Alon Bar-Lev has posted comments on this change. Change subject: aaa : Add engine sso ......................................................................
Patch Set 65: (2 comments) https://gerrit.ovirt.org/#/c/36119/65/backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/servlets/UnauthorizedServlet.java File backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/servlets/UnauthorizedServlet.java: Line 20: SSOConfig config = (SSOConfig) request.getServletContext().getAttribute(SSOUtils.SSO_CONFIG); Line 21: if (config.isAllowDisableExternalAuth()) { Line 22: if (config.isEnforceNego()) { Line 23: SSOUtils.redirectToErrorPage(request, response, Line 24: new OAuthException(SSOUtils.ERR_CODE_UNAUTHORIZED_CLIENT, "HTTP Status 401 - authentication required.")); the message goes to user, you can avoid technical details, I refer to the http status. Line 25: } else { Line 26: request.getSession(true).setAttribute(SSOUtils.CHECK_AUTHENTICATION, "0"); Line 27: response.sendRedirect(request.getContextPath() + SSOUtils.LOGIN_FORM_URI); Line 28: } https://gerrit.ovirt.org/#/c/36119/65/backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/utils/SSOUtils.java File backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/utils/SSOUtils.java: Line 78: public static final String ERR_CODE_UNSUPPORTED_GRANT_TYPE = "unsupported_grant_type"; Line 79: public static final String ERR_CODE_INVALID_REQUEST = "invalid_request"; Line 80: public static final String ERR_CODE_UNAUTHORIZED_CLIENT = "unauthorized_client"; Line 81: public static final String ERR_CODE_ACCESS_DENIED = "access_denied"; Line 82: public static final String ERR_CODE_ACCESS_DENIED_IDENTITY = "access_denied_identity"; do you mean unauthorized_client or access_denied? please make sure all your codes are available in rfc[1], these are specified randomly per each command, seek for "[USASCII] error code" [1] http://tools.ietf.org/html/rfc6749 Line 83: public static final String ERR_CODE_INVALID_SCOPE = "invalid_scope"; Line 84: public static final String ERR_CODE_SERVER_ERROR = "server_error"; Line 85: Line 86: public static final String ERR_CODE_INVALID_GRANT_MSG = "The provided authorization grant is no longer valid or not valid for the requested redirect uri."; -- To view, visit https://gerrit.ovirt.org/36119 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I4894fc12653027271b6abd4dd5313b10593703fa Gerrit-PatchSet: 65 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Ravi Nori <rn...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Jenkins CI Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Ravi Nori <rn...@redhat.com> Gerrit-Reviewer: automat...@ovirt.org Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
