Re: [ovirt-users] autologin into vm desktop

This is a multi-part message in MIME format. --------------020602070409040204070000 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Yap, that the solution i was thinking about as "last resort". We have direct connection to engine, and currently we get connection parameters as this (after initializing connection, etc...): display = vm.get_display() ticket = vm.ticket().get_ticket() return { 'type': display.get_type(), 'address': display.get_address(), 'port': display.get_port(), 'secure_port': display.get_secure_port(), 'monitors': display.get_monitors(), 'cert_subject': display.get_certificate().get_subject(), 'ticket': { 'value': ticket.get_value(), 'expiry': ticket.get_expiry() } So we get all we need to connect. (we replace with returned data the ".vv" file created by oVirt admin on connect, and it works). Don't know exactly right now how to use vdsClient code for this, but i have already seen that it uses xmlrcp, so maybe, i can "invoke" the desktopLogin command using directly xmlrpc... will see We will make some tests on this, and let's see what happens Thank you very much for your help ;) Adolfo Gómez El 07/05/2015 a las 4:55, Dan Yasny escribió: --------------020602070409040204070000 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit <html> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <div class="moz-cite-prefix">Yap, that the solution i was thinking about as "last resort".<br> <br> We have direct connection to engine, and currently we get connection parameters as this (after initializing connection, etc...):<br> <br> <br>             display = vm.get_display()<br>             ticket = vm.ticket().get_ticket()<br>             return {<br>                 'type': display.get_type(),<br>                 'address': display.get_address(),<br>                 'port': display.get_port(),<br>                 'secure_port': display.get_secure_port(),<br>                 'monitors': display.get_monitors(),<br>                 'cert_subject': display.get_certificate().get_subject(),<br>                 'ticket': {<br>                     'value': ticket.get_value(),<br>                     'expiry': ticket.get_expiry()<br>                 }<br> <br> So we get all we need to connect. (we replace with returned data the ".vv" file created by oVirt admin on connect, and it works). Don't know exactly right now how to use vdsClient code for this, but i have already seen that it uses xmlrcp, so maybe, i can "invoke" the desktopLogin command using directly xmlrpc... will see<br> <br> We will make some tests on this, and let's see what happens<br> <br> Thank you very much for your help ;)<br> <br> Adolfo Gómez<br> <br> El 07/05/2015 a las 4:55, Dan Yasny escribió:<br> </div> <blockquote cite="mid:CALLXwb5Sb4gqiQaVhzDjQRaBHEC2k8BOzRo_e_BC+_b59ym41Q@mail.gmail.com" type="cite"> <div dir="ltr">You can pass the credentials directly to the guest agent using vdsClient on the host, among other things: <div><br> </div> <div> <div>desktopLock</div> <div>        &lt;vmId&gt;</div> <div>        Logoff current user</div> <div>desktopLogin</div> <div>        &lt;vmId&gt; &lt;domain&gt; &lt;user&gt; &lt;password&gt;</div> <div>        Login to vmId desktop using the supplied credentials</div> <div>desktopLogoff</div> <div>        &lt;vmId&gt; &lt;force&gt;</div> <div>        Lock user session. force should be set to true/false</div> </div> <div><br> </div> <div>Will probably require key based remote ssh execution, and API calls to the engine, to determine the host and VM UUID</div> </div> <div class="gmail_extra"><br> <div class="gmail_quote">On Wed, May 6, 2015 at 10:45 PM, Adolfo <span dir="ltr">&lt;<a moz-do-not-send="true" href="mailto:agomez@virtualcable.es" target=&quot;_blank&quot;&gt;agomez(a)virtualcable.es&lt;/a&gt;&amp;gt;&lt;/span&gt; wrote:<br> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> <div bgcolor="#FFFFFF" text="#000000"> <div>I know, but this all is used from "ovirt portal", and we are only using ovirt api, the portal is provided by own broker :)<br> <br> I'm currently looking at the code of vdsClient, to see if i can replicate the "desktopLogin" feature.<br> <br> This was why i was wondering if this is the place to post this, because it's more related to "development", but not to de development of ovirt itself (or yes, don't know right now... :) )<br> <br> Thank you<br> <br> Adolfo Gómez <div> <div class="h5"><br> <br> <br> El 07/05/2015 a las 4:40, Dan Yasny escribió:<br> </div> </div> </div> <div> <div class="h5"> <blockquote type="cite"> <div dir="ltr">This is exactly what the SSO feature is for.  <div><br> </div> <div><a moz-do-not-send="true" href="http://www.ovirt.org/Features/SSO" target="_blank">http://www.ovirt.org/Features/SSO</a>&... <div><a moz-do-not-send="true" href="http://www.ovirt.org/OVirt_Guest_Agent/Single_Sign_On/Windows&... target="_blank">http://www.ovirt.org/OVirt_Guest_Agent/Singl... <div><a moz-do-not-send="true" href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterpri... target="_blank">https://access.redhat.com/documentation/en-U... <div><br> </div> <div><br> </div> </div> </div> <div class="gmail_extra"><br> <div class="gmail_quote">On Wed, May 6, 2015 at 10:24 PM, Adolfo <span dir="ltr">&lt;<a moz-do-not-send="true" href="mailto:agomez@virtualcable.es" target=&quot;_blank&quot;&gt;agomez(a)virtualcable.es&lt;/a&gt;&amp;gt;&lt;/span&gt; wrote:<br> <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br> <br> My name is Adolfo. I'm in charge of the development of UDS, an open source connection broker (with commercial support if requested) (<a moz-do-not-send="true" href="http://www.ovirt.org/Universidad_de_Sevilla_Case_Study" target="_blank">http://www.ovirt.org/Universidad_de_Sevilla_... is done with it for example).<br> <br> I don't know if this is the place to post this "request for help", if not, please forgive me :)<br> <br> The case is that we are including Spice as an accepted protocol for connecting to VMs (currently we allow rdp, rgs, nx, ...) provided by oVirt, and we have found the following "issue".<br> <br> It's ease to get the connection parameters for the VM using REST api, even get the ticket for allowing connection, but i have been looking for a way "logging user" directly into desktop, not only connect to "display" but also "log in" into remote without needed to use a second authentication.<br> <br> I have seen that oVirt Portal currently allows this, and i have found also that vsdClient can do login using "vdsClient -s &lt;HOSTIP&gt; desktopLogin &lt;VMID&gt; &lt;DOMAIN&gt; &lt;USER&gt; &lt;PASSWORD&gt;", and although it is possible to use this, it will be a bit "tricky" to get it working i think.<br> <br> My question is... ¿Is any way of doing "desktop login" using REST API, or any other "simple method" from an external app such as this broker?.<br> <br> ¿If yes, how? :-)<br> ¿If not, will be support for this an anyone knows how?<br> <br> Thank you, and again, if this is not the correct list, sorry for the annoyance.<br> <br> Adolfo Gómez<br> <br> _______________________________________________<br> Users mailing list<br> <a moz-do-not-send="true" href="mailto:Users@ovirt.org" target=&quot;_blank&quot;&gt;Users(a)ovirt.org&lt;/a&gt;&lt;br&gt; <a moz-do-not-send="true" href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/mailman/listinfo/user... </blockquote> </div> <br> </div> </blockquote> <br> </div> </div> </div> </blockquote> </div> <br> </div> </blockquote> <br> </body> </html> --------------020602070409040204070000--