[Engine-patches] Change in ovirt-engine[master]: aaa: enable accept engine session using header

Wed, 12 Nov 2014 04:52:22 -0800 

Vojtech Szocs has posted comments on this change.

Change subject: aaa: enable accept engine session using header
......................................................................


Patch Set 2:

> can you please migrate to this instead of basic authentication in frontend?

Yes, we will modify GUI code to obtain "auth token" (signed Engine session ID) 
via the new query and pass this token via OVIRT-INTERNAL-ENGINE-AUTH-TOKEN when 
making HTTP request to REST backend (plus persistent-auth header in order to 
create REST webapp session + associated JSESSIONID cookie for /ovirt-engine/api 
path).

Even though the REST request on GUI login will *not* create separate Engine 
session (but reuse existing one), we should keep existing legacy behavior of 
having JSESSIONID cookie set for /ovirt-engine/api path, so that existing UI 
plugins will work as before.

Important thing to do is to communicate that lifetime of REST session for UI 
plugins == lifetime of Engine session for GUI user (actually, both REST and 
WebAdmin are pointing to same Engine session for GUI user). UI plugins now 
cannot expect the REST session to exist post GUI logout.

> it actually also solves the logout issue as well.

Right, because we will now reuse existing Engine (GUI user) session, instead of 
creating new one for "UI plugin REST communication" purposes.

-- 
To view, visit http://gerrit.ovirt.org/35069
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: I028082cced7043b5af0b9fa7b0548ba888996e9d
Gerrit-PatchSet: 2
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Alon Bar-Lev <[email protected]>
Gerrit-Reviewer: Alexander Wels <[email protected]>
Gerrit-Reviewer: Alon Bar-Lev <[email protected]>
Gerrit-Reviewer: Barak Azulay <[email protected]>
Gerrit-Reviewer: Einav Cohen <[email protected]>
Gerrit-Reviewer: Oved Ourfali <[email protected]>
Gerrit-Reviewer: Vojtech Szocs <[email protected]>
Gerrit-Reviewer: Yair Zaslavsky <[email protected]>
Gerrit-Reviewer: [email protected]
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: No
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to