The "official" location is pending a decision by the community what to do with this code.
Citrix would like to contribute it to the CloudStack project - having a ready-made .NET client for the CloudStack API is surely an advantage for us - anyone have thoughts on where it should live in the long term? Regards Simon -----Original Message----- From: Donal Lafferty Sent: 05 April 2013 13:21 To: Simon Waterhouse; dev@cloudstack.apache.org Cc: Pranav Saxena Subject: RE: CloudStack UI Authentication Mechanism Thanks for upgrading the .NET SDK I created :) Will this be the official public location? > -----Original Message----- > From: Simon Waterhouse > Sent: 05 April 2013 9:34 AM > To: dev@cloudstack.apache.org > Cc: Donal Lafferty; Pranav Saxena > Subject: RE: CloudStack UI Authentication Mechanism > > This should work whichever authenticator is used behind the logon API > (LDAP , MD5 etc.), but I didn't test the LDAP auth. yet... > > > -----Original Message----- > From: Simon Waterhouse [mailto:simon.waterho...@eu.citrix.com] > Sent: 05 April 2013 09:27 > To: dev@cloudstack.apache.org > Cc: Donal Lafferty > Subject: RE: CloudStack UI Authentication Mechanism > > The CloudStack .NET SDK at > https://github.com/siwater/cloudstack_dotnetsdk has support for both user > name/password and apiKey/secretKey authentication. > > > -----Original Message----- > From: Pranav Saxena [mailto:pranav.sax...@citrix.com] > Sent: 04 April 2013 17:51 > To: dev@cloudstack.apache.org > Cc: cloudstack-...@incubator.apache.org; Donal Lafferty > Subject: RE: CloudStack UI Authentication Mechanism > > Hey Donal, > > Sorry , I should have responded you a bit earlier but had no access to email > today . Yeah you are absolutely right . UI uses Jsession ID to bypaas login > check something like this as shown below - > > // Use this for checking the session, to bypass login screen > bypassLoginCheck: function(args) { //determine to show or bypass login > screen > if (g_loginResponse == null) { //show login screen > g_mySession = $.cookie('JSESSIONID'); > g_sessionKey = $.cookie('sessionKey'); > g_role = $.cookie('role'); > g_username = $.cookie('username'); > g_userid = $.cookie('userid'); > g_account = $.cookie('account'); > g_domainid = $.cookie('domainid'); > g_userfullname = > $.cookie('userfullname'); > g_timezone = $.cookie('timezone'); > if($.cookie('timezoneoffset') != null) > g_timezoneoffset = > isNaN($.cookie('timezoneoffset'))? null: > parseFloat($.cookie('timezoneoffset')); > else > g_timezoneoffset = null; > } > > Let me know if you need any more details. > > Thanks, > Pranav > > -----Original Message----- > From: Donal Lafferty [mailto:donal.laffe...@citrix.com] > Sent: Thursday, April 04, 2013 9:33 PM > To: dev@cloudstack.apache.org > Cc: cloudstack-...@incubator.apache.org > Subject: RE: CloudStack UI Authentication Mechanism > > > > > -----Original Message----- > > From: rohityada...@gmail.com [mailto:rohityada...@gmail.com] On > Behalf > > Of Rohit Yadav > > Sent: 04 April 2013 4:36 PM > > To: dev@cloudstack.apache.org > > Cc: cloudstack-...@incubator.apache.org > > Subject: Re: CloudStack UI Authentication Mechanism > > > > On Thu, Apr 4, 2013 at 7:59 PM, Donal Lafferty > > <donal.laffe...@citrix.com>wrote: > > > > > > > > > > > > -----Original Message----- > > > > From: rohityada...@gmail.com [mailto:rohityada...@gmail.com] On > > > > Behalf Of Rohit Yadav > > > > Sent: 04 April 2013 2:52 PM > > > > To: dev@cloudstack.apache.org > > > > Cc: cloudstack-...@incubator.apache.org > > > > Subject: Re: CloudStack UI Authentication Mechanism > > > > > > > > On Thu, Apr 4, 2013 at 4:50 PM, Donal Lafferty > > > > <donal.laffe...@citrix.com>wrote: > > > > > > > > > I noticed that the CloudStack UI allows VM control to accounts > > > > > that don't have an API key set defined. > > > > > > > > > > How does its authentication mechanism work? E.g. > > > > > > > > > > > > > > > 1. How are API calls authenticated and authorized if > > > they > > > > > are not signed with API keys? > > > > > > > > > > > > > On integration port, defined in the global settings, 8096 > > > > generally > > > there is no > > > > authentication done, user is admin has max. power. > > > > > > > [Donal Lafferty] > > > Okay, but the UI doesn't usually go over 8096. How does it work > > > when its not bypassing authentication? > > > > > > > jquery UI experts will let you know the internals. When authentication > > in UI is done, the keys are obtained and subsequently used while querying. > > Just attach your debugger to ApiServlet's GET handlers and follow the > > sequence which will help you discover how it all works till it reaches > > ApiDispatcher (through ApiServer class) where the actual cmd class is > > found, filled and executed. > > > [Donal Lafferty] > Looks like it uses a JSESSIONID cookie rather than HTTP Query signing. > > See http://cloudstack.apache.org/docs/api/apidocs- > 4.0.0/root_admin/login.html > > > Cheers. > > > > > > > > > > > > > > > > > > 2. Does this work equally well when LDAP is to > > > > > authenticate username / password? > > > > > > > > > > > > > Abhi can comment on this one. > > > > > > > > Cheers. > > > > > > > > > > > > > > > > > > > > > > > DL > > > > > > > > > > > > > > > > > >
