SessionsCollection
更新时间: 2026/06/26
在Gitcode上查看源码

ResourceDefinition

uris

  • /redfish/v1/SessionService/Sessions

properties

名称类型是否只读取值范围/枚举值说明
@odata.contextstringtrue会话资源模型的OData描述信息
@odata.idstringtrue会话资源节点的访问路径
@odata.typestringtrue会话资源类型
Namestringtrue会话资源的名称
Members@odata.countnumbertrue当前会话数量
Membersarraytrue会话资源列表,提供所有会话URL的引用
Members[].@odata.idstringtrue单个会话资源节点的访问路径

supported_methods

  • GET
  • POST

HTTP methods

GET

命令功能

查询会话集合资源信息

命令格式

URL: https://device_ip/redfish/v1/SessionService/Sessions

请求头:

X-Auth-Token: 123456789***********************

请求消息体: 无

参数说明

参数参数说明取值
device_ip登录设备的IP地址IPv4或IPv6地址
auth_value执行该GET请求时,必须在"Headers"中携带"X-Auth-Token"值用于鉴权可通过/redfish/v1/SessionService/Sessions创建会话时获得

使用指南

使用实例

请求样例:

http
GET https://device_ip/redfish/v1/SessionService/Sessions

请求头:

X-Auth-Token: 123456789***********************

请求消息体:无

响应样例:

json
{
  "@odata.context": "/redfish/v1/$metadata#SessionService/Sessions/$entity",
  "@odata.id": "/redfish/v1/SessionService/Sessions",
  "@odata.type": "#SessionCollection.SessionCollection",
  "Name": "Session Collection",
  "Members@odata.count": 6,
  "Members": [
    {
      "@odata.id": "/redfish/v1/SessionService/Sessions/89abd1ef7686e27c"
    },
    {
      "@odata.id": "/redfish/v1/SessionService/Sessions/49b1cae017c90672"
    },
    {
      "@odata.id": "/redfish/v1/SessionService/Sessions/b65fe6a850bad141"
    },
    {
      "@odata.id": "/redfish/v1/SessionService/Sessions/28e6328de3853cdd"
    }
  ]
}

响应码:200

POST(CREATE)

命令功能

创建会话

命令格式

URL: https://device_ip/redfish/v1/SessionService/Sessions

请求头:

Content-Type: header_type

请求消息体:

json
{
  "UserName": name,
  "Password": password,
  "Oem": {
    "Public": {
      "Domain": domain
    }
  }
}

请求头参数说明

参见 请求头参数说明

请求体参数说明

参数参数说明取值
name新建会话对应的用户BMC系统的用户
password新建会话对应的用户的密码BMC系统的用户对应的密码
domain用户所在的域,可选参数,无此参数时默认为AutomaticMatching● LocaliBMC----本地用户
● AutomaticMatching----先匹配本地用户,再依次匹配LDAP用户
● LDAP的用户域----只匹配指定LDAP域的用户

使用指南

在对服务器的Redfish操作过程中,该POST操作是首先要执行的。因为后续大部分操作,都需要在"Headers"中携带"X-Auth-Token"值用于鉴权,而"X-Auth-Token"可通过本操作获得。 为了防止自动踢出不及时导致的会话占满,使用完会话后请主动释放。

使用实例

请求样例:

http
POST https://device_ip/redfish/v1/SessionService/Sessions

请求头:

Content-Type: application/json

请求消息体:

json
{
  "UserName": "username",
  "Password": "password"
}

响应样例:

json
{
  "@odata.context": "/redfish/v1/$metadata#Session.Session",
  "@odata.id": "/redfish/v1/SessionService/Sessions/461360e420ee911d",
  "@odata.type": "#Session.v1_0_2.Session",
  "Id": "461360e420ee911d",
  "Name": "User Session",
  "ClientOriginIPAddress": "10.10.10.1",
  "CreatedTime": "2017-08-05T14:28:18+00:00",
  "Roles": ["Administrator"],
  "SessionType": "Redfish",
  "OemSessionType": "Redfish",
  "Oem": {
    "Public": {
      "UserAccount": "test1",
      "LoginTime": "2017-08-05T14:28:18+00:00",
      "UserIP": "10.10.10.1",
      "UserTag": "Redfish",
      "MySession": false,
      "UserId": 4,
      "UserValidDays": null,
      "AccountInsecurePromptEnabled": false,
      "UserRole": ["Administrator"]
    }
  }
}

响应码:201

响应头样例:

Cache-Control → max-age=0, no-cache, no-store, must-revalidate
Connection → Keep-Alive
Content-Length → 392
Content-Security-Policy → default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; frame-src 'self'; font-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'
Content-Type → application/json;charset=utf-8
Date → Wed, 17 May 2017 13:26:45 GMT
ETag → W/"49652606"
Expires → 0
Keep-Alive → timeout=1, max=32
Location → /redfish/v1/SessionService/Sessions/8925f1599a34e7cc
OData-Version → 4.0
Strict-Transport-Security → max-age=31536000; includeSubDomains
X-Auth-Token → f38d4148774822d02e4fe8e5bd85ad41
X-Content-Type-Options → nosniff
X-Frame-Options → SAMEORIGIN
X-XSS-Protection → 1; mode=block

POST(CREATE)

命令功能

创建 Web 会话

命令格式

URL: https://device_ip/redfish/v1/SessionService/Sessions

请求头:

Content-Type: header_type
From: interface

请求消息体:

json
{
  "UserName": name,
  "Password": password,
  "Oem": {
    "Public": {
      "Domain": domain
    }
  }
}

