0 Replies Latest reply on Dec 16, 2013 10:11 PM by uidzer0

    API Authentication - Current logged on user

    uidzer0

      Thought i would pass this along,

       

      In writing a maintenance tool for my organization, you have to be able to get to either A.  Get the users credentials and store them somewhere so they can be passed to the web service B. Pass the current users credentials to the web service.  Else, all Unmanage and Manage calls to the API would be by the user hard coded into your function which isn't good when you want some auditing of who it doing what.

       

      My first route, was to get the credentials and encrypt the password into the registry, decrypt when needed then wipe the contents of the clear text pass out of memory.. which was successful and secure but there was always that blink of a second the password was in clear text format and i just didn't like it.  So i set off the find a way to pass in the users credentials, and i was successful in the task and thought I'd pass along to the community how to do so.  If someone knows where this exists in documentation, please point it out to me because i couldn't find it. I only saw examples of supplying a username and password to the webservice

       

       

      Function GetSwisClient(Optional ByVal host As String = "localhost") As InformationServiceClient

       

      Dim address As String = String.Format("https://{0}:17778/SolarWinds/InformationService/OrionBasic", host)

      GetSwisClient = New InformationServiceClient("BasicHttpBinding_InformationService", address)

      GetSwisClient.ClientCredentials.HttpDigest.AllowedImpersonationLevel = Security.Principal.TokenImpersonationLevel.Delegation

      GetSwisClient.ClientCredentials.HttpDigest.ClientCredential = System.Net.CredentialCache.DefaultCredentials

      GetSwisClient.ClientCredentials.UserName.UserName = My.User.Name.ToString

       

      End Function

       

      Message was edited by: Charles Russell Corrected the code.