Bug 1164300

Summary: [RFE][AAA] Allow browser to save credentials for User Portal
Product: Red Hat Enterprise Virtualization Manager Reporter: Tim Speetjens <tspeetje>
Component: RFEsAssignee: Ravi Nori <rnori>
Status: CLOSED ERRATA QA Contact: Pavel Novotny <pnovotny>
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: gklein, gshereme, iheim, lpeer, lsurette, mgoldboi, mperina, oourfali, pablo.iranzo, rbalakri, srevivo, trichard, ykaul
Target Milestone: ovirt-4.0.0-rcKeywords: FutureFeature
Target Release: 4.0.0   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
With this release, the user's browser setting for saving user names and passwords will be used for the User Portal login screen.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2016-08-23 20:21:50 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1092744    

Description Tim Speetjens 2014-11-14 15:26:43 UTC 
Users expect the browser to propose to cache credentials, however, this functionality does not work when logging into the RHEV User Portal.
Comment 5 Yaniv Kaul 2016-06-07 14:18:14 UTC 
1. This is actually a security issue - but I assume if customers do not want this, they can turn off it on the browser side - so I assume we do not need on our side the ability to turn on or off this.
2. It seems to be working (on 4.0) already for the admin portal - so is it just fixing the user portal?
Comment 6 Martin Perina 2016-06-07 14:25:06 UTC 
(In reply to Yaniv Kaul from comment #5)
> 1. This is actually a security issue - but I assume if customers do not want
> this, they can turn off it on the browser side - so I assume we do not need
> on our side the ability to turn on or off this.

I agree, but during SSO refactoring we changed login screen, so it conforms to current practise. So browser will ask a user to store the password or even fill-in stored password depending on user's browser configuration.

> 2. It seems to be working (on 4.0) already for the admin portal - so is it
> just fixing the user portal?

It was not possible to store password for both in 3.x, but in 4.0 storing password is available for both.
Comment 7 Ravi Nori 2016-06-07 14:46:38 UTC 
This is fixed as part of SSO work in 4.0, the browser setting for saving user name and password will be used for the login screen.
Comment 8 Martin Perina 2016-06-13 14:09:22 UTC 
Merged long time ago and definitely part of 4.0.0.4 build
Comment 9 Pavel Novotny 2016-07-15 16:46:42 UTC 
Verified in rhevm-4.0.2-0.2.rc1.el7ev.noarch.

Browsers now offer the user to save credentials for the SSO login page.
For details see bug 1164302 comment 9.
Comment 11 errata-xmlrpc 2016-08-23 20:21:50 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-1743.html