11:11 a.m.
Hello guys,
I've created a plugin for Hudson (CI) to manage virtmachines using
libvirt java (start vm for a build and stop just after).
I've just a problem in authentication, in fact I cannot send uname and
password using code, libvirt ask me for the credentials on CLI.
someone could explain me How I can use authentican or where I can find
an usage guide or example?
Thanks a lot
Bye
Marco
12:03 p.m.
2010/3/3 Marco Mornati <mmornati(a)byte-code.com>:
Hello guys,
I've created a plugin for Hudson (CI) to manage virtmachines using libvirt
java (start vm for a build and stop just after).
I've just a problem in authentication, in fact I cannot send uname and
password using code, libvirt ask me for the credentials on CLI. someone
could explain me How I can use authentican or where I can find an usage
guide or example?
Thanks a lot
Bye
Marco
You have to use virConnectOpenAuth to open a connection and provide an
authentication callback.
I have no Java example at hand but you can look at the
examples/python/esxlist.py Python script for an example how to provide
an authentication callback.
Also see the ConnectAuth and ConnectAuthDefault classes in the Java bindings.
Matthias
12:16 p.m.
Il giorno 03/mar/2010, alle ore 19.03, Matthias Bolte <matthias.bolte(a)googlemail.com
ha scritto:
2010/3/3 Marco Mornati <mmornati(a)byte-code.com>:
> Hello guys,
>
> I've created a plugin for Hudson (CI) to manage virtmachines using
> libvirt
> java (start vm for a build and stop just after).
>
> I've just a problem in authentication, in fact I cannot send uname
> and
> password using code, libvirt ask me for the credentials on CLI.
> someone
> could explain me How I can use authentican or where I can find an
> usage
> guide or example?
>
> Thanks a lot
> Bye
> Marco
>
You have to use virConnectOpenAuth to open a connection and provide an
authentication callback.
I have no Java example at hand but you can look at the
examples/python/esxlist.py Python script for an example how to provide
an authentication callback.
Also see the ConnectAuth and ConnectAuthDefault classes in the Java
bindings.
Yes I've already take a look to Java sources but there is nothing
useful there.
I'll try looking to python class.
What I don't know now is if the credentials work in the same way if I
need to connect using ssh:
Xen+ssh://host/system
Is it the same?
Thanks Again
Bye
Marco
Matthias
12:56 p.m.
I tried to modify the python esx script to provide authentication
(without asking to user) and it doesn't work!!
Any other idea?
Bye
Marco
Il giorno 03/mar/2010, alle ore 19.03, Matthias Bolte <matthias.bolte(a)googlemail.com
ha scritto:
2010/3/3 Marco Mornati <mmornati(a)byte-code.com>:
> Hello guys,
>
> I've created a plugin for Hudson (CI) to manage virtmachines using
> libvirt
> java (start vm for a build and stop just after).
>
> I've just a problem in authentication, in fact I cannot send uname
> and
> password using code, libvirt ask me for the credentials on CLI.
> someone
> could explain me How I can use authentican or where I can find an
> usage
> guide or example?
>
> Thanks a lot
> Bye
> Marco
>
You have to use virConnectOpenAuth to open a connection and provide an
authentication callback.
I have no Java example at hand but you can look at the
examples/python/esxlist.py Python script for an example how to provide
an authentication callback.
Also see the ConnectAuth and ConnectAuthDefault classes in the Java
bindings.
Matthias
1:33 p.m.
2010/3/3 Marco Mornati <mmornati(a)byte-code.com>:
I tried to modify the python esx script to provide authentication
(without
asking to user) and it doesn't work!!
Any other idea?
Bye
Marco
Il giorno 03/mar/2010, alle ore 19.03, Matthias Bolte
<matthias.bolte(a)googlemail.com> ha scritto:
> 2010/3/3 Marco Mornati <mmornati(a)byte-code.com>:
>>
>> Hello guys,
>>
>> I've created a plugin for Hudson (CI) to manage virtmachines using
>> libvirt
>> java (start vm for a build and stop just after).
>>
>> I've just a problem in authentication, in fact I cannot send uname and
>> password using code, libvirt ask me for the credentials on CLI. someone
>> could explain me How I can use authentican or where I can find an usage
>> guide or example?
>>
>> Thanks a lot
>> Bye
>> Marco
>>
>
> You have to use virConnectOpenAuth to open a connection and provide an
> authentication callback.
>
> I have no Java example at hand but you can look at the
> examples/python/esxlist.py Python script for an example how to provide
> an authentication callback.
>
> Also see the ConnectAuth and ConnectAuthDefault classes in the Java
> bindings.
