[Engine-patches] Change in ovirt-engine[ovirt-engine-3.5]: webadmin: REST API login popup

awels Wed, 01 Apr 2015 06:39:48 -0700

Alexander Wels has uploaded a new change for review.

Change subject: webadmin: REST API login popup
......................................................................


webadmin: REST API login popup

- The REST API login popup would appear when one of the following was true:
  1 The engine session hard limit was reached (10 hours) and the REST API
    ping would happen before a refresh that would cause a logout.
  2 The REST API ping would not happen due to it detecting that the refresh
    flag was not set, however the engine would internally set the refresh
    on a sub query. This causes the REST api http session to expire and on
    a sub sequent ping would cause the popup to appear.

- This patch fixes 1. We take the hard limit into account and if we are close
  enough to the hard limit the REST API ping is disabled causing the natural
  logout of the webadmin UI to happen.

Change-Id: Ia09a6495268cacbb47019e3207a63c66205e9e03
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1206908
Signed-off-by: Alexander Wels <aw...@redhat.com>
---
M 
frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/WebAdminHostPageServlet.java
M 
frontend/webadmin/modules/frontend/src/test/java/org/ovirt/engine/ui/frontend/server/gwt/WebAdminHostPageServletTest.java
M 
frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/plugin/restapi/EngineSessionTimeoutData.java
M 
frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/plugin/restapi/RestApiSessionManager.java
M 
frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/system/ApplicationInit.java
5 files changed, 53 insertions(+), 16 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/47/39447/1

diff --git 
a/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/WebAdminHostPageServlet.java
 
b/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/WebAdminHostPageServlet.java
index 9259930..568d089 100644
--- 
a/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/WebAdminHostPageServlet.java
+++ 
b/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/server/gwt/WebAdminHostPageServlet.java
@@ -13,7 +13,9 @@
 
 import org.codehaus.jackson.node.ArrayNode;
 import org.codehaus.jackson.node.ObjectNode;
+import org.ovirt.engine.core.common.config.Config;
 import org.ovirt.engine.core.common.config.ConfigCommon;
+import org.ovirt.engine.core.common.config.ConfigValues;
 import org.ovirt.engine.core.common.queries.ConfigurationValues;
 import org.ovirt.engine.core.common.queries.GetConfigurationValueParameters;
 import org.ovirt.engine.core.common.queries.VdcQueryType;
@@ -56,8 +58,8 @@
         request.setAttribute(ATTR_PLUGIN_DEFS, 
getPluginDefinitionsArray(pluginData));
 
         // Set attribute for engineSessionTimeout object
-        Integer engineSessionTimeout = 
getEngineSessionTimeout(getEngineSessionId(request));
-        request.setAttribute(ATTR_ENGINE_SESSION_TIMEOUT, 
getEngineSessionTimeoutObject(engineSessionTimeout));
+        request.setAttribute(ATTR_ENGINE_SESSION_TIMEOUT, 
getEngineSessionTimeoutObject(getUserSessionTimeout(),
+                getUserSessionHardTimeout()));
 
         super.doGet(request, response);
     }
@@ -110,15 +112,18 @@
         return arr;
     }
 
-    protected Integer getEngineSessionTimeout(String sessionId) {
-        return (Integer) runPublicQuery(VdcQueryType.GetConfigurationValue,
-                new 
GetConfigurationValueParameters(ConfigurationValues.UserSessionTimeOutInterval,
-                        ConfigCommon.defaultConfigurationVersion), sessionId);
+    protected Integer getUserSessionTimeout() {
+        return Config.<Integer> 
getValue(ConfigValues.UserSessionTimeOutInterval);
     }
 
