Change in ovirt-engine[master]: aaa: Modify webadmin and userportal to use enginesso for aut...

masayag at redhat.com masayag at redhat.com
Tue Nov 24 20:14:14 UTC 2015


Moti Asayag has submitted this change and it was merged.

Change subject: aaa: Modify webadmin and userportal to use enginesso for authentication
......................................................................


aaa: Modify webadmin and userportal to use enginesso for authentication

Add webadmin side code to support authentication using
engine sso. Modify webadmin and user portal to use the
new SSO filters for authorization.

Session validation on engine side is done using
sso

Modify the welcome page to show the current
user logged in and provide a link to switch
user by invalidating the current session and
turning off external auth

Basic auth and negotiate filters on engine side
are not required

SSO token and JSESSION from rest api should be
obtained using Engine Session Id and SSO Session Id.

The setup is sso aware and registers the engine with the
sso as a client.

Remove code that performs login in UI.

Login user and admin commands and the parameter
can be deleted from the backend as the login sequence
is handled by SSO

Change-Id: Iff0aee9d0f5ee606ff7f397cab69017ca7d9df08
Bug-Url: https://bugzilla.redhat.com/1092744
Signed-off-by: Ravi Nori <rnori at redhat.com>
---
M backend/manager/modules/aaa/exclude-filters.xml
M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/AcctUtils.java
A backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/SSOOAuthServiceUtils.java
A backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/SSOUtils.java
D backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/BasicAuthenticationFilter.java
D backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/EngineSessionTokenAuthenticationFilter.java
M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/FiltersHelper.java
D backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/LoginFilter.java
A backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SSOLoginFilter.java
A backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SSORestApiAuthFilter.java
A backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SSORestApiNegotiationFilter.java
D backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SessionMgmtFilter.java
M backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/filters/SessionValidationFilter.java
A backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/servlet/SSOLoginServlet.java
A backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/servlet/SSOLogoutServlet.java
A backend/manager/modules/aaa/src/main/java/org/ovirt/engine/core/aaa/servlet/SSOPostLoginServlet.java
M backend/manager/modules/aaa/src/main/modules/org/ovirt/engine/core/aaa/main/module.xml
M backend/manager/modules/auth-plugin/pom.xml
M backend/manager/modules/auth-plugin/src/main/java/org/ovirt/engine/core/jboss_auth_plugin/OvirtAuthPlugIn.java
M backend/manager/modules/auth-plugin/src/main/modules/org/ovirt/engine/core/auth-plugin/main/module.xml
M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/Backend.java
A backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/GetEngineSessionIdForSSOTokenQuery.java
A backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/CreateUserSessionCommand.java
M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/GetEngineSessionIdTokenQuery.java
D backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginAdminUserCommand.java
D backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginBaseCommand.java
M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginOnBehalfCommand.java
D backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LoginUserCommand.java
M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/LogoutSessionCommand.java
M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/SessionDataContainer.java
A backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/aaa/TerminateSessionsForTokenCommand.java
M backend/manager/modules/bll/src/test/java/org/ovirt/engine/core/bll/aaa/SessionDataContainerTest.java
A backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/CreateUserSessionParameters.java
D backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/LoginUserParameters.java
A backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/TerminateSessionsForTokenParameters.java
M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/action/VdcActionType.java
M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/constants/SessionConstants.java
M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/interfaces/BackendLocal.java
A backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/GetEngineSessionIdForSSOTokenQueryParameters.java
M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/VdcQueryType.java
M backend/manager/modules/restapi/webapp/src/main/webapp/WEB-INF/web.xml
M backend/manager/modules/services/src/main/java/org/ovirt/engine/core/services/GetSessionUser.java
A backend/manager/modules/services/src/main/java/org/ovirt/engine/core/services/SSOCallbackServlet.java
M backend/manager/modules/services/src/main/webapp/WEB-INF/web.xml
M backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/EngineLocalConfig.java
A backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/serialization/json/JsonExtDeserializer.java
A backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/serialization/json/JsonExtMapMixIn.java
M backend/manager/modules/utils/src/main/java/org/ovirt/engine/core/utils/serialization/json/JsonObjectDeserializer.java
M backend/manager/modules/welcome/src/main/resources/messages.properties
A backend/manager/modules/welcome/src/main/webapp/WEB-INF/error.jsp
M backend/manager/modules/welcome/src/main/webapp/WEB-INF/ovirt-engine.jsp
M backend/manager/modules/welcome/src/main/webapp/WEB-INF/web.xml
M backend/manager/modules/welcome/src/test/java/org/ovirt/engine/core/WelcomeServletTest.java
M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/Frontend.java
M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/communication/CommunicationProvider.java
M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/communication/GWTRPCCommunicationProvider.java
M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/communication/OperationProcessor.java
M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/communication/VdcOperationManager.java
M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/gwtservices/GenericApiGWTService.java
M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/GenericApiGWTServiceImpl.java
M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/utils/FrontendUrlUtils.java
M frontend/webadmin/modules/frontend/src/test/java/org/ovirt/engine/ui/frontend/FrontendActionTest.java
M frontend/webadmin/modules/frontend/src/test/java/org/ovirt/engine/ui/frontend/FrontendTest.java
M frontend/webadmin/modules/frontend/src/test/java/org/ovirt/engine/ui/frontend/communication/VdcOperationManagerTest.java
M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/auth/CurrentUser.java
M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/place/ApplicationPlaceManager.java
M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/presenter/AbstractHeaderPresenterWidget.java
D frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/presenter/AbstractLoginPresenterWidget.java
M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/restapi/RestApiSessionManager.java
D frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/section/DefaultLoginSectionPlace.java
M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/system/BaseApplicationInit.java
M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/uicommon/FrontendEventsHandlerImpl.java
M frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/view/AbstractHeaderView.java
D frontend/webadmin/modules/gwt-common/src/main/java/org/ovirt/engine/ui/common/view/AbstractLoginFormView.java
M frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/LoginModel.java
M frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/models/userportal/UserPortalLoginModel.java
M frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/place/UserPortalApplicationPlaces.java
M frontend/webadmin/modules/uicommonweb/src/main/java/org/ovirt/engine/ui/uicommonweb/place/WebAdminApplicationPlaces.java
M frontend/webadmin/modules/userportal-gwtp/src/main/java/org/ovirt/engine/ui/userportal/gin/PresenterModule.java
M frontend/webadmin/modules/userportal-gwtp/src/main/java/org/ovirt/engine/ui/userportal/gin/SystemModule.java
M frontend/webadmin/modules/userportal-gwtp/src/main/java/org/ovirt/engine/ui/userportal/place/UserPortalPlaceManager.java
D frontend/webadmin/modules/userportal-gwtp/src/main/java/org/ovirt/engine/ui/userportal/section/login/presenter/LoginFormPresenterWidget.java
D frontend/webadmin/modules/userportal-gwtp/src/main/java/org/ovirt/engine/ui/userportal/section/login/presenter/LoginSectionPresenter.java
D frontend/webadmin/modules/userportal-gwtp/src/main/java/org/ovirt/engine/ui/userportal/section/login/view/LoginFormView.java
D frontend/webadmin/modules/userportal-gwtp/src/main/java/org/ovirt/engine/ui/userportal/section/login/view/LoginFormView.ui.xml
D frontend/webadmin/modules/userportal-gwtp/src/main/java/org/ovirt/engine/ui/userportal/section/login/view/LoginSectionView.java
D frontend/webadmin/modules/userportal-gwtp/src/main/java/org/ovirt/engine/ui/userportal/section/login/view/LoginSectionView.ui.xml
M frontend/webadmin/modules/userportal-gwtp/src/main/java/org/ovirt/engine/ui/userportal/section/main/view/HeaderView.java
M frontend/webadmin/modules/userportal-gwtp/src/main/java/org/ovirt/engine/ui/userportal/section/main/view/HeaderView.ui.xml
M frontend/webadmin/modules/userportal-gwtp/src/main/webapp/WEB-INF/web.xml
M frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/gin/PresenterModule.java
M frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/gin/SystemModule.java
M frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/place/WebAdminPlaceManager.java
D frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/section/login/presenter/LoginFormPresenterWidget.java
D frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/section/login/presenter/LoginSectionPresenter.java
D frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/section/login/view/LoginFormView.java
D frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/section/login/view/LoginFormView.ui.xml
D frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/section/login/view/LoginSectionView.java
D frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/section/login/view/LoginSectionView.ui.xml
M frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/section/main/view/HeaderView.java
M frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/section/main/view/HeaderView.ui.xml
M frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/system/ApplicationInit.java
M frontend/webadmin/modules/webadmin/src/main/webapp/WEB-INF/web.xml
M packaging/services/ovirt-engine/ovirt-engine.conf.in
M packaging/setup/ovirt_engine_setup/engine/constants.py
M packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/__init__.py
A packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/config/sso.py
107 files changed, 2,247 insertions(+), 3,067 deletions(-)

