VMware {code} Community
erikDoesStorage
Enthusiast
Enthusiast
‎02-26-2019 11:16 AM

Secure a plugin's REST API and UI

I have come across an issue with our plugin's REST API endpoints and UI being accessible from outside of the VSPhere environment and am thinking there must be a way to secure them with perhaps some kind of web.xml or other configuration change since this must be a fairly common concern for all plugins.

To get more specific, our plugin deploys the server side jar file and presents various rest apis, for example https://myserver/my-war-name/rest/getStuff .  I can hit the getStuff endpoint outside of the vsphere environment from a browser window, both one that is logged into the vsphere sever/client and from another browser that isn't.  To clarify a bit more, from the SDK samples, it would be the ability to hit the /list endpoint in the ChassisController.java file.  I don't see any mechanism in the samples that  is securing those endpoints.

So the question is if there is a VSphere pattern/mechanism for better securing these REST endpoints (and access to other parts of our plugin such as the angular/clarity UI portions)?

0 Kudos
3 Replies
_vladi_
VMware Employee
VMware Employee
‎02-27-2019 01:52 AM

Hi Erik,

Good question!

This is currently not covered by the platform out of the box. Plugin-side you could do authorization checks within the plugin controllers.

We will be looking into ways to improve on this in the future. Thanks for the input!

Cheers,

Vladimir

0 Kudos
erikDoesStorage
Enthusiast
Enthusiast
‎02-28-2019 11:19 PM

I am thinking that a filter added to our web.xml file that would check for a valid UserSession could be used to protect our Rest API endpoints.  

I tried a couple of experiments of adding a filter to our plugin's web.xml file but when I do so, our plugin fails to deploy with the stack trace shown down below.

Are there any examples of this type of filter being applied to a plugin?  I have not been able to find one in my searches of the VMWare forums or documents or examples.  Or if not is there some kind of clue in the stack trace below as to what is going wrong?

Thanks.

============

[2019-01-25T19:17:57.700Z] [INFO ] sync Event Dispatcher Thread  org.eclipse.virgo.nano.core.internal.BundleStartTracker           Recording created application context for bundle 'com.company-1.0-com.company.vcp.company-dataservice_1.0 [383]' 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        Jan 25, 2019 7:17:57 PM opId.logger logInvocationCompletion 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        SEVERE: Invocation of 'void com.vmware.vim.binding.vim.event.EventManager.postEvent(com.vmware.vim.binding.vim.event.Event,com.vmware.vim.binding.vim.TaskInfo,com.vmware.vim.vmomi.core.Future)' for https://ej-lm-vc1.hostint.eng:443/sdk (guid=8937fec1-c168-4963-82f4-c1e4b7936886, id=3000001) for opId '2126fa34-4d04-4db3-a804-ac5555873bad-25-h5c' failed in 10 ms, local host:port=127.0.0.1:60816, remote host:port=ej-lm-vc1.hostint.eng:443 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        (vim.fault.NoPermission) { 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                           faultCause = null, 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                           faultMessage = null, 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                           object = ManagedObjectReference: type = Folder, value = group-d1, serverGuid = 8937fec1-c168-4963-82f4-c1e4b7936886, 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                           privilegeId = Global.LogEvent 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        } 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at java.lang.reflect.Constructor.newInstance(Constructor.java:423) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at java.lang.Class.newInstance(Class.java:442) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.types.impl.ComplexTypeImpl.newInstance(ComplexTypeImpl.java:174) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.types.impl.DefaultDataObjectFactory.newDataObject(DefaultDataObjectFactory.java:25) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.ComplexStackContext.<init>(ComplexStackContext.java:30) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl$UnmarshallSoapFaultContext.parse(UnmarshallerImpl.java:150) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl$UnmarshallSoapFaultContext.unmarshall(UnmarshallerImpl.java:101) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl.unmarshalSoapFault(UnmarshallerImpl.java:88) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl.unmarshalSoapFault(UnmarshallerImpl.java:83) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.SoapFaultStackContext.setValue(SoapFaultStackContext.java:40) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.ResponseUnmarshaller.processNextElement(ResponseUnmarshaller.java:127) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.ResponseUnmarshaller.unmarshal(ResponseUnmarshaller.java:70) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.ResponseImpl.unmarshalResponse(ResponseImpl.java:274) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.ResponseImpl.setResponse(ResponseImpl.java:230) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.http.impl.HttpExchangeBase.parseResponse(HttpExchangeBase.java:156) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.http.impl.HttpAsyncExchange$1$2.run(HttpAsyncExchange.java:128) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.impl.BlockingFuture.executeRunnable(BlockingFuture.java:150) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.impl.BlockingFuture.get(BlockingFuture.java:72) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl$RetryingFuture.get(MethodInvocationHandlerImpl.java:548) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl$CallExecutor.executeCall(MethodInvocationHandlerImpl.java:618) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl.completeCall(MethodInvocationHandlerImpl.java:360) 

