Marking as Improvement although this is a bug that could not be resolved in previous versions due to backward compatibility with existing UIPlugins. The UIPlugins should use the restapi in stateless mode, avoiding the issues introduced by inactivity, credential management, session lifecycle, resource leak (currently we leak sessions for a very long time as they set to hard limit) and similar. We discussed that many times, and 4.0 is the time to do that. The UIPlugin should hand over the http request to the infrastructure so it can add custom headers before request is actually performed. In most cases the infrastructure will just set the authorization header / plain header with the authentication token. I also suggest the UIPlugin will hand over the response to the infrastructure so it can extract important information out of it if it likes. Another option: the infrastructure will actually perform the http request.
> Another option: the infrastructure will actually perform the http request. I prefer this option, e.g. expose service to UI plugins for talking with REST API that takes care of specific HTTP request details and processing.
Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release.
Vojtech - we already handled this one, right?
(In reply to Oved Ourfali from comment #4) > Vojtech - we already handled this one, right? Following action items (on me) are needed to close this one: 1, update https://gerrit.ovirt.org/#/c/49278/ according to Ravi's feedback & build Engine with patch applied for verification 2, [virt-viewer integration] verify VM console connect using virt-viewer build from https://bugzilla.redhat.com/show_bug.cgi?id=1286696#c17 3, [UI plugin API change] verify `api.ssoToken()` by writing sample UI plugin, attach the sample UI plugin to BZ for reference 4, ask BZ#1286696 assignee (Christophe) to merge relevant virt-viewer changes & update BZ status accordingly 5, merge https://gerrit.ovirt.org/#/c/49278/ and move this BZ to MODIFIED 6, announce on oVirt devel list breaking change in UI plugin API, provide sample code on how to migrate existing UI plugins to use the new API
Created attachment 1139621 [details] SSO test UI plugin Attaching sample UI plugin to test the newly introduced `api.ssoToken()` function. Just extract files into $PREFIX/share/ovirt-engine/ui-plugins (where $PREFIX is usually /usr) and reload WebAdmin in your browser. Engine restart is not necessary.
Moving from 4.0 alpha to 4.0 beta since 4.0 alpha has been already released and bug is not ON_QA.
Vojtech - where do we stand with this one?
(In reply to Oved Ourfali from comment #8) > Vojtech - where do we stand with this one? Waiting for Christophe to verify upstream virt-viewer SSO changes. Once verified, the process should be: - merge https://gerrit.ovirt.org/#/c/49278/ & move BZ to MODIFIED - announce on oVirt devel the breaking change in UI plugin API We should open another BZ -- once the virt-viewer build [1] lands in Fedora/RHEL(/Win?), update "RemoteViewerSupportedVersions" Engine config value according to [2]. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1286696 [2] https://gerrit.ovirt.org/#/c/56616/
(In reply to vszocs from comment #9) > (In reply to Oved Ourfali from comment #8) > > Vojtech - where do we stand with this one? > > Waiting for Christophe to verify upstream virt-viewer SSO changes. > > Once verified, the process should be: > - merge https://gerrit.ovirt.org/#/c/49278/ & move BZ to MODIFIED > - announce on oVirt devel the breaking change in UI plugin API > > We should open another BZ -- once the virt-viewer build [1] lands in > Fedora/RHEL(/Win?), update "RemoteViewerSupportedVersions" Engine config > value according to [2]. > > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1286696 > [2] https://gerrit.ovirt.org/#/c/56616/ We need to merge that before feature freeze. I guess this might get an exception if not, but we should try.
Update: BZ#1324457 is now ON_QA, fixed in version = libgovirt-0.3.3-2.el7
Verified on ovirt-engine-4.0.0-0.0.master.20160523171412.git1a7a1f3.el7.centos.noarch
oVirt 4.0.0 has been released, closing current release.