Alon Bar-Lev has posted comments on this change.

Change subject: Introduction of filters to unify AAA flows for UI and REST-API
......................................................................


Patch Set 50:

(4 comments)

http://gerrit.ovirt.org/#/c/28022/50/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/InvalidateSessionIfAuthorizationHeaderFilter.java
File 
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/InvalidateSessionIfAuthorizationHeaderFilter.java:

please rename to RestApiSessionValidation or something as it is now specific to 
rest.
Line 1: package org.ovirt.engine.core.aaa.filters;
Line 2: 
Line 3: import java.io.IOException;
Line 4: 


http://gerrit.ovirt.org/#/c/28022/50/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/RestApiSessionMgmtFilter.java
File 
backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/RestApiSessionMgmtFilter.java:

Line 35:             ServletException {
Line 36:         HttpServletRequest req = (HttpServletRequest) request;
Line 37:         boolean persistentAuth =
Line 38:                 FiltersHelper.isPersistentAuth(req);
Line 39:         HttpSession session = req.getSession();
you don't need this here^
Line 40:         if (persistentAuth) {
Line 41:             try {
Line 42:                 int ttlValue = 
Integer.parseInt(req.getHeader("Session-TTL")) * SECONDS_IN_MINUTE;
Line 43:                 if (ttlValue >= MINIMAL_SESSION_TTL) {


Line 37:         boolean persistentAuth =
Line 38:                 FiltersHelper.isPersistentAuth(req);
Line 39:         HttpSession session = req.getSession();
Line 40:         if (persistentAuth) {
Line 41:             try {
here you should create the session.

 session = request.getSession(true)
Line 42:                 int ttlValue = 
Integer.parseInt(req.getHeader("Session-TTL")) * SECONDS_IN_MINUTE;
Line 43:                 if (ttlValue >= MINIMAL_SESSION_TTL) {
Line 44:                     session.setMaxInactiveInterval(ttlValue);
Line 45:                 }


http://gerrit.ovirt.org/#/c/28022/50/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/constants/SessionConstants.java
File 
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/constants/SessionConstants.java:

Line 1: package org.ovirt.engine.core.common.constants;
Line 2: 
Line 3: public class SessionConstants {
Line 4: 
Line 5:     public final static String HTTP_SESSION_ENGINE_SESSION_ID_KEY = 
"engineSessionId";
please add ovirt_aaa_ prefix.
Line 6: 


-- 
To view, visit http://gerrit.ovirt.org/28022
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Ia5536d123b6407acf41b6946dde796bd67d1e073
Gerrit-PatchSet: 50
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Yair Zaslavsky <[email protected]>
Gerrit-Reviewer: Alexander Wels <[email protected]>
Gerrit-Reviewer: Alon Bar-Lev <[email protected]>
Gerrit-Reviewer: Barak Azulay <[email protected]>
Gerrit-Reviewer: Einav Cohen <[email protected]>
Gerrit-Reviewer: Juan Hernandez <[email protected]>
Gerrit-Reviewer: Oved Ourfali <[email protected]>
Gerrit-Reviewer: Vojtech Szocs <[email protected]>
Gerrit-Reviewer: Yair Zaslavsky <[email protected]>
Gerrit-Reviewer: [email protected]
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: Yes
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to