[Engine-devel] restapi - domains
Itamar Heim
iheim at redhat.com
Mon Mar 11 09:43:25 UTC 2013
On 03/11/2013 10:37 AM, Michael Pasternak wrote:
> On 03/11/2013 10:19 AM, Shireesh Anjal wrote:
>> On 03/09/2013 12:52 AM, Itamar Heim wrote:
>>> On 03/08/2013 06:04 AM, Shireesh Anjal wrote:
>>>> On 03/07/2013 01:05 PM, Aravinda wrote:
>>>>> We can have only two fields in login screen, username and password.
>>>>> Username will include domain name(username at domain).
>>>>>
>>>>> Default domain name can be "internal" if user didn't enter the domain
>>>>> name as part of username then we can append the default value and
>>>>> validate.
>>>>>
>>>>> Note: We use username at domain as username when we connect through
>>>>> <rest_api_url>/api
>>>>
>>>> The idea is to *not* have the user type in the domain name, but rather
>>>> let him/her choose one, just like what happens in webadmin. We should
>>>> try and minimize typing as much as possible when it comes to mobile apps.
>>>
>>> I think this was done on purpose for some reason to not provide a public api for the rest api, but i could be wrong and don't remember the detail.
>>> as the concepts of multi tenancy and multiple domains grow, providing the list of domains is considered an issue,
>>
>> Is it an issue specific to restapi? For we *do show* the list of domains in webadmin login screen.
yes, but we may want to remove that going forward and not show the
domains, as most sites don't, which allows using more domains, without
exposing them to other users.
>
> indeed, UI using public query for that, while in api each request has to be authenticated,
> as workaround, i suggest creating internal user for this purpose and using it in the app
> (internally) to fetch entities that should not require explicit authentication from the
> application PoV.
i assume rest api can use the public queries as well if we go that way?
>
>>
>>> and most systems today require user to provide their full user/domain (well, usually in the form of their email address).
>>>
>>>>
>>>>>
>>>>> --
>>>>> regards
>>>>> Aravinda
>>>>>
>>>>> On 03/07/2013 11:15 AM, Shireesh Anjal wrote:
>>>>>> Hi,
>>>>>>
>>>>>> We are trying to develop a simple android app to monitor and manage
>>>>>> gluster clusters by consuming the restapi exposed by engine. The
>>>>>> first screen is the login screen, which is similar to the webadmin
>>>>>> login screen. Here, we want to populate the combo box of "domains" by
>>>>>> fetching it from the restapi. However, the domains api cannot be
>>>>>> invoked without authentication! So we have a sort of a
>>>>>> chicken-and-egg problem.
>>>>>>
>>>>>> Any suggestions on how to tackle this? I feel the "domains" api
>>>>>> should be "public", in the sense it should not expect authentication.
>>>>>>
>>>>>> Regards,
>>>>>> Shireesh
>>>>>> _______________________________________________
>>>>>> Engine-devel mailing list
>>>>>> Engine-devel at ovirt.org
>>>>>> http://lists.ovirt.org/mailman/listinfo/engine-devel
>>>>>
>>>>> _______________________________________________
>>>>> Engine-devel mailing list
>>>>> Engine-devel at ovirt.org
>>>>> http://lists.ovirt.org/mailman/listinfo/engine-devel
>>>>
>>>> _______________________________________________
>>>> Engine-devel mailing list
>>>> Engine-devel at ovirt.org
>>>> http://lists.ovirt.org/mailman/listinfo/engine-devel
>>>
>>> _______________________________________________
>>> Engine-devel mailing list
>>> Engine-devel at ovirt.org
>>> http://lists.ovirt.org/mailman/listinfo/engine-devel
>>
>> _______________________________________________
>> Engine-devel mailing list
>> Engine-devel at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/engine-devel
>
>
More information about the Engine-devel
mailing list