Bug 858550 - RHEVM_SDK: Document session based authentication
RHEVM_SDK: Document session based authentication
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: Documentation (Show other bugs)
Unspecified Unspecified
low Severity medium
: ---
: 3.2.0
Assigned To: Andrew Burden
: Documentation, Reopened
Depends On:
  Show dependency treegraph
Reported: 2012-09-19 02:41 EDT by Michael Pasternak
Modified: 2014-03-25 03:02 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2013-06-13 22:19:32 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Michael Pasternak 2012-09-19 02:41:01 EDT
See "#740756 - (stateful_auth_rest) PRD31 - Implement session based authentication for the RESTful API" for more details
Comment 2 Stephen Gordon 2012-10-30 14:21:37 EDT
Deferring rectification of the issue I raise in comment # 1 for consideration in future release scoping.
Comment 3 Stephen Gordon 2012-11-08 10:14:10 EST
Re-opened for 3.2.0 scoping, flags will follow.
Comment 4 Andrew Burden 2013-02-17 22:45:59 EST
Change made as suggested.
Have added the following to 'persistent_auth':
"This parameter is optional and defaults to False. "

Change can be viewed here:
Comment 5 Michael Pasternak 2013-02-18 03:51:57 EST

i have tiny comment on this section:

insecure - Specifies whether or not the connection needs to be secured. Valid values are True and False. If the insecure parameter is set to False - which is the default - then the ca_file, key_file, and cert_file must be supplied to secure the connection. 

=> if insecure=False, only ca_file is mandatory, key_file/cert_file are still optional,

also the meaning of insecure flag is "do not throw error when SSL and no ca_file" is provided.
Comment 6 Andrew Burden 2013-02-21 23:48:36 EST
Thanks Michael.

Changes made as suggested. I also added a para about man-in-the-middle attacks for 'insecure'.

Changes can be viewed at:

Note You need to log in before you can comment on or make changes to this bug.