This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-API] [PATCH 03 of 21] CP-1831: superusers should have auth_user_nam

To: xen-api <xen-api@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-API] [PATCH 03 of 21] CP-1831: superusers should have auth_user_name in session
From: Marcus Granado <marcus.granado@xxxxxxxxxx>
Date: Fri, 20 Aug 2010 17:52:22 +0100
Delivery-date: Fri, 20 Aug 2010 10:31:49 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <patchbomb.1282323139@localhost>
List-help: <mailto:xen-api-request@lists.xensource.com?subject=help>
List-id: Discussion of API issues surrounding Xen <xen-api.lists.xensource.com>
List-post: <mailto:xen-api@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-api>, <mailto:xen-api-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-api>, <mailto:xen-api-request@lists.xensource.com?subject=unsubscribe>
References: <patchbomb.1282323139@localhost>
Sender: xen-api-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mercurial-patchbomb/1.4.3
 ocaml/xapi/xapi_session.ml |  8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

# HG changeset patch
# User Marcus Granado <marcus.granado@xxxxxxxxxx>
# Date 1282322886 -3600
# Node ID a9dd0a13fd1329bd654e61ec62101352b2c15b63
# Parent  2061d0df12850f6192ee5d702d2fbdb774bbb47e
CP-1831: superusers should have auth_user_name in session

Signed-off-by: Marcus Granado <marcus.granado@xxxxxxxxxxxxx>

diff -r 2061d0df1285 -r a9dd0a13fd13 ocaml/xapi/xapi_session.ml
--- a/ocaml/xapi/xapi_session.ml
+++ b/ocaml/xapi/xapi_session.ml
@@ -325,7 +325,7 @@
   slave_login_common ~__context ~host_str:(Ref.string_of host) ~psecret;
   login_no_password ~__context ~uname:None ~host:host ~pool:true 
       ~is_local_superuser:true ~subject:(Ref.null) ~auth_user_sid:""
-      ~auth_user_name:"" ~rbac_permissions:[]
+      ~auth_user_name:(Ref.string_of host) ~rbac_permissions:[]
 (* Emergency mode login, uses local storage *)
 let slave_local_login ~__context ~psecret = 
@@ -360,8 +360,8 @@
                (* in this case, the context origin of this login request is a 
unix socket bound locally to a filename *)
                (* we trust requests from local unix filename sockets, so no 
need to authenticate them before login *)
                login_no_password ~__context ~uname:(Some uname) 
~host:(Helpers.get_localhost ~__context) 
-                       ~pool:false ~is_local_superuser:true 
~subject:(Ref.null)(*~subject should be undefined here or not??? *)
-                       ~auth_user_sid:"" ~auth_user_name:"" 
+                       ~pool:false ~is_local_superuser:true ~subject:(Ref.null)
+                       ~auth_user_sid:"" ~auth_user_name:uname 
        let login_as_local_superuser auth_type = 
@@ -372,7 +372,7 @@
                        do_local_auth uname pwd;
                        debug "Successful local authentication user %s from %s" 
uname (Context.get_origin __context);
                        login_no_password ~__context ~uname:(Some uname) 
~host:(Helpers.get_localhost ~__context) 
-                               ~pool:false ~is_local_superuser:true 
~subject:(Ref.null) ~auth_user_sid:"" ~auth_user_name:""
+                               ~pool:false ~is_local_superuser:true 
~subject:(Ref.null) ~auth_user_sid:"" ~auth_user_name:uname

Attachment: xen-api.hg-03.patch
Description: Text Data

xen-api mailing list
<Prev in Thread] Current Thread [Next in Thread>