vCenter Single Sign On Token Request Overview
The code examples in the following sections show how to use the Issue method to acquire a holder-of-key security token. To see an example of using the token to login to a vCenter Server, see vCenter LoginByToken Example. The code examples in this chapter are based on the following sample file located in the vCenter Single Sign On SDK JAX-WS client samples directory:
.../JAXWS/samples/com/vmware/sso/client/samples/AcquireHoKTokenByUserCredentialSample.java
The AcquireHoKTokenByUserCredentialSample program creates a token request and calls the issue method to send the request to a vCenter Single Sign On Server. The program uses a sample implementation of Web services message handlers to modify the SOAP security header for the request message.
This example uses the username-password security policy (STSSecPolicy_UserPwd). This policy requires that the SOAP security header include a timestamp, username and password, and a digital signature and certificate. The sample message handlers embed these elements in the message.
The example performs the following operations:
1
Create a security token service client object (STSService_Service). This object manages the vCenter Single Sign On header handlers and it provides access to the vCenter Single Sign On client API methods. This example uses the issue method.
2
Create a vCenter Single Sign On header handler resolver object (HeaderHandlerResolver). This object acts as a container for the different handlers.
3
Add the handlers for timestamp, user credentials, certificate, and token extraction to the handler resolver.
4
Add the handler resolver to the security token service.
5
Retrieve the STS port (STS_Service) from the security token service object.
6
Create a security token request.
7
Set the request fields.
8
Set the endpoint in the request context. The endpoint identifies the vCenter Single Sign On Server.
9
Call the issue method, passing the token request.
10
Handle the response from the vCenter Single Sign-On server.
Help us improve this information. Send feedback to [email protected].