On Sat, May 7, 2016 at 8:09 AM, Nathan Johnson <[email protected]> wrote:
> If you hit the /client/console endpoint with a vmid, it sends you back some
> data that contains a link to a the console proxy VM and passes an encrypted
> json payload that has the user, password and port for a vnc connection.
> Normally this is meant to load in an iframe. We want to decrypt this
> response to direct a VNC client to the appropriate host / port / user /
> pass and bypass use of the console proxy VM. The key and iv appear to be
> stored in the configuration table under the names security.encryption.key
> and security.encryption.iv, but as they are hidden we cannot get these
> credentials via the listConfigurations endpoint as-is. So my question is:
>
> What would be the most appropriate way to open up the possibility of
> showing “hidden” configuration items via this API to our middleware? Some
> sort of entry in a config file somewhere? An entry in the configuration
> table itself? Or is there some other way to get this information I’m
> looking for?
>
>
Just tested:
mysql> update configuration set category='Secure' where name in
('security.encryption.iv', 'security.encryption.key');
(default) > list configurations name=security.encryption.iv
count = 1
configuration:
+----------+------------------------+------------------------+------------------------+
| category | name | value |
description |
+----------+------------------------+------------------------+------------------------+
| Secure | security.encryption.iv | <REMOVED FOR SECURITY> | base64
encoded IV data |
+----------+------------------------+------------------------+------------------------+
--
Erik
