com.vmware.cis

Interface Session

All Superinterfaces:

Service, SessionTypes

All Known Implementing Classes:

SessionStub

public interface Session
extends Service, SessionTypes

The Session interface allows API clients to manage session tokens including creating, deleting and obtaining information about sessions.

• The create() method creates session token in exchange for another authentication token.
• The delete() method invalidates a session token.
• The get() retrieves information about a session token.

The call to the create() method is part of the overall authentication process for API clients. For example, the sequence of steps for establishing a session with SAML token is:

• Connect to lookup service.
• Discover the secure token service (STS) endpoint URL.
• Connect to the secure token service to obtain a SAML token.
• Authenticate to the lookup service using the obtained SAML token.
• Discover the API endpoint URL from lookup service.
• Call the create() method. The create() call must include the SAML token.

See the programming guide and samples for additional information about establishing API sessions.

Execution Context and Security Context

To use session based authentication a client should supply the session token obtained through the create() method. The client should add the session token in the security context when using SDK classes. Clients using the REST API should supply the session token as a HTTP header.

Session Lifetime

A session begins with call to the create() method to exchange a SAML token for a API session token. A session ends under the following circumstances:

• Call to the delete() method.
• The session expires. Session expiration may be caused by one of the following situations:
  • Client inactivity - For a particular session identified by client requests that specify the associated session ID, the lapsed time since the last request exceeds the maximum interval between requests.
  • Unconditional or absolute session expiration time: At the beginning of the session, the session logic uses the SAML token and the system configuration to calculate absolute expiration time.

When a session ends, the authentication logic will reject any subsequent client requests that specify that session. Any operations in progress will continue to completion.

Error Handling

The Session returns the following exceptions:

• Unauthenticated exception for any exceptions related to the request.
• ServiceUnavailable exception for all exceptions caused by internal service failure.

Nested Class Summary

Nested classes/interfaces inherited from interface com.vmware.cis.SessionTypes

SessionTypes.Info

Field Summary

Fields inherited from interface com.vmware.cis.SessionTypes

_VAPI_SERVICE_ID

Method Summary

Modifier and Type	Method and Description
char[]	create() Creates a session with the API.
void	create(AsyncCallback<char[]> asyncCallback) Creates a session with the API.
void	create(AsyncCallback<char[]> asyncCallback, InvocationConfig invocationConfig) Creates a session with the API.
char[]	create(InvocationConfig invocationConfig) Creates a session with the API.
void	delete() Terminates the validity of a session token.
void	delete(AsyncCallback<java.lang.Void> asyncCallback) Terminates the validity of a session token.
void	delete(AsyncCallback<java.lang.Void> asyncCallback, InvocationConfig invocationConfig) Terminates the validity of a session token.
void	delete(InvocationConfig invocationConfig) Terminates the validity of a session token.
SessionTypes.Info	get() Returns information about the current session.
void	get(AsyncCallback<SessionTypes.Info> asyncCallback) Returns information about the current session.
void	get(AsyncCallback<SessionTypes.Info> asyncCallback, InvocationConfig invocationConfig) Returns information about the current session.
SessionTypes.Info	get(InvocationConfig invocationConfig) Returns information about the current session.

Method Detail

create

char[] create()

Creates a session with the API. This is the equivalent of login. This method exchanges user credentials supplied in the security context for a session identifier that is to be used for authenticating subsequent calls. To authenticate subsequent calls clients are expected to include the session key.

Synchronous method overload. Result of the invocation will be reported as a method return value.

Returns:

Newly created session identifier to be used for authenticating further requests.

Throws:

Unauthenticated - if the session creation fails due to request specific issues. Due to the security nature of the API the details of the error are not disclosed.

Please check the following preconditions if using a SAML token to authenticate:

• the supplied token is delegate-able.
• the time of client and server system are synchronized.
• the token supplied is valid.
• if bearer tokens are used check that system configuration allows the API endpoint to accept such tokens.

ServiceUnavailable - if session creation fails due to server specific issues, for example connection to a back end component is failing. Due to the security nature of this API further details will not be disclosed in the exception. Please refer to component health information, administrative logs and product specific documentation for possible causes.

create

char[] create(InvocationConfig invocationConfig)

Creates a session with the API. This is the equivalent of login. This method exchanges user credentials supplied in the security context for a session identifier that is to be used for authenticating subsequent calls. To authenticate subsequent calls clients are expected to include the session key.

Synchronous method overload. Result of the invocation will be reported as a method return value. Use invocationConfig to specify configuration for this particular invocation.

Parameters:

invocationConfig - Configuration for the method invocation.

Returns:

Newly created session identifier to be used for authenticating further requests.

