[ovirt-devel] Re: oVirt impersonation and sessions

On Sun, Nov 25, 2018 at 10:24 PM Anastasiya Ruzhanskaya < anastasiya.ruzhanskaya(a)frtk.ru&gt; wrote: > Hello everyone! > > I wanted to find out how the impersonation technique used in oVirt works? > I know from libvirt developers, that oVirt opens one connection only for > multiple clients. How does this work? > vdsm, on the hypervisor machine, funnels all the traffic from engine to libvirt. vdsm is therefore the only "client" of libvirt. > > Also I found out in source code that in ActionParameterBase class the > sessionId field is marked transient but, for example, for GWT rpc message, > which goes to the server and says what action will be made (shut down, > pause vm) this is the only field in all sent information which says what > the session is. Where is the session sent instead? There was also a field > with session id in https headers, but this was related to cookie so I am > not completely sure if this can help to identify the current user. > Yes, that's it. From the headers view in Chrome, on the GWT RPC messages: Cookie: JSESSIONID=VdzARh0xFJ8sVZXgG96dF_123cBUpQNfC3Kdz6e0.hostedengine > _______________________________________________ > Devel mailing list -- devel(a)ovirt.org > To unsubscribe send an email to devel-leave(a)ovirt.org > Privacy Statement: https://www.ovirt.org/site/privacy-policy/ > oVirt Code of Conduct: > https://www.ovirt.org/community/about/community-guidelines/ > List Archives: > https://lists.ovirt.org/archives/list/devel@ovirt.org/message/MHUIQLODX45... > -- GREG SHEREMETA SENIOR SOFTWARE ENGINEER - TEAM LEAD - RHV UX Red Hat NA <https://www.redhat.com/> gshereme(a)redhat.com IRC: gshereme <https://red.ht/sig>