[Engine-patches] Change in ovirt-engine[engine_3.2]: restapi : Cookies are being set even when not using persiste...

Wed, 29 May 2013 13:12:05 -0700 

Hello Ravi Nori,

I'd like you to do a code review.  Please visit

    http://gerrit.ovirt.org/15173

to review the following change.

Change subject: restapi : Cookies are being set even when not using persistent 
authentication
......................................................................

restapi : Cookies are being set even when not using persistent authentication

API sets jsession id when not using persistent authentication.
This patch creates a session only when persistent authentication
header is passed in the request.

Change-Id: Ieb004fefbd9a276efacb2ce6fa8b7a48a9516c6e
Bug-Url: https://bugzilla.redhat.com/962730
Signed-off-by: Ravi Nori <[email protected]>
---
M 
backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java
1 file changed, 1 insertion(+), 1 deletion(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/73/15173/1

diff --git 
a/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java
 
b/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java
index 41d7393..d7a9c99 100644
--- 
a/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java
+++ 
b/backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java
@@ -175,7 +175,7 @@
             String engineSessionId = SessionUtils.generateEngineSessionId();
             if (validator == null || validator.validate(principal, 
engineSessionId)) {
                 successful = true;
-                if (httpSession == null) {
+                if (httpSession == null && preferPersistentAuth) {
                     httpSession = getCurrentSession(true);
                 }
                 SessionUtils.setEngineSessionId(httpSession, engineSessionId);


--
To view, visit http://gerrit.ovirt.org/15173
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ieb004fefbd9a276efacb2ce6fa8b7a48a9516c6e
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: engine_3.2
Gerrit-Owner: Michael Pasternak <[email protected]>
Gerrit-Reviewer: Ravi Nori <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to