On Sat, May 12, 2018 at 11:36:08AM +0300, Anastasiya Ruzhanskaya wrote:
> I actually didn't quite catch,why oVirt can't just pass user information
> and you could check against it? This may require to create some
> configuration files for libvirt about end users.
> What is a advantage of authenticating oVirt, and then impersonation for end
> user?
Libvirt authentication happens when a connection is opened - oVirt doesn't
open a connection for each user. So you have to have a way to authenticate
the initial connection, and then authorize individual APIs made on it.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|