Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Starting in Abiquo 3.0 the client is HTML. This means that how security and login works differs from previous versions. Now security beyond first login is enforced with cookies. This means that it is the browser which that must send the cookie back to the API. This mechanism is described here[1].

The upload/download of templates is made through a direct connection to the Appliance Manager. Then it sends a request to the API to check whether the user is authorize authorized to perform the requested action. This request is basically a replica of the original request to the Appliance Manager.

In a multi datacenter environment API and AM might not be on the same host. This prevent prevents the cookie from being sent, therefore the identity cannot be established. Even if CORS is working this will only  allow allow the result (401) travelling to travel back to the client. To achieve this allow the identity to be established, all Appliance Manager instances must reside in the same domain as the API.

...

  • Set the host name to 'example.com'
    • \# hostname example.com
  • Edit '/etc/hosts' file and add entries for hosts the host's IPs and '127.0.0.1'

Apache configuration

There are two ways to configure an Apache instance. Appliance Manager instances can be exposed either as a path (example.com/am-sweden) or through a subdomain (am-sweden.example.com). The configuration here will show how to set up both in the same configuration file.

...