Yair Zaslavsky has posted comments on this change. Change subject: aaa: Introducing built-in extensions module ......................................................................
Patch Set 14: (2 comments) http://gerrit.ovirt.org/#/c/25253/14/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java File backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java: Line 228: } Line 229: Line 230: Line 231: // Check that the user exists in the database, if it doesn't exist then we need to add it now: Line 232: dbUser = getDbUserDAO().getByExternalId(directory.getProfileName(), directoryUser.getId()); > are you sure this is correct? Yes. ExternalId is being "calculated" by the provider and being set on the DirectoryUser returned. The record in the db, contains it. As we previously discussed, you have a unique constraint in the db on the external id + the profile. As long as the directory remains the same, we can switch authenticators, as you suggested with no problem. Line 233: if (dbUser == null) { Line 234: dbUser = new DbUser(directoryUser); Line 235: dbUser.setId(Guid.newGuid()); Line 236: String groupIds = DirectoryUtils.getGroupIdsFromUser(directoryUser); http://gerrit.ovirt.org/#/c/25253/14/backend/manager/modules/builtin-extensions/src/main/resources/META-INF/services/org.ovirt.engine.api.extensions.Extension File backend/manager/modules/builtin-extensions/src/main/resources/META-INF/services/org.ovirt.engine.api.extensions.Extension: Line 1: org.ovirt.engine.extensions.aaa.builtin.internal.InternalAuthenticator Line 2: org.ovirt.engine.extensions.aaa.builtin.internal.InternalDirectory Line 3: org.ovirt.engine.extensions.aaa.builtin.kerberosldap.KerberosLdapDirectory Line 4: org.ovirt.engine.extensions.aaa.builtin.kerberosldap.KerberosLdapAuthenticator > add the header? Done -- To view, visit http://gerrit.ovirt.org/25253 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: If7ea408b46548ffdad1bf56fb8ab54b68722a480 Gerrit-PatchSet: 14 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Yair Zaslavsky <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
