentials(request);
only if acceptBasic
Line 23:         if (credentials != null) {
Line 24:             
request.getSession(true).setAttribute(SSOUtils.USER_CREDENTIALS, credentials);
Line 25:             response.sendRedirect(request.getContextPath() + 
SSOUtils.LOGIN_PHASE3_URI);
Line 26:         } else {


http://gerrit.ovirt.org/#/c/37299/8/backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/servlets/LoginPhase2Servlet.java
File 
backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/servlets/LoginPhase2Servlet.java:

Line 16:     protected void service(HttpServletRequest request, 
HttpServletResponse response)
Line 17:             throws ServletException, IOException {
Line 18:         boolean acceptBasicAuth = (boolean) 
request.getSession().getServletContext().getAttribute(SSOUtils.ACCEPT_BASIC_AUTH_HEADERS);
Line 19: 
Line 20:         if (acceptBasicAuth) {
you redirect to basic only if we need to prompt for basic not just accept. 
remember? we either accept headers or force 401 in our servlet. two different 
paths.

of course if we prompt we also accept...
Line 21:             response.sendRedirect(request.getContextPath() + 
SSOUtils.LOGIN_BASIC_URI);
Line 22:         } else {
Line 23:             response.sendRedirect(request.getContextPath() + 
SSOUtils.LOGIN_PHASE3_URI);
Line 24:         }


-- 
To view, visit http://gerrit.ovirt.org/37299
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: If09285f0e6cd8909f21aa7e88ae1a3c1a30763c2
Gerrit-PatchSet: 8
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Ravi Nori <rn...@redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: Ravi Nori <rn...@redhat.com>
Gerrit-Reviewer: automat...@ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: Yes
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to