13 Posts
0
5478
How to query VCE Vision /fm/systems using Powershell via REST API?
Hi all,
I am trying to use powershell to query Vision via REST API. Particularly, I am trying to export XML files via https:// :8443/fm/systems and then drill down my queries from there. I understand that in order to authenticate you need to do the following:
1. Get a TGT from https:// :8443/cas/v1/tickets
2. Get a ST from the TGT from https:// :8443/cas/v1/tickets
3. Get a jsessionid from https:// :8443/fm/auth
4. Finally connect to https:// :8443/fm/systems with the session cookies and cookie header.
However, I am not able to get step 4 to work, the core just won't accept the sessionid a valid authentication. Does anyone have a working script using powershell on VCE Vision core that works? The programmer's guide is really bad and it doesn't explain the authentication scheme at all. I have to decode that from the java script examples given in the guide. BTW, my version is 3.5 (yes, its old, I am waiting for upgrade)
Here is how my script works
#ignore cert errors
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
#Get TGT
$usr = "admin"
$pwd ="password"
$body = @{
username = $usr;
password= $pwd;
}
$ticketsrv = "https://core:8443/cas/v1/tickets"
$r = Invoke-WebRequest -Uri $ticketsrv -Method Post -ContentType "text/plain" -body $body
$r -match "TGT-.*vce.com"
$tgt = $Matches[0]
#get ST from TGT
$authsrv = "https://core:8443/fm/auth"
$tgtsrv = $ticketsrv + "/" + $tgt
$body2 = @{ service=$authsrv ;}
$head = @{"Accept"="application/xml"}
$st = Invoke-WebRequest -Uri $tgtsrv -Method Post -ContentType "text/plain" -body $body2
#now grab a jsessionid from the ST
$stsrv = $authsrv + "/?" + $st.content
$session = Invoke-WebRequest -Uri $stsrv -Method Get -SessionVariable cas -header $head
#now login to fm/systems with session cookie to grab the XML file
$jsession = $cas.cookies.getcookies($authsrv).value
$js = "JSESSIONID=" + $jsession
$head = @{"Accept"="application/xml";
"Cookie"=$js}
$request = "https://core:8443/fm/systems"
#this don't work, it won't authenticate
$response = Invoke-WebRequest -Uri $Request -Method Get -ContentType "application/xml" -Headers $head -websession $cas
kelvinw22
13 Posts
0
January 3rd, 2019 18:00
Looks like I answered my own question. Using this method works.
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy
$h = "https://visioncore:8443"
$usr = "admin"
$pwd ="password"
$request = $h + "/fm/systems"
$response = Invoke-WebRequest -Uri $main -Method Get -SessionVariable cas
$form = $response.Forms[0]
$form.fields.username = $usr
$form.fields.password = $pwd
$loginurl = $h + $form.action
$response = Invoke-WebRequest -Uri $loginurl -WebSession $cas -Body $form.fields -Method Post
$response = Invoke-RestMethod -Uri $request -WebSession $cas -method get -ContentType "application/xml"