Class: Com::Vmware::Cis::Session

Inherits:
VAPI::Bindings::VapiService
  • Object
show all
Defined in:
/build/mts/release/bora-4571906/build/sdk/aggregated-bindings/ruby/com/vmware/cis.rb

Overview

The ``Com::Vmware::Cis::Session`` class allows API clients to manage session tokens including creating, deleting and obtaining information about sessions. 


  

  * The   :func:`Com::Vmware::Cis::Session.create`    method  creates session token in exchange for another authentication token.
   * The   :func:`Com::Vmware::Cis::Session.delete`    method  invalidates a session token.
   * The   :func:`Com::Vmware::Cis::Session.get`   retrieves information about a session token.
  
   

 The call to the   :func:`Com::Vmware::Cis::Session.create`    method  is part of the overall authentication process for API clients. For example, the sequence of steps for establishing a session with SAML token is:  

  * Connect to lookup service.
   * Discover the secure token service (STS) endpoint URL.
   * Connect to the secure token service to obtain a SAML token.
   * Authenticate to the lookup service using the obtained SAML token.
   * Discover the API endpoint URL from lookup service.
   * Call the   :func:`Com::Vmware::Cis::Session.create`    method . The   :func:`Com::Vmware::Cis::Session.create`   call must include the SAML token.
  
   

 See the programming guide and samples for additional information about establishing API sessions.  

  **Execution Context and Security Context**   

 To use session based authentication a client should supply the session token obtained through the   :func:`Com::Vmware::Cis::Session.create`    method . The client should add the session token in the security context when using SDK classes. Clients using the REST API should supply the session token as a HTTP header.  

  **Session Lifetime**   

 A session begins with call to the   :func:`Com::Vmware::Cis::Session.create`    method  to exchange a SAML token for a API session token. A session ends under the following circumstances:  

  * Call to the   :func:`Com::Vmware::Cis::Session.delete`    method .
   * The session expires. Session expiration may be caused by one of the following situations:  

      * Client inactivity - For a particular session identified by client requests that specify the associated session ID, the lapsed time since the last request exceeds the maximum interval between requests.
       * Unconditional or absolute session expiration time: At the beginning of the session, the session logic uses the SAML token and the system configuration to calculate absolute expiration time.
  
  
  
   

 When a session ends, the authentication logic will reject any subsequent client requests that specify that session. Any operations in progress will continue to completion.  

  **Error Handling**   

 The   :class:`Com::Vmware::Cis::Session`   returns the following  errors :  

  *  :class:`Com::Vmware::Vapi::Std::Errors::Unauthenticated`    error  for any  errors  related to the request.
   *  :class:`Com::Vmware::Vapi::Std::Errors::ServiceUnavailable`    error  for all  errors  caused by internal service failure.

Defined Under Namespace

Classes: Info

Instance Method Summary (collapse)

Constructor Details

- (Session) initialize(config)

Constructs a new instance.

Parameters:

  • config (VAPI::Bindings::StubConfig)

    A hash with the api provider details. 



121
122
123
 
# File '/build/mts/release/bora-4571906/build/sdk/aggregated-bindings/ruby/com/vmware/cis.rb', line 121

def initialize(config)
    super(config, @@service_info)
end

Instance Method Details

- (String) create

Creates a session with the API. This is the equivalent of login. This method exchanges user credentials supplied in the security context for a session identifier that is to be used for authenticating subsequent calls. To authenticate subsequent calls clients are expected to include the session key.

Returns:

  • (String)

    Newly created session identifier to be used for authenticating further requests.

Raises:

  • (Com::Vmware::Vapi::Std::Errors::Unauthenticated)

    if the session creation fails due to request specific issues. Due to the security nature of the API the details of the error are not disclosed.

    Please check the following preconditions if using a SAML token to authenticate: 

    
 * the supplied token is delegate-able.
  * the time of client and server system are synchronized.
  * the token supplied is valid.
  * if bearer tokens are used check that system configuration allows the API endpoint to accept such tokens.
  • (Com::Vmware::Vapi::Std::Errors::ServiceUnavailable)

    if session creation fails due to server specific issues, for example connection to a back end component is failing. Due to the security nature of this API further details will not be disclosed in the error . Please refer to component health information, administrative logs and product specific documentation for possible causes. 



142
143
144
 
# File '/build/mts/release/bora-4571906/build/sdk/aggregated-bindings/ruby/com/vmware/cis.rb', line 142

def create()
    invoke_with_info(@@create_info)
end

- (Void) delete

Terminates the validity of a session token. This is the equivalent of log out. 


 A session identifier is expected as part of the request.

Returns:

  • (Void)

Raises:

  • (Com::Vmware::Vapi::Std::Errors::Unauthenticated)

    if the session id is missing from the request or the corresponding session object cannot be found.

  • (Com::Vmware::Vapi::Std::Errors::ServiceUnavailable)

    if session deletion fails due to server specific issues, for example connection to a back end component is failing. Due to the security nature of this API further details will not be disclosed in the error . Please refer to component health information, administrative logs and product specific documentation for possible causes. 



156
157
158
 
# File '/build/mts/release/bora-4571906/build/sdk/aggregated-bindings/ruby/com/vmware/cis.rb', line 156

def delete()
    invoke_with_info(@@delete_info)
end

- (Com::Vmware::Cis::Session::Info) get

Returns information about the current session. This method expects a valid session identifier to be supplied. 


 A side effect of invoking this  method  may be a change to the session's last accessed time to the current time if this is supported by the session implementation. Invoking any other  method  in the API will also update the session's last accessed time.  

 This API is meant to serve the needs of various front end projects that may want to display the name of the user. Examples of this include various web based user interfaces and logging facilities.

Returns:

Raises:

  • (Com::Vmware::Vapi::Std::Errors::Unauthenticated)

    if the session id is missing from the request or the corresponding session object cannot be found.

  • (Com::Vmware::Vapi::Std::Errors::ServiceUnavailable)

    if session retrieval fails due to server specific issues e.g. connection to back end component is failing. Due to the security nature of this API further details will not be disclosed in the error. Please refer to component health information, administrative logs and product specific documentation for possible causes. 



173
174
175
 
# File '/build/mts/release/bora-4571906/build/sdk/aggregated-bindings/ruby/com/vmware/cis.rb', line 173

def get()
    invoke_with_info(@@get_info)
end