Approvals:
  Ravi Nori: Verified
  Alexander Wels: Looks good to me, approved
  Vojtech Szocs: Looks good to me, but someone else must approve
  Moti Asayag: Passed CI tests



-- 
To view, visit https://gerrit.ovirt.org/36619
To unsubscribe, visit https://gerrit.ovirt.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Iff0aee9d0f5ee606ff7f397cab69017ca7d9df08
Gerrit-PatchSet: 173
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Ravi Nori <rnori at redhat.com>
Gerrit-Reviewer: Alexander Wels <awels at redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alonbl at redhat.com>
Gerrit-Reviewer: Eli Mesika <emesika at redhat.com>
Gerrit-Reviewer: Jenkins CI
Gerrit-Reviewer: Martin Peřina <mperina at redhat.com>
Gerrit-Reviewer: Michal Skrivanek <michal.skrivanek at redhat.com>
Gerrit-Reviewer: Moti Asayag <masayag at redhat.com>
Gerrit-Reviewer: Ravi Nori <rnori at redhat.com>
Gerrit-Reviewer: Tomas Jelinek <tjelinek at redhat.com>
Gerrit-Reviewer: Vojtech Szocs <vszocs at redhat.com>
Gerrit-Reviewer: gerrit-hooks <automation at ovirt.org>



More information about the Engine-commits mailing list