We had long discussion about this in bug#975730, gerrit and offline. It was a mistake to add non standard approach to hijack session, it was a mistake to alter another project to use something that is far from being an interface of product, but you implemented anyway. Now time to revert. Please open a bug that blocks this with virt-viewer to use the SSO token to access the restapi instead of using the http session. The usage of SSO token is specified here[1]. In nut shell it is accessible by adding: Authorization: Bearer TOKEN TOKEN is available within application. [1] http://www.ovirt.org/Features/UniformSSOSupport
BTW: adding the feature as ability to set any header within the .vv as I recommended, would have made it possible to migrate into the new setup without implication of virt-viewer. Unfortunately we need to revisit this one.
Target release should be placed once a package build is known to fix a issue. Since this bug is not modified, the target version has been reset. Please use target milestone to plan a fix for a oVirt release.
after initial investigation, please open follow up bugs on virt-viewer need to sync with https://gerrit.ovirt.org/#/c/49278/ and both Linux and Windows version of virt-viewer
As we handle sessions differently, and if I understand the context correctly, this must be done in 4.0.
(In reply to Oved Ourfali from comment #5) > As we handle sessions differently, and if I understand the context > correctly, this must be done in 4.0. AFAIK, in 4.0 the REST webapp will still support cookie-based server-side session mechanism [1]. This is because there might be systems/tools still relying on this mechanism. [1] http://www.ovirt.org/develop/release-management/features/infra/restsessionmanagement/ Anyway, in 4.0 we'd like to align UI with SSO, dropping reliance on REST webapp session mechanism. This impacts UI plugins + virt-viewer (vv file) integration. See commit msg [2] for details on impacts of this change. [2] https://gerrit.ovirt.org/#/c/49278/ Once BZ#1286696 is fixed & verified we can proceed with [2] and close this BZ thereafter.
Moving from 4.0 alpha to 4.0 beta since 4.0 alpha has been already released and bug is not ON_QA.
Update: https://gerrit.ovirt.org/#/c/49278/ is now merged in master -> console.vv file now contains `sso-token`, replacing the `jsessionid`. BZ#1286696 is still on POST with rhel-7.2.z? flag (not approved yet).
oVirt 4.0 beta has been released, moving to RC milestone.
This _is_ broken as of now as far as I know. Martin?
@Vojtech: since the engine patch has been in for some time and both platform bugs BZ#1286696 and BZ#1339247 are now ON_QA is there anything else missing?
(In reply to Martin Betak from comment #12) > @Vojtech: since the engine patch has been in for some time and both platform > bugs BZ#1286696 and BZ#1339247 are now ON_QA is there anything else missing? BZ#1339247 is for Windows edition of virt-viewer (mingw-virt-viewer). BZ#1286696 is for RHEL 7.3 virt-viewer. BZ#1344635 is for RHEL 7.2 virt-viewer -> this is what we need in RHEV 4. I think there's one more thing to do: update Engine `RemoteViewerSupportedVersions` config value to reflect supported virt-viewer version, similar to what was done in patch https://gerrit.ovirt.org/#/c/56616/
let's wait a bit until the virt-viewer hits the outside world...
Moran, note there is no RHEL6 virt-viewer support (bug 1347656). So fixing this properly limits the console clients to RHEL7.2+ and Windows.
(In reply to Michal Skrivanek from comment #15) > Moran, note there is no RHEL6 virt-viewer support (bug 1347656). So fixing > this properly limits the console clients to RHEL7.2+ and Windows. ack on the change, let's make sure documentation is covering it well, specifically on the product requirements definitions.
Verified with rhevm-4.0.2.6-0.1.el7ev.noarch. The scope of this bz: version line in .vv file updated according to virt-viewer versions supporting sso-token. .vv file and engine-config contains the correct values. Verified that spice console doesn't open with rhel 6 client. Verified that spice console opens with rhel 7 with virt-viewer-2.0-11, windows 7 32 bit with 2.0-160 and windows 8 64 bit wiht 2.0-176.
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days