Oved Ourfali has uploaded a new change for review. Change subject: aaa: Pass password across filters so it will be known during LoginUserCommand ......................................................................
aaa: Pass password across filters so it will be known during LoginUserCommand As basic authentication passed auth record to Login filter, the passsword used for authentication was not passed, hence was not set in the session data container. Change-Id: Ie48f8f1408b17882337f4fd0a8c38f7829472cf2 Bug-Url: https://bugzilla.redhat.com/1141541 Topic: AAA Signed-off-by: Yair Zaslavsky <[email protected]> (cherry picked from commit 3d4c423269b8dd099b2fe4bce43b0d2efa6f9e33) --- M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java 4 files changed, 7 insertions(+), 2 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/23/34823/1 diff --git a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java index 86eb36a..4cb46e0 100644 --- a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java +++ b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java @@ -133,6 +133,7 @@ outputMap.<ExtMap> get(Authn.InvokeKeys.AUTH_RECORD)); request.setAttribute(FiltersHelper.Constants.REQUEST_AUTH_TYPE_KEY, AuthType.CREDENTIALS); request.setAttribute(FiltersHelper.Constants.REQUEST_PROFILE_KEY, userProfile.profile.getName()); + request.setAttribute(FiltersHelper.Constants.REQUEST_PASSWORD_KEY, password); } else { if (outputMap.<Integer> get(Base.InvokeKeys.RESULT) != Base.InvokeResult.SUCCESS || outputMap.<Integer> get(Authn.InvokeKeys.RESULT) != Authn.AuthResult.SUCCESS) { diff --git a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java index d2dbbce..be0ed25 100644 --- a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java +++ b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java @@ -18,6 +18,7 @@ public final static String REQUEST_SCHEMES_KEY = "ovirt_aaa_schemes"; public final static String REQUEST_PROFILE_KEY = "ovirt_aaa_profile"; public final static String REQUEST_AUTH_TYPE_KEY = "ovirt_aaa_auth_type"; + public static final String REQUEST_PASSWORD_KEY = "ovirt_aaa_password"; public final static String HEADER_AUTHORIZATION = "Authorization"; public static final String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate"; public static final String HEADER_PREFER = "Prefer"; diff --git a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java index 30b6abc..14df8d6 100644 --- a/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java +++ b/backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java @@ -49,6 +49,7 @@ LoginUserParameters( profileName, authRecord, + (String)request.getAttribute(FiltersHelper.Constants.REQUEST_PASSWORD_KEY), loginAsAdmin ? VdcActionType.LoginAdminUser : VdcActionType.LoginUser, (AuthType)request.getAttribute(FiltersHelper.Constants.REQUEST_AUTH_TYPE_KEY) ) diff --git a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java index e6135f4..18f6227 100644 --- a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java +++ b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java @@ -36,13 +36,14 @@ actionType = VdcActionType.LoginUser; } - public LoginUserParameters(String profileName, Object authRecord, AuthType authType) { - this(profileName, authRecord, VdcActionType.LoginUser, authType); + public LoginUserParameters(String profileName, Object authRecord, String password, AuthType authType) { + this(profileName, authRecord, password, VdcActionType.LoginUser, authType); } public LoginUserParameters( String profileName, Object authRecord, + String password, VdcActionType vdcActionType, AuthType authType ) { @@ -51,6 +52,7 @@ this.authInfo.authType = AuthType.CREDENTIALS; this.profileName = profileName; this.actionType = vdcActionType; + this.authInfo.password = password; } -- To view, visit http://gerrit.ovirt.org/34823 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ie48f8f1408b17882337f4fd0a8c38f7829472cf2 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: ovirt-engine-3.5 Gerrit-Owner: Oved Ourfali <[email protected]> Gerrit-Reviewer: Yair Zaslavsky <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
