Bug 1181030 - [RFE] [3.6.1] add possibility to sign websocket proxy ticket
Summary: [RFE] [3.6.1] add possibility to sign websocket proxy ticket
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: ovirt-engine
Classification: oVirt
Component: RestAPI
Version: ---
Hardware: Unspecified
OS: Unspecified
high
medium
Target Milestone: ovirt-3.6.0-rc
: 3.6.0
Assignee: jniederm
QA Contact: Petr Kubica
URL:
Whiteboard:
Depends On:
Blocks: 1132506
TreeView+ depends on / blocked
 
Reported: 2015-01-12 09:02 UTC by Tomas Jelinek
Modified: 2016-02-10 12:49 UTC (History)
9 users (show)

Fixed In Version: 3.6.0-4_alpha3
Doc Type: Enhancement
Doc Text:
Feature: REST API can provide ticket allowing connection to websocket proxy POST /vms/{vmid}/graphicsconsoles/{consoleid}/proxyticket <action/> - <action> <proxy_ticket> <value>ticket_content</value> </proxy_ticket> </action> Reason: Result:
Clone Of:
Environment:
Last Closed: 2016-02-10 12:49:15 UTC
oVirt Team: Virt
Embargoed:
rule-engine: ovirt-3.6.0+
ylavi: planning_ack+
rule-engine: devel_ack+
pstehlik: testing_ack+

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
oVirt gerrit 42412 0 master MERGED restapi: Get signed WebSocket proxy ticket over REST Never
oVirt gerrit 43173 0 master MERGED core, webadmin: GetSignedWebsocketProxyTicketQuery added Never

Description Tomas Jelinek 2015-01-12 09:02:06 UTC 
When connecting to a websocket proxy using a SPICE HTML5 or noVNC, the websocket proxy needs to get the websocket proxy ticket (host, port, ssl_target) signed using the engine's certificate. The web clients (webadmin/userportal) are using a custom GWT RPC query (SignStringQuery) which is not exposed to REST API. 

The problem is that currently no other client than webadmin or userportal is able to open a SPICE HTML5 nor noVNC since we can not generate the signed ticket without the proper REST support.
Comment 1 Michal Skrivanek 2015-05-21 08:40:13 UTC 
this is required for moVirt console integration too
Comment 2 Petr Kubica 2016-02-09 09:59:18 UTC 
Verified in rhevm-3.6.3-0.1
Note You need to log in before you can comment on or make changes to this bug.