Skip Headers
Oracle® Enterprise Manager Ops Center Cloud Infrastructure API and CLI Reference Guide
12c Release 1 (12.1.4.0.0)

Part Number E25150-06
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

A Web Service Client Example

This appendix provides an example for generating requests to the Web service of the cloud infrastructure API described in Chapter 4, "Cloud Infrastructure API Reference".

This example uses the WebUtil application for generating the requests. The appendix includes the following topics:

A.1 Description of Web Service API Requests

This section provides a description of the information contained in a typical request to the Web service. This section describes both types of requests:

A.1.1 AKM Request

The following URL shows the information required in a typical access key management (AKM) request to the Web service:

https://USER:PASSWORD@HOST/akm/?REQUEST_DATA

Name Description
USER Cloud user name
PASSWORD Cloud user password
HOST IP address or fully qualified host name
REQUEST_DATA The request data is made of a series of name=value parameters separated by an ampersand (&).

A.1.1.1 REQUEST_DATA Specification

The parameters required as part of the REQUEST_DATA depend on the value used for the AKM action. However, a set of common parameters is required for every AKM request.

The following table shows the required parameters for the REQUEST_DATA in every AKM request. Example A-1 shows how these parameters appear in a complete request.

Name Description
Action One of the AKM actions. See RegisterAccessKeyRequest, DescribeAccessKeysRequest, DeleteAccessKeyRequest, and DescribeAccountsRequest actions for a complete description and extra parameters for each AKM action.
Version 1
Timestamp Timestamp in milliseconds since January 1, 1970
Expires Expiry date in milliseconds (ms) since January 1, 1970 must be greater than the timestamp field. A 300000 ms difference between the two values must be enough.

Example A-1 A Complete AKM Request

https://<username>:<password>@<EnterpriseControllerHostname>/akm/?Action= DescribeAccounts&Version=1&Timestamp=1330954619299&Expires=1330954919299

A.1.2 IAAS Request

The following URL shows the information required in a typical infrastructure as a service (IAAS) request to the Web service:

https://HOST/iaas/?REQUEST_IAAS_DATA&SIGNATURE_BLOCK

Name Description
HOST IP address or fully qualified host name
REQUEST_IAAS_DATA The request IAAS data is a series of name=value parameters separated by an ampersand (&).
SIGNATURE_BLOCK The signature block is a series of name=value parameters separated by an ampersand (&).

A.1.2.1 REQUEST_IAAS_DATA Specification

The parameters required as part of the REQUEST_IAAS_DATA depend on the value used for the IAAS action. However, a set of common parameters is required for every IAAS request.

The following table shows the common required parameters for the REQUEST_IAAS_DATA in every IAAS request. Example A-2 show how these parameter appears in a complete specification for REQUEST_IAAS_DATA.

Name Description
Action One of the IAAS actions. See "List of Actions" on page , for a complete list of IAAS actions and extra parameters for each IAAS action.
Version 1
Timestamp Timestamp in milliseconds since January 1, 1970
Expires Expiry date in milliseconds (ms) since January 1, 1970 must be greater than the timestamp field. A 300000 ms difference between the two values must be enough.
accessKeyId The value returned by the AKM RegisterAccessKeyRequest action.

Example A-2 Sample REQUEST_IAAS_DATA Specification

Action= DescribeVnets&Version=1&Timestamp=1330954619299&Expires=1330954919299&accessKeyId=AK_1

A.1.2.2 SIGNATURE_BLOCK Specification

The signature block consists of signing some IAAS data with a private key so that the Web service can authenticate the request. The Web server should be able to verify the signature with the public key registered with the RegisterAccessKeyRequest action.

The following table shows the series of name=value parameters that conform the specification for the SIGNATURE_BLOCK. These parameters are separated by the ampersand(&). Example A-3 shows a complete specification for a SIGNATURE_BLOCK sample.

Name Description
SignatureVersion 1
SignatureMethod SHA512withRSA. This is the only method supported.
Signature Encoded Hash value of the data to be signed. See "IAAS Data Used for Signature" for a complete description of the Signature field.

