Who is the customer behind the request?
Account: name (acct #) Richard Davis (PGDS UK Limited) / 947978
TAM customer: no/yes no
SRM customer: no/yes Yes
Strategic: no/yes Yes
What is the nature and description of the request?
Currently API calls generate a login/logout event for every call. Customer would like to be able to configure this logging (enable/disable).
Why does the customer need this? (List the business requirements here)
To prevent spamming the Event log with login/logout event every time we interact with RHEV using the APIs.
How would the customer like to achieve this? (List the functional requirements here)
Either be able to disable this logging or, ideally according to the customer, have a readonly account that can make API calls but not have the login/logout messages logged
Is there already an existing RFE upstream or in Red Hat Bugzilla?
Not for this explicitly, however BZ1036896 is open for the readonly admin account feature
Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)?
They would like this in 3.3, however I have explained that this is unlikely given 3.3 is in the latter stages of public beta
Is the sales team involved in this request and do they have any additional input?
Would the customer be able to assist in testing this functionality if implemented?
API calls generate a login/logout event only if not using persistent authentication. If using the Python or Java SDKs this should happen automatically. If the customer is accessing the RESTAPI in some other ways then solution to this problem is to explicitly use persistent authentication. The first request sent by the client should contain the "Prefer" header and the authentication details:
GET /api HTTP/1.1
Authorization: Basic YWRtaW5AaW50ZXJuYWw6cmVkaGF0MTIz
The server will return the response, including a session cookie:
HTTP/1.1 200 OK
Header: Date: Fri, 10 Jan 2014 15:32:20 GMT
Set-Cookie: JSESSIONID=4RNIBiN40YTHC61APsDL-1Tx; Path=/api; Secure
Further requests should send again the "Prefer" header and the session cookie:
GET /api/vms HTTP/1.1
This will generate only one session in the server side, and only one login message in the log.
For more details see here:
I would suggest to use one of the SDKs, as they provide this for free, and simplify the development.
If this is enough for the customer I would suggest to close the bug as NOTABUG.
Closing this as NOTABUG per C#1