The CloudStack .NET SDK at https://github.com/siwater/cloudstack_dotnetsdk has support for both user name/password and apiKey/secretKey authentication.
-----Original Message----- From: Pranav Saxena [mailto:pranav.sax...@citrix.com] Sent: 04 April 2013 17:51 To: dev@cloudstack.apache.org Cc: cloudstack-...@incubator.apache.org; Donal Lafferty Subject: RE: CloudStack UI Authentication Mechanism Hey Donal, Sorry , I should have responded you a bit earlier but had no access to email today . Yeah you are absolutely right . UI uses Jsession ID to bypaas login check something like this as shown below - // Use this for checking the session, to bypass login screen bypassLoginCheck: function(args) { //determine to show or bypass login screen if (g_loginResponse == null) { //show login screen g_mySession = $.cookie('JSESSIONID'); g_sessionKey = $.cookie('sessionKey'); g_role = $.cookie('role'); g_username = $.cookie('username'); g_userid = $.cookie('userid'); g_account = $.cookie('account'); g_domainid = $.cookie('domainid'); g_userfullname = $.cookie('userfullname'); g_timezone = $.cookie('timezone'); if($.cookie('timezoneoffset') != null) g_timezoneoffset = isNaN($.cookie('timezoneoffset'))? null: parseFloat($.cookie('timezoneoffset')); else g_timezoneoffset = null; } Let me know if you need any more details. Thanks, Pranav -----Original Message----- From: Donal Lafferty [mailto:donal.laffe...@citrix.com] Sent: Thursday, April 04, 2013 9:33 PM To: dev@cloudstack.apache.org Cc: cloudstack-...@incubator.apache.org Subject: RE: CloudStack UI Authentication Mechanism > -----Original Message----- > From: rohityada...@gmail.com [mailto:rohityada...@gmail.com] On Behalf > Of Rohit Yadav > Sent: 04 April 2013 4:36 PM > To: dev@cloudstack.apache.org > Cc: cloudstack-...@incubator.apache.org > Subject: Re: CloudStack UI Authentication Mechanism > > On Thu, Apr 4, 2013 at 7:59 PM, Donal Lafferty > <donal.laffe...@citrix.com>wrote: > > > > > > > > -----Original Message----- > > > From: rohityada...@gmail.com [mailto:rohityada...@gmail.com] On > > > Behalf Of Rohit Yadav > > > Sent: 04 April 2013 2:52 PM > > > To: dev@cloudstack.apache.org > > > Cc: cloudstack-...@incubator.apache.org > > > Subject: Re: CloudStack UI Authentication Mechanism > > > > > > On Thu, Apr 4, 2013 at 4:50 PM, Donal Lafferty > > > <donal.laffe...@citrix.com>wrote: > > > > > > > I noticed that the CloudStack UI allows VM control to accounts > > > > that don't have an API key set defined. > > > > > > > > How does its authentication mechanism work? E.g. > > > > > > > > > > > > 1. How are API calls authenticated and authorized if > > they > > > > are not signed with API keys? > > > > > > > > > > On integration port, defined in the global settings, 8096 > > > generally > > there is no > > > authentication done, user is admin has max. power. > > > > > [Donal Lafferty] > > Okay, but the UI doesn't usually go over 8096. How does it work > > when its not bypassing authentication? > > > > jquery UI experts will let you know the internals. When authentication > in UI is done, the keys are obtained and subsequently used while querying. > Just attach your debugger to ApiServlet's GET handlers and follow the > sequence which will help you discover how it all works till it reaches > ApiDispatcher (through ApiServer class) where the actual cmd class is > found, filled and executed. > [Donal Lafferty] Looks like it uses a JSESSIONID cookie rather than HTTP Query signing. See http://cloudstack.apache.org/docs/api/apidocs-4.0.0/root_admin/login.html > Cheers. > > > > > > > > > > > > > 2. Does this work equally well when LDAP is to > > > > authenticate username / password? > > > > > > > > > > Abhi can comment on this one. > > > > > > Cheers. > > > > > > > > > > > > > > > > > > DL > > > > > > > > > > > > > >