Example A-3 Sample SIGNATURE_BLOCK Specification

SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=bj8GfJCqvPZZPU2JoWAGzZdCF+N767rQejILMQwNdgKLfoGGqAwDPRYMr/ghUoBc6RB3nKYgAyPdmtCfhzRGTqECgUWy0jCrE99+utGeeJ0/XRQ9LxyYeBgzjO3lHP+hFhUo+gUtQaSYPhUHH7eTkxg/CrolMxibglypJM/rIf90yEqSeqhphQt7hWxlT0DNAy6/cZt8isT/Tu8V7ZFjBFkEpLfN97bIOJ2vIIpOeetmftuw4ObtqjbUp6+7dpVkhhCQnX0MAIDj+mjorEOzcwK+F1pYuzES0fjaW0MowG+cA/9gttDjg7r5H29i3qbbjIlvAt6fk1HPpSxQTSTOTg==

A.1.2.3 IAAS Data Used for Signature

The following table shows the required information to generate the encoded hash value of the signature for an IAAS request. This data needs to be signed and base64 encoded. Example A-4 shows a complete data set of the IAAS data used for generating a signature. Example A-5 shows a Java representation of the IAAS data to sign.

Name Description
Http Request type POST
HostName IP address or fully qualified host name
Base URL of the Web service iaas
REQUEST_IAAS_DATA The request data is made of a series of name=value parameters separated by an ampersand (&). See also "REQUEST_IAAS_DATA Specification".

Example A-4 Example of the IAAS Data to Sign

A"\n" is required between every field.

POST
<EnterpriseControllerHostname>
/iaas/
Action= DescribeAccounts&Version=1&Timestamp=1330954619299&Expires=1330954919299

Example A-5 Java Representation of the Data to Sign

StringBuilder message = new StringBuilder();Message.setLength(0);message.append("POST").append("\n");message.append("<EnterpriseControllerHostname>") .append("\n");message.append("/iaas/").append("\n");message.append("Action= DescribeVnets&Version=1&Timestamp=1330954619299&Expires=1330954919299&accessKeyId=AK_1").append("\n");

See "Examples of Web Service Requests", for an example of generating an IAAS requests with signed data.

A.2 Sending a Web Service Request

Requests to the Web service are simple HTTP POST or GET operations. After a AKM or IAAS request is dynamically generated, static technology is used to send the request.

This section mentions the use of the Web browser and the WGET utility as the static technology to send requests to the Web service.

A.2.1 Using the Web Browser

To use the Web browser to send a request to the Web service, enter the complete request in the address bar of the browser.

The following URL is an example of a complete AKM request. The request should be entered in the address bar as a one-line command:

https://<username>:<password>@<EnterpriseControllerHostname>/akm/? Action= DescribeAccounts&Version=1&Timestamp=1330954619299&Expires=1330954919299

A.2.2 Using WGET Utility

To use WGET utility, it is necessary to use the --no-check-certificate option.

The following is an example of sending a request using WGET with the same AKM request used previously:

wget https://<username>:<password>@<EnterpriseControllerHostname>/akm/?Action= DescribeAccounts&Version=1&Timestamp=1330954619299&Expires=1330954919299 --nocheck-certificate

A.3 Creating Public and Private Keys

Both public and private RSA keys are required for signing the required IAAS data so that the Web service can authenticate the request.

A.3.1 Private Key

A private key must exist before you can create a public key. To create a private keys use the following command:

openssl genrsa -out privatekey.pem 2048

The private key is stored in the privatekey.pem file. This file is used to create the public key. After the public key is registered with the RegisterAccessKeyRequest action, this private key can be used to sign the IAAS data.

If the WebUtil application is used to sign the IAAS data, then the private key must be stored in DER format. You can use the following command:

openssl pkcs8 -topk8 -inform PEM -outform DER -in privatekey.pem -nocrypt > privatekey.DER

The private key is stored in the privatekey.DER file.

A.3.2 Public Key

To create a public key use the following command:

openssl rsa -in privatekey.pem -pubout -out publickey.pem

The public key is stored in the publickey.pem file. After the public key is registered using the RegisterAccessKeyRequest action, the Web server can verify the signed data with the public key.

A.4 Overview of the WebUtil Application

WebUtil is a simple Java application that generates the signature for an IAAS request to the Web service. WebUtil uses the SHA512withRSA method and base64 encoding to sign the required data.

The following is the code of the WebUtil application. You can build the application with the javac compiler; it is possible that two warnings are displayed when building the application.

