[Freeipa-devel] [PATCH] 0119 Switch client to JSON-RPC

Petr Viktorin pviktori at redhat.com
Fri Aug 2 09:13:01 UTC 2013


On 05/10/2013 04:54 PM, Petr Viktorin wrote:
> On 04/01/2013 11:37 PM, Rob Crittenden wrote:
>> Petr Viktorin wrote:
>>> On 01/15/2013 12:36 PM, Petr Viktorin wrote:
>>>> I meant to hold this patch a while longer to let it mature, but from
>>>> what Brian Smith asked on the user list it seems it could help him.
>>>>
>>>> Design: http://freeipa.org/page/V3/JSON-RPC
>>>> Ticket: https://fedorahosted.org/freeipa/ticket/3299
>>>>
>>>> See the design page for what the patch does.
>>>>
>>>>
>>>> As much as I've tried to avoid them, the code includes some
>>>> workarounds:
>>>> It extends xmlrpclib to also support JSON. This is rather intrusive,
>>>> but
>>>> to not do that I'd need to write a parallel stack for JSON, without the
>>>> help of a standard library.
>>>> The registration of either jsonclient or xmlclient as "rpcclient" in
>>>> the
>>>> API also needs a bit of magic, since the framework requires the class
>>>> name to match the attribute.
>>>>
>>>>
>>>> To prevent backwards compatibility problems, we need to ensure that all
>>>> official JSON clients send the API version, so this patch should be
>>>> applied after my patches 0104-0106.
>>>>
>>>
>>> Updating to current master.
>>
>> Please reverse this change in ipalib/rpc.py:
>>
>> @@ -665,8 +788,6 @@ class xmlclient(Connectible):
>>               except Exception, e:
>>                   if not fallback:
>>                       raise
>> -                else:
>> -                    self.log.info('Connection to %s failed with %s',
>> url, e)
>>                   serverproxy = None
>>
>> This logs connection errors when the client fails over to another server.
>
> Thanks. Done, and rebased to master.
>
>> The changes look really good. The show stopper is that using jsonrpc
>> doesn't create a session key. I noticed that xmlrpc_uri is hardcoded
>> into ipalib/session.py but it appears the issue is deeper than that.
>
> That uses only the hostname from xmlrpc_uri. When using different
> hostnames in xmlrpc_uri and jsonrpc_uri *on the server*, it'll put the
> wrong domain in the cookie. In this case I think it's the configuration
> that's wrong.
>
> The real problem is that KerberossSession code which creates the cookie,
> was not called by the JSON server.
> Patch 0223 adds it.
>
> Patch 0224 adds the server class name (e.g. [jsonserver_kerb]) to the
> server logs. It should help debug problems specific to a backend/protocol.

Rebased onto current master.


-- 
Petr³
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pviktori-0222.4-Switch-client-to-JSON-RPC.patch
Type: text/x-patch
Size: 39790 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20130802/5c5ed92a/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pviktori-0223.4-Make-jsonserver_kerb-start-a-cookie-based-session.patch
Type: text/x-patch
Size: 1580 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20130802/5c5ed92a/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pviktori-0224.4-Add-server-protocol-type-to-rpcserver-logs.patch
Type: text/x-patch
Size: 2805 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20130802/5c5ed92a/attachment-0002.bin>


More information about the Freeipa-devel mailing list