Bug 1285883
Summary: | Align virt-viewer to engine SSO and remove proprietary HTTP session access | ||
---|---|---|---|
Product: | [oVirt] ovirt-engine | Reporter: | Alon Bar-Lev <alonbl> |
Component: | BLL.Virt | Assignee: | jniederm |
Status: | CLOSED CURRENTRELEASE | QA Contact: | sefi litmanovich <slitmano> |
Severity: | medium | Docs Contact: | |
Priority: | high | ||
Version: | 4.0.0 | CC: | amarchuk, bgraveno, bugs, eedri, iheim, mbetak, mgoldboi, michal.skrivanek, oourfali, rnori, sbonazzo, sigbjorn, tjelinek, vszocs |
Target Milestone: | ovirt-4.0.2 | Flags: | rule-engine:
ovirt-4.0.z+
rule-engine: blocker+ mgoldboi: planning_ack+ michal.skrivanek: devel_ack+ mavital: testing_ack+ |
Target Release: | 4.0.2.4 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Enhancement | |
Doc Text: |
The Virt Viewers .vv file's 'versions=' row requires a remote-viewer that supports the 'sso-token=' row. The minimum versions are:
- Windows (64-bit and 32-bit): 2.0-160
- Red Hat Enterprise Linux 7: 2.0-8
- Red Hat Enterprise Linux 6: No supporting sso-token planned.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2016-08-12 14:22:55 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | Virt | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1286696, 1324457, 1339247 | ||
Bug Blocks: | 975730, 1092744 |
Description
Alon Bar-Lev
2015-11-26 20:50:28 UTC
BTW: adding the feature as ability to set any header within the .vv as I recommended, would have made it possible to migrate into the new setup without implication of virt-viewer. Unfortunately we need to revisit this one. Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release. after initial investigation, please open follow up bugs on virt-viewer need to sync with https://gerrit.ovirt.org/#/c/49278/ and both Linux and Windows version of virt-viewer As we handle sessions differently, and if I understand the context correctly, this must be done in 4.0. (In reply to Oved Ourfali from comment #5) > As we handle sessions differently, and if I understand the context > correctly, this must be done in 4.0. AFAIK, in 4.0 the REST webapp will still support cookie-based server-side session mechanism [1]. This is because there might be systems/tools still relying on this mechanism. [1] http://www.ovirt.org/develop/release-management/features/infra/restsessionmanagement/ Anyway, in 4.0 we'd like to align UI with SSO, dropping reliance on REST webapp session mechanism. This impacts UI plugins + virt-viewer (vv file) integration. See commit msg [2] for details on impacts of this change. [2] https://gerrit.ovirt.org/#/c/49278/ Once BZ#1286696 is fixed & verified we can proceed with [2] and close this BZ thereafter. Moving from 4.0 alpha to 4.0 beta since 4.0 alpha has been already released and bug is not ON_QA. Update: https://gerrit.ovirt.org/#/c/49278/ is now merged in master -> console.vv file now contains `sso-token`, replacing the `jsessionid`. BZ#1286696 is still on POST with rhel-7.2.z? flag (not approved yet). oVirt 4.0 beta has been released, moving to RC milestone. oVirt 4.0 beta has been released, moving to RC milestone. This _is_ broken as of now as far as I know. Martin? @Vojtech: since the engine patch has been in for some time and both platform bugs BZ#1286696 and BZ#1339247 are now ON_QA is there anything else missing? (In reply to Martin Betak from comment #12) > @Vojtech: since the engine patch has been in for some time and both platform > bugs BZ#1286696 and BZ#1339247 are now ON_QA is there anything else missing? BZ#1339247 is for Windows edition of virt-viewer (mingw-virt-viewer). BZ#1286696 is for RHEL 7.3 virt-viewer. BZ#1344635 is for RHEL 7.2 virt-viewer -> this is what we need in RHEV 4. I think there's one more thing to do: update Engine `RemoteViewerSupportedVersions` config value to reflect supported virt-viewer version, similar to what was done in patch https://gerrit.ovirt.org/#/c/56616/ let's wait a bit until the virt-viewer hits the outside world... Moran, note there is no RHEL6 virt-viewer support (bug 1347656). So fixing this properly limits the console clients to RHEL7.2+ and Windows. (In reply to Michal Skrivanek from comment #15) > Moran, note there is no RHEL6 virt-viewer support (bug 1347656). So fixing > this properly limits the console clients to RHEL7.2+ and Windows. ack on the change, let's make sure documentation is covering it well, specifically on the product requirements definitions. Verified with rhevm-4.0.2.6-0.1.el7ev.noarch. The scope of this bz: version line in .vv file updated according to virt-viewer versions supporting sso-token. .vv file and engine-config contains the correct values. Verified that spice console doesn't open with rhel 6 client. Verified that spice console opens with rhel 7 with virt-viewer-2.0-11, windows 7 32 bit with 2.0-160 and windows 8 64 bit wiht 2.0-176. The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days |