/*
 *  Copyright (c) 2007, 2012 Oracle and/or its affiliates.  All rights reserved.
 *  Use is subject to license terms.
 */
import java.io.*;
import java.nio.charset.Charset;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.interfaces.RSAPrivateKey;
public class WebUtil {
        final static String UTF_8_ENCODER = "UTF-8";
        private static final Charset CHARSET_ENCODING_UTF_8    = Charset.forName("UTF-8");
        private static final long   IAAS_REQUEST_TIMEOUT_MS = 300000; //default expiry time is 5 minutes
        public static void main(String[] args) {
        if(args.length<=0) {
                WebUtil.usage();
        }
        String argument=new String(args[0]);        
        if(argument.compareTo("signature") ==0 && args.length != 6){
                WebUtil.usage();
        }
        if(argument.compareTo("template") == 0 && args.length != 2){
                WebUtil.usage();                
        }
                
        try{
 
        if(argument.compareTo("template") == 0){
                WebUtil.generateTemplate(args[1]);                
        
        }        
        
        if(argument.compareTo("signature") ==0 && args.length == 6){              
                WebUtil.signDataToFile(args[1],args[2],args[3],args[4],args[5]);
                
        }        
 
        }catch (Exception e){
                System.err.println("Caught exception " + e.toString());
        }
 
 
 
        }
        static void usage(){
                
            System.out.println("Usage: WebUtil template destinationFile");
            System.out.println("Usage: WebUtil signature privateKeyDER  HTTP_TYPE  HOST_IP  DATA_TO_SIGN  signatureData");
            System.out.println("Usage: HTTP_TYPE: POST or GET\n   HOST_IP=ip address of OC \n    DATA_TO_SIGN:without Timestamp and Expire but needs to have the access key id \n  signatureData:filename to store the signature");
            System.exit(0);
            
        }
 
        static void generateTemplate(String filename)throws Exception {
                StringBuilder message = new StringBuilder();
 
                message.setLength(0);
                message.append("POST").append("\n");
                message.append("10.169.79.76").append("\n");
                message.append("/iaas/").append("\n");
                message.append("Action=DescribeVnets&Version=1");
                message.append("&Timestamp=1330797956376");
                message.append("&Expires=1330798256376");
                message.append("&AccessKeyId=AK_1");
                message.append("\n");
                FileOutputStream iaas = new FileOutputStream(filename);
                iaas.write(message.toString().getBytes(CHARSET_ENCODING_UTF_8));
                iaas.close();
        }        
 
 
        static void signDataToFile(String keyPrivFile, String httpType, String host, String dataRequest,String signedDataFile) throws Exception {
                
                
long tsnow = System.currentTimeMillis();
long tsexpires = tsnow + IAAS_REQUEST_TIMEOUT_MS;
String tNow=Long.toString(tsnow);
String tEXPIRE=Long.toString(tsexpires);
 
StringBuilder message = new StringBuilder();
message.setLength(0);
message.append(httpType).append("\n");
message.append(host).append("\n");
message.append("/iaas/").append("\n");
message.append(dataRequest);
message.append("&Timestamp="); message.append(tNow);
message.append("&Expires="); message.append(tEXPIRE);
message.append("\n");
 
StringBuilder iaasmessage = new StringBuilder();
iaasmessage.append("https://").append(host);
iaasmessage.append("/iaas/?").append(dataRequest);
iaasmessage.append("&Timestamp="); iaasmessage.append(tNow);
iaasmessage.append("&Expires="); iaasmessage.append(tEXPIRE);
iaasmessage.append("&SignatureMethod=SHA512withRSA&SignatureVersion=1");
iaasmessage.append("&Signature=");
        
                
                String messageStr = message.toString();        
                
 
                /* Read private keyfile DER */
                FileInputStream in = new FileInputStream( keyPrivFile);
 
                FileInputStream keyfis =    new FileInputStream(keyPrivFile);
                byte[] encKey = new byte[keyfis.available()];
                keyfis.read(encKey);
                keyfis.close();
 
                PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec(encKey);
 
                KeyFactory keyFactory =    KeyFactory.getInstance("RSA");
                PrivateKey privKey =    keyFactory.generatePrivate(privKeySpec);
 
