Alon Bar-Lev has uploaded a new change for review. Change subject: aaa: cleanup kerberos jaas context names ......................................................................
aaa: cleanup kerberos jaas context names as jaas context names are static within application and external modules that requires kerberos should use these, we rename the name to oVirt prefix and add a new profile for debugging. hopefully these are all the options anyone will require. Topic: AAA Change-Id: Ia63aafe6e6960568f6002c2dd89157b8a664275e Signed-off-by: Alon Bar-Lev <[email protected]> --- M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GSSAPIDirContextAuthenticationStrategy.java M packaging/services/ovirt-engine/ovirt-engine.xml.in 2 files changed, 10 insertions(+), 2 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/11/27811/1 diff --git a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GSSAPIDirContextAuthenticationStrategy.java b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GSSAPIDirContextAuthenticationStrategy.java index 764a6fc..35292f4 100644 --- a/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GSSAPIDirContextAuthenticationStrategy.java +++ b/backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GSSAPIDirContextAuthenticationStrategy.java @@ -33,7 +33,7 @@ public class GSSAPIDirContextAuthenticationStrategy implements DirContextAuthenticationStrategy { private static final String GSS_API_AUTHENTICATION = "GSSAPI"; - private static final String LOGIN_MODULE_POLICY_NAME = "EngineKerberosAuth"; + private static final String LOGIN_MODULE_POLICY_NAME = "oVirtKerb"; private static final Log log = LogFactory.getLog(GSSAPIDirContextAuthenticationStrategy.class); private LoginContext loginContext; private String password; diff --git a/packaging/services/ovirt-engine/ovirt-engine.xml.in b/packaging/services/ovirt-engine/ovirt-engine.xml.in index 3d6ae3e..6730f91 100644 --- a/packaging/services/ovirt-engine/ovirt-engine.xml.in +++ b/packaging/services/ovirt-engine/ovirt-engine.xml.in @@ -280,12 +280,20 @@ </authorization> </security-domain> - <security-domain name="EngineKerberosAuth"> + <security-domain name="oVirtKerb"> <authentication> <login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required"/> </authentication> </security-domain> + <security-domain name="oVirtKerbDebug"> + <authentication> + <login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required"> + <module-option name="debug" value="true"/> + </login-module> + </authentication> + </security-domain> + </security-domains> </subsystem> -- To view, visit http://gerrit.ovirt.org/27811 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ia63aafe6e6960568f6002c2dd89157b8a664275e Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Alon Bar-Lev <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
