vCenter Server Single
Sign-On Session Using Java
After you obtain a SAML token from the
vCenter Single Sign-On Server, you can use the vSphere Web Services API method
LoginByToken
to establish a
vCenter Single Sign-On session with a vCenter Server. At the beginning of the
session, your client is responsible for the following tasks:
- Insert the vCenter Single Sign-On token and a timestamp into the SOAP header of theLoginByTokenmessage.
- Maintain the vCenter session cookie. During the login sequence, the Server produces an HTTP session cookie to support the persistent connection. Your client must save this cookie and re-introduce it at the appropriate times.
- If at a later time your client invokes theLoginByTokenmethod, or other login method, the Server issues a new session cookie in response. You must have a cookie handler in place to save the cookie for subsequent requests.
The example program uses these general steps:
- Call theRetrieveServiceContentmethod to establish an HTTP connection with the vCenter Server and get the Session Manager managed object reference.
- Call theLoginByTokenmethod to authenticate the vCenter session. To send the token to the vCenter Server, the client uses a handler to embed the token and a time stamp in the SOAP header for the message. The client uses an HTTP header handler method to extract the session cookie from the vCenter Server response.
- Restore the session cookie for future requests. To identify the session started with theLoginByTokenmethod, the client uses a handler to embed the session cookie in the HTTP header.