                Signature rsa = Signature.getInstance("SHA512withRSA"); 
 
                rsa.initSign(privKey);
                rsa.update(messageStr.getBytes(CHARSET_ENCODING_UTF_8));
 
                /* Now that all the data to be signed has been read in, 
                    generate a signature for it */
 
                byte[] realSig = rsa.sign();
                
                /* base64 encode the signed data */
                String signatureUrlEncoded = getBase64Encoder().encode(realSig);
 
 
        
                /* Copy data to file */
        
                FileOutputStream iaas = new FileOutputStream(signedDataFile);
                iaas.write(signatureUrlEncoded.getBytes(CHARSET_ENCODING_UTF_8));
                iaas.close();
 
                /* copy part of request to request file */
                FileOutputStream iaasreq = new FileOutputStream("iaasPartRequest");
                iaasreq.write(iaasmessage.toString().getBytes(CHARSET_ENCODING_UTF_8));
                iaasreq.close();
 
 
        }        
 
/**
     * @return a new base 64 encoder
     */
    public static sun.misc.BASE64Encoder getBase64Encoder() {
        /*
         * This helper method was introduced to minimize the warnings about
         * using a Sun proprietary API. Use full package names to avoid
         * warning on import statement.
         */
        return new sun.misc.BASE64Encoder();
    }
 
}

A.4.1 How the WebUtil Application Works

WebUtil application requires an access key for the account. See "Creating an Access Key" for information about how to create the access key.

After the access key is created, the IAAS data must be defined, as explained in "IAAS Data Used for Signature".

The following is an example of the IAAS data for viewing vNets information:

POST
<EnterpriseControllerHostname>
Action=DescribeVnets&Version=1&accessKeyId=AK_1&Timestamp=12333333&Expires=13333444

To generate the signature and base64 encoding, use the WebUtil by running the following command:

java WebUtil signature  privatekey.DER "POST" "<EnterpriseControllerHostname>"  "Action=DescribeVnets&Version=1&accessKeyId=AK_1" signedData

WebUtil generates and stores the signed data in the signedData file:

Content of the signedData file: bj8GfJCqvPZZPU2JoWAGzZdCF+N767rQejILMQwNdgKLfoGGqAwDPRYMr/ghUoBc6RB3nKYgAyPdmtCfhzRGTqECgUWy0jCrE99+utGeeJ0/XRQ9LxyYeBgzjO3lHP+hFhUo+gUtQaSYPhUHH7eTkxg/CrolMxibglypJM/rIf90yEqSeqhphQt7hWxlT0DNAy6/cZt8isT/Tu8V7ZFjBFkEpLfN97bIOJ2vIIpOeetmftuw4ObtqjbUp6+7dpVkhhCQnX0MAIDj+mjorEOzcwK+F1pYuzES0fjaW0MowG+cA/9gttDjg7r5H29i3qbbjIlvAt6fk1HPpSxQTSTOTg==

WebUtil also generates the iaasPartRequest file with the following information:

https://<EnterpriseControllerHostname>/iaas/?Action=DescribeVnets&Version=1&AccessKeyId=AK_1&Timestamp=1331058169938&Expires=1331058469938&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=

To generate the complete HTTP request, append the content of the signedData file to the iaasPartRequest file as a single-line command. After that, the HTTP request can be sent, see "Sending a Web Service Request".

A.5 Examples of Web Service Requests

This section presents an example for creating requests to the Web service that allows a cloud user to perform actions for an account. This section includes:

A.5.1 Creating an Access Key

An access key is created for an account. The registered access key is needed to perform any IAAS action in the account.

For this example, the following information is used to create the access key:

  • USER: clouduser

  • PASSWORD: <password>

  • HOST: 10.16.79.70

To create an access key:

  1. Create a private RSA key stored as a DER file.

    1. Run the following command to create a private RSA key file:

      openssl genrsa -out privatekey.pem 2048

    2. Run the following command to store the private key as DER:

      openssl pcks8 -topk8 -inform PEM -outform DER -in privatekey.pem -nocrypt > privatekey.DER

  2. Create a public RSA key base on the privateRSA key. Run the following command:

    openssl rsa -in privatekey.pem -pubout -out publickey.pem

    The openssl public key generated must be similar to the following:

