[Kimchi-devel] [RFC] New API to create a random guest console password
Aline Manera
alinefm at linux.vnet.ibm.com
Thu Apr 2 17:50:13 UTC 2015
Maybe we could think about it for 1.5 release
On 13/10/2014 17:53, Aline Manera wrote:
>
> On 10/13/2014 04:01 PM, Aline Manera wrote:
>> Today user may set/change the guest console password and also its
>> expiration time through Kimchi API.
>> When passing an empty password, a random password is automatically
>> generated.
>>
>> curl -u <user:password> -H "Content-Type: application/json" -H
>> "Accept: application/json"
>> http://localhost:8010/vms/blah -X PUT -d'{"graphics": {"passwd":
>> ""}}'
>>
>> That way is difficult to handle when user wants to reset the guest
>> password.
>>
>> We have a similar issue when we automatically change the
>> passwdValidTo when it is expired - increasing it in 30 seconds.
>>
>> My proposal is simple: only change "passwd" and "passwdValidTo" when
>> user wants to do it.
>>
>> curl -u <user:password> -H "Content-Type: application/json" -H
>> "Accept: application/json"
>> http://localhost:8010/vms/blah -X PUT -d'{"graphics": {"passwd":
>> "123456", "passwdValidTo": "<some datetime format>"}}'
>>
>> curl -u <user:password> -H "Content-Type: application/json" -H
>> "Accept: application/json"
>> http://localhost:8010/vms/blah -X PUT -d'{"graphics":
>> {"passwdValidTo": "<some datetime format>"}}'
>>
>> And make sure the passwdValidTo is only acceptable when there is a
>> passwd set.
>>
>> And to reset those values, we only need to send an empty string:
>>
>> curl -u <user:password> -H "Content-Type: application/json" -H
>> "Accept: application/json"
>> http://localhost:8010/vms/blah -X PUT -d'{"graphics":
>> {"password": "", "passwdValidTo": ""}}'
>>
>
>> And create a new API: POST /vms/blah/ticket to automatically generate
>> a random password valid only for 30 seconds.
>>
>> curl -u <user:password> -H "Content-Type: application/json" -H
>> "Accept: application/json"
>> http://localhost:8010/vms/blah/ticket -X POST -d'{}'
>
> Or even simpler, let UI create a random password and its expiration
> time and use the PUT request to do that changes.
>
>>
>> What do you think about it?
>>
>> Regards,
>> Aline Manera
>>
>> _______________________________________________
>> Kimchi-devel mailing list
>> Kimchi-devel at ovirt.org
>> http://lists.ovirt.org/mailman/listinfo/kimchi-devel
>>
>
> _______________________________________________
> Kimchi-devel mailing list
> Kimchi-devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/kimchi-devel
>
More information about the Kimchi-devel
mailing list