Michael Pasternak has posted comments on this change. Change subject: packaging: api: redirect /api to /ovirt-engine/api using rewrite rules ......................................................................
Patch Set 1: (1 comment) .................................................... File backend/manager/modules/restapi/webapp/src/main/webapp/WEB-INF/web.xml Line 26: <session-config> Line 27: <session-timeout>180</session-timeout> Line 28: <cookie-config> Line 29: <path>/</path> Line 30: </cookie-config> Alon, i'm perfectly understand your use-case, but what i'm trying to explain is that user never works with /api, with your previous patch (ForwardServlet) you've got to processing logic with url /api/events, and context was called /api, in this patch url was changed by jboss rewrite rule to /ovirt-engine/api before it got to processing logic, therefore context is called /ovirt-engine-api in container (always) thus container is not aware /api at any time (doesn't matter what url is used /api or /ovirt-engine/api) and therefore no need to make cookie available at Path=/, it was needed only when we where operation on both /api and /ovirt-engine/api and had nothing in common in these URLs to call it root, now having Path=/ is unnecessary security breach that makes auth-cookie available for all apps running in container, if for some reason it doesn't work, i believe it's due to missing config in "rewrite rules". Line 31: </session-config> -- To view, visit http://gerrit.ovirt.org/21566 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I2ad9bb362719c7805be9f69d7e14bd3ad7b1f5c7 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Alexander Wels <aw...@redhat.com> Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com> Gerrit-Reviewer: Michael Pasternak <mpast...@redhat.com> Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
