Yair Zaslavsky has submitted this change and it was merged. Change subject: aaa: Using extensions API ...................................................................... aaa: Using extensions API This patch uses the extensions API (Internal/KerberosLdap) in a gradual manner 1. Changing LoginBaseCommand and AuthenticationFilter to work directly with the new API 2. Introducing AuthzUtils as helper class for authorization 3. Changing KerberosLdapDirectory to implement Extension, and base all the code on search of principals and groups 4. Changing AuthenticationProfileRepository to work with Extension proxies 5. Changing extension manager Change-Id: I916012eab61a96bdb0f366d9dc8462325d7f726f Topic: AAA Signed-off-by: Alon Bar-Lev <alonbl@redhat.com> Signed-off-by: Yair Zaslavsky <yzaslavs@redhat.com> --- M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthenticationProfile.java M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthenticationProfileRepository.java D backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/Authenticator.java A backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AuthzUtils.java D backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/Directory.java R backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/NegotiationAuthnFilter.java D backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/NegotiationResult.java A backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/SearchQueryParsingUtils.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AdGroupsHandlingCommandBase.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddGroupCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddUserCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AutomaticLoginFilter.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/DbUserCacheManager.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetDirectoryGroupByIdQuery.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetDirectoryUserByIdQuery.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/InitBackendServicesOnStartupBean.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LoginBaseCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/LogoutUserCommand.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/SearchQuery.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/UserCommandBase.java M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/session/SessionDataContainer.java M backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/DirectoryGroupSearchQueryTest.java M backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/DirectorySearchQueryTestBase.java M backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/DirectoryUserSearchQueryTest.java M backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/GetDomainListQueryTest.java D backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/header/HeaderAuthenticator.java D backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthenticator.java A backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthn.java A backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalAuthz.java D backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/internal/InternalDirectory.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/ADLdapIdEncoder.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/AdActionType.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/GetRootDSETask.java D backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthenticator.java A backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthn.java A backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapAuthz.java D backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/KerberosLdapDirectory.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapAuthenticateUserCommand.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapBrokerBaseParameters.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapBrokerCommandBase.java D backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapGetAdGroupByGroupIdCommand.java D backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapGetAdUserByUserIdCommand.java D backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapGetAdUserByUserIdListCommand.java D backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapIsComputerWithSameNameExistsParameters.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapQueryMetadataFactoryImpl.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/LdapUserPasswordBaseParameters.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/SearchLangageLDAPTokens.java M backend/manager/modules/builtin-extensions/src/main/java/org/ovirt/engine/extensions/aaa/builtin/kerberosldap/SearchQueryFotmatter.java M backend/manager/modules/builtin-extensions/src/main/resources/META-INF/services/org.ovirt.engine.api.extensions.Extension M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/config/ConfigValues.java D backend/manager/modules/extensions-api-root/extensions-api/src/main/java/org/ovirt/engine/api/extensionsold/AAAExtensionException.java D backend/manager/modules/extensions-api-root/extensions-api/src/main/java/org/ovirt/engine/api/extensionsold/Extension.java A backend/manager/modules/extensions-manager/src/main/java/org/ovirt/engine/core/extensions/mgr/ExtensionInvokeCommandException.java A backend/manager/modules/extensions-manager/src/main/java/org/ovirt/engine/core/extensions/mgr/ExtensionInvokeCommandFailedException.java A backend/manager/modules/extensions-manager/src/main/java/org/ovirt/engine/core/extensions/mgr/ExtensionInvokeCommandUnsupporetdException.java A backend/manager/modules/extensions-manager/src/main/java/org/ovirt/engine/core/extensions/mgr/ExtensionInvokeCommandUnsupportedException.java A backend/manager/modules/extensions-manager/src/main/java/org/ovirt/engine/core/extensions/mgr/ExtensionProxy.java M backend/manager/modules/extensions-manager/src/main/java/org/ovirt/engine/core/extensions/mgr/ExtensionsManager.java 58 files changed, 2,053 insertions(+), 1,792 deletions(-) Approvals: Yair Zaslavsky: Verified; Looks good to me, approved -- To view, visit http://gerrit.ovirt.org/26602 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I916012eab61a96bdb0f366d9dc8462325d7f726f Gerrit-PatchSet: 46 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Yair Zaslavsky <yzaslavs@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alonbl@redhat.com> Gerrit-Reviewer: Yair Zaslavsky <yzaslavs@redhat.com> Gerrit-Reviewer: automation@ovirt.org Gerrit-Reviewer: oVirt Jenkins CI Server