Throws:

Unauthenticated - if the session creation fails due to request specific issues. Due to the security nature of the API the details of the error are not disclosed.

Please check the following preconditions if using a SAML token to authenticate:

• the supplied token is delegate-able.
• the time of client and server system are synchronized.
• the token supplied is valid.
• if bearer tokens are used check that system configuration allows the API endpoint to accept such tokens.

ServiceUnavailable - if session creation fails due to server specific issues, for example connection to a back end component is failing. Due to the security nature of this API further details will not be disclosed in the exception. Please refer to component health information, administrative logs and product specific documentation for possible causes.

create

void create(AsyncCallback<char[]> asyncCallback)

Creates a session with the API. This is the equivalent of login. This method exchanges user credentials supplied in the security context for a session identifier that is to be used for authenticating subsequent calls. To authenticate subsequent calls clients are expected to include the session key.

Asynchronous method overload. Result of the invocation will be reported via the specified asyncCallback.

Invocation Result:
Newly created session identifier to be used for authenticating further requests.

Operation Errors:
Unauthenticated - if the session creation fails due to request specific issues. Due to the security nature of the API the details of the error are not disclosed.

Please check the following preconditions if using a SAML token to authenticate:

• the supplied token is delegate-able.
• the time of client and server system are synchronized.
• the token supplied is valid.
• if bearer tokens are used check that system configuration allows the API endpoint to accept such tokens.

ServiceUnavailable - if session creation fails due to server specific issues, for example connection to a back end component is failing. Due to the security nature of this API further details will not be disclosed in the exception. Please refer to component health information, administrative logs and product specific documentation for possible causes.

Parameters:

asyncCallback - Receives the status (progress, result or error) of the operation invocation.

create

void create(AsyncCallback<char[]> asyncCallback,
            InvocationConfig invocationConfig)

Creates a session with the API. This is the equivalent of login. This method exchanges user credentials supplied in the security context for a session identifier that is to be used for authenticating subsequent calls. To authenticate subsequent calls clients are expected to include the session key.

Asynchronous method overload. Result of the invocation will be reported via the specified asyncCallback. Use invocationConfig to specify configuration for this particular invocation.

Invocation Result:
Newly created session identifier to be used for authenticating further requests.

Operation Errors:
Unauthenticated - if the session creation fails due to request specific issues. Due to the security nature of the API the details of the error are not disclosed.

Please check the following preconditions if using a SAML token to authenticate:

• the supplied token is delegate-able.
• the time of client and server system are synchronized.
• the token supplied is valid.
• if bearer tokens are used check that system configuration allows the API endpoint to accept such tokens.

ServiceUnavailable - if session creation fails due to server specific issues, for example connection to a back end component is failing. Due to the security nature of this API further details will not be disclosed in the exception. Please refer to component health information, administrative logs and product specific documentation for possible causes.

Parameters:

asyncCallback - Receives the status (progress, result or error) of the operation invocation.

invocationConfig - Configuration for the method invocation.

delete

void delete()

Terminates the validity of a session token. This is the equivalent of log out.

A session identifier is expected as part of the request.

Synchronous method overload. Result of the invocation will be reported as a method return value.

Throws:

Unauthenticated - if the session id is missing from the request or the corresponding session object cannot be found.

ServiceUnavailable - if session deletion fails due to server specific issues, for example connection to a back end component is failing. Due to the security nature of this API further details will not be disclosed in the exception. Please refer to component health information, administrative logs and product specific documentation for possible causes.

delete

void delete(InvocationConfig invocationConfig)

Terminates the validity of a session token. This is the equivalent of log out.

A session identifier is expected as part of the request.

Synchronous method overload. Result of the invocation will be reported as a method return value. Use invocationConfig to specify configuration for this particular invocation.

Parameters:

invocationConfig - Configuration for the method invocation.

Throws:

Unauthenticated - if the session id is missing from the request or the corresponding session object cannot be found.

ServiceUnavailable - if session deletion fails due to server specific issues, for example connection to a back end component is failing. Due to the security nature of this API further details will not be disclosed in the exception. Please refer to component health information, administrative logs and product specific documentation for possible causes.

delete

void delete(AsyncCallback<java.lang.Void> asyncCallback)

Terminates the validity of a session token. This is the equivalent of log out.

A session identifier is expected as part of the request.

Asynchronous method overload. Result of the invocation will be reported via the specified asyncCallback.

Operation Errors:
Unauthenticated - if the session id is missing from the request or the corresponding session object cannot be found.
ServiceUnavailable - if session deletion fails due to server specific issues, for example connection to a back end component is failing. Due to the security nature of this API further details will not be disclosed in the exception. Please refer to component health information, administrative logs and product specific documentation for possible causes.

