993665 – [RFE] Allow additional internal accounts for authentication by API

Bug 993665 - [RFE] Allow additional internal accounts for authentication by API

Summary: [RFE] Allow additional internal accounts for authentication by API

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	RFEs
Sub Component:
Version:	3.1.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Rob Young
QA Contact:	Shai Revivo
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-08-06 11:32 UTC by thunt
Modified:	2019-12-23 13:11 UTC (History)
CC List:	10 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-12-23 13:09:46 UTC
oVirt Team:	Infra
Target Upstream Version:
Embargoed:
Flags:	sherold: Triaged+

Attachments	(Terms of Use)

Description thunt 2013-08-06 11:32:24 UTC

1 Who is the customer behind the request?

Account name: USPTO
TAM/SRM customer yes/no: SRM
Strategic Customer yes/no: Yes

2 What is the nature and description of the request?

Customer would like to have the ability to add additional internal accounts for use by API clients. External authentication at this organization requires regular (60 day) password changes, which makes API use impractical.

Ideally there will be the option to use/manage an anonymous account (i.e. GET only) that has limited access.

3 Why does the customer need this? (List the business requirements here)

Use cases include: -
1) CloudForms
2) Fencing for clustering
3) Read-only API access for reporting
4) We have a script that RHEV VM's can use to query RHEV-M for their name and tags (i.e. cloud-init lite). This is to be installed in templates Regular password changes are impractical.

4 How would the customer like to achieve this? (List the functional requirements here)

We would like the ability to add additional internal accounts for API use. Once added, these accounts should be treated just like other user accounts.

5 For each functional requirement listed in question 4, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.

API clients/scripts should be able to login using internal credentials.

6 Is there already an existing RFE upstream or in Red Hat bugzilla?

This is an extension of BZ #988851

7 Does the customer have any specific timeline dependencies?

As soon as practical

8 Is the sales team involved in this request and do they have any additional input?

No.

9 List any affected packages

ovirt-engine-restapi

10 Would the customer be able to assist in testing this functionality if implemented?

Yes.

Comment 1 Itamar Heim 2013-08-22 09:08:07 UTC

temporarily setting to 3.4 to revisit and consider per auth refactoring progress/approach

Comment 2 Barak 2014-01-14 12:45:33 UTC

Bug 988851 (read only internal user) was moved to ON_QA,
But as stated above in the bug description the customer also wants to do specific actions ( e.g. Fencing for clustering), there for this RFE is still relevant.

However there are plans to add management for internal users within RHEVM, and this should solve the above issue.

AFAIK there is no RFE for that. 
Hence moving to rhevm-future

Comment 7 Doron Fediuck 2019-12-23 13:09:46 UTC

Closing old RFEs.
If still relevant, please re-open and provide a business justification.

Note You need to log in before you can comment on or make changes to this bug.