| Local Properties | Local Methods | |
Managed Object Types | Data Object Types | All Properties | All Methods |
Properties
Name | Type | Description |
---|---|---|
currentSession* P | UserSession |
This property contains information about the client's current session.
If the client is not logged on, the value is null.
|
defaultLocale P | xsd:string |
This is the default server locale.
|
message* P | xsd:string |
The system global message from the server.
|
messageLocaleList* P | xsd:string[] |
Provides the list of locales for which the server has localized messages.
|
sessionList* P | UserSession[] |
The list of currently active sessions.
|
supportedLocaleList* P | xsd:string[] |
Provides the list of locales that the server supports.
Listing a locale ensures that some standardized information such as dates appear
in the appropriate format. Other localized information, such as error messages,
are displayed, if available. If localized information is not available, the
message is returned using the system locale.
|
Methods
Methods defined in this Managed Object |
---|
AcquireCloneTicket, AcquireGenericServiceTicket, AcquireLocalTicket, CloneSession, ImpersonateUser, Login, LoginBySSPI, LoginExtensionByCertificate, LoginExtensionBySubjectName, Logout, SessionIsActive, SetLocale, TerminateSession, UpdateServiceMessage |
The ticket may only be used once and becomes invalid after use. The ticket is also invalidated when the corresponding session is closed or expires. The ticket is only valid on the server which issued it.
This sequence of operations is conceptually similar to the
functionality provided by AcquireLocalTicket, however the
methods can be used by remote clients and do not require a shared
filesystem for transport.
See CloneSession
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
Return Value
Type | Description |
---|---|
xsd:string | one-time secret ticket string. |
Faults
Type | Description |
---|---|
NotAuthenticated | Thrown if the current session is not authenticated See CloneSession |
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
spec | SessionManagerServiceRequestSpec |
specification for the service request which will be
invoked with the ticket.
|
Return Value
Type | Description |
---|---|
SessionManagerGenericServiceTicket | A ticket that may be used to invoke the specified request. |
Faults
Type | Description |
---|---|
InvalidArgument | Thrown if the spec is not supported or not valid. |
NoPermission | Thrown if the client does not have enough privileges to be granted a ticket. |
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
The caller of this operation can use the user name and file content of the returned object as the userName and password arguments for login operation. The local ticket that is returned becomes invalid either after it is used or after a server-determined ticket expiration time passes. This operation can be used by servers and clients to avoid re-entering user credentials after authentication by the operating system has already happened.
For example, service console utilities that connect to a host agent should not require users to re-enter their passwords every time the utilities run. Since the one-time password file is readable only by the given user, the identity of the one-time password user is protected by the operating system file permission.
Only local clients are allowed to call this operation. Remote clients receive an InvalidRequest fault upon calling this operation.
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
userName | xsd:string |
User requesting one-time password.
|
Return Value
Type | Description |
---|---|
SessionManagerLocalTicket | LocalTicket object containing userName and path to file containing one-time password for use in login operation. |
Faults
Type | Description |
---|---|
InvalidLogin | Thrown if the userName is invalid. |
NoPermission | Thrown if the user and password are valid, but the user has no access granted. |
NotSupported | Thrown if the server does not support this operation. |
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
cloneTicket | xsd:string |
ticket string acquired via AcquireCloneTicket. See AcquireCloneTicket |
Return Value
Type | Description |
---|---|
UserSession | The new/cloned UserSession object. |
Faults
Type | Description |
---|---|
InvalidLogin | Thrown if the specified ticket value is not valid. See AcquireCloneTicket |
NotSupported | Thrown if the server does not support this operation. See AcquireCloneTicket |
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
userName | xsd:string |
The user or extension key to impersonate.
|
locale* | xsd:string |
A two-character ISO-639 language ID (like "en")
optionally followed by an
underscore and a two-character ISO 3166 country ID (like "US").
Examples are "de", "fr_CA", "zh", "zh_CN", and "zh_TW".
Note: The method uses the server default locale when
a locale is not provided. This default can be configured in the
server configuration file. If unspecified, it defaults to the
locale of the server environment or English ("en") if unsupported.
|
Return Value
Type | Description |
---|---|
UserSession |
Faults
Type | Description |
---|---|
InvalidLocale | |
InvalidLogin | |
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
userName | xsd:string |
The ID
of the user who is logging on to the server.
|
password | xsd:string |
The password
of the user who is logging on to the server.
|
locale* | xsd:string |
A two-character ISO-639 language ID (like "en")
optionally followed by an
underscore and a two-character ISO 3166 country ID (like "US").
Examples are "de", "fr_CA", "zh", "zh_CN", and "zh_TW".
Note: The method uses the server default locale when
a locale is not provided. This default can be configured in the
server configuration file. If unspecified, it defaults to the
locale of the server environment or English ("en") if unsupported.
|
Return Value
Type | Description |
---|---|
UserSession | The UserSession object. |
Faults
Type | Description |
---|---|
InvalidLocale | Thrown if the locale is invalid or unknown to the server. |
InvalidLogin | Thrown if the user and password combination is invalid. |
NoPermission | Thrown if the user is valid, but has no access granted. |
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
This method provides support for passing credentials of the calling process to the server without using a password, by leveraging the Windows Security Support Provider Interface (SSPI) library.
If the function is not supported, this throws a NotSupported fault.
The client first calls AcquireCredentialsHandle(). If Kerberos is used, this should include the desired credential to pass. The client then calls InitializeSecurityContext(). The resulting partially-formed context is passed in Base-64 encoded form to this method.
