Change in ovirt-engine[master]: webadmin: Improve UI Plugin vs. REST API integration
vszocs at redhat.com
vszocs at redhat.com
Wed Jan 15 16:56:25 UTC 2014
Vojtech Szocs has submitted this change and it was merged.
Change subject: webadmin: Improve UI Plugin vs. REST API integration
......................................................................
webadmin: Improve UI Plugin vs. REST API integration
This patch provides client-side fix for following use case:
a. assume restapi-session-timeout > engine-session-timeout
- UI Plugin infra uses restapi-session-timeout=360min
- by default, engine-session-timeout=30min
b. user logs into WebAdmin, WebAdmin's UI Plugin infra acquires
REST API session (using GUI login credentials)
c. user is inactive for engine-session-timeout [min]
- Engine session will be invalidated
- however, REST API session is still active
d. WebAdmin detects that Engine session is invalid and takes
the user back to login screen
e. user logs into WebAdmin again, WebAdmin's UI Plugin infra
tries to acquire REST API session again
- REST API session (JSESSIONID cookie) is still active
so backend will reuse it
- REST API backend attempts to validate the Engine session,
the Engine session is invalid so backend sends HTTP 401
"Auth Required" response to client
f. as a result:
- user sees "Auth Required" browser-specific popup in browser
- UI Plugin vs. REST API integration is broken for current
user login session, i.e. WebAdmin didn't receive JSESSIONID
response header from REST API backend
This patch makes following changes:
- detect current Engine session timeout, embed it into WebAdmin
host page and read it during WebAdmin startup
- tell RestApiSessionManager to acquire REST API session using
timeout = current-engine-session-timeout
- while the user stays authenticated in WebAdmin GUI, keep
REST API *and* Engine session alive via heartbeat requests [1]
This has following implications on existing UI plugins:
- REST API session timeout is no longer 360min (it's now equal
to current-engine-session-timeout) so plugins and/or other
systems utilizing REST API session should be prepared to deal
with shorter timeout periods [2]
- plugins and/or other systems utilizing REST API session can
now rely on session keep-alive behavior implemented in GUI [3]
[1] keep-alive behavior re-introduced after changes in patch
http://gerrit.ovirt.org/#/c/14411/
[2] in practice, REST API session is usable only as long as
the associated Engine session is active
[3] keep-alive active as long as the user stays authenticated
while having WebAdmin GUI open in the browser
Change-Id: I0b913e78c0ddb54011670c421d6ff5d12c965d6b
Bug-Url: https://bugzilla.redhat.com/1011058
Signed-off-by: Vojtech Szocs <vszocs at redhat.com>
---
M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/Backend.java
M backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/ConfigurationValues.java
M frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/WebAdminHostPageServlet.java
M frontend/webadmin/modules/frontend/src/main/resources/META-INF/resources/GwtHostPage.jsp
M frontend/webadmin/modules/frontend/src/test/java/org/ovirt/engine/ui/frontend/server/gwt/WebAdminHostPageServletTest.java
A frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/plugin/restapi/EngineSessionTimeoutData.java
M frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/plugin/restapi/RestApiSessionManager.java
M frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/system/ApplicationInit.java
8 files changed, 121 insertions(+), 9 deletions(-)
Approvals:
Vojtech Szocs: Verified; Looks good to me, approved
--
To view, visit http://gerrit.ovirt.org/20404
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I0b913e78c0ddb54011670c421d6ff5d12c965d6b
Gerrit-PatchSet: 3
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Vojtech Szocs <vszocs at redhat.com>
Gerrit-Reviewer: Alexander Wels <awels at redhat.com>
Gerrit-Reviewer: Daniel Erez <derez at redhat.com>
Gerrit-Reviewer: Einav Cohen <ecohen at redhat.com>
Gerrit-Reviewer: Greg Sheremeta <gshereme at redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernandez at redhat.com>
Gerrit-Reviewer: Tomas Jelinek <tjelinek at redhat.com>
Gerrit-Reviewer: Vojtech Szocs <vszocs at redhat.com>
Gerrit-Reviewer: Yair Zaslavsky <yzaslavs at redhat.com>
Gerrit-Reviewer: oVirt Jenkins CI Server
More information about the Engine-commits
mailing list