Oved Ourfali has submitted this change and it was merged. Change subject: rest: session-management for REST API ......................................................................
rest: session-management for REST API This patch contains code changes for supporting session management in the REST API. Clients should work with it as follows: 1. On first request, pass a special Header: "Prefer: persistent-auth", to tell the server they expect the session to be persistent. The credentials should also be passed. 2. The server replies with a JSESSIONID cookie. 3. This cookie should be passes back to the server. The prefer header from step "1" should be passed as well. No credentials needed. 4. Repeat step 3 according to the amount of requests. 5. The client should pass the cookie without the header in case it wishes to close the session. 6. If the client, for some reason (like session timeout, if the session was idle for a long time) gets a challenge response from the server then he needs to pass the credentials again. See also: http://www.ovirt.org/wiki/Features/RESTSessionManagement Change-Id: I19bf58daab2d75c2677d90b09112a1876f5e870e --- M backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/ValidateSessionQuery.java M backend/manager/modules/restapi/interface/common/jaxrs/pom.xml M backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Challenger.java A backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/SessionUtils.java M backend/manager/modules/restapi/interface/common/jaxrs/src/main/java/org/ovirt/engine/api/common/security/auth/Validator.java M backend/manager/modules/restapi/interface/common/jaxrs/src/test/java/org/ovirt/engine/api/common/security/auth/ChallengerTest.java M backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/security/auth/LoginValidator.java M backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/util/SessionHelper.java M backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/AbstractBackendResourceTest.java M backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendApiResourceTest.java M backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/resource/BackendCapabilitiesResourceTest.java M backend/manager/modules/restapi/jaxrs/src/test/java/org/ovirt/engine/api/restapi/security/auth/LoginValidatorTest.java 12 files changed, 522 insertions(+), 81 deletions(-) Approvals: Oved Ourfali: Verified; Looks good to me, approved -- To view, visit http://gerrit.ovirt.org/3387 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: merged Gerrit-Change-Id: I19bf58daab2d75c2677d90b09112a1876f5e870e Gerrit-PatchSet: 13 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Oved Ourfali <[email protected]> Gerrit-Reviewer: Juan Hernandez <[email protected]> Gerrit-Reviewer: Ori Liel <[email protected]> Gerrit-Reviewer: Oved Ourfali <[email protected]> Gerrit-Reviewer: Roy Golan <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
