x/vmware-nsxlib
Code Issues Proposed changes

Avoid invoking session/create API with client cert

Browse Source 
This fails on NSX since the API is only supported with basic auth.

Change-Id: I4043836d9b0d96ec659f33cef19ec31b73747667
This commit is contained in:
Anna Khmelnitsky 2020-10-14 12:10:37 -07:00
parent ba09940429
commit f81be47cb7
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
vmware_nsxlib/v3/cluster.py
View File

@ -241,6 +241,12 @@ class NSXRequestsHTTPProvider(AbstractHTTPProvider):
# Add allow-overwrite if configured # Add allow-overwrite if configured
if allow_overwrite_header: if allow_overwrite_header:
session.default_headers['X-Allow-Overwrite'] = 'true' session.default_headers['X-Allow-Overwrite'] = 'true'
if session.cert_provider:
# Session create will fail with cert provider
LOG.debug("Skipping session create with client certificate auth")
return
# Perform the initial session create and get the relevant jsessionid & # Perform the initial session create and get the relevant jsessionid &
# X-XSRF-TOKEN for future requests # X-XSRF-TOKEN for future requests
req_data = '' req_data = ''
@ -258,11 +264,6 @@ class NSXRequestsHTTPProvider(AbstractHTTPProvider):
LOG.error("Session create failed for endpoint %s due to " LOG.error("Session create failed for endpoint %s due to "
"error in retrieving JSON Web Token: %s", "error in retrieving JSON Web Token: %s",
provider.url, e) provider.url, e)
elif session.cert_provider:
# Session create will fail without token_provider, returning 403
LOG.debug("Skipping get_default_headers due to missing "
"token_provider")
return
else: else:
# With client certificate authentication, username and password # With client certificate authentication, username and password
# may not be provided. # may not be provided.