-    protected ObjectNode getEngineSessionTimeoutObject(Integer 
engineSessionTimeout) {
+    protected Integer getUserSessionHardTimeout() {
+        return Config.<Integer> getValue(ConfigValues.UserSessionHardLimit);
+    }
+
+    protected ObjectNode getEngineSessionTimeoutObject(Integer 
engineSessionTimeout, Integer userSessionHardLimit) {
         ObjectNode obj = createObjectNode();
-        obj.put("value", String.valueOf(engineSessionTimeout)); //$NON-NLS-1$
+        obj.put("sessionTimeout", String.valueOf(engineSessionTimeout)); 
//$NON-NLS-1$
+        obj.put("sessionHardLimit", String.valueOf(userSessionHardLimit)); 
//$NON-NLS-1$
         return obj;
     }
 
diff --git 
a/frontend/webadmin/modules/frontend/src/test/java/org/ovirt/engine/ui/frontend/server/gwt/WebAdminHostPageServletTest.java
 
b/frontend/webadmin/modules/frontend/src/test/java/org/ovirt/engine/ui/frontend/server/gwt/WebAdminHostPageServletTest.java
index 5227e14..29300f0 100644
--- 
a/frontend/webadmin/modules/frontend/src/test/java/org/ovirt/engine/ui/frontend/server/gwt/WebAdminHostPageServletTest.java
+++ 
b/frontend/webadmin/modules/frontend/src/test/java/org/ovirt/engine/ui/frontend/server/gwt/WebAdminHostPageServletTest.java
@@ -93,7 +93,7 @@
     public void testDoGet_ExtraAttributes_WithoutUserInfoObject() throws 
IOException, ServletException {
         
doReturn(mockApplicationModeObject).when(testServlet).getApplicationModeObject(any(Integer.class));
         
doReturn(mockPluginDefinitionsArray).when(testServlet).getPluginDefinitionsArray(anyListOf(PluginData.class));
-        
doReturn(mockEngineSessionTimeoutObject).when(testServlet).getEngineSessionTimeoutObject(any(Integer.class));
+        
doReturn(mockEngineSessionTimeoutObject).when(testServlet).getEngineSessionTimeoutObject(any(Integer.class),
 any(Integer.class));
         testServlet.doGet(mockRequest, mockResponse);
         
verify(mockRequest).setAttribute(WebAdminHostPageServlet.ATTR_APPLICATION_MODE, 
mockApplicationModeObject);
         
verify(mockRequest).setAttribute(WebAdminHostPageServlet.ATTR_PLUGIN_DEFS, 
mockPluginDefinitionsArray);
@@ -141,8 +141,9 @@
 
     @Test
     public void testGetEngineSessionTimeoutObject() {
-        ObjectNode result = 
testServlet.getEngineSessionTimeoutObject(Integer.valueOf(30));
-        assertEquals(result.get("value").asText(), "30"); //$NON-NLS-1$ 
//$NON-NLS-2$
+        ObjectNode result = testServlet.getEngineSessionTimeoutObject(30, 60);
+        assertEquals(result.get("sessionTimeout").asInt(), 30); //$NON-NLS-1$
+        assertEquals(result.get("sessionHardLimit").asInt(), 60); //$NON-NLS-1$
     }
 
 }
diff --git 
a/frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/plugin/restapi/EngineSessionTimeoutData.java
 
b/frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/plugin/restapi/EngineSessionTimeoutData.java
index 92a3f35..f0c89f8 100644
--- 
a/frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/plugin/restapi/EngineSessionTimeoutData.java
+++ 
b/frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/plugin/restapi/EngineSessionTimeoutData.java
@@ -14,8 +14,11 @@
         return $wnd.engineSessionTimeout;
     }-*/;
 
-    public native String getValue() /*-{
-        return this.value;
+    public native String getSessionTimeout() /*-{
+        return this.sessionTimeout;
     }-*/;
 
+    public native String getSessionHardLimit() /*-{
+        return this.sessionHardLimit;
+    }-*/;
 }
diff --git 
a/frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/plugin/restapi/RestApiSessionManager.java
 
b/frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/plugin/restapi/RestApiSessionManager.java
index f019b83..6bc5090 100644
--- 
a/frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/plugin/restapi/RestApiSessionManager.java
+++ 
b/frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/plugin/restapi/RestApiSessionManager.java
@@ -1,5 +1,6 @@
 package org.ovirt.engine.ui.webadmin.plugin.restapi;
 
