Reply to Message

View discussion in a popup

Replying to:
vinubaby
Contributor
Contributor

SEC_E_INVALID_HANDLE error in InitializeClient() while trying to do LoginBySSPI()

I am trying to login to my VMware vSphere 4 server using the PowerCLI api.

The purpose of the project is to automatically take snapshot of the virtual machines. However the purpose is accomplished. But before moving to production, we had to change from Login() to LoginBySSPI() for enabling integrated login.

At this point, the problem arose. Whatever, I do it does not login, fromt he vmware forum i understood that the sspichallenge code should be sent again to be authenticated. When i do that it throws the SEC_E_INVALID_HANDLE error at the initializeClient() function.

code snippet is as follows

I get error in the InitializeClient() function when it is called the second time from the catch section,

in the first call to InitializeClient(), i get the clientToken of byte[55]

and then when i pass it to loginbysspi i get the sspichallenge exception, from which i get the base64token and again pass to the initializeclient() so that i can get the server token and eventually pass to the LoginbySSPI(), but this time it fails at

if (ss != SEC_E_OK && ss != SEC_I_CONTINUE_NEEDED)

{

throw new Exception("InitializeSecurityContext() failed!!!");

}

with ss = -2146893055

below is the code....
VimClient VMClient;
SessionManager sm;
private void button1_Click(object sender, EventArgs e)
{
try
{
VMClient = new VimClient();
VMClient.Connect("vmware", CommunicationProtocol.Https, 443);

var tokenString = Convert.ToBase64String(net.sf.vitfordotnet.mo.Sessionmanager.getToken());
DoLogin(tokenString);

sm = new SessionManager(VMClient, VMClient.ServiceContent.SessionManager);
sm.LoginBySSPI(tokenString, null);
}
catch (VMware.Vim.VimException ex)
{
var mf = ex.MethodFault;
// There was a challenge (response)!
if (mf is SSPIChallenge)
{
var sc = (SSPIChallenge)mf;
var st_b64 = sc.Base64Token;
byte[] st = null;
byte[] ct;
bool cc;
st = Convert.FromBase64String(st_b64);
// Complete the credentials acquisition, this time with
// the second part of the package.
var ch = new SSPIHelper();
ch.InitializeClient(out ct, st, out cc);
var ct_b64 = Convert.ToBase64String(ct);
DoLogin(ct_b64);
}
}
NameValueCollection filter = new NameValueCollection();
filter.Add("name", "^" + "CG001876" + "$");
VirtualMachine vm = (VirtualMachine)VMClient.FindEntityView(typeof(VirtualMachine), null, filter, null);
}
public void DoLogin(string tokenStr)
{
SessionManager sm = new SessionManager(VMClient, VMClient.ServiceContent.SessionManager);
UserSession us = sm.LoginBySSPI(tokenStr, null);
}

Reply
0 Kudos