[Ovirt-devel] [PATCH] Add username/password authentication for browsing from non-kerberized hosts
Jason Guiditta
jguiditt at redhat.com
Thu Aug 14 16:34:41 UTC 2008
Overall, ACK -works for me. Couple notes/tweaks below.
On Thu, 2008-08-14 at 02:45 -0500, Steve Linabery wrote:
> Once again, apologies for the attachment.
>
> Also, apologies for the comments in wui-devel.ks which wrap past 80 chars.
>
> Please help me test this. Build a new appliance with this patch, ssh to the appliance, set a new ipa password for ovirtadmin, and then kdestroy. If you launch browser after that, you should get authorization requested dialog from firefox, and (following entry of correct username/password) get redirected back to dashboard.
>
> Goodnight!
> Steve
>
diff --git a/wui/src/app/controllers/application.rb b/wui/src/app/controllers/application.rb
index eacf6f3..53d0aa6 100644
--- a/wui/src/app/controllers/application.rb
+++ b/wui/src/app/controllers/application.rb
@@ -32,17 +32,16 @@ class ApplicationController < ActionController::Base
before_filter :pre_show, :only => [:show, :show_vms, :show_users,
:show_hosts, :show_storage]
before_filter :authorize_admin, :only => [:new, :create, :edit, :update, :destroy]
+ before_filter :is_logged_in
- def get_login_user
- if ENV["RAILS_ENV"] != 'test'
- user_from_principal(request.env["HTTP_X_FORWARDED_USER"])
- else
- 'ovirtadmin'
+ def is_logged_in
+ if session[:user] == nil
+ redirect_to :controller => "login", :action => "login"
we may want to change this next rev, since we don't really want a
redirect while the user is logged in and just reauthing
diff --git a/wui/src/app/controllers/login_controller.rb b/wui/src/app/controllers/login_controller.rb
+ before_filter :is_logged_in, :except => :login
+ def login
+ myUser = "ovirtadmin"
+ if ENV["RAILS_ENV"] != "test"
+ myUser = user_from_principal(request.env["HTTP_X_FORWARDED_USER"])
+ end
+ session[:user] = myUser
To combine this with what I did in my earlier patch (which I will
regenerate w/o the env test) and to make it more succinct, I would
suggest changing the above block to:
session[:user] = (ENV["RAILS_ENV"] == "production") ?
user_from_principal(request.env["HTTP_X_FORWARDED_USER"]) : "ovirtadmin"
+ redirect_to :controller => "dashboard"
Same comment as in application.rb for the redirect
-j
> _______________________________________________
> Ovirt-devel mailing list
> Ovirt-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/ovirt-devel
More information about the ovirt-devel
mailing list