[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl.invokeOperation(MethodInvocationHandlerImpl.java:311) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl.invoke(MethodInvocationHandlerImpl.java:184) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.sun.proxy.$Proxy744.postEvent(Unknown Source) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at java.lang.reflect.Method.invoke(Method.java:498) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.commons.vcservice.impl.VcServiceImpl$ManagedObjectHandler.invoke(VcServiceImpl.java:2118) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.sun.proxy.$Proxy745.postEvent(Unknown Source) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.extension.VcExtensionManager.postVcEvent(VcExtensionManager.java:631) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.extension.VcExtensionManager.addPackages(VcExtensionManager.java:497) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.extension.VcExtensionManager.addPackages(VcExtensionManager.java:331) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.extension.VcPluginPackageManager.deployAsSolutionUser(VcPluginPackageManager.java:164) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.extension.VcPluginPackageManager.deployNewPackages(VcPluginPackageManager.java:97) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.extension.VcExtensionManager.deployNewPackages(VcExtensionManager.java:77) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.extensionfw.ExtensionManager.deployNewPackages(ExtensionManager.java:443) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.extensionfw.impl.ExtensionServiceImpl.deployNewPackages(ExtensionServiceImpl.java:199) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.extensionfw.impl.ExtensionBundleActivator$1.deployCompleted(ExtensionBundleActivator.java:87) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.extensionfw.impl.CorePluginsDeploymentActivator$1.run(CorePluginsDeploymentActivator.java:62) 

[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at java.lang.Thread.run(Thread.java:748) 

[2019-01-25T19:19:59.058Z] [ERROR] cm-catalog-manager-pool-25    System.err                                                        Jan 25, 2019 7:19:59 PM com.vmware.vise.vim.lookup.LsCatalogManager retryUntil 

