On 03/11/2013 10:19 AM, Shireesh Anjal wrote: > On 03/09/2013 12:52 AM, Itamar Heim wrote: >> On 03/08/2013 06:04 AM, Shireesh Anjal wrote: >>> On 03/07/2013 01:05 PM, Aravinda wrote: >>>> We can have only two fields in login screen, username and password. >>>> Username will include domain name(username@domain). >>>> >>>> Default domain name can be "internal" if user didn't enter the domain >>>> name as part of username then we can append the default value and >>>> validate. >>>> >>>> Note: We use username@domain as username when we connect through >>>> <rest_api_url>/api >>> >>> The idea is to *not* have the user type in the domain name, but rather >>> let him/her choose one, just like what happens in webadmin. We should >>> try and minimize typing as much as possible when it comes to mobile apps. >> >> I think this was done on purpose for some reason to not provide a public api >> for the rest api, but i could be wrong and don't remember the detail. >> as the concepts of multi tenancy and multiple domains grow, providing the >> list of domains is considered an issue, > > Is it an issue specific to restapi? For we *do show* the list of domains in > webadmin login screen.
indeed, UI using public query for that, while in api each request has to be authenticated, as workaround, i suggest creating internal user for this purpose and using it in the app (internally) to fetch entities that should not require explicit authentication from the application PoV. > >> and most systems today require user to provide their full user/domain (well, >> usually in the form of their email address). >> >>> >>>> >>>> -- >>>> regards >>>> Aravinda >>>> >>>> On 03/07/2013 11:15 AM, Shireesh Anjal wrote: >>>>> Hi, >>>>> >>>>> We are trying to develop a simple android app to monitor and manage >>>>> gluster clusters by consuming the restapi exposed by engine. The >>>>> first screen is the login screen, which is similar to the webadmin >>>>> login screen. Here, we want to populate the combo box of "domains" by >>>>> fetching it from the restapi. However, the domains api cannot be >>>>> invoked without authentication! So we have a sort of a >>>>> chicken-and-egg problem. >>>>> >>>>> Any suggestions on how to tackle this? I feel the "domains" api >>>>> should be "public", in the sense it should not expect authentication. >>>>> >>>>> Regards, >>>>> Shireesh >>>>> _______________________________________________ >>>>> Engine-devel mailing list >>>>> [email protected] >>>>> http://lists.ovirt.org/mailman/listinfo/engine-devel >>>> >>>> _______________________________________________ >>>> Engine-devel mailing list >>>> [email protected] >>>> http://lists.ovirt.org/mailman/listinfo/engine-devel >>> >>> _______________________________________________ >>> Engine-devel mailing list >>> [email protected] >>> http://lists.ovirt.org/mailman/listinfo/engine-devel >> >> _______________________________________________ >> Engine-devel mailing list >> [email protected] >> http://lists.ovirt.org/mailman/listinfo/engine-devel > > _______________________________________________ > Engine-devel mailing list > [email protected] > http://lists.ovirt.org/mailman/listinfo/engine-devel -- Michael Pasternak RedHat, ENG-Virtualization R&D _______________________________________________ Engine-devel mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-devel
