VMware Cloud Community
vinubaby
Contributor
Contributor

SEC_E_INVALID_HANDLE error in InitializeClient() while trying to do LoginBySSPI()

I am trying to login to my VMware vSphere 4 server using the PowerCLI api.

The purpose of the project is to automatically take snapshot of the virtual machines. However the purpose is accomplished. But before moving to production, we had to change from Login() to LoginBySSPI() for enabling integrated login.

At this point, the problem arose. Whatever, I do it does not login, fromt he vmware forum i understood that the sspichallenge code should be sent again to be authenticated. When i do that it throws the SEC_E_INVALID_HANDLE error at the initializeClient() function.

code snippet is as follows

I get error in the InitializeClient() function when it is called the second time from the catch section,

in the first call to InitializeClient(), i get the clientToken of byte 55

and then when i pass it to loginbysspi i get the sspichallenge exception, from which i get the base64token and again pass to the initializeclient() so that i can get the server token and eventually pass to the LoginbySSPI(), but this time it fails at

if (ss != SEC_E_OK && ss != SEC_I_CONTINUE_NEEDED) { throw new Exception("InitializeSecurityContext() failed!!!"); } with ss = -2146893055

below is the code....

VimClient VMClient;
SessionManager sm;
private void button1_Click(object sender, EventArgs e)
{
try
{
VMClient = new VimClient();
VMClient.Connect("vmware", CommunicationProtocol.Https, 443);

var tokenString = Convert.ToBase64String(net.sf.vitfordotnet.mo.Sessionmanager.getToken());
DoLogin(tokenString);

sm = new SessionManager(VMClient, VMClient.ServiceContent.SessionManager);
sm.LoginBySSPI(tokenString, null);
}
catch (VMware.Vim.VimException ex)
{
var mf = ex.MethodFault;
// There was a challenge (response)!
if (mf is SSPIChallenge)
{
var sc = (SSPIChallenge)mf;
var st_b64 = sc.Base64Token;
byte[] st = null;
byte[] ct;
bool cc;
st = Convert.FromBase64String(st_b64);
// Complete the credentials acquisition, this time with
// the second part of the package.
var ch = new SSPIHelper();
ch.InitializeClient(out ct, st, out cc);
var ct_b64 = Convert.ToBase64String(ct);
DoLogin(ct_b64);
}
}
NameValueCollection filter = new NameValueCollection();
filter.Add("name", "^" + "CG001876" + "$");
VirtualMachine vm = (VirtualMachine)VMClient.FindEntityView(typeof(VirtualMachine), null, filter, null);
}
public void DoLogin(string tokenStr)
{
SessionManager sm = new SessionManager(VMClient, VMClient.ServiceContent.SessionManager);
UserSession us = sm.LoginBySSPI(tokenStr, null);
}

Reply
0 Kudos
7 Replies
LucD
Leadership
Leadership

Are you sure this post was intended for the PowerCLI community ?

It's mostly PowerShell users over here.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
Zsoldier
Expert
Expert

This looks like it should be posted under the developer forum. This group has mostly powershell users.

K. Chris Nakagaki (Zsoldier)

Chris Nakagaki (中垣浩一)
Blog: https://tech.zsoldier.com
Twitter: @zsoldier
Reply
0 Kudos
vinubaby
Contributor
Contributor

i was told by lamv in my old post

The PowerCLI forum is located at: vSphere PowerCLI
The forum you're currently posting in is vCLI

Are you sure this post was intended for the PowerCLI community ?

It's mostly PowerShell users over here.

Reply
0 Kudos
Zsoldier
Expert
Expert

I guess the more valid question is "what are you writing your code in?" To me it looks like your programming directly against the API.

K. Chris Nakagaki (Zsoldier)

http://tech.zsoldier.com

Chris Nakagaki (中垣浩一)
Blog: https://tech.zsoldier.com
Twitter: @zsoldier
Reply
0 Kudos
vinubaby
Contributor
Contributor

sorry i didnt get you Chris

I guess the more valid question is "what are you writing your code in?" To me it looks like your programming directly against the API.

K. Chris Nakagaki (Zsoldier)

http://tech.zsoldier.com

Reply
0 Kudos
Zsoldier
Expert
Expert

I'm asking what programming language are you using? To me it seems you would have better luck posting to one of the developer forums.

http://communities.vmware.com/community/developer/forums

K. Chris Nakagaki (Zsoldier)

Chris Nakagaki (中垣浩一)
Blog: https://tech.zsoldier.com
Twitter: @zsoldier
Reply
0 Kudos
vinubaby
Contributor
Contributor

Thanks Chris, i have posted in the developer forums

am i supposed to delete this post? or will moderators do that for me...?

Reply
0 Kudos