962730 – [RESTAPI] Cookies are being set even when not using persistent authentication

Bug 962730 - [RESTAPI] Cookies are being set even when not using persistent authentication

Summary: [RESTAPI] Cookies are being set even when not using persistent authentication

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine-restapi
Sub Component:
Version:	3.2.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	3.3.0
Assignee:	Ravi Nori
QA Contact:	Barak Dagan
Docs Contact:
URL:
Whiteboard:	infra
Depends On:
Blocks:	968973
TreeView+	depends on / blocked

Reported:	2013-05-14 10:42 UTC by Ido Begun
Modified:	2016-02-10 19:25 UTC (History)
CC List:	10 users (show)
Fixed In Version:	is2
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	968973 (view as bug list)
Environment:
Last Closed:
oVirt Team:	Infra
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
oVirt gerrit	14891	0	None	None	None	Never
oVirt gerrit	15173	0	None	None	None	Never

Description Ido Begun 2013-05-14 10:42:24 UTC

Description of problem:
Cookies are being set regardless of using "Prefer: persistent-auth" when sending a request.

Version-Release number of selected component (if applicable):
SF16.1 - rhevm-3.2.0-10.25.beta3

How reproducible:
100%

Steps to Reproduce:
curl -X GET -H "Accept: application/xml" -u USER:PASS https://RHEVM:443/api -k --header "Prefer: ''" -c cookie.txt
OR
curl -X GET -H "Accept: application/xml" -u USER:PASS https://RHEVM:443/api -k -c cookie.txt

Actual results:
A cookie is set (same as using --header "Prefer: persistent-auth")

Expected results:
A cookie should not be set

Additional info:
Reproducible using RESTclient as well

Comment 4 Barak Dagan 2013-07-02 09:03:10 UTC

Verified on IS2.

>curl -X GET -H "Accept: application/xml" -u USER:PASS https://RHEVM:443/api -k --header "Prefer: ''" -c cookie.txt
>ls cookie.txt
ls: cannot access cookie.txt: No such file or directory


>curl -X GET -H "Accept: application/xml" -u USER:PASS https://RHEVM:443/api -k -c cookie.txt
>ls cookie.txt
ls: cannot access cookie.txt: No such file or directory


>curl -X GET -H "Accept: application/xml" -u USER:PASS https://RHEVM:443/api -k --header "Prefer: persistent-auth" -c cookie.txt
>ls cookie.txt
cookie.txt

Comment 7 Itamar Heim 2014-01-21 22:21:10 UTC

Closing - RHEV 3.3 Released

Comment 8 Itamar Heim 2014-01-21 22:26:35 UTC

Closing - RHEV 3.3 Released

Note You need to log in before you can comment on or make changes to this bug.