<div dir="ltr">Hi,<div><br></div><div>On Wed, Oct 23, 2013 at 8:45 PM, Alberto Zuin - Liste <span dir="ltr"><<a href="mailto:liste@albertozuin.eu" target="_blank">liste@albertozuin.eu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
Hello all,<br>I'm trying to integrate OpenNebula in an API project (mine) where I don't have a user DB and I have to use OpenNebula to authorize users like a SSO service.<br>In other situations, I found an API where I send a token and the authentication server answer me with a 200 code if the token is valid and the user is authenticated (and maybe with the user id and other information), or a 401 code if the token isn't valid.<br>
In OpenNebula documentation I found the <a href="http://one.user.info/" target="_blank">one.user.info</a> xml-rpc api, but it seems the session input variable is a simple username:password and not a real token but in <a href="http://opennebula.org/documentation:rel4.2:auth_overview" target="_blank">http://opennebula.org/<u></u>documentation:rel4.2:auth_<u></u>overview</a> the paragraph:<br>
<br>Any interface to OpenNebula (CLI, Sunstone, Ruby or Java OCA) communicates with the core using xml-rpc calls, that contain the user's session string, which is authenticated by the OpenNebula core comparing the username and password with the registered users.<br>
<br>seems to say otherwise.<br>Can you help me please?<br>Thanks,<br>Alberto</blockquote></div><div><br></div><div>The session parameter of the xmlrpc calls is always username:token. But the contents of the token will depend on the authentication backend. As you said, the default 'core' mechanism just expects the password.</div>
<div><br></div><div>Other drivers, like ssh and x509, use a token that must be generated with the command 'oneuser login'. You can even create a new auth driver, it won't be difficult if you use the existing ones as a reference.</div>
<div>You will find relevant links in the 'Auth Integration' box of the documentation [1]<br></div><div><br></div><div>I'm not sure I answered your question, feel free to ask away.</div><div><br></div><div>Regards</div>
<div><br></div><div>[1] <a href="http://opennebula.org/documentation:rel4.2">http://opennebula.org/documentation:rel4.2</a><br></div><div><br></div><div class="gmail_extra"><div><div dir="ltr">--<br><div>Carlos Martín, MSc<br>
Project Engineer</div><div>OpenNebula - Flexible Enterprise Cloud Made Simple<br><div><span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"><a href="http://www.OpenNebula.org" target="_blank">www.OpenNebula.org</a> | <a href="mailto:cmartin@opennebula.org" target="_blank">cmartin@opennebula.org</a> | <a href="http://twitter.com/opennebula" target="_blank">@OpenNebula</a></span><span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"><a href="mailto:cmartin@opennebula.org" style="color:rgb(42,93,176)" target="_blank"></a></span></div>
</div></div></div>
<br></div></div>