Alon Bar-Lev has posted comments on this change. Change subject: aaa: Intorduce filters ......................................................................
Patch Set 7: (2 comments) http://gerrit.ovirt.org/#/c/28022/7/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java File backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java: Line 36: String credentials = headerValue.substring("Basic".length()).trim(); Line 37: String userPass = new String(Base64.decodeBase64(credentials), Charset.defaultCharset().toString()); Line 38: String[] creds = userPass.split(":", 2); Line 39: if (creds != null && creds.length == 2) { Line 40: storeCredentialsOnSession(session, creds[0], creds[1], getSeparator(creds[0])); > what i meant is - why not have a central place where you perform BLL login? you should go into extension of profile and pass user/password get auth_record. at login filter you get the auth_record of nego or basic and perform the login (authz part, accounting...) Line 41: } Line 42: } Line 43: } Line 44: chain.doFilter(request, response); Line 47: Line 48: private int getSeparator(String qualified) { Line 49: return qualified.lastIndexOf("@") != -1 Line 50: ? qualified.lastIndexOf("@") Line 51: : qualified.indexOf("\\"); > this was copy pasted from REST-API code - so please add init parameter to enable or not enable this, as we do not want to drag this into webadmin/userportal. please also find the last index of these, and make sure that you do not have @. Line 52: } Line 53: Line 54: private void storeCredentialsOnSession(HttpSession session, String qualified, String password, int index) { Line 55: boolean result = true; -- To view, visit http://gerrit.ovirt.org/28022 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073 Gerrit-PatchSet: 7 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Barak Azulay <[email protected]> Gerrit-Reviewer: Juan Hernandez <[email protected]> Gerrit-Reviewer: Oved Ourfali <[email protected]> Gerrit-Reviewer: Yair Zaslavsky <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