>
> Matthias
Ah, the authentication callback is used for hypervisor level
authentication. You cannot provide credentials for SSH transport level
authentication through the libvirt API. You'll need to setup the SSL
certificates properly to enable automatic SSH login if you don't want
to be prompted for the SSH credentials.
Matthias
1:44 p.m.
Ah, the authentication callback is used for hypervisor level
authentication. You cannot provide credentials for SSH transport level
authentication through the libvirt API. You'll need to setup the SSL
certificates properly to enable automatic SSH login if you don't want
to be prompted for the SSH credentials.
Matthias
Ohh... ok... it's not really what I want (because I could have many
different machines to configure).
Reading to libvirt sources (the c file) it seams that auth callbacks
should be used also for the ssh code (inside openSSHSession method):
virConnectCredential creds[] = {
{VIR_CRED_PASSPHRASE, "password", "Password", NULL, NULL,
0},
};
if (!auth || !auth->cb) {
PHYP_ERROR(conn, VIR_ERR_AUTH_FAILED,
"%s", _("No authentication callback
provided."));
goto disconnect;
}
maybe in some way it's possible to use ssh too with auth (I don't know
but I want to try).
Anyway, Matt, if I expose libvirt over tcp can I use it directly with
provided callbacks?
Thanks a lot
Bye
Marco
--
Dott. Ing. Mornati Marco
Byte-Code s.r.l
via Antonio Cechov, 1
San Giuliano Milanese (MI)
E-Mail: mmornati(a)byte-code.com
3:47 p.m.
2010/3/3 Marco Mornati <mmornati(a)byte-code.com>:
> Ah, the authentication callback is used for hypervisor level
> authentication. You cannot provide credentials for SSH transport level
> authentication through the libvirt API. You'll need to setup the SSL
> certificates properly to enable automatic SSH login if you don't want
> to be prompted for the SSH credentials.
>
> Matthias
Ohh... ok... it's not really what I want (because I could have many
different machines to configure).
Reading to libvirt sources (the c file) it seams that auth callbacks
should be used also for the ssh code (inside openSSHSession method):
virConnectCredential creds[] = {
{VIR_CRED_PASSPHRASE, "password", "Password", NULL, NULL,
0},
};
if (!auth || !auth->cb) {
PHYP_ERROR(conn, VIR_ERR_AUTH_FAILED,
"%s", _("No authentication callback
provided."));
goto disconnect;
}
maybe in some way it's possible to use ssh too with auth (I don't know
but I want to try).
Anyway, Matt, if I expose libvirt over tcp can I use it directly with
provided callbacks?
Thanks a lot
Bye
Marco
Don't mixup the internal of the IBM Power Hypervisor (phyp) driver and
the libvirt remote transport mechanisms. The phyp driver uses libssh2
internally and relies on the auth callback to let the user provide
credentials. This in not in any way related to the libvirt remote
transport mechanisms.
As I said before, the auth callback you can pass to virConnectOpenAuth
is not used for the libvirt SSH remote transport authentication. The
same it true for the TCP transport, it uses SASL for authentication by
default.
Matthias
midnight
>
>
Don't mixup the internal of the IBM Power Hypervisor (phyp) driver and
the libvirt remote transport mechanisms. The phyp driver uses libssh2
internally and relies on the auth callback to let the user provide
credentials. This in not in any way related to the libvirt remote
transport mechanisms.
As I said before, the auth callback you can pass to virConnectOpenAuth
is not used for the libvirt SSH remote transport authentication. The
same it true for the TCP transport, it uses SASL for authentication by
default.
Ok thanks a lot. In fact I reached my goal just exchanging ssh key
between my nodes.
It's so strange that nothing was previewed to provide password for the
ssh connection :|
Thanks
Bye
Marco
Matthias
3:08 p.m.
On 03/03/2010 12:11 PM, Marco Mornati wrote:
Hello guys,
I've created a plugin for Hudson (CI) to manage virtmachines using
libvirt java (start vm for a build and stop just after).
I've just a problem in authentication, in fact I cannot send uname and
password using code, libvirt ask me for the credentials on CLI. someone
could explain me How I can use authentican or where I can find an usage
guide or example?
Thanks a lot
Bye
Marco
Check out this test class:
http://libvirt.org/git/?p=libvirt-java.git;a=blob;f=src/test/java/test.ja...
It shows how the ConnectAuthDefault class is used. You need to create a
new class which implements ConnectAuth and pass it in.
-- bk
5425
days inactive
5426
days old
8 comments
3 participants
participants (3)
-
Bryan Kearney -
Marco Mornati -
Matthias Bolte