Change in ovirt-engine[master]: userportal, webadmin: xsrf token changes

[awels at redhat.com]

Alexander Wels has submitted this change and it was merged.

Change subject: userportal,webadmin: xsrf token changes
......................................................................


userportal,webadmin: xsrf token changes

- The token was generated in a way that confused people into thinking
  it did more than it actually did. This patch changes the generation
  to some random value that is used throughout the session lifetime.

Change-Id: Ic028b0d1f8a6fd0cf67863af51d02d892d33f5fb
Signed-off-by: Alexander Wels <awels at redhat.com>
---
M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/OvirtXsrfTokenServiceServlet.java
M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/XsrfProtectedRpcServlet.java
A frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/XsrfTokenGeneratorHttpSessionListener.java
3 files changed, 71 insertions(+), 76 deletions(-)

Approvals:
  Alon Bar-Lev: Looks good to me, but someone else must approve
  Alexander Wels: Verified
  Vojtech Szocs: Looks good to me, approved



-- 
To view, visit http://gerrit.ovirt.org/31089
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ic028b0d1f8a6fd0cf67863af51d02d892d33f5fb
Gerrit-PatchSet: 6
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Alexander Wels <awels at redhat.com>
Gerrit-Reviewer: Alexander Wels <awels at redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alonbl at redhat.com>
Gerrit-Reviewer: Einav Cohen <ecohen at redhat.com>
Gerrit-Reviewer: Vojtech Szocs <vszocs at redhat.com>
Gerrit-Reviewer: automation at ovirt.org
Gerrit-Reviewer: oVirt Jenkins CI Server