Configurations for Sample
Authentication with Single Sign-On
vSphere includes a Platform Services
Controller that can run on the same host as the vCenter Server, or can be
configured on a separate host. At this time, the two possible configurations
are:
- vCenter Server with an embedded Platform Services Controller, which includes vCenter Single Sign-On Server, Lookup Service Server, and other features. This configuration combines all the platform services in the same installation with vCenter Server.
- vCenter Server with an external Platform Services Controller, where the platform services are installed on a different host or in a different virtual machine from vCenter Server.
You will have to provide the vCenter Single
Sign-On URL explicitly in order to run samples with the second configuration.
With the first configuration, there is no need to provide the vCenter Single
Sign-On URL (since the vCenter Single Sign-On service is embedded in the
management node) and our SDK will continue to work as before.
The SDK samples have always had the option to
explicitly specify the vCenter Single Sign-On URL (whether the vCenter Single
Sign-On service is running inside or outside the management node). This is
useful in cases where the vCenter Single Sign-On service is deployed outside
the vSphere management node like the second configuration above.
When you log in to a vCenter Single Sign-On
Server, you must be in a domain that has been added as a vCenter Single Sign-On
identity source. If that domain is not the default domain, you must include the
domain name as part of your user name, such as, administrator@vsphere.local. To
learn more about configuring the vCenter Single Sign-On Server, see vSphere
Security.