Hi guys, an important change in UI plugins REST API integration landed in both master [1] and 3.5 [2] branches of oVirt Engine repo.
[1] http://gerrit.ovirt.org/#/c/35185/ [2] http://gerrit.ovirt.org/#/c/35248/ Below is a short overview of this change and how it affects existing UI plugins. Please refer to commit message for more details. Situation before ================ WebAdmin login caused two separate Engine user sessions to be created: one for WebAdmin GUI itself, one for UI plugins (using same credentials as entered in WebAdmin login form). This resulted in two separate "user {user}@{domain} logged" entries in Engine log. REST session ID which maps to second Engine user session was broadcasted to all UI plugins via "RestApiSessionAcquired" event handler function. Upon WebAdmin logout, the second Engine user session was not closed; this was intentional so that any potential 3rd party systems using above mentioned REST session ID would still work. Situation after =============== WebAdmin login causes one Engine user session to be created. When acquiring REST session for UI plugins, existing Engine user session is reused via OVIRT-INTERNAL-ENGINE-AUTH-TOKEN header [3]. There is now only one "user {user}@{domain} logged" entry in Engine log. [3] http://gerrit.ovirt.org/#/c/35069/ Acquired REST session ID therefore maps to existing Engine user session. "RestApiSessionAcquired" API still works as expected. The only (possibly breaking) change is that upon WebAdmin logout, REST session ID previously passed to all UI plugins (upon last login) will not work anymore. While the physical session (REST webapp HttpSession) might still be active, the logical session (Engine user / SessionDataContainer) will be dead, therefore the physical REST session won't work after WebAdmin logout. In other words, usability of REST session ID is now strictly scoped to GUI user being authenticated. If the user logs in, (always) new REST session ID will be passed to all UI plugins. If the user logs out, REST session ID will not work anymore. This is in line with the general concept of UI plugins where each plugin is "active" (receives API callbacks) *only* when the GUI user is authenticated. See [4,5] for details. [4] http://www.ovirt.org/Features/UIPlugins#Plugin_lifecycle "Plugin invocation context starts when user logs into WebAdmin and ends when user logs out." [5] http://www.ovirt.org/Features/UIPlugins#Application_event_reference Let me know if you have any questions. Regards, Vojtech _______________________________________________ Devel mailing list Devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/devel