If the context has been successfully formed, the server proceeds with login and behaves like Login. If further negotiation is needed, the server throws an SSPIChallenge fault with a challenge token, which the client should again pass to InitializeSecurityContext(), followed by calling this method again.
For more information, see the MSDN documentation on SSPI.
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
base64Token | xsd:string |
The partially formed context returned from
InitializeSecurityContext().
|
locale* | xsd:string |
A two-character ISO-639 language ID (like "en")
optionally followed by an
underscore and a two-character ISO 3166 country ID (like "US").
Examples are "de", "fr_CA", "zh", "zh_CN", and "zh_TW".
Note: The method uses the server default locale when
a locale is not provided. This default can be configured in the
server configuration file. If unspecified, it defaults to the
locale of the server environment or English ("en") if unsupported.
|
Return Value
Type | Description |
---|---|
UserSession | The UserSession object. |
Faults
Type | Description |
---|---|
InvalidLocale | Thrown if the locale is invalid or unknown to the server. |
InvalidLogin | Thrown if the user context could not be passed successfully, or the context is not valid on the server. |
NoPermission | Thrown if the user is valid, but has no access granted. |
NotSupported | Thrown if the service does not support SSPI authentication. |
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
SSPIChallenge | Thrown if further negotiation is required. |
NOTE: Verification of the received certificate (such as expiry, revocation, and trust chain) is not required for successful authentication using this method. If certificate verification is desired, use the LoginExtensionBySubjectName method instead.
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
extensionKey | xsd:string |
Key of extension that is logging in.
|
locale* | xsd:string |
A two-character ISO-639 language ID (like "en")
optionally followed by an
underscore and a two-character ISO 3166 country ID (like "US").
Examples are "de", "fr_CA", "zh", "zh_CN", and "zh_TW".
Note: The method uses the server default locale when
a locale is not provided. This default can be configured in the
server configuration file. If unspecified, it defaults to the
locale of the server environment or English ("en") if unsupported.
|
Return Value
Type | Description |
---|---|
UserSession |
Faults
Type | Description |
---|---|
InvalidLocale | Thrown if the supplied locale is not valid |
InvalidLogin | Thrown if the extension is not registered, or the certificate does not match the expected value. |
NoClientCertificate | Thrown if no certificate was used by the client to connect |
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
As of vSphere API 4.0, the NotFound fault is no longer thrown. Instead, InvalidLogin is thrown if the specified extension is not registered.
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
extensionKey | xsd:string |
Key of extension that is logging in.
|
locale* | xsd:string |
A two-character ISO-639 language ID (like "en")
optionally followed by an
underscore and a two-character ISO 3166 country ID (like "US").
Examples are "de", "fr_CA", "zh", "zh_CN", and "zh_TW".
Note: The method uses the server default locale when
a locale is not provided. This default can be configured in the
server configuration file. If unspecified, it defaults to the
locale of the server environment or English ("en") if unsupported.
|
Return Value
Type | Description |
---|---|
UserSession |
Faults
Type | Description |
---|---|
InvalidClientCertificate | Thrown if the client cerificate fails the verification at the server |
InvalidLocale | Thrown if the supplied locale is not valid |
InvalidLogin | Thrown if the extension is not registered, or the subject name doesn't match the subject name of the extension. |
NoClientCertificate | Thrown if no certificate was used by the client to connect |
NoSubjectName | Thrown if the extension was registered without a subject name |
NotFound | Thrown if no extension is associated with the given key |
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
Return Value
Type | Description |
---|---|
None |
Faults
Type | Description |
---|---|
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
sessionID | xsd:string |
Session ID to validate.
|
userName | xsd:string |
User name to validate.
|
Return Value
Type | Description |
---|---|
xsd:boolean |
Faults
Type | Description |
---|---|
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
locale | xsd:string |
A two-character ISO-639 language ID (like "en")
optionally followed by an
underscore and a two-character ISO 3166 country ID (like "US").
Examples are "de", "fr_CA", "zh", "zh_CN", and "zh_TW".
Note: The method uses the server default locale when
a locale is not provided. This default can be configured in the
server configuration file. If unspecified, it defaults to the
locale of the server environment or English ("en") if unsupported.
|
Return Value
Type | Description |
---|---|
None |
Faults
Type | Description |
---|---|
InvalidLocale | Thrown if the locale is invalid or unknown to the server. |
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
This method is only transactional for each session ID. The set of sessions are terminated sequentially, as specified in the list. If a failure occurs, for example, because of an unknown sessionID, the method aborts with an exception. When the method aborts, any sessions that have not yet been terminated are left in their unterminated state.
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
sessionId | xsd:string[] |
A list of sessions to terminate.
|
Return Value
Type | Description |
---|---|
None |
Faults
Type | Description |
---|---|
InvalidArgument | Thrown if a sessionId matches the current session. Use the logout method to terminate the current session. |
NotFound | Thrown if a sessionId could not be found as a valid logged-on session. |
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
Parameters
Name | Type | Description |
---|---|---|
_this | ManagedObjectReference | A reference to the SessionManager used to make the method call. |
message | xsd:string |
The message to send. Newline characters may be included.
|
Return Value
Type | Description |
---|---|
None |
Faults
Type | Description |
---|---|
RuntimeFault | Thrown if any type of runtime fault is thrown that is not covered by the other faults; for example, a communication error. |
Top of page | Local Properties | Local Methods | |
Managed Object Types | Data Object Types | All Properties | All Methods |