Change in ovirt-engine-sdk[master]: sdk: session based authentication for /localhost is broken #...

[mpastern at redhat.com]

Michael Pasternak has submitted this change and it was merged.

Change subject: sdk: session based authentication for /localhost is broken #916285
......................................................................


sdk: session based authentication for /localhost is broken #916285

detailed explanation:
=====================

REST-API introduced new functionality at #876641 to JSESSION
based authentication,

if HTTP header Prefer:persistent-auth is set and client sends
the Authorization header as well, - will be re-initiated new
JSESSION, what is made all clients sending both Prefer and
Authorization headers to get authorised again using Authorization
header and not JSESSION,

correct behaviour is:
====================

1. send Authorization & Prefer headers
2. store JSESSION returned in cookie
3. use for authorization Prefer header & JSESSION cookie

disabling session based authentication:
======================================

1. omit from request Prefer header
2. add Authorization header

https://bugzilla.redhat.com/show_bug.cgi?id=916285

Change-Id: Ief0ed86c26c2e74b8cc8f46d68b01f904c50d0e2
Signed-off-by: Michael Pasternak <mpastern at redhat.com>
---
M src/ovirtsdk/infrastructure/proxy.py
M src/ovirtsdk/web/connection.py
2 files changed, 68 insertions(+), 12 deletions(-)

Approvals:
  Michael Pasternak: Verified; Looks good to me, approved
  Ori Liel: Looks good to me, but someone else must approve


--
To view, visit http://gerrit.ovirt.org/12520
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ief0ed86c26c2e74b8cc8f46d68b01f904c50d0e2
Gerrit-PatchSet: 3
Gerrit-Project: ovirt-engine-sdk
Gerrit-Branch: master
Gerrit-Owner: Michael Pasternak <mpastern at redhat.com>
Gerrit-Reviewer: Michael Pasternak <mpastern at redhat.com>
Gerrit-Reviewer: Ori Liel <oliel at redhat.com>
Gerrit-Reviewer: Ravi Nori <rnori at redhat.com>