Hello everyone!
I wanted to find out how the impersonation technique used in oVirt works? I know from libvirt developers, that oVirt opens one connection only for multiple clients. How does this work?
Also I found out in source code that in ActionParameterBase class the sessionId field is marked transient but, for example, for GWT rpc message, which goes to the server and says what action will be made (shut down, pause vm) this is the only field in all sent information which says what the session is. Where is the session sent instead? There was also a field with session id in https headers, but this was related to cookie so I am not completely sure if this can help to identify the current user.