VMware {code} Community
rajagopalans
Contributor
Contributor
‎03-14-2022 11:18 AM

how does the remote plugin authenticate?

All

I was trying to understand how the remote plugin application works. I have the remote plugin running on a separate box, it is registered, the communication works fine etc.

I understand that the plugin is a SpringBootJava application, and is serving up the angular as static content.

However I notice that when I hit the plugin from vsphere UI, it is seemingly making a call to the local vsphere box to get the data to fill the iframe, like so. (ip and port obfuscated).

<iframe ng-src="/plugins/com.vmware.sample.remote~1.0.0/<ip>-<port>/sample-ui/index.html?view=entry-point&amp;locale=en_US" sandbox="allow-scripts allow-same-origin allow-forms" class="sandbox-iframe" src="/plugins/com.vmware.sample.remote~1.0.0/100.123.0.8-443/sample-ui/index.html?view=entry-point&amp;locale=en_US" style="display: block; box-sizing: border-box; width: 100%; height: 100%; border: 0px;"></iframe>

And looking at the plugin side, looks like vsphere is basically sending the same request (/sample-ui/index.html?view-entry-point) to the plugin server.

 

 

 

Labels (1)
Labels
Reply
0 Kudos
1 Reply
rajagopalans
Contributor
Contributor
‎03-15-2022 01:05 AM

I think I understand how this is working now.

The reason that the app was not loading when it was loaded from outside the vsphere is because it was trying to load up the the htmlclientsdk object from the vSphere window, which did not work because it was not in a vsphere window.

The plugin itself has no authentication. It is open to have its api used by anyone.

The only time that the plugin uses auth is to talk back to vsphere to duplicate sessions if necessary to access vpshere objects on behalf of the user.

Reply
0 Kudos