Michael Pasternak has submitted this change and it was merged. Change subject: sdk: session based authentication for /localhost is broken #916285 ...................................................................... sdk: session based authentication for /localhost is broken #916285 detailed explanation: ===================== REST-API introduced new functionality at #876641 to JSESSION based authentication, if HTTP header Prefer:persistent-auth is set and client sends the Authorization header as well, - will be re-initiated new JSESSION, what is made all clients sending both Prefer and Authorization headers to get authorised again using Authorization header and not JSESSION, correct behaviour is: ==================== 1. send Authorization & Prefer headers 2. store JSESSION returned in cookie 3. use for authorization Prefer header & JSESSION cookie disabling session based authentication: ====================================== 1. omit from request Prefer header 2. add Authorization header https://bugzilla.redhat.com/show_bug.cgi?id=916285 Change-Id: Ief0ed86c26c2e74b8cc8f46d68b01f904c50d0e2 Signed-off-by: Michael Pasternak <mpastern(a)redhat.com&gt; --- M src/ovirtsdk/infrastructure/proxy.py M src/ovirtsdk/web/connection.py 2 files changed, 68 insertions(+), 12 deletions(-) Approvals: Michael Pasternak: Verified; Looks good to me, approved Ori Liel: Looks good to me, but someone else must approve -- To view, visit http://gerrit.ovirt.org/12520 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: Ief0ed86c26c2e74b8cc8f46d68b01f904c50d0e2 Gerrit-PatchSet: 3 Gerrit-Project: ovirt-engine-sdk Gerrit-Branch: master Gerrit-Owner: Michael Pasternak <mpastern(a)redhat.com&gt; Gerrit-Reviewer: Michael Pasternak <mpastern(a)redhat.com&gt; Gerrit-Reviewer: Ori Liel <oliel(a)redhat.com&gt; Gerrit-Reviewer: Ravi Nori <rnori(a)redhat.com&gt;