Hi,
in oVirt 4.0 the RestApiSessionAcquired event will be replaced
with API to create authenticated requests for Engine services.
Using REST API persistent session mechanism where UI acquires
a single session to be shared by all UI plugins led us to many
problems in the past, typically observed by end users as "Auth
Required" browser popups.
The new API proposed by [1] creates XMLHttpRequest object with
following properties:
* sets "Authorization: Bearer xxx" header before sending
* logs request and response details (enabled via API option)
[1]
https://gerrit.ovirt.org/#/c/49278/
Example:
var xhr = api.createEngineHttpRequest();
xhr.open('GET', 'http://example.com/ovirt-engine/api', true);
xhr.setRequestHeader('Accept', 'application/json');
xhr.send(null);
Since REST API persistent session mechanism currently relies
on cookie (JSESSIONID), individual UI plugins should not try
to create a REST session on their own to avoid any clashes.
Regards,
Vojtech