请求头参数说明

参见 请求头参数说明

请求体参数说明

参数参数说明取值
name新建会话对应的用户BMC系统的用户
password新建会话对应的用户的密码BMC系统的用户对应的密码
domain用户所在的域,可选参数,无此参数时默认为AutomaticMatching● LocaliBMC----本地用户
● AutomaticMatching----先匹配本地用户,再匹配Kerberos用户,最后依次匹配LDAP用户
● LDAP的用户域----只匹配指定LDAP域的用户
● Kerberos的用户域----只匹配指定Kerberos域的用户
● KerberosSSO----单点登录用户
● Kerberos及KerberosSSO登录方式当前未支持

使用指南

Web对服务器的Redfish接口调用前,该请求需要先执行。因为后续大部分操作,都需要"Headers"中携带"Cookie"值用于鉴权,"Token"值用于防止CSRF攻击。这些信息可通过该请求响应头中"Set-Cookie"、"Token"获得。

使用实例

请求样例:

http
POST https://device_ip/redfish/v1/SessionService/Sessions

请求头:

Content-Type: application/json
From:WebUI

请求消息体:

json
{
  "UserName": "username",
  "Password": "password"
}

响应样例:

json
{
  "@odata.context": "/redfish/v1/$metadata#Session.Session",
  "@odata.id": "/redfish/v1/SessionService/Sessions/461360e420ee911d",
  "@odata.type": "#Session.v1_0_2.Session",
  "Id": "461360e420ee911d",
  "Name": "User Session",
  "Oem": {
    "Public": {
      "UserAccount": "test1",
      "LoginTime": "2017-08-05T14:28:18+00:00",
      "UserIP": "10.10.10.1",
      "LastLoginTime": "2019-03-07T19:35:21+00:00",
      "LastLoginIP": "192.168.2.100",
      "UserTag": "GUI",
      "MySession": false,
      "UserId": 4,
      "UserValidDays": null,
      "AccountInsecurePromptEnabled": false,
      "UserRole": ["Administrator"]
    }
  }
}

响应码:201

响应头样例:

Cache-Control →max-age=0, no-cache, no-store, must-revalidate
Connection →Keep-Alive
Content-Length →476
Content-Security-Policy →default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self' wss://*:*; img-src 'self' data:; frame-src 'self'; font-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'
Content-Type →application/json;charset=utf-8
Date →Wed, 28 Nov 2018 10:21:17 GMT
Expires →0
From →WebUI
Keep-Alive →timeout=1, max=32
Location →/redfish/v1/SessionService/Sessions/759d12915010ef9c
OData-Version →4.0
Set-Cookie →SessionId=b2a8ab46d51a8add88618495bcbf99d5; path=/; secure; httponly
Strict-Transport-Security →max-age=31536000; includeSubDomains
Token →172c4234fc85636c4a0130681fbac4a6
X-Content-Type-Options →nosniff
X-Frame-Options →SAMEORIGIN
X-XSS-Protection →1; mode=block

Web操作

命令功能

Web执行操作

说明

使用Web会话通过Redfish接口执行查询、设置操作。所有请求中不再携带X-Auth-Token,所有操作响应头中不再返回"ETag"参数,PATCH操作请求头不再携带"If-Match"。

命令格式

URL: https://device_ip/redfish/v1/SessionService/Sessions

请求头:

From: interface
Token:token
Cookie:SessionId=sessionid

请求消息体: 无

参数说明

参数参数说明取值
device_ip登录设备的IP地址IPv4或IPv6地址
interface目前仅在Web页面创建Redfish会话时使用,执行该请求时,必须在"Headers"中携带"From:WebUI"WebUI
token执行该请求时,必须在"Headers"中携带"Token:xxx"用于CSRF防护可通过/redfish/v1/SessionService/Sessions创建Web会话时获得
sessionid执行该请求时,必须在"Headers"中携带"Cookie:SessionId=xxx"用于鉴权可通过/redfish/v1/SessionService/Sessions创建Web会话时获得

使用指南

使用实例

请求样例:

http
GET https://device_ip/redfish/v1/SessionService/Sessions

请求头:

Content-Type: application/json
From:WebUI
Token:172c4234fc85636c4a0130681fbac4a6
Cookie:SessionId=b2a8ab46d51a8add88618495bcbf99d5

请求消息体:无

响应样例:

json
{
  "@odata.context": "/redfish/v1/$metadata#SessionService/Sessions/$entity",
  "@odata.id": "/redfish/v1/SessionService/Sessions",
  "@odata.type": "#SessionCollection.SessionCollection",
  "Name": "Session Collection",
  "Members@odata.count": 1,
  "Members": [
    {
      "@odata.id": "/redfish/v1/SessionService/Sessions/759d12915010ef9c"
    }
  ]
}

响应码:200

响应头样例:

Allow →GET,POST
Cache-Control →max-age=0, no-cache, no-store, must-revalidate
Connection →Keep-Alive
Content-Length →324
Content-Security-Policy →default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self' wss://*:*; img-src 'self' data:; frame-src 'self'; font-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'
Content-Type →application/json;charset=utf-8
Date →Wed, 28 Nov 2018 10:47:25 GMT
Expires →0
Keep-Alive →timeout=1, max=32
Link →</redfish/v1/SchemaStore/en/SessionCollection.json>;rel=describedby
OData-Version →4.0
Strict-Transport-Security →max-age=31536000; includeSubDomains
X-Content-Type-Options →nosniff
X-Frame-Options →SAMEORIGIN
X-XSS-Protection →1; mode=block