This section provides a description of the information contained in a typical request to the Web service. This section describes both types of requests:
Lists the parameters of an AKM request to the Web service.
The following URL shows the information required in a typical access key management (AKM) request to the Web service:
https://USER:PASSWORD@HOST/akm/?REQUEST_DATA
Name | Description |
---|---|
USER |
Cloud user name |
PASSWORD |
Cloud user password |
HOST |
IP address or fully qualified host name |
REQUEST_DATA |
The request data is made of a series of name=value parameters separated by an ampersand (&). |
The parameters required as part of the REQUEST_DATA depend on the value used for the AKM action. However, a set of common parameters is required for every AKM request.
The following table shows the required parameters for the REQUEST_DATA in every AKM request. Example A-1 shows how these parameters appear in a complete request.
Name | Description |
---|---|
Action |
One of the AKM actions. See RegisterAccessKeyRequest, DescribeAccessKeysRequest, DeleteAccessKeyRequest, and DescribeAccountsRequest actions for a complete description and extra parameters for each AKM action. |
Version |
1 |
Timestamp |
Timestamp in milliseconds since January 1, 1970 |
Expires |
Expiry date in milliseconds (ms) since January 1, 1970 must be greater than the timestamp field. A 300000 ms difference between the two values must be enough. |
Example A-1 Complete AKM Request
https://<username>:<password>@<EnterpriseControllerHostname>/akm/?Action= DescribeAccounts&Version=1&Timestamp=1330954619299&Expires=1330954919299
The following URL shows the information required in a typical infrastructure as a service (IAAS) request to the Web service:
https://HOST/iaas/?REQUEST_IAAS_DATA&SIGNATURE_BLOCK
Name | Description |
---|---|
HOST |
IP address or fully qualified host name |
REQUEST_IAAS_DATA |
The request IAAS data is a series of name=value parameters separated by an ampersand (&). |
SIGNATURE_BLOCK |
The signature block is a series of name=value parameters separated by an ampersand (&). |
The parameters required as part of the REQUEST_IAAS_DATA depend on the value used for the IAAS action. However, a set of common parameters is required for every IAAS request.
The following table shows the common required parameters for the REQUEST_IAAS_DATA in every IAAS request. Example A-2 show how these parameter appears in a complete specification for REQUEST_IAAS_DATA.
Name | Description |
---|---|
Action |
One of the IAAS actions. See "List of Actions" on page , for a complete list of IAAS actions and extra parameters for each IAAS action. |
Version |
1 |
Timestamp |
Timestamp in milliseconds since January 1, 1970 |
Expires |
Expiry date in milliseconds (ms) since January 1, 1970 must be greater than the timestamp field. A 300000 ms difference between the two values must be enough. |
accessKeyId |
The value returned by the AKM RegisterAccessKeyRequest action. |
Example A-2 Sample REQUEST_IAAS_DATA Specification
Action= DescribeVnets&Version=1&Timestamp=1330954619299&Expires=1330954919299&accessKeyId=AK_1
The signature block consists of signing some IAAS data with a private key so that the Web service can authenticate the request. The Web server should be able to verify the signature with the public key registered with the RegisterAccessKeyRequest action.
The following table shows the series of name=value parameters that conform the specification for the SIGNATURE_BLOCK. These parameters are separated by the ampersand(&). Example A-3 shows a complete specification for a SIGNATURE_BLOCK sample.
Name | Description |
---|---|
SignatureVersion |
1 |
SignatureMethod |
SHA512withRSA. This is the only method supported. |
Signature |
Encoded Hash value of the data to be signed. See "IAAS Data Used for Signature" for a complete description of the Signature field. |
Example A-3 Sample SIGNATURE_BLOCK Specification
SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=bj8GfJCqvPZZPU2JoWAGzZdCF+N767rQejILMQwNdgKLfoGGqAwDPRYMr/ghUoBc6RB3nKYgAyPdmtCfhzRGTqECgUWy0jCrE99+utGeeJ0/XRQ9LxyYeBgzjO3lHP+hFhUo+gUtQaSYPhUHH7eTkxg/CrolMxibglypJM/rIf90yEqSeqhphQt7hWxlT0DNAy6/cZt8isT/Tu8V7ZFjBFkEpLfN97bIOJ2vIIpOeetmftuw4ObtqjbUp6+7dpVkhhCQnX0MAIDj+mjorEOzcwK+F1pYuzES0fjaW0MowG+cA/9gttDjg7r5H29i3qbbjIlvAt6fk1HPpSxQTSTOTg==
The following table shows the required information to generate the encoded hash value of the signature for an IAAS request. This data needs to be signed and base64 encoded. Example A-4 shows a complete data set of the IAAS data used for generating a signature. Example A-5 shows a Java representation of the IAAS data to sign.
Name | Description |
---|---|
Http Request type |
POST |
HostName |
IP address or fully qualified host name |
Base URL of the Web service |
iaas |
REQUEST_IAAS_DATA |
The request data is made of a series of name=value parameters separated by an ampersand (&). See also "REQUEST_IAAS_DATA Specification". |
Example A-4 Example of the IAAS Data to Sign
A"\n"
is required between every field.
POST <EnterpriseControllerHostname> /iaas/ Action= DescribeAccounts&Version=1&Timestamp=1330954619299&Expires=1330954919299
Example A-5 Java Representation of the Data to Sign
StringBuilder message = new StringBuilder();Message.setLength(0);message.append("POST").append("\n");message.append("<EnterpriseControllerHostname>") .append("\n");message.append("/iaas/").append("\n");message.append("Action= DescribeVnets&Version=1&Timestamp=1330954619299&Expires=1330954919299&accessKeyId=AK_1").append("\n");
See "Examples of Web Service Requests", for an example of generating an IAAS requests with signed data.