Martin Peřina has submitted this change and it was merged. Change subject: aaa: Add Authz search to SSO ...................................................................... aaa: Add Authz search to SSO Add user and groups search to sso, the search query will utilize SSO to extract the records from domain services. The resource is introduced as a new scope and can be accessed using token-info by passing the scope ovirt-ext:token-info:search-authz Change-Id: I6f1edab486a9467334139e97b868ecae8c123a85 Bug-Url: https://bugzilla.redhat.com/1092744 Signed-off-by: Ravi Nori <rnori@redhat.com> --- M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java A backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/QueryData.java M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/SSOOAuthServiceUtils.java M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SSORestApiNegotiationFilter.java M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/servlet/SSOPostLoginServlet.java M backend/manager/modules/auth-plugin/src/main/java/org/ovirt/engine/core/jboss_auth_plugin/OvirtAuthPlugIn.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetAAAProfileListQuery.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetAuthzGroupsByUserIdQuery.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetAvailableNamespacesQuery.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetDirectoryUserByPrincipalQuery.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetDomainListQuery.java D backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/QueryData.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SearchQuery.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/DirectoryUtils.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryGroupByIdQuery.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryGroupsForUserQuery.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetDirectoryUserByIdQuery.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginOnBehalfCommand.java M backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/GetDomainListQueryTest.java A backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/search/AuthzUtils.java A backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/search/DirectorySearch.java A backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/search/DirectoryUtils.java A backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/search/SearchParsingUtils.java M backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/servlets/OAuthTokenInfoServlet.java M backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/utils/AuthenticationUtils.java M backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/utils/SSOConstants.java M backend/manager/modules/enginesso/src/main/java/org/ovirt/engine/core/sso/utils/SSOUtils.java M backend/manager/modules/enginesso/src/main/webapp/WEB-INF/web.xml M backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/serialization/json/JsonExtKeySerializer.java A packaging/dbscripts/upgrade/04_00_0280_add_authz_search_scope_to_sso_client_registration_and_scope_dependency.sql M packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/sso.py 32 files changed, 1,451 insertions(+), 649 deletions(-) Approvals: Martin Peřina: Verified; Looks good to me, approved Jenkins CI: Passed CI tests -- To view, visit https://gerrit.ovirt.org/51470 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I6f1edab486a9467334139e97b868ecae8c123a85 Gerrit-PatchSet: 20 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Ravi Nori <rnori@redhat.com> Gerrit-Reviewer: Jenkins CI Gerrit-Reviewer: Martin Peřina <mperina@redhat.com> Gerrit-Reviewer: Moti Asayag <masayag@redhat.com> Gerrit-Reviewer: Ondra Machacek <omachace@redhat.com> Gerrit-Reviewer: Oved Ourfali <oourfali@redhat.com> Gerrit-Reviewer: Ravi Nori <rnori@redhat.com> Gerrit-Reviewer: gerrit-hooks <automation@ovirt.org>