VCenter ReSTAPI認証

Question

https://code.vmware.com/apis/62/vcenter-management#/でvmwareのドキュメントに従っています。ReSTAPIの使用中にVCenterサーバーに対して認証するために提供されるヘッダーは何ですか？

Arturgspb · Answer

Pythonの場合：

import requests # https://vdc-download.vmware.com/vmwb-repository/dcr-public/1cd28284-3b72-4885-9e31-d1c6d9e26686/71ef7304-a6c9-43b3-a3cd-868b2c236c81/doc/operations/com/vmware/vcenter/vm.list-operation.html sess = requests.post("https://XXXXXXXX/rest/com/vmware/cis/session", auth=('USERNAME', 'PASSWORD'), verify=False) session_id = sess.json()['value'] resp = requests.get("https://XXXXXXXX/rest/vcenter/vm", verify=False, headers={ "vmware-api-session-id": session_id }) print(u"resp.text = %s" % str(resp.text))

Marki · Answer

たとえば、VcenterからVMのリストを取得するために正確に何をする必要があるかを説明します。

まず、セッションIDを取得するために、https://vcsa/rest/com/vmware/cis/sessionにPOSTリクエストを発行する必要があります。

次に、HTTPヘッダーhttps://vcsa/rest/vcenter/vmを以前に取得したセッションIDに設定してvmware-api-session-idへのGETリクエストを使用します。

PHPのコード例を次に示します。

<?php $ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_URL, "https://vcsa/rest/com/vmware/cis/session"); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_USERPWD, 'user@vsphere.local' . ":" . 'password'); $out = json_decode(curl_exec($ch)); // var_dump($out); if ($out === false) { echo 'Curl Error: ' . curl_error($ch); exit; } $sid = $out->value; curl_setopt($ch, CURLOPT_HTTPHEADER, array("vmware-api-session-id:$sid")); curl_setopt($ch, CURLOPT_POST, 0); curl_setopt($ch, CURLOPT_URL, "https://vcsa/rest/vcenter/vm"); $output = curl_exec($ch); $vms = json_decode($output); var_dump($vms); curl_close($ch);

Mahesh · Answer

.NETクライアント用

//有効な証明書がない場合のみ証明書を無視する

var handler = new HttpClientHandler(); handler.ClientCertificateOptions = ClientCertificateOption.Manual; handler.ServerCertificateCustomValidationCallback = (httpRequestMessage, cert, cetChain, policyErrors) => { return true; }; using (var client = new HttpClient(handler)) { var values = new Dictionary<string, string> { }; client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue( "Basic", Convert.ToBase64String( System.Text.ASCIIEncoding.ASCII.GetBytes( $"{"username"}:{"password"}"))); var content = new FormUrlEncodedContent(values); //var stringContent = new StringContent(content, Encoding.UTF8, "application/x-www-form-urlencoded"); var response = await client.PostAsync("https://vcsa/rest/com/vmware/cis/session", content); var responseString = await response.Content.ReadAsAsync<KeyValuePair<string, string>>(); client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", responseString.Value); var vmRespone = await client.GetAsync("https://vcsa/rest/vcenter/vm"); }

Slogmeister Extraordinaire · Answer

パワーシェル：

$User="<username>" $Pass="<password>" $Auth=$User+":"+$Pass $Encoded=[System.Text.Encoding]::UTF8.GetBytes($Auth) $EncodedAuth=[System.Convert]::ToBase64String($Encoded) $Headers = @{"Authorization"="Basic $($EncodedAuth)"} $SecPass=ConvertTo-SecureString -String $Pass -AsPlainText -Force $Cred=[System.Management.Automation.PSCredential]::new($User,$SecPass) <# Uncomment this part if you don't have a valid trusted certificate $strIDontCarePolicy=@" using System.Net; using System.Security.Cryptography.X509Certificates; public class IDontCarePolicy : ICertificatePolicy { public IDontCarePolicy() {} public bool CheckValidationResult(ServicePoint sPoint, X509Certificate cert, WebRequest wRequest, int certProb) { return true; } } "@ Add-Type -TypeDefinition $strIDontCarePolicy -PassThru [System.Net.ServicePointManager]::CertificatePolicy = New-Object IDontCarePolicy #> $initSession=Invoke-RestMethod -Uri "https://<vCenter Server>/rest/com/vmware/cis/session" -Method Post -Headers $Headers $SessionID=$initSession.Value