Bug 1257921

Summary: [aaajdbc] Please be consistent in naming of internal-authz
Product: Red Hat Enterprise Virtualization Manager Reporter: Ondra Machacek <omachace>
Component: ovirt-engineAssignee: Martin Perina <mperina>
Status: CLOSED NOTABUG QA Contact: Ondra Machacek <omachace>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 3.6.0CC: alonbl, ecohen, gklein, lsurette, oourfali, rbalakri, Rhev-m-bugs, yeylon
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: infra
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-08-28 12:35:28 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ondra Machacek 2015-08-28 12:12:12 UTC 
Description of problem:

If you upgrade engine from 3.5 to 3.6 you will have internal domain as follows:
authz-name : internal
authn-name : internal-authn
profile-name : internal

It would be nice if there will be this approach also in clean 3.6 install,
as currently it is as follows:
authz-name : internal-authz
authn-name : internal-authn
profile-name : internal
Comment 1 Martin Perina 2015-08-28 12:35:28 UTC 
(In reply to Ondra Machacek from comment #0)
> Description of problem:
> 
> If you upgrade engine from 3.5 to 3.6 you will have internal domain as
> follows:
> authz-name : internal
> authn-name : internal-authn
> profile-name : internal

This is legacy naming scheme, which was caused by conversion of legacy internal AAA code into extension. And we decided not to change it to the new naming scheme during upgrade.

> 
> It would be nice if there will be this approach also in clean 3.6 install,
> as currently it is as follows:
> authz-name : internal-authz
> authn-name : internal-authn
> profile-name : internal

This is the new standard naming scheme for aaa extensions, extensions should be named as PROFILE-EXTNAME and all extensions should use this scheme.
Comment 2 Alon Bar-Lev 2015-08-29 16:38:13 UTC 
(In reply to Martin Perina from comment #1)
> (In reply to Ondra Machacek from comment #0)
> > Description of problem:
> > 
> > If you upgrade engine from 3.5 to 3.6 you will have internal domain as
> > follows:
> > authz-name : internal
> > authn-name : internal-authn
> > profile-name : internal
> 
> This is legacy naming scheme, which was caused by conversion of legacy
> internal AAA code into extension. And we decided not to change it to the new
> naming scheme during upgrade.
> 

then authn name is important as user resides within, during upgrade we must keep it so existing admin keep working.