    -----BEGIN PUBLIC KEY----- 
    MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufVdjdp0MmOLbNypLVMW 
    Xfmhusawid4Wg4n4FZewSmoBEYA8f8wIA0SI87Shi7RtMcWsEoXvNNHA0wcJoA1R 
    jyVLsI3rtrq0c0k7AxQSwb4UK/rSXW1NXxMh/mE7b3gdA6d9VuwIPnZJ5ZFQUZCL 
    yhaAotLCdACrzbgzYXdqt+rstutT1AVkE2UAMcm5O3KnIoObZKb8JtepSt74A9Rg 
    VBkcCBjmKGfLNOL1KlZconkITm85TWKRaGRFuASxdl2ZrD723ZNb66X/a9ebxTMr 
    6vVeskcaZpPlHzvgMOpiyDGwRvxn9yM5WB83zFDGT26Lihn/bKzLJXa+F2YNkLrT 
    JQIDAQAB 
    -----END PUBLIC KEY-----
    
  3. Display the account attributes for a cloud user.

    1. Create and send an AKM request using the DescribeAccountsRequest action. The appropriate hostname, cloud user, timestamp, and expires information must be provided:

      https://<username>:<password>@<EnterpriseControllerHostname>/akm/? Action=DescribeAccounts&Version=1&Timestamp=1330954619299&Expires=1330954919299

    2. Verify the account ID from the result returned from the previous AKM request. In this example, the account ID is ACC-0162da5a-5d25-4096-af59-3dd1de27cfad

      <result xsi:type="DescribeAccountsResult" requestId="803">
      <items>
      <account>ACC-0162da5a-5d25-4096-af59-3dd1de27cfad</account>
      <name>acc1</name>
      </items>
      <forUser><username></forUser>
      </result>
      
  4. Create the access key for a cloud user account.

    1. Register the public key created in step 2 by using the RegisterAccessKey action. Ensure that the data is represented as a single line. The following URL shows the HTTPS request to create an access key. The account used is the one from the DescribeAccount action used in step 3:

      https://<username>:<password>@<EnterpriseControllerHostname>/akm/?Action=RegisterAccessKey&Version=1&Timestamp=1330975344&Expires=1333975344&account=ACC-0162da5a-5d25-4096-af59-3dd1de27cfad&publicKey=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufVdjdp0MmOLbNypLVMWXfmhusawid4Wg4n4FZewSmoBEYA8f8wIA0SI87Shi7RtMcWsEoXvNNHA0wcJoA1RjyVLsI3rtrq0c0k7AxQSwb4UK/rSXW1NXxMh/mE7b3gdA6d9VuwIPnZJ5ZFQUZCLyhaAotLCdACrzbgzYXdqt+rstutT1AVkE2UAMcm5O3KnIoObZKb8JtepSt74A9RgVBkcCBjmKGfLNOL1KlZconkITm85TWKRaGRFuASxdl2ZrD723ZNb66X/a9ebxTMr6vVeskcaZpPlHzvgMOpiyDGwRvxn9yM5WB83zFDGT26Lihn/bKzLJXa+F2YNkLrTJQIDAQAB

    2. Verify the access key ID that was generated. The access key ID is part of the results returned from the RegisterAccessKey action. This access key ID is used for all IAAS requests for the account to authenticate the cloud user to the account. In this examples, the access key ID is AK_1.

      <result xsi:type="RegisterAccessKeyResult" requestId="1013"> 
      <accessKeyId>AK_1</accessKeyId> 
      </result>
      

A.5.2 Executing actions for an account

The following actions are explained in this section:

To execute these actions using the Web service, the access key ID and private key file obtained from the previous step.

