internal UserSession Login(EnvironmentAssessment.Collector.ISession Session)
{
string error = "";
string logintime = "";
UserSession us = null;
this.ServiceUrl = "https://" + Session.Server.Name.ToLower() + "/sdk";
ServiceTimeout = COptions.VI_Login_Timeout;
try
{
if (this._vimService == null || this._serviceContent == null)
{
this.Connect();
}
}
catch (VimException ex)
{
Common.Log.Write("[VimApi] Connecting to '" + this.ServiceUrl + "' failed: " + ex.Message);
Session.Error = ex.Message;
return(null);
}
SessionManager sessionManager = new SessionManager(this, this.ServiceContent.SessionManager);
try
{
Common.Log.Write("[VimApi] Connecting to '" + this.ServiceUrl + "' using specified credentials [" + Session.Server.UserName + "]");
us = sessionManager.Login(Session.Server.UserName, Session.Server.UserPassword, null);
logintime = us.LoginTime.ToString();
}
catch (VimApi.VimException ex)
{
error = ex.Message;
}
if (logintime.Length > 0)
{
Common.Log.Write("[VimApi] Logged into '" + this.ServiceUrl + "' at " + us.LoginTime + " (" + this.Version.ToString().ToLower() + ").");
return(us);
}
else
{
Common.Log.Write("[VimApi] Login into '" + this.ServiceUrl + "' failed: " + error); Session.Error = error; return(null);
}
}
internal UserSession LoginSSPI(EnvironmentAssessment.Collector.ISession Session)
{
string error = "";
string logintime = "";
UserSession us = null;
this.ServiceUrl = "https://" + Session.Server.Name + "/sdk";
ServiceTimeout = COptions.VI_Login_Timeout;
try
{
if (this._vimService == null || this._serviceContent == null)
{
this.Connect();
}
}
catch (System.Net.WebException ex)
{
Common.Log.Write("[VimApi] Connecting to '" + this.ServiceUrl + "' failed: " + ex.Message);
Session.Error = ex.Message;
return(null);
}
SessionManager sessionManager = new SessionManager(this, this.ServiceContent.SessionManager);
if (sessionManager != null)
{
Boolean flag = true;
// get server's fqdn for cross-domain authentication
string FQDN = Session.Server.Name.Substring(Session.Server.Name.IndexOf('.'));
Common.Sspi.Credentials.CClientCredential clientCred = new Common.Sspi.Credentials.CClientCredential(Sspi.CPackageNames.Negotiate);
Common.Sspi.Contexts.CClientContext clientContext = null;
string os = this.ServiceContent.About.OsType;
if (os.Contains("win"))
{
string serviceprincipal = "host/" + Session.Server.Name + "@" + FQDN;
clientContext = new Common.Sspi.Contexts.CClientContext(clientCred, serviceprincipal, Common.Sspi.Contexts.CContextAttrib.Zero);
Log.Write("[SSPI] Initialized client context for connection to Windows-based vCenter (" + os + ") using service principal: " + serviceprincipal);
}
else
{
string serviceprincipal = "host/" + Session.Server.Name;
clientContext = new Common.Sspi.Contexts.CClientContext(clientCred, serviceprincipal, Sspi.Contexts.CContextAttrib.Zero);
Log.Write("[SSPI] Initialized client context for connection to Linux-based vCenter (" + os + ") using service principal: " + serviceprincipal);
}
byte[] clientToken = null;
byte[] serverToken = null;
string clientLocale = "en"; //using default locale, should work according to documentation
bool retry = false;
Common.Sspi.CSecurityStatus clientStatus;
while (flag)
{
try //sspi authentication
{
clientStatus = clientContext.Init(serverToken, out clientToken);
Common.Log.Write("[VimApi] Connecting to '" + this.ServiceUrl + "' using Windows Session Credentials [" + Environment.UserDomainName + @"\" + Environment.UserName + "] (SSPI Token)");
Common.Log.Write("[SSPI] Client token sent <base64Token>" + Convert.ToBase64String(clientToken) + "</base64Token><locale>" + clientLocale + "</locale>", Log.Verbosity.Debug);
us = sessionManager.LoginBySSPI(Convert.ToBase64String(clientToken), clientLocale);
flag = false;
}
catch (VimApi.VimException e)
{
if (e.MethodFault is SSPIChallenge)
{
Common.Log.Write("[VimApi] Responding to SSPI challenge from '" + this.ServiceUrl + "' (SSPI challenge response)");
serverToken = Convert.FromBase64String(((SSPIChallenge)e.MethodFault).Base64Token);
Log.Write("[SSPI] Server token returned <base64Token>" + ((SSPIChallenge)e.MethodFault).Base64Token + "</base64Token>", Log.Verbosity.Debug);
}
else if (e.MethodFault is InvalidLogin)
{
//Log.Write("Login with current credentials (SSPI) failed, please enter credentials: " + e.Message);
error = "Login with current credentials (SSPI) failed, please enter credentials: " + e.Message; flag = false;
}
else
{
try { logintime = us.LoginTime.ToString(); flag = false; }
catch (Exception ex) { error = ex.Message; flag = true; }
}
}
catch (Common.Sspi.CSSPIException e)
{
error = "Login with current credentials (SSPI) unsupported, please enter credentials: " + e.Message; flag = false;
}
catch (Exception e)
{
error = "Login with current credentials (SSPI) unsupported, please enter credentials: Server does not have SSPI authentication configured."; flag = false;
}
}
if (logintime.Length == 0)
{
if (us != null)
{
if (us.LoginTime != null)
{
logintime = us.LoginTime.ToString();
}
}
}
}
if (logintime.Length > 0)
{
Common.Log.Write("[VimApi] Logged into '" + this.ServiceUrl + "' at " + us.LoginTime + " (" + this.Version.ToString().ToLower() + ").");
return(us);
}
else
{
Common.Log.Write("[VimApi] Login into '" + this.ServiceUrl + "' failed: " + error);
Session.Error = error;
return(null);
}
}