[Freeipa-devel] [PATCH] 0119 Switch client to JSON-RPC

Petr Viktorin pviktori at redhat.com
Mon Aug 12 08:17:01 UTC 2013 

On 08/02/2013 11:13 AM, Petr Viktorin wrote:
> On 05/10/2013 04:54 PM, Petr Viktorin wrote:
>> On 04/01/2013 11:37 PM, Rob Crittenden wrote:
>>> Petr Viktorin wrote:
>>>> On 01/15/2013 12:36 PM, Petr Viktorin wrote:
>>>>> I meant to hold this patch a while longer to let it mature, but from
>>>>> what Brian Smith asked on the user list it seems it could help him.
>>>>>
>>>>> Design: http://freeipa.org/page/V3/JSON-RPC
>>>>> Ticket: https://fedorahosted.org/freeipa/ticket/3299
>>>>>
>>>>> See the design page for what the patch does.
>>>>>
>>>>>
>>>>> As much as I've tried to avoid them, the code includes some
>>>>> workarounds:
>>>>> It extends xmlrpclib to also support JSON. This is rather intrusive,
>>>>> but
>>>>> to not do that I'd need to write a parallel stack for JSON, without
>>>>> the
>>>>> help of a standard library.
>>>>> The registration of either jsonclient or xmlclient as "rpcclient" in
>>>>> the
>>>>> API also needs a bit of magic, since the framework requires the class
>>>>> name to match the attribute.
>>>>>
>>>>>
>>>>> To prevent backwards compatibility problems, we need to ensure that
>>>>> all
>>>>> official JSON clients send the API version, so this patch should be
>>>>> applied after my patches 0104-0106.
>>>>>
>>>>
>>>> Updating to current master.
>>>
>>> Please reverse this change in ipalib/rpc.py:
>>>
>>> @@ -665,8 +788,6 @@ class xmlclient(Connectible):
>>>               except Exception, e:
>>>                   if not fallback:
>>>                       raise
>>> -                else:
>>> -                    self.log.info('Connection to %s failed with %s',
>>> url, e)
>>>                   serverproxy = None
>>>
>>> This logs connection errors when the client fails over to another
>>> server.
>>
>> Thanks. Done, and rebased to master.
>>
>>> The changes look really good. The show stopper is that using jsonrpc
>>> doesn't create a session key. I noticed that xmlrpc_uri is hardcoded
>>> into ipalib/session.py but it appears the issue is deeper than that.
>>
>> That uses only the hostname from xmlrpc_uri. When using different
>> hostnames in xmlrpc_uri and jsonrpc_uri *on the server*, it'll put the
>> wrong domain in the cookie. In this case I think it's the configuration
>> that's wrong.
>>
>> The real problem is that KerberossSession code which creates the cookie,
>> was not called by the JSON server.
>> Patch 0223 adds it.
>>
>> Patch 0224 adds the server class name (e.g. [jsonserver_kerb]) to the
>> server logs. It should help debug problems specific to a
>> backend/protocol.
>
> Rebased onto current master.
>

Another minor rebase


-- 
Petr³
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pviktori-0119.5-Switch-client-to-JSON-RPC.patch
Type: text/x-patch
Size: 39793 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20130812/3d7cc4ec/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pviktori-0223.5-Make-jsonserver_kerb-start-a-cookie-based-session.patch
Type: text/x-patch
Size: 1580 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20130812/3d7cc4ec/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pviktori-0224.5-Add-server-protocol-type-to-rpcserver-logs.patch
Type: text/x-patch
Size: 2805 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20130812/3d7cc4ec/attachment-0002.bin>

More information about the Freeipa-devel mailing list