+import java.util.Date;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -74,14 +75,22 @@
     private static final String ENGINE_AUTH_TOKEN_HEADER = 
"OVIRT-INTERNAL-ENGINE-AUTH-TOKEN"; //$NON-NLS-1$
 
     private static final int DEFAULT_ENGINE_SESSION_TIMEOUT = 30;
+    private static final int DEFAULT_HARD_LIMIT = 600;
+
+    private static final int MIN_IN_MS = 1000 * 60;
 
     // Heartbeat (delay) between REST API keep-alive requests
-    private static final int SESSION_HEARTBEAT_MS = 1000 * 60; // 1 minute
+    private static final int SESSION_HEARTBEAT_MS = MIN_IN_MS;
 
     private final EventBus eventBus;
     private final String restApiBaseUrl;
 
     private int restApiSessionTimeout;
+
+    private Integer restApiSessionHardlimit;
+    //On logout the page reloads and this will be reset.
+    private Date restApiLoginTimePlusHardLimit;
+
     private String restApiSessionId;
 
     private boolean refreshRestApiSession = false;
@@ -101,7 +110,8 @@
 
     @Override
     public void onEngineSessionRefreshed(EngineSessionRefreshedEvent event) {
-        if (restApiSessionId != null) {
+        if (restApiSessionId != null && (restApiLoginTimePlusHardLimit == null
+                || new Date().before(restApiLoginTimePlusHardLimit))) {
             refreshRestApiSession = true;
         }
     }
@@ -122,6 +132,22 @@
         restApiSessionTimeout = 2 * engineSessionTimeout;
     }
 
+    public void setHardLimit(String sessionHardLimit) {
+        try {
+            restApiSessionHardlimit = Integer.valueOf(sessionHardLimit); 
//Minutes
+        } catch (NumberFormatException ex) {
+            restApiSessionHardlimit = DEFAULT_HARD_LIMIT;
+        }
+    }
+
+    public void recordLoggedInTime() {
+        if (restApiSessionHardlimit > 0) {
+            restApiLoginTimePlusHardLimit = new Date();
+            
restApiLoginTimePlusHardLimit.setTime(restApiLoginTimePlusHardLimit.getTime()
+                    + ((restApiSessionHardlimit.longValue() - 1) * 
MIN_IN_MS)); //Subtract one refresh cycle to be sure we stop.
+        }
+    }
+
     /**
      * Build HTTP request to acquire new or keep-alive existing REST API 
session.
      * <p>
diff --git 
a/frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/system/ApplicationInit.java
 
b/frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/system/ApplicationInit.java
index 2df3460..8421331 100644
--- 
a/frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/system/ApplicationInit.java
+++ 
b/frontend/webadmin/modules/webadmin/src/main/java/org/ovirt/engine/ui/webadmin/system/ApplicationInit.java
@@ -78,7 +78,8 @@
         // Check for Engine user session timeout configuration
         EngineSessionTimeoutData engineSessionTimeoutData = 
EngineSessionTimeoutData.instance();
         if (engineSessionTimeoutData != null) {
-            
restApiSessionManager.setSessionTimeout(engineSessionTimeoutData.getValue());
+            
restApiSessionManager.setSessionTimeout(engineSessionTimeoutData.getSessionTimeout());
+            
restApiSessionManager.setHardLimit(engineSessionTimeoutData.getSessionHardLimit());
         }
 
         // Initiate transition to requested application place
@@ -110,6 +111,7 @@
         });
 
         performLogin(loginModel);
+        restApiSessionManager.recordLoggedInTime();
     }
 
     @Override


-- 
To view, visit https://gerrit.ovirt.org/39447
To unsubscribe, visit https://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia09a6495268cacbb47019e3207a63c66205e9e03
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: ovirt-engine-3.5
Gerrit-Owner: Alexander Wels <aw...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

[Engine-patches] Change in ovirt-engine[ovirt-engine-3.5]: webadmin: REST API login popup

Reply via email to