|
Post by magesh on Sept 27, 2021 8:06:34 GMT
Hi All,
Client opens an SSE stream via SSE-uri when perform GET URI (ServiceSentEventUri), but this is not defined as entity in DMTF redfish schema.
We are able to access URI defined for ServiceSentEventUri even without login privilege So is there anything from DMTF to support Spec compliances for the URI defined for ServiceSentEventUri.
Thanks, Magesh
|
|
|
Post by mraineri on Sept 27, 2021 13:40:22 GMT
The SSE URI is outside of the Redfish data model, meaning there's no schema definition to back it up, and it's not a Redfish resource.
Like with other URIs that point outside the data model (such as the BinaryDataUri property in Assembly), there's the expectation that clients following that URI will have authentication and authorization implications. In terms of what roles or privileges you map to it, that would be entirely up to you. Generally speaking, it would seem reasonable that if a client is allowed to create an event subscription via a POST to the EventDestinationCollection resource, they should likely be able to perform a GET on the SSE URI.
We do have this text in the BinaryDataUri property: "using the Redfish protocol and authentication methods". This is currently missing from the ServerSentEventsUri property though. We have that same text in other URIs like this, but it doesn't seem to be consistently applied.
|
|
|
Post by magesh on Sept 28, 2021 5:32:07 GMT
Thanks for the confirmation.
|
|