I have a situation where we redirect the handling presentation of our management UI pages using the HTML Bridge to our back end server. In our plugin.xml file we have something along the lines of:
<componentClass className="com.vmware.vsphere.client.htmlbridge.HtmlView">
<object>
<root>
<url>/vsphere-client/vcenterWebClient-ui/redirect.html?page=MyManagementPage</url>
<legacyScriptPlugin>true</legacyScriptPlugin>
</root>
</object>
</componentClass>
Doing this allows us to reuse much of the code we had developed under the previous C# client environement (where we had done our development using HTML method instead of C# code). In our new web client setup, the url above goes to our redirection servlet that then redirects the request to our backend server to present the page.
Part of what we need to do for security purposes is to verify that the user has a valid session and check their permissions to potentially enbable and disable some of the functionality as appropriate.
In the C# environment our backend server received the serviceUrl and the sessionId as part of its invocation. Since our object is a custom object and not a regular vcenter object, it doesn't receive the list of servers. I should be able to solve this server URL issue by getting the list of servers from the User Session in my redirection servlet and then pass that along to the backend server.
What I am hung up on is what to do about the user information. One of the parameters my redirection servlet receives from the HTML bridge is the webClientSessionId. (&webClientSessionId=1911a99b-389a-4e17-b70e-f5942b19957d). I don't know how and where this can be used and for what? I also thought about getting the samlTokenXml from the User session and passing it over to my backend server. The backend server could then use the SSO API to validate the token and then check the user permissions. However when I look at the token string, it is a large XML document that I wouldn't be able to pass over to the backend server as a parameter. I am not even sure now where this XML token would be used.
My question is what can I get a hold of in my redirection servlet that is invoked by the HTML bridge that will allow me to get a hold of some kind of session Id/token that I can then pass over to my backend server where I can use either SSO or some other technique like calling method in com.vmware.vim25.ServiceContent to get the information.