Parameters:

asyncCallback - Receives the status (progress, result or error) of the operation invocation.

delete

void delete(AsyncCallback<java.lang.Void> asyncCallback,
            InvocationConfig invocationConfig)

Terminates the validity of a session token. This is the equivalent of log out.

A session identifier is expected as part of the request.

Asynchronous method overload. Result of the invocation will be reported via the specified asyncCallback. Use invocationConfig to specify configuration for this particular invocation.

Operation Errors:
Unauthenticated - if the session id is missing from the request or the corresponding session object cannot be found.
ServiceUnavailable - if session deletion fails due to server specific issues, for example connection to a back end component is failing. Due to the security nature of this API further details will not be disclosed in the exception. Please refer to component health information, administrative logs and product specific documentation for possible causes.

Parameters:

asyncCallback - Receives the status (progress, result or error) of the operation invocation.

invocationConfig - Configuration for the method invocation.

get

SessionTypes.Info get()

Returns information about the current session. This method expects a valid session identifier to be supplied.

A side effect of invoking this method may be a change to the session's last accessed time to the current time if this is supported by the session implementation. Invoking any other method in the API will also update the session's last accessed time.

This API is meant to serve the needs of various front end projects that may want to display the name of the user. Examples of this include various web based user interfaces and logging facilities.

Synchronous method overload. Result of the invocation will be reported as a method return value.

Returns:

Information about the session.

Throws:

Unauthenticated - if the session id is missing from the request or the corresponding session object cannot be found.

ServiceUnavailable - if session retrieval fails due to server specific issues e.g. connection to back end component is failing. Due to the security nature of this API further details will not be disclosed in the error. Please refer to component health information, administrative logs and product specific documentation for possible causes.

get

SessionTypes.Info get(InvocationConfig invocationConfig)

Returns information about the current session. This method expects a valid session identifier to be supplied.

A side effect of invoking this method may be a change to the session's last accessed time to the current time if this is supported by the session implementation. Invoking any other method in the API will also update the session's last accessed time.

This API is meant to serve the needs of various front end projects that may want to display the name of the user. Examples of this include various web based user interfaces and logging facilities.

Synchronous method overload. Result of the invocation will be reported as a method return value. Use invocationConfig to specify configuration for this particular invocation.

Parameters:

invocationConfig - Configuration for the method invocation.

Returns:

Information about the session.

Throws:

Unauthenticated - if the session id is missing from the request or the corresponding session object cannot be found.

ServiceUnavailable - if session retrieval fails due to server specific issues e.g. connection to back end component is failing. Due to the security nature of this API further details will not be disclosed in the error. Please refer to component health information, administrative logs and product specific documentation for possible causes.

get

void get(AsyncCallback<SessionTypes.Info> asyncCallback)

Returns information about the current session. This method expects a valid session identifier to be supplied.

A side effect of invoking this method may be a change to the session's last accessed time to the current time if this is supported by the session implementation. Invoking any other method in the API will also update the session's last accessed time.

This API is meant to serve the needs of various front end projects that may want to display the name of the user. Examples of this include various web based user interfaces and logging facilities.

Asynchronous method overload. Result of the invocation will be reported via the specified asyncCallback.

Invocation Result:
Information about the session.

Operation Errors:
Unauthenticated - if the session id is missing from the request or the corresponding session object cannot be found.
ServiceUnavailable - if session retrieval fails due to server specific issues e.g. connection to back end component is failing. Due to the security nature of this API further details will not be disclosed in the error. Please refer to component health information, administrative logs and product specific documentation for possible causes.

Parameters:

asyncCallback - Receives the status (progress, result or error) of the operation invocation.

get

void get(AsyncCallback<SessionTypes.Info> asyncCallback,
         InvocationConfig invocationConfig)

Returns information about the current session. This method expects a valid session identifier to be supplied.

A side effect of invoking this method may be a change to the session's last accessed time to the current time if this is supported by the session implementation. Invoking any other method in the API will also update the session's last accessed time.

This API is meant to serve the needs of various front end projects that may want to display the name of the user. Examples of this include various web based user interfaces and logging facilities.

Asynchronous method overload. Result of the invocation will be reported via the specified asyncCallback. Use invocationConfig to specify configuration for this particular invocation.

Invocation Result:
Information about the session.

Operation Errors:
Unauthenticated - if the session id is missing from the request or the corresponding session object cannot be found.
ServiceUnavailable - if session retrieval fails due to server specific issues e.g. connection to back end component is failing. Due to the security nature of this API further details will not be disclosed in the error. Please refer to component health information, administrative logs and product specific documentation for possible causes.

Parameters:

asyncCallback - Receives the status (progress, result or error) of the operation invocation.

invocationConfig - Configuration for the method invocation.