Session Manager Login By SSPI
Log on to the server using SSPI pass-through authentication.
This method provides support for passing credentials of the calling process to the server without using a password, by leveraging the Windows Security Support Provider Interface (SSPI) library.
If the function is not supported, this throws a NotSupported fault.
The client first calls AcquireCredentialsHandle(). If Kerberos is used, this should include the desired credential to pass. The client then calls InitializeSecurityContext(). The resulting partially-formed context is passed in Base-64 encoded form to this method.
If the context has been successfully formed, the server proceeds with login and behaves like Login. If further negotiation is needed, the server throws an SSPIChallenge fault with a challenge token, which the client should again pass to InitializeSecurityContext(), followed by calling this method again.
For more information, see the MSDN documentation on SSPI.
Required privileges: System.Anonymous
The unique identifier for the managed object to which the method attaches; the serialized managed object reference for a request has the form moType/moId
, in this case SessionManager/{moId}
.
The vSphere release schema. The current specification covers vSphere 8.0.2.0 APIs.
{
"base64Token": "string",
"locale": "string"
}
The partially formed context returned from InitializeSecurityContext().
A two-character ISO-639 language ID (like "en") optionally followed by an underscore and a two-character ISO 3166 country ID (like "US").
Examples are "de", "fr_CA", "zh", "zh_CN", and "zh_TW". Note: The method uses the server default locale when a locale is not provided. This default can be configured in the server configuration file. If unspecified, it defaults to the locale of the server environment or English ("en") if unsupported.
The UserSession object.
As of vSphere API 5.1 for VirtualCenter login use SSO style LoginByToken
{
"_typeName": "string",
"key": "string",
"userName": "string",
"fullName": "string",
"loginTime": "string",
"lastActiveTime": "string",
"locale": "string",
"messageLocale": "string",
"extensionSession": false,
"ipAddress": "string",
"userAgent": "string",
"callCount": 0
}
A unique identifier for this session, also known as the session ID.
The user name represented by this session.
The full name of the user, if available.
Timestamp when the user last logged on to the server.
Timestamp when the user last executed a command.
The locale for the session used for data formatting and preferred for messages.
The locale used for messages for the session.
If there are no localized messages for the user-specified locale, then the server determines this locale.
Whether or not this session belongs to a VC Extension.
The client identity.
It could be IP address, or pipe name depended on client binding
The name of user agent or application
Number of API invocations since the session started
SSPIChallenge: if further negotiation is required.
InvalidLogin: if the user context could not be passed successfully, or the context is not valid on the server.
NoPermission: if the user is valid, but has no access granted.
InvalidLocale: if the locale is invalid or unknown to the server.
NotSupported: if the service does not support SSPI authentication.
{
"_typeName": "string",
"faultCause": "MethodFault Object",
"faultMessage": [
{
"_typeName": "string",
"key": "string",
"arg": [
{
"_typeName": "string",
"key": "string",
"value": {
"_typeName": "string"
}
}
],
"message": "string"
}
]
}