Bug 1164300 - [RFE][AAA] Allow browser to save credentials for User Portal
Summary: [RFE][AAA] Allow browser to save credentials for User Portal
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: RFEs
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ovirt-4.0.0-rc
: 4.0.0
Assignee: Ravi Nori
QA Contact: Pavel Novotny
URL:
Whiteboard:
Depends On:
Blocks: ovirt-aaa-sso
TreeView+ depends on / blocked
 
Reported: 2014-11-14 15:26 UTC by Tim Speetjens
Modified: 2019-10-10 09:34 UTC (History)
13 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
With this release, the user's browser setting for saving user names and passwords will be used for the User Portal login screen.
Clone Of:
Environment:
Last Closed: 2016-08-23 20:21:50 UTC
oVirt Team: Infra
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1164302 0 medium CLOSED [RFE][AAA] Allow browser to save credentials for WebAdmin 2021-02-22 00:41:40 UTC
Red Hat Product Errata RHEA-2016:1743 0 normal SHIPPED_LIVE Red Hat Virtualization Manager 4.0 GA Enhancement (ovirt-engine) 2016-09-02 21:54:01 UTC

Internal Links: 1164302

Description Tim Speetjens 2014-11-14 15:26:43 UTC
Users expect the browser to propose to cache credentials, however, this functionality does not work when logging into the RHEV User Portal.

Comment 5 Yaniv Kaul 2016-06-07 14:18:14 UTC
1. This is actually a security issue - but I assume if customers do not want this, they can turn off it on the browser side - so I assume we do not need on our side the ability to turn on or off this.
2. It seems to be working (on 4.0) already for the admin portal - so is it just fixing the user portal?

Comment 6 Martin Perina 2016-06-07 14:25:06 UTC
(In reply to Yaniv Kaul from comment #5)
> 1. This is actually a security issue - but I assume if customers do not want
> this, they can turn off it on the browser side - so I assume we do not need
> on our side the ability to turn on or off this.

I agree, but during SSO refactoring we changed login screen, so it conforms to current practise. So browser will ask a user to store the password or even fill-in stored password depending on user's browser configuration.

> 2. It seems to be working (on 4.0) already for the admin portal - so is it
> just fixing the user portal?

It was not possible to store password for both in 3.x, but in 4.0 storing password is available for both.

Comment 7 Ravi Nori 2016-06-07 14:46:38 UTC
This is fixed as part of SSO work in 4.0, the browser setting for saving user name and password will be used for the login screen.

Comment 8 Martin Perina 2016-06-13 14:09:22 UTC
Merged long time ago and definitely part of 4.0.0.4 build

Comment 9 Pavel Novotny 2016-07-15 16:46:42 UTC
Verified in rhevm-4.0.2-0.2.rc1.el7ev.noarch.

Browsers now offer the user to save credentials for the SSO login page.
For details see bug 1164302 comment 9.

Comment 11 errata-xmlrpc 2016-08-23 20:21:50 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-1743.html


Note You need to log in before you can comment on or make changes to this bug.