10:01 p.m.
Today user may set/change the guest console password and also its
expiration time through Kimchi API.
When passing an empty password, a random password is automatically
generated.
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept:
application/json"
http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"passwd": ""}}'
That way is difficult to handle when user wants to reset the guest password.
We have a similar issue when we automatically change the passwdValidTo
when it is expired - increasing it in 30 seconds.
My proposal is simple: only change "passwd" and "passwdValidTo" when
user wants to do it.
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept:
application/json"
http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"passwd":
"123456", "passwdValidTo": "<some datetime
format>"}}'
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept:
application/json"
http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"passwdValidTo": "<some datetime format>"}}'
And make sure the passwdValidTo is only acceptable when there is a
passwd set.
And to reset those values, we only need to send an empty string:
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept:
application/json"
http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"password":
"", "passwdValidTo": ""}}'
And create a new API: POST /vms/blah/ticket to automatically generate a
random password valid only for 30 seconds.
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept:
application/json"
http://localhost:8010/vms/blah/ticket -X POST -d'{}'
What do you think about it?
Regards,
Aline Manera
11:53 p.m.
On 10/13/2014 04:01 PM, Aline Manera wrote:
Today user may set/change the guest console password and also its
expiration time through Kimchi API.
When passing an empty password, a random password is automatically
generated.
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept: application/json"
http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"passwd":
""}}'
That way is difficult to handle when user wants to reset the guest
password.
We have a similar issue when we automatically change the passwdValidTo
when it is expired - increasing it in 30 seconds.
My proposal is simple: only change "passwd" and "passwdValidTo" when
user wants to do it.
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept: application/json"
http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"passwd":
"123456", "passwdValidTo": "<some datetime
format>"}}'
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept: application/json"
http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"passwdValidTo": "<some datetime format>"}}'
And make sure the passwdValidTo is only acceptable when there is a
passwd set.
And to reset those values, we only need to send an empty string:
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept: application/json"
http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"password":
"", "passwdValidTo": ""}}'
And create a new API: POST /vms/blah/ticket to automatically generate
a random password valid only for 30 seconds.
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept: application/json"
http://localhost:8010/vms/blah/ticket -X POST -d'{}'
Or even simpler, let UI create a random password and its expiration time
and use the PUT request to do that changes.
What do you think about it?
Regards,
Aline Manera
_______________________________________________
Kimchi-devel mailing list
Kimchi-devel(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/kimchi-devel
8:50 p.m.
Maybe we could think about it for 1.5 release
On 13/10/2014 17:53, Aline Manera wrote:
On 10/13/2014 04:01 PM, Aline Manera wrote:
> Today user may set/change the guest console password and also its
> expiration time through Kimchi API.
> When passing an empty password, a random password is automatically
> generated.
>
> curl -u <user:password> -H "Content-Type: application/json" -H
> "Accept: application/json"
> http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"passwd":
> ""}}'
>
> That way is difficult to handle when user wants to reset the guest
> password.
>
> We have a similar issue when we automatically change the
> passwdValidTo when it is expired - increasing it in 30 seconds.
>
> My proposal is simple: only change "passwd" and "passwdValidTo"
when
> user wants to do it.
>
> curl -u <user:password> -H "Content-Type: application/json" -H
> "Accept: application/json"
> http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"passwd":
> "123456", "passwdValidTo": "<some datetime
format>"}}'
>
> curl -u <user:password> -H "Content-Type: application/json" -H
> "Accept: application/json"
> http://localhost:8010/vms/blah -X PUT -d'{"graphics":
> {"passwdValidTo": "<some datetime format>"}}'
>
> And make sure the passwdValidTo is only acceptable when there is a
> passwd set.
>
> And to reset those values, we only need to send an empty string:
>
> curl -u <user:password> -H "Content-Type: application/json" -H
> "Accept: application/json"
> http://localhost:8010/vms/blah -X PUT -d'{"graphics":
> {"password": "", "passwdValidTo": ""}}'
>
> And create a new API: POST /vms/blah/ticket to automatically generate
> a random password valid only for 30 seconds.
>
> curl -u <user:password> -H "Content-Type: application/json" -H
> "Accept: application/json"
> http://localhost:8010/vms/blah/ticket -X POST -d'{}'
Or even simpler, let UI create a random password and its expiration
time and use the PUT request to do that changes.
>
> What do you think about it?
>
> Regards,
> Aline Manera
>
> _______________________________________________
> Kimchi-devel mailing list
> Kimchi-devel(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/kimchi-devel
>
_______________________________________________
Kimchi-devel mailing list
Kimchi-devel(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/kimchi-devel
8:54 p.m.
+1
On 13-10-2014 16:01, Aline Manera wrote:
Today user may set/change the guest console password and also its
expiration time through Kimchi API.
When passing an empty password, a random password is automatically
generated.
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept: application/json"
http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"passwd":
""}}'
That way is difficult to handle when user wants to reset the guest
password.
We have a similar issue when we automatically change the passwdValidTo
when it is expired - increasing it in 30 seconds.
My proposal is simple: only change "passwd" and "passwdValidTo" when
user wants to do it.
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept: application/json"
http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"passwd":
"123456", "passwdValidTo": "<some datetime
format>"}}'
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept: application/json"
http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"passwdValidTo": "<some datetime format>"}}'
And make sure the passwdValidTo is only acceptable when there is a
passwd set.
And to reset those values, we only need to send an empty string:
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept: application/json"
http://localhost:8010/vms/blah -X PUT -d'{"graphics":
{"password":
"", "passwdValidTo": ""}}'
And create a new API: POST /vms/blah/ticket to automatically generate
a random password valid only for 30 seconds.
curl -u <user:password> -H "Content-Type: application/json" -H
"Accept: application/json"
http://localhost:8010/vms/blah/ticket -X POST -d'{}'
What do you think about it?
Regards,
Aline Manera
_______________________________________________
Kimchi-devel mailing list
Kimchi-devel(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/kimchi-devel
3523
days inactive
3694
days old
3 comments
2 participants
participants (2)
-
Aline Manera -
Crístian Viana