Start a Conversation

Solved!

Go to Solution

1 Rookie

 • 

13 Posts

5492

December 26th, 2018 23:00

How to query VCE Vision /fm/systems using Powershell via REST API?

Hi all,

I am trying to use powershell to query Vision via REST API. Particularly, I am trying to export XML files via https:// :8443/fm/systems and then drill down my queries from there. I understand that in order to authenticate you need to do the following:

1. Get a TGT from https:// :8443/cas/v1/tickets

2. Get a ST from the TGT from https:// :8443/cas/v1/tickets

3. Get a jsessionid from https:// :8443/fm/auth

4. Finally connect to https:// :8443/fm/systems with the session cookies and cookie header.


However, I am not able to get step 4 to work, the core just won't accept the sessionid a valid authentication. Does anyone have a working script using powershell on VCE Vision core that works? The programmer's guide is really bad and it doesn't explain the authentication scheme at all. I have to decode that from the java script examples given in the guide. BTW, my version is 3.5 (yes, its old, I am waiting for upgrade)


Here is how my script works


#ignore cert errors

add-type @"

        using System.Net;

        using System.Security.Cryptography.X509Certificates;

        public class TrustAllCertsPolicy : ICertificatePolicy {

            public bool CheckValidationResult(

                ServicePoint srvPoint, X509Certificate certificate,

                WebRequest request, int certificateProblem) {

                return true;

            }

        }

"@

    [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy

#Get TGT

$usr = "admin"
$pwd ="password"

$body = @{
   username = $usr;
   password= $pwd;
}

$ticketsrv = "https://core:8443/cas/v1/tickets"

$r = Invoke-WebRequest -Uri $ticketsrv -Method Post -ContentType "text/plain" -body $body
$r -match "TGT-.*vce.com"
$tgt = $Matches[0]


#get ST from TGT

$authsrv = "https://core:8443/fm/auth"
$tgtsrv = $ticketsrv + "/" + $tgt

$body2 = @{ service=$authsrv ;}
$head = @{"Accept"="application/xml"}

$st = Invoke-WebRequest -Uri $tgtsrv -Method Post -ContentType "text/plain" -body $body2

#now grab a jsessionid from the ST

$stsrv = $authsrv + "/?" + $st.content

$session = Invoke-WebRequest -Uri $stsrv -Method Get -SessionVariable cas -header $head

#now login to fm/systems with session cookie to grab the XML file

$jsession = $cas.cookies.getcookies($authsrv).value
$js = "JSESSIONID=" + $jsession
$head = @{"Accept"="application/xml";
                     "Cookie"=$js}

$request = "https://core:8443/fm/systems"

#this don't work, it won't authenticate

$response = Invoke-WebRequest -Uri $Request -Method Get -ContentType "application/xml" -Headers $head -websession $cas

1 Rookie

 • 

13 Posts

January 3rd, 2019 18:00

Looks like I answered my own question. Using this method works.

add-type @"

        using System.Net;

        using System.Security.Cryptography.X509Certificates;

        public class TrustAllCertsPolicy : ICertificatePolicy {

            public bool CheckValidationResult(

                ServicePoint srvPoint, X509Certificate certificate,

                WebRequest request, int certificateProblem) {

                return true;

            }

        }

"@

    [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy

$h = "https://visioncore:8443"

$usr = "admin"

$pwd ="password"

$request = $h + "/fm/systems"

$response = Invoke-WebRequest -Uri $main -Method Get -SessionVariable cas

$form = $response.Forms[0]

$form.fields.username = $usr

$form.fields.password = $pwd

$loginurl = $h + $form.action

$response = Invoke-WebRequest -Uri $loginurl -WebSession $cas -Body $form.fields -Method Post

$response = Invoke-RestMethod -Uri $request -WebSession $cas -method get  -ContentType "application/xml"

No Events found!

Top