1. How you are retrieving the sessionkey with your mysqlquery? 2. I believe you are using Authentication Port 8080. If yes, below is the POST url along with params for login cmd. This should give the sessionkey for your further communication with CS.
Request: http://localhost:8080/client/api command login domain / password password response json username abc Response: { "loginresponse" : { "timeout" : "1800", "sessionkey" : "tBr9fYLiIzoKVPQK0TBJb1BCeoQ=", "username" : "admin", "registered" : "false", "userid" : "ce801a0a-6d58-11e3-924d-7ac46bc9b016", "lastname" : "User", "account" : "admin", "domainid" : "ce7c8c82-6d58-11e3-924d-7ac46bc9b016", "firstname" : "Admin", "type" : "1" } } 3. If you are using UnAuthenticated Port 8096 to communicate, you need to use apiKey,signature and command parameters with your POST request to CS. Santhosh ________________________________________ From: Salar Darwish [salardarw...@gmail.com] Sent: Wednesday, December 25, 2013 4:22 AM To: users@cloudstack.apache.org; Santhosh Edukulla Subject: Re: password hash Dear Santhosh, I do not use the login api . I use a mysql query to login into the web interface. when i use the password from the database(hashed) i can login with no problems. i tried to encrypt the password query i am sending to the database to MD5 but still can not login. after your mail i tried to use the login api but i get the folowing error: "{ \"error\" : { \"description\" : \"Internal Server Error\" } }" 2013/12/25 Santhosh Edukulla <santhosh.eduku...@citrix.com<mailto:santhosh.eduku...@citrix.com>> 1. you are using "login" command to verify your account created through "createAccount"? 2. The API description for "login" mentions below. See the description for argument password. <command> <name>login</name> <description>Logs a user into the CloudStack. A successful login attempt will generate a JSESSIONID cookie value that can be passed in subsequent Query command calls until the "logout" command has been issued or the session has expired.</description> <isAsync>false</isAsync> <request> <arg> <name>username</name> <description>Username</description> <required>true</required> </arg> <arg> <name>password</name> <description>Hashed password (Default is MD5). If you wish to use any other hashing algorithm, you would need to write a custom authentication adapter See Docs section.</description> <required>true</required> </arg> <arg> <name>domain</name> <description>path of the domain that the user belongs to. Example: domain=/com/cloud/internal. If no domain is passed in, the ROOT domain is assumed.</description> <required>false</required> </arg> <arg> <name>domainId</name> <description>id of the domain that the user belongs to. If both domain and domainId are passed in, "domainId" parameter takes precendence</description> <required>false</required> </arg> </request> 3. What happens if you just pass the password as it is to "login" cmd? This is what got captured in firebug, when i logged in to CS. Here, password is "password" for account "abc". command login domain / password password response json username abc Santhosh ________________________________________ From: Salar Darwish [salardarw...@gmail.com<mailto:salardarw...@gmail.com>] Sent: Tuesday, December 24, 2013 3:51 PM To: users@cloudstack.apache.org<mailto:users@cloudstack.apache.org> Subject: password hash Hello all, I have a php web interface and i related the interface to the cloudstack database with the creataccount api. Now i am getting problems when I try to log in to this web interface.it<http://interface.it> seems to be a hash problem. I am hashing the password as below: $password = hash(sha256 ,$_POST['password']); but still can not login. Is this the right hash algorithm i am using? Kind regards and merry christmas! *Salar* -- Met vriendelijke groet, Salar Darwish
