Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1096313

Summary: ui plugins cannot access the rest-api after logout->re-login to the web-admin
Product: Red Hat Enterprise Virtualization Manager Reporter: Einav Cohen <ecohen>
Component: ovirt-engine-webadmin-portalAssignee: Alexander Wels <awels>
Status: CLOSED NOTABUG QA Contact: Pavel Stehlik <pstehlik>
Severity: high Docs Contact:
Priority: high    
Version: 3.4.0CC: acathrow, ecohen, gklein, iheim, Rhev-m-bugs, yeylon, ykaul
Target Milestone: ---Keywords: Regression
Target Release: 3.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: ux
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-05-09 20:16:06 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Einav Cohen 2014-05-09 15:59:44 UTC 
Description of problem:

the web-admin ui-plugins infrastructure creates a rest-api session id upon login to the web-admin. this rest-api session id is used by the ui-plugins that wish to use the rest-api. 

we used to store the rest-api session id in the browser's local-storage.
in patch http://gerrit.ovirt.org/#/c/26807/ we changed that and now the rest-api session id is stored in the web-admin's http-session. 

once we log out of the web-admin, the web-admin http-session is lost (hence, the rest-api session id stored in it is lost too). 
logging back into the web-admin, the ui-plugins infrastructure attempts to access the rest-api, which typically results in creating a new rest-api session id that is returned to the web-admin and stored there. but since the rest-api session is actually still alive, no rest-api session is created and no rest-api session id is returned to the web-admin. so now, the web-admin doesn't have a rest-api session id, so all ui-plugins attempting to access the rest-api are failing to do so. 

Version-Release number of selected component (if applicable):
3.4 [av8]

How reproducible:
100%

Steps to Reproduce:
1. install a ui-plugin that uses the rest-api
2. login to the web-admin
3. log out of the web-admin
4. login to the web-admin again

Actual results:
the ui-plugin that uses the rest-api cannot access the rest-api anymore. 

Expected results:
the ui-plugin that uses the rest-api can access the rest-api
Comment 1 Einav Cohen 2014-05-09 16:00:58 UTC 
for 3.4 - recommending to revert http://gerrit.ovirt.org/#/c/26807/ (due to schedule considerations)
Comment 3 Einav Cohen 2014-05-09 20:16:06 UTC 
my mistake - this is not a regression; before, when the rest-api session id was stored in the local-storage (rather than the web-admin http-session), it was cleared from the local-storage upon logout. 

so we haven't really changed anything critical when introducing the persistence-method-change - the persisted rest-api session id is (and always was) lost upon logout. 

note that upon login->logout->login, the RestApiSessionAcquired event is not (and never was) fired, not sure if this is a bug or not; if it is, it can be tracked in a separate BZ.