A.5.2.1 Viewing All Available Virtual Networks

To view attributes of all available virtual networks for an account:

  1. Define the data to be signed by using the DescribeVnets action.

    Action=DescribeVnets&Version=1&AccessKeyId=AK_1

  2. Sign the data by using the WebUtil application.

    java WebUtil signature  privatekey.DER  "POST" "<EnterpriseControllerHostname>"  "Action=DescribeVnets&Version=1&accessKeyId=AK_1" signedData
    
  3. Get the signed data that is stored in the iaasPartRequest and signedData files.

    Content of the iaasPartRequest file: https://<EnterpriseControllerHostname>/iaas/?Action=DescribeVnets&Version=1&AccessKeyId=AK_1&Timestamp=1331058169938&Expires=1331058469938&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=

    Content of the signedData file: bj8GfJCqvPZZPU2JoWAGzZdCF+N767rQejILMQwNdgKLfoGGqAwDPRYMr/ghUoBc6RB3nKYgAyPdmtCfhzRGTqECgUWy0jCrE99+utGeeJ0/XRQ9LxyYeBgzjO3lHP+hFhUo+gUtQaSYPhUHH7eTkxg/CrolMxibglypJM/rIf90yEqSeqhphQt7hWxlT0DNAy6/cZt8isT/Tu8V7ZFjBFkEpLfN97bIOJ2vIIpOeetmftuw4ObtqjbUp6+7dpVkhhCQnX0MAIDj+mjorEOzcwK+F1pYuzES0fjaW0MowG+cA/9gttDjg7r5H29i3qbbjIlvAt6fk1HPpSxQTSTOTg==

  4. Append the signature to get the complete IAAS request, as show in the following example:

    https://<EnterpriseControllerHostname>/iaas/?Action=DescribeVnets&Version=1&AccessKeyId=AK_1&Timestamp=1331058169938&Expires=1331058469938&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=bj8GfJCqvPZZPU2JoWAGzZdCF+N767rQejILMQwNdgKLfoGGqAwDPRYMr/ghUoBc6RB3nKYgAyPdmtCfhzRGTqECgUWy0jCrE99+utGeeJ0/XRQ9LxyYeBgzjO3lHP+hFhUo+gUtQaSYPhUHH7eTkxg/CrolMxibglypJM/rIf90yEqSeqhphQt7hWxlT0DNAy6/cZt8isT/Tu8V7ZFjBFkEpLfN97bIOJ2vIIpOeetmftuw4ObtqjbUp6+7dpVkhhCQnX0MAIDj+mjorEOzcwK+F1pYuzES0fjaW0MowG+cA/9gttDjg7r5H29i3qbbjIlvAt6fk1HPpSxQTSTOTg==

    Note:

    The complete request to the Web service must be created as a single-line request.
  5. Send the complete IAAS request using the browser or the WGET utility. The result returned is similar to the following output:

    <result xsi:type="DescribeVnetsResult" requestId="102">
    <items>
    <id>VNET-6c774d08-d0a7-493b-9fa1-c93a80702f8d</id>
    <name>10.169.69.0/24</name>
    <description>OVM Discovered Network</description>
    <status>OK</status>
    <ipAddress>10.169.69.0/24</ipAddress>
    </items>
    </result>
    

A.5.2.2 Viewing Specific Virtual Networks by Using IDs

To use the virtual networks IDs to specify which virtual networks to display for an account:

  1. Define the data to be signed by using the DescribeVnets action.

    Action=DescribeVnets&Version=1&AccessKeyId=AK_1&ids.1=VNET-6c774d08-d0a7-493b-9fa1-c93a80702f8d

  2. Sign the data by using the WebUtil application.

    java WebUtil signature  privatekey.DER  "POST" "<EnterpriseControllerHostname>"  "Action=DescribeVnets&Version=1&AccessKeyId=AK_1&ids.1=VNET-6c774d08-d0a7-493b-9fa1-c93a80702f8d" signedData
    
  3. Get the signed data that is stored in the iaasPartRequest and signedData files.

    Content of the iaasPartRequest file: https://<EnterpriseControllerHostname>/iaas/?Action=DescribeVnets&Version=1&AccessKeyId=AK_1&ids.1=VNET-6c774d08-d0a7-493b-9fa1-c93a80702f8d&Timestamp=1331058449900&Expires=1331058749900&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=

    Content of the signedData file: B15A5WdQkIwTrlR/NDXbn1RFwWyBFAQFtZTfZ1jH8ftkRgvfwU93nxukpw23sHBdRvhzLuhyW2LWm90EIhZHd3H2x9s8D1wCAUFTsSAZoPuIlW40qn0sf9VTEXOlqwnxfray6eSGCcpHQWXaA+TjpCitzguoPmHa3LjGKECnbNuqJS15L8VuVfE6otaxyTBzmhH7iI7pBC8gcpomnDZhxZkAFaVT0TFf88epbJal5Yl6aTpptjlUNEz6jDhuV2Qaa3bI5OqnJc0PJgCkhuKU7un8us1JVEk/nf/or5RCBMmPGAluuILIfYBEe/euVUy7wQ00eyKPRuplZkORmVbFLg==

