Vojtech Szocs has posted comments on this change. Change subject: aaa: enable accept engine session using header ......................................................................
Patch Set 2: > can you please migrate to this instead of basic authentication in frontend? Yes, we will modify GUI code to obtain "auth token" (signed Engine session ID) via the new query and pass this token via OVIRT-INTERNAL-ENGINE-AUTH-TOKEN when making HTTP request to REST backend (plus persistent-auth header in order to create REST webapp session + associated JSESSIONID cookie for /ovirt-engine/api path). Even though the REST request on GUI login will *not* create separate Engine session (but reuse existing one), we should keep existing legacy behavior of having JSESSIONID cookie set for /ovirt-engine/api path, so that existing UI plugins will work as before. Important thing to do is to communicate that lifetime of REST session for UI plugins == lifetime of Engine session for GUI user (actually, both REST and WebAdmin are pointing to same Engine session for GUI user). UI plugins now cannot expect the REST session to exist post GUI logout. > it actually also solves the logout issue as well. Right, because we will now reuse existing Engine (GUI user) session, instead of creating new one for "UI plugin REST communication" purposes. -- To view, visit http://gerrit.ovirt.org/35069 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I028082cced7043b5af0b9fa7b0548ba888996e9d Gerrit-PatchSet: 2 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Alexander Wels <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Barak Azulay <[email protected]> Gerrit-Reviewer: Einav Cohen <[email protected]> Gerrit-Reviewer: Oved Ourfali <[email protected]> Gerrit-Reviewer: Vojtech Szocs <[email protected]> Gerrit-Reviewer: Yair Zaslavsky <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
