Vojtech Szocs has posted comments on this change. Change subject: webadmin: Use existing Engine session for REST API integration ......................................................................
Patch Set 1: Verified+1 Verified both login & auto-login use cases. Initial HTTP request to create REST session that maps to existing Engine session: GET /ovirt-engine/api OVIRT-INTERNAL-ENGINE-AUTH-TOKEN: <obtained via GetEngineSessionIdToken query> Session-TTL: <obtained via GetConfigurationValue/UserSessionTimeOutInterval query> Prefer: persistent-auth, csrf-protection Keep-alive HTTP request to maintain existing REST session: GET /ovirt-engine/api Session-TTL: <obtained via GetConfigurationValue/UserSessionTimeOutInterval query> Prefer: persistent-auth, csrf-protection JSESSIONID: <REST session ID> Note that "JSESSIONID" header is actually REST API's CSRF protection token, required due to "Prefer:csrf-protection". -- To view, visit http://gerrit.ovirt.org/35185 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ic3905b3b5834a0f7327321e93064274df0d1db65 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Vojtech Szocs <[email protected]> Gerrit-Reviewer: Alexander Wels <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Daniel Erez <[email protected]> Gerrit-Reviewer: Einav Cohen <[email protected]> Gerrit-Reviewer: Oved Ourfali <[email protected]> Gerrit-Reviewer: Vojtech Szocs <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-HasComments: No _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
