3.2 How Do I Authenticate?

To gain access to Oracle VM Manager, a client must first authenticate successfully. The SOAP API has explicit login and logout calls for establishing an authenticated client session. The login method of the OvmApi class accepts the username, password and session parameters such as the user's locale.

It is important that the client maintains the session property across all subsequent calls by passing the appropriate session cookie information on subsequent requests. Many SOAP client implementations either do this automatically or can be configured to do so. The login method in the OvmWsSoapClient class provides an example of how to call the login method. The initialize method in that class provides an example of setting the SESSION_MAINTAIN_PROPERTY property to maintain the session across multiple API calls.

The SOAP API also has support for certificate-based authentication. As long as you have a valid certificate that is signed and registered either with the internal Oracle VM Manager CA certificate, or with a third-party CA for which your have imported the CA certificate into the Oracle VM Manager truststore, you can authenticate easily using your certificate instead of explicitly calling the login method. Signing and registering certificates against the internal Oracle VM Manager CA certificate can either be achieved using the provided certificate management tool, discussed in Setting up SSL on Oracle VM Manager in the Oracle VM Administrator's Guide; or can be achieved programmatically using the Oracle VM Manager Utilities SOAP endpoint discussed in Chapter 4, Additional Utilities Exposed in the WS-API.

If you choose to make use of certificate-based authentication, you do not need to call the login method. However, it is good practice to call the logout method when the application terminates, so that Oracle VM Manager can perform session termination and cleanup.