VMware vSphere SDKs and Tools 6.5

8.0 7.0 6.7 6.5

vCenter Server Single Sign-On Session

After you obtain a SAML token from the vCenter Single Sign-On Server, you can use the vSphere API method
LoginByToken
 to establish a single sign-on session with a
instance.
See vCenter Single Sign-On Client Example for an example of obtaining a vCenter Single Sign-On token.
At the beginning of a vCenter Single Sign-On session, your client is responsible for the following tasks:
  • Maintain the vCenter session cookie. The vSphere architecture uses an HTTP cookie to support a persistent connection between a vSphere client and a
    instance. During the initial connection, the Server produces a session cookie. Operations during the login sequence will reset the request context so your client must save this cookie and re-introduce it at the appropriate times.
  • Insert the vCenter Single Sign-On token and a timestamp into the SOAP header of the
    LoginByToken
     message.
The example program uses these general steps.
  1. Call the
    RetrieveServiceContent
     method to establish an HTTP connection with the
    instance and save the HTTP session cookie. The client uses an HTTP header handler method to extract the cookie from the
    response.
  2. Call the
    LoginByToken
     method to authenticate the vCenter session. To send the token to the
    instance, the client uses a handler to embed the token and a time stamp in the SOAP header for the message. To identify the session started with the
    RetrieveServiceContent
     method, the client uses a handler to embed the session cookie in the HTTP header.
  3. Restore the session cookie.

Content feedback and comments