  4. Append the signature to get the complete IAAS request, as show in the following example:

    https://<EnterpriseControllerHostname>/iaas/?Action=DescribeVnets&Version=1&AccessKeyId=AK_1&ids.1=VNET-6c774d08-d0a7-493b-9fa1-c93a80702f8d&Timestamp=1331058449900&Expires=1331058749900&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=B15A5WdQkIwTrlR/NDXbn1RFwWyBFAQFtZTfZ1jH8ftkRgvfwU93nxukpw23sHBdRvhzLuhyW2LWm90EIhZHd3H2x9s8D1wCAUFTsSAZoPuIlW40qn0sf9VTEXOlqwnxfray6eSGCcpHQWXaA+TjpCitzguoPmHa3LjGKECnbNuqJS15L8VuVfE6otaxyTBzmhH7iI7pBC8gcpomnDZhxZkAFaVT0TFf88epbJal5Yl6aTpptjlUNEz6jDhuV2Qaa3bI5OqnJc0PJgCkhuKU7un8us1JVEk/nf/or5RCBMmPGAluuILIfYBEe/euVUy7wQ00eyKPRuplZkORmVbFLg==

    Note:

    The complete request to the Web service must be created as a single-line request.
  5. Send the complete IAAS request using the browser or WGET utility. The result returned is similar to the following output:

    <result xsi:type="DescribeVnetsResult" requestId="107">
    <items>
    <id>VNET-6c774d08-d0a7-493b-9fa1-c93a80702f8d</id>
    <name>10.169.69.0/24</name>
    <description>OVM Discovered Network</description>
    <status>OK</status>
    <ipAddress>10.169.69.0/24</ipAddress>
    </items>
    </result>
    

A.5.2.3 Viewing Specific Virtual Networks by Using Filters

To specify which virtual networks to display by using the name of the virtual network as filter:

  1. Define the data to be signed by using the DescribeVnets action:

    Action=DescribeVnets&Version=1&AccessKeyId=AK_1&filters.1.filterValue=privatevnet1&filters.1.filterName=name

  2. Sign the data by using the WebUtil application.

    java WebUtil signature  privatekey.DER  "POST" "<EnterpriseControllerHostname>"  "Action=DescribeVnets&Version=1&AccessKeyId=AK_1&filters.1.filterValue=privatevnet1&filters.1.filterName=name" signedData
    
  3. Get the signed data that is stored in the iaasPartRequest and signedData files.

    Content of the iaasPartRequest file: https://<EnterpriseControllerHostname>/iaas/?Action=DescribeVnets&Version=1&AccessKeyId=AK_1&filters.1.filterValue=privatevnet1&filters.1.filterName=name&Timestamp=1331058887344&Expires=1331059187344&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=

    Content of the signedData file: B15A5WdQkIwTrlR/NDXbn1RFwWyBFAQFtZTfZ1jH8ftkRgvfwU93nxukpw23sHBdRvhzLuhyW2LWm90EIhZHd3H2x9s8D1wCAUFTsSAZoPuIlW40qn0sf9VTEXOlqwnxfray6eSGCcpHQWXaA+TjpCitzguoPmHa3LjGKECnbNuqJS15L8VuVfE6otaxyTBzmhH7iI7pBC8gcpomnDZhxZkAFaVT0TFf88epbJal5Yl6aTpptjlUNEz6jDhuV2Qaa3bI5OqnJc0PJgCkhuKU7un8us1JVEk/nf/or5RCBMmPGAluuILIfYBEe/euVUy7wQ00eyKPRuplZkORmVbFLg==

  4. Append the signature to get the complete IAAS request, as show in the following example:

    https://<EnterpriseControllerHostname>/iaas/?Action=CreateVnet&Version=1&AccessKeyId=AK_1&name=privatevnetWebApi&Timestamp=1331058639019&Expires=1331058939019&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=B15A5WdQkIwTrlR/NDXbn1RFwWyBFAQFtZTfZ1jH8ftkRgvfwU93nxukpw23sHBdRvhzLuhyW2LWm90EIhZHd3H2x9s8D1wCAUFTsSAZoPuIlW40qn0sf9VTEXOlqwnxfray6eSGCcpHQWXaA+TjpCitzguoPmHa3LjGKECnbNuqJS15L8VuVfE6otaxyTBzmhH7iI7pBC8gcpomnDZhxZkAFaVT0TFf88epbJal5Yl6aTpptjlUNEz6jDhuV2Qaa3bI5OqnJc0PJgCkhuKU7un8us1JVEk/nf/or5RCBMmPGAluuILIfYBEe/euVUy7wQ00eyKPRuplZkORmVbFLg==

    Note:

    The complete request to the Web service must be created as a single-line request.
  5. Send the complete IAAS request using the browser or wget. The result returned is similar to the following output:

    <result xsi:type="DescribeVnetsResult" requestId="111"><items><id>VNET-8028fbfa-9e6f-4494-82c5-b35367340240</id><name>privatevnet1</name><description>privatevnet1</description><status>OK</status><ipAddress>192.168.0.0/24</ipAddress></items></result>
    

A.5.2.4 Creating a Private Virtual Network

To create a private virtual network for an account:

  1. Define the data to be signed by the using DescribeVnets action.

    Action=CreateVnet&Version=1&AccessKeyId=AK_1&name=privatevnetWebApi

  2. Sign the data by using the WebUtil application.

    java WebUtil signature  privatekey.DER  "POST" "<EnterpriseControllerHostname>"  "Action=CreateVnet&Version=1&AccessKeyId=AK_1&name=privatevnetWebApi" signedData
    
  3. Get the signed data that is stored in the iaasPartRequest and signedData files.

    Content of the iaasPartRequest file: https://<EnterpriseControllerHostname>/iaas/?Action=CreateVnet&Version=1&AccessKeyId=AK_1&name=privatevnetWebApi&Timestamp=1331058639019&Expires=1331058939019&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=

    Content of the signedData file: B15A5WdQkIwTrlR/NDXbn1RFwWyBFAQFtZTfZ1jH8ftkRgvfwU93nxukpw23sHBdRvhzLuhyW2LWm90EIhZHd3H2x9s8D1wCAUFTsSAZoPuIlW40qn0sf9VTEXOlqwnxfray6eSGCcpHQWXaA+TjpCitzguoPmHa3LjGKECnbNuqJS15L8VuVfE6otaxyTBzmhH7iI7pBC8gcpomnDZhxZkAFaVT0TFf88epbJal5Yl6aTpptjlUNEz6jDhuV2Qaa3bI5OqnJc0PJgCkhuKU7un8us1JVEk/nf/or5RCBMmPGAluuILIfYBEe/euVUy7wQ00eyKPRuplZkORmVbFLg==

  4. Append the signature to get the complete IAAS request, as show in the following example:

    https://<EnterpriseControllerHostname>/iaas/?Action=CreateVnet&Version=1&AccessKeyId=AK_1&name=privatevnetWebApi&Timestamp=1331058639019&Expires=1331058939019&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=B15A5WdQkIwTrlR/NDXbn1RFwWyBFAQFtZTfZ1jH8ftkRgvfwU93nxukpw23sHBdRvhzLuhyW2LWm90EIhZHd3H2x9s8D1wCAUFTsSAZoPuIlW40qn0sf9VTEXOlqwnxfray6eSGCcpHQWXaA+TjpCitzguoPmHa3LjGKECnbNuqJS15L8VuVfE6otaxyTBzmhH7iI7pBC8gcpomnDZhxZkAFaVT0TFf88epbJal5Yl6aTpptjlUNEz6jDhuV2Qaa3bI5OqnJc0PJgCkhuKU7un8us1JVEk/nf/or5RCBMmPGAluuILIfYBEe/euVUy7wQ00eyKPRuplZkORmVbFLg==

    Note:

    The complete request to the Web service must be created as a single-line request.
  5. Send the complete IAAS request using the browser or WGET utility. The result returned is similar to the following output:

    <result xsi:type="CreateVnetResult" requestId="109"><vnetId>VNET-7e33ee2e-d0f9-4b39-b8c9-32b8c8bfed87</vnetId></result>