[ https://issues.apache.org/jira/browse/CLOUDSTACK-3426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Amogh Vasekar reassigned CLOUDSTACK-3426: ----------------------------------------- Assignee: Amogh Vasekar > UCS: Session cookie refresh must be supported. > ---------------------------------------------- > > Key: CLOUDSTACK-3426 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-3426 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: API, Management Server > Affects Versions: 4.2.0 > Environment: Master with UCS and Baremetal > Reporter: Parth Jagirdar > Assignee: Amogh Vasekar > Priority: Blocker > > A stale cookie will raise authentication error and subsequent API calls will > fail. > We need a mechanism to refresh cookie based on recommendations below. > While executing listUCSProfiles:: > { "listucsprofileresponse" : > {"uuidList":[],"errorcode":530,"cserrorcode":9999,"errortext":"ucs call > failed:\nsubmitted doc:<configFindDnsByClassId > cookie=\"1372458054/13f7441f-5f86-4668-911f-8cad3f9be693\" > classId=\"lsServer\" />\nresponse: <configFindDnsByClassId > cookie=\"1372458054/13f7441f-5f86-4668-911f-8cad3f9be693\" response=\"yes\" > errorCode=\"552\" invocationResult=\"service-unavailable\" > errorDescr=\"Authorization required\"> </configFindDnsByClassId>\n"} } > Here is the description from UCS API programming guide. (Full version here:: > http://www.cisco.com/en/US/docs/unified_computing/ucs/sw/api/overview.html#wp1127584) > Failed Requests > The response to a failed request includes XML attributes for errorCode and > errorDescr. The following is an example of a response to a failed request: > <configConfMo dn="fabric/server" > cookie="<real_cookie>" > response="yes" > errorCode="103" > invocationResult="unidentified-fail" > errorDescr="can't create; object already exists."> > </configConfMo> > From forums > (http://developer.cisco.com/web/unifiedcomputing/community/-/message_boards/message/2774526?p_p_auth=iBnpvD2j) > And from here > (http://developer.cisco.com/web/unifiedcomputing/blogroll/-/blogs/ucs-xml-api-hello-world) > We have an authentication cookie but this cookie will expire in two hours, > the output from the aaaLogin recommends a cookie refresh every 10 minutes. To > refresh the authentication cookie use the aaaRefresh method. > So basically we need a mechanism for cookie refresh. Which we do not have for > now. > When I tried to add a new manager (so that cookie is fresh ??) ListProfiles > succeeded. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira