vCenter Server Single Sign-On Session

After you obtain a SAML token from the vCenter Single Sign-On server, you can use the vSphere Web Services API method

LoginByToken

to establish a single sign-on session with a vCenter Server. See vCenter Single Sign-On Client Example (.NET) for a description of how to obtain a vCenter Single Sign-On token.

To establish a vCenter Server session that is based on SAML token authentication, the client must embed the SAML token in the SOAP header of the

LoginByToken

request. The C#

LoginByToken

example uses the .NET services in vCenter Server Single Sign-On Session to support a single sign-on session.

Microsoft .NET Elements for vCenter Single Sign-On Sessions
.NET Element / Namespace	vCenter Single Sign-On Usage
SecurityPolicyAssertion Microsoft.Web.Services3.Security	The sample creates a custom policy assertion derived from the SecurityPolicyAssertion class. The custom assertion contains the SAML token and X509 certificate.
SendSecurityFilter Microsoft.Web.Services3.Security	The sample defines a custom output filter derived from the SendSecurityFilter class. The custom filter adds the token and certificate to the outgoing SOAP message.
ServicePointManager System.net	The sample uses the ServicePointManager to specify SSL3 and HTTP 100-Continue behavior.
ConfigurationManager System.Configuration	The sample uses the ConfigurationManager to specify certificate metadata (password and certificate type).
CookieContainer System.Net	The sample uses the CookieContainer class to manage vCenter Server session cookies.

LoginByToken Example (.NET)

Persistent vCenter Server Sessions with LoginByToken

Sample Code for LoginByToken

Content feedback and comments

VMware vSphere SDKs and Tools 6.5

vCenter Server Single Sign-On Session