Yair Zaslavsky has posted comments on this change. Change subject: aaa: Intorduce filters ......................................................................
Patch Set 7: (5 comments) http://gerrit.ovirt.org/#/c/28022/7/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java: Line 31: //In other cases - continue to the next filter Line 32: if (!FiltersHelper.isAuthenticated(req)) { Line 33: chain.doFilter(request, response); Line 34: String headerValue = req.getHeader("Authorization"); Line 35: if (headerValue != null && headerValue.startsWith("Basic")) { > "Basic " done. Line 36: String credentials = headerValue.substring("Basic".length()).trim(); Line 37: String userPass = new String(Base64.decodeBase64(credentials), Charset.defaultCharset().toString()); Line 38: String[] creds = userPass.split(":", 2); Line 39: if (creds != null && creds.length == 2) { Line 36: String credentials = headerValue.substring("Basic".length()).trim(); Line 37: String userPass = new String(Base64.decodeBase64(credentials), Charset.defaultCharset().toString()); Line 38: String[] creds = userPass.split(":", 2); Line 39: if (creds != null && creds.length == 2) { Line 40: storeCredentialsOnSession(session, creds[0], creds[1], getSeparator(creds[0])); > I do not understand why you do not attempt to perform the login here... why not continue to the 3rd filter? Line 41: } Line 42: } Line 43: } Line 44: chain.doFilter(request, response); Line 47: Line 48: private int getSeparator(String qualified) { Line 49: return qualified.lastIndexOf("@") != -1 Line 50: ? qualified.lastIndexOf("@") Line 51: : qualified.indexOf("\\"); > what is the \\? this was copy pasted from REST-API code - the user can come either in the form of user@profile or profile\\user - at least, this what REST-API seem to support. Line 52: } Line 53: Line 54: private void storeCredentialsOnSession(HttpSession session, String qualified, String password, int index) { Line 55: boolean result = true; http://gerrit.ovirt.org/#/c/28022/7/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java: Line 17: public final static String PROFILE_KEY = "profile"; Line 18: public final static String PASSWORD_KEY = "password"; Line 19: public final static String AUTH_RECORD_KEY = "auth_record"; Line 20: public final static String UNAUTHORIZED_KEY = "unauthorized"; Line 21: public static final String SCHEMES_KEY = "schemes"; > keep consistent? took me some time to see what you meant, ok . Line 22: } Line 23: Line 24: public static BackendLocal getBackend(Context context) { Line 25: http://gerrit.ovirt.org/#/c/28022/7/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SessionValidationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SessionValidationFilter.java: Line 47: log.debug("", ex); Line 48: } Line 49: } finally { Line 50: FiltersHelper.closeContext(ctx); Line 51: chain.doFilter(request, response); > continue my previous comment... I think this should be: Done Line 52: } Line 53: } Line 54: } Line 55: -- To view, visit http://gerrit.ovirt.org/28022 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073 Gerrit-PatchSet: 7 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Barak Azulay <[email protected]> Gerrit-Reviewer: Juan Hernandez <[email protected]> Gerrit-Reviewer: Oved Ourfali <[email protected]> Gerrit-Reviewer: Yair Zaslavsky <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
