[Engine-patches] Change in ovirt-engine[master]: restapi : Cookies are being set even when not using persiste...

Mon, 20 May 2013 07:14:03 -0700 

Ravi Nori has uploaded a new change for review.

Change subject: restapi : Cookies are being set even when not using persistent 
authentication
......................................................................

restapi : Cookies are being set even when not using persistent authentication

API sets jsession id when not using persistent authentication.
This patch creates a session only when persistent authentication
header is passed in the request.

Change-Id: Ieb004fefbd9a276efacb2ce6fa8b7a48a9516c6e
Bug-Url: https://bugzilla.redhat.com/962730
Signed-off-by: Ravi Nori <rn...@redhat.com>
---
M 
backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java
1 file changed, 1 insertion(+), 1 deletion(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/91/14891/1

diff --git 
a/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java
 
b/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java
index 064e6e2..e00909b 100644
--- 
a/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java
+++ 
b/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java
@@ -175,7 +175,7 @@
             String engineSessionId = SessionUtils.generateEngineSessionId();
             if (validator == null || validator.validate(principal, 
engineSessionId)) {
                 successful = true;
-                if (httpSession == null) {
+                if (httpSession == null && preferPersistentAuth) {
                     httpSession = getCurrentSession(true);
                 }
                 SessionUtils.setEngineSessionId(httpSession, engineSessionId);


--
To view, visit http://gerrit.ovirt.org/14891
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ieb004fefbd9a276efacb2ce6fa8b7a48a9516c6e
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Ravi Nori <rn...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to