 
[2019-01-25T19:17:57.700Z] [INFO ] sync Event Dispatcher Thread  org.eclipse.virgo.nano.core.internal.BundleStartTracker           Recording created application context for bundle 'com.solidfire-4.3-com.solidfire.vcp.solidfire-dataservice_4.3.0.SNAPSHOT [383]' 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        Jan 25, 2019 7:17:57 PM opId.logger logInvocationCompletion 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        SEVERE: Invocation of 'void com.vmware.vim.binding.vim.event.EventManager.postEvent(com.vmware.vim.binding.vim.event.Event,com.vmware.vim.binding.vim.TaskInfo,com.vmware.vim.vmomi.core.Future)' for https://ej-lm-vc1.hostint.eng:443/sdk (guid=8937fec1-c168-4963-82f4-c1e4b7936886, id=3000001) for opId '2126fa34-4d04-4db3-a804-ac5555873bad-25-h5c' failed in 10 ms, local host:port=127.0.0.1:60816, remote host:port=ej-lm-vc1.hostint.eng:443 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        (vim.fault.NoPermission) { 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                           faultCause = null, 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                           faultMessage = null, 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                           object = ManagedObjectReference: type = Folder, value = group-d1, serverGuid = 8937fec1-c168-4963-82f4-c1e4b7936886, 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                           privilegeId = Global.LogEvent 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        } 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at java.lang.reflect.Constructor.newInstance(Constructor.java:423) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at java.lang.Class.newInstance(Class.java:442) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.types.impl.ComplexTypeImpl.newInstance(ComplexTypeImpl.java:174) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.types.impl.DefaultDataObjectFactory.newDataObject(DefaultDataObjectFactory.java:25) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.ComplexStackContext.<init>(ComplexStackContext.java:30) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl$UnmarshallSoapFaultContext.parse(UnmarshallerImpl.java:150) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl$UnmarshallSoapFaultContext.unmarshall(UnmarshallerImpl.java:101) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl.unmarshalSoapFault(UnmarshallerImpl.java:88) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.soap.impl.unmarshaller.UnmarshallerImpl.unmarshalSoapFault(UnmarshallerImpl.java:83) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.SoapFaultStackContext.setValue(SoapFaultStackContext.java:40) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.ResponseUnmarshaller.processNextElement(ResponseUnmarshaller.java:127) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.ResponseUnmarshaller.unmarshal(ResponseUnmarshaller.java:70) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.ResponseImpl.unmarshalResponse(ResponseImpl.java:274) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.ResponseImpl.setResponse(ResponseImpl.java:230) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.http.impl.HttpExchangeBase.parseResponse(HttpExchangeBase.java:156) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.http.impl.HttpAsyncExchange$1$2.run(HttpAsyncExchange.java:128) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.impl.BlockingFuture.executeRunnable(BlockingFuture.java:150) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.core.impl.BlockingFuture.get(BlockingFuture.java:72) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl$RetryingFuture.get(MethodInvocationHandlerImpl.java:548) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl$CallExecutor.executeCall(MethodInvocationHandlerImpl.java:618) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl.completeCall(MethodInvocationHandlerImpl.java:360) 
[2019-01-25T19:17:57.762Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl.invokeOperation(MethodInvocationHandlerImpl.java:311) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vim.vmomi.client.common.impl.MethodInvocationHandlerImpl.invoke(MethodInvocationHandlerImpl.java:184) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.sun.proxy.$Proxy744.postEvent(Unknown Source) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at java.lang.reflect.Method.invoke(Method.java:498) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.commons.vcservice.impl.VcServiceImpl$ManagedObjectHandler.invoke(VcServiceImpl.java:2118) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.sun.proxy.$Proxy745.postEvent(Unknown Source) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.extension.VcExtensionManager.postVcEvent(VcExtensionManager.java:631) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.extension.VcExtensionManager.addPackages(VcExtensionManager.java:497) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.extension.VcExtensionManager.addPackages(VcExtensionManager.java:331) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.extension.VcPluginPackageManager.deployAsSolutionUser(VcPluginPackageManager.java:164) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.extension.VcPluginPackageManager.deployNewPackages(VcPluginPackageManager.java:97) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.vim.extension.VcExtensionManager.deployNewPackages(VcExtensionManager.java:77) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.extensionfw.ExtensionManager.deployNewPackages(ExtensionManager.java:443) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.extensionfw.impl.ExtensionServiceImpl.deployNewPackages(ExtensionServiceImpl.java:199) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.extensionfw.impl.ExtensionBundleActivator$1.deployCompleted(ExtensionBundleActivator.java:87) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at com.vmware.vise.extensionfw.impl.CorePluginsDeploymentActivator$1.run(CorePluginsDeploymentActivator.java:62) 
[2019-01-25T19:17:57.763Z] [ERROR] SimpleAsyncTaskExecutor-1     System.err                                                        at java.lang.Thread.run(Thread.java:748) 
[2019-01-25T19:19:59.058Z] [ERROR] cm-catalog-manager-pool-25    System.err                                                        Jan 25, 2019 7:19:59 PM com.vmware.vise.vim.lookup.LsCatalogManager retryUntil 
0 Kudos
tganchev
VMware Employee
VMware Employee
‎03-10-2019 05:19 AM

Hi Eric,

The /list API has not been secured as it will not yield any sensitive information as it does not touch the vCenter APIs. If you call the APIs tghat retrieve vCenter data you'd see that they will result in unauthenticated API calls in a new browser session or if you use curl from the command line.

In general it is a good idea for us to illustrate hos to secure the sample plugin but the normal case is that each plugin has to talk to APIs that need authentication and these APIs guarantee the overall security of the solution. Moreover the plugin Java bit running inside the vSphere client should not be storing any information on the vCenter appliance therefore it does not need it's own authentication separate from the one that the backend APIs sanction.

Best,

Tony

0 Kudos