Michael Pasternak has posted comments on this change. Change subject: restapi : don't set jsessionid cookie when authentication fails(#927140) ......................................................................
Patch Set 2: (1 inline comment) .................................................... File backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java Line 168 Line 169 Line 170 Line 171 Line 172 i didn't told creating new session, you can leave [1] at line 98, and do [2] on successful login (just in the executeBasicAuthentication() context) [1] httpSession = getCurrentSession(false); [2] getCurrentSession(true) thanks. -- To view, visit http://gerrit.ovirt.org/13371 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I84907ab56e99ebb875124f42345d691edad3cdbe Gerrit-PatchSet: 2 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Ravi Nori <rn...@redhat.com> Gerrit-Reviewer: Michael Pasternak <mpast...@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourf...@redhat.com> Gerrit-Reviewer: Ravi Nori <rn...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
