You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cloudstack.apache.org by dimas yoga pratama <sm...@gmail.com> on 2014/06/01 22:51:56 UTC

Problem when using Cloudstack Login API

Hi All,

I'm doing an experiment on using Cloudstack API.
>From what I read here
http://cloudstack.apache.org/docs/api/apidocs-4.3/user/login.html when the
login succeeds,it will generate cookie JSESSIONID.
My question is, when I create login page, and succsfull login will redirect
to another page, do I have to pass JSESSIONID to another page like
SESSIONKEY?

Re: Problem when using Cloudstack Login API

Posted by Ove Ewerlid <Ov...@oracle.com>.

On 06/01/2014 10:51 PM, dimas yoga pratama wrote:
> Hi All,
>
> I'm doing an experiment on using Cloudstack API.
>  From what I read here
> http://cloudstack.apache.org/docs/api/apidocs-4.3/user/login.html when the
> login succeeds,it will generate cookie JSESSIONID.
> My question is, when I create login page, and succsfull login will redirect
> to another page, do I have to pass JSESSIONID to another page like
> SESSIONKEY?
>

Both have to be passed, but they are different things.
E.g., the SESSIONID (a cookie) is not handled like a cloudstack API 
parameter such as the sessionkey (returned by the ACS login API call).

See for instance CloudMonkey;

 
https://git-wip-us.apache.org/repos/asf?p=cloudstack-cloudmonkey.git;a=blob;f=cloudmonkey/requester.py

for a python example of CloudStack authentication using username and 
password and go from there.

/Ove


-- 
Ove Everlid
System Administrator / Architect / SDN- & Automation- & Linux-hacker
Mobile: +46706668199 (dedicated work mobile)
Country: Sweden, timezone; Middle Europan Time (MET or GMT+1)

Re: Problem when using Cloudstack Login API

Posted by dimas yoga pratama <sm...@gmail.com>.

Hi,

Thanks Ove and Erik for your clear explanation I understand now.


On Mon, Jun 2, 2014 at 2:25 PM, Erik Weber <te...@gmail.com> wrote:

> On Sun, Jun 1, 2014 at 10:51 PM, dimas yoga pratama <sm...@gmail.com>
> wrote:
>
> > Hi All,
> >
> > I'm doing an experiment on using Cloudstack API.
> > From what I read here
> > http://cloudstack.apache.org/docs/api/apidocs-4.3/user/login.html when
> the
> > login succeeds,it will generate cookie JSESSIONID.
> > My question is, when I create login page, and succsfull login will
> redirect
> > to another page, do I have to pass JSESSIONID to another page like
> > SESSIONKEY?
> >
>
>
> Here's an example with curl.
>
> Remember that parameters has to be encoded if they contain any kind of
> special characters.
>
> Login:
> curl -i '
>
> http://localhost:8080/client/api?command=login&user=admin&password=MyPassword&response=json
> '
> returns a snippet like this:
>
> Set-Cookie: JSESSIONID=07CA185081E6A476775ECA9D190EF1F8; Path=/client
>
> { "loginresponse" : { "timeout" : "1800", "lastname" : "cloud",
> "registered" : "false", "username" : "admin", "firstname" : "admin",
> "domainid" : "6f920fbd-94fc-11e3-b2e0-0050568c15a3", "type" : "1", "userid"
> : "d68e7072-94fc-11e3-b2e0-0050568c15a3", "sessionkey" :
> "WxjAu9zZzbmrBGDarnW1cVfm+/g=", "account" : "admin" } }
>
>
> Then you take the JSESSIONID and sessionkey and pass them as Ove said.
>
> List Zones example using above
>
> curl -i -H "Cookie: JSESSIONID=07CA185081E6A476775ECA9D190EF1F8;
> Path=/client" '
>
> http://localhost:8008/client/api?command=listZones&sessionkey=WxjAu9zZzbmrBGDarnW1cVfm%2B%2Fg%3D&response=json
> '
>
>
> --
>
> Erik Weber
>

Re: Problem when using Cloudstack Login API

Posted by Erik Weber <te...@gmail.com>.

On Sun, Jun 1, 2014 at 10:51 PM, dimas yoga pratama <sm...@gmail.com>
wrote:

> Hi All,
>
> I'm doing an experiment on using Cloudstack API.
> From what I read here
> http://cloudstack.apache.org/docs/api/apidocs-4.3/user/login.html when the
> login succeeds,it will generate cookie JSESSIONID.
> My question is, when I create login page, and succsfull login will redirect
> to another page, do I have to pass JSESSIONID to another page like
> SESSIONKEY?
>


Here's an example with curl.

Remember that parameters has to be encoded if they contain any kind of
special characters.

Login:
curl -i '
http://localhost:8080/client/api?command=login&user=admin&password=MyPassword&response=json
'
returns a snippet like this:

Set-Cookie: JSESSIONID=07CA185081E6A476775ECA9D190EF1F8; Path=/client

{ "loginresponse" : { "timeout" : "1800", "lastname" : "cloud",
"registered" : "false", "username" : "admin", "firstname" : "admin",
"domainid" : "6f920fbd-94fc-11e3-b2e0-0050568c15a3", "type" : "1", "userid"
: "d68e7072-94fc-11e3-b2e0-0050568c15a3", "sessionkey" :
"WxjAu9zZzbmrBGDarnW1cVfm+/g=", "account" : "admin" } }


Then you take the JSESSIONID and sessionkey and pass them as Ove said.

List Zones example using above

curl -i -H "Cookie: JSESSIONID=07CA185081E6A476775ECA9D190EF1F8;
Path=/client" '
http://localhost:8008/client/api?command=listZones&sessionkey=WxjAu9zZzbmrBGDarnW1cVfm%2B%2Fg%3D&response=json
'


-- 

Erik Weber