ResourceDefinition
uris
/redfish/v1/SessionService/Sessions
properties
| 名称 | 类型 | 是否只读 | 取值范围/枚举值 | 说明 |
|---|---|---|---|---|
| @odata.context | string | true | 会话资源模型的OData描述信息 | |
| @odata.id | string | true | 会话资源节点的访问路径 | |
| @odata.type | string | true | 会话资源类型 | |
| Name | string | true | 会话资源的名称 | |
| Members@odata.count | number | true | 当前会话数量 | |
| Members | array | true | 会话资源列表,提供所有会话URL的引用 | |
| Members[].@odata.id | string | true | 单个会话资源节点的访问路径 |
supported_methods
- GET
- POST
HTTP methods
GET
命令功能
查询会话集合资源信息
命令格式
URL: https://device_ip/redfish/v1/SessionService/Sessions
请求头:
X-Auth-Token: 123456789***********************请求消息体: 无
参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| device_ip | 登录设备的IP地址 | IPv4或IPv6地址 |
| auth_value | 执行该GET请求时,必须在"Headers"中携带"X-Auth-Token"值用于鉴权 | 可通过/redfish/v1/SessionService/Sessions创建会话时获得 |
使用指南
无
使用实例
请求样例:
GET https://device_ip/redfish/v1/SessionService/Sessions请求头:
X-Auth-Token: 123456789***********************请求消息体:无
响应样例:
{
"@odata.context": "/redfish/v1/$metadata#SessionService/Sessions/$entity",
"@odata.id": "/redfish/v1/SessionService/Sessions",
"@odata.type": "#SessionCollection.SessionCollection",
"Name": "Session Collection",
"Members@odata.count": 6,
"Members": [
{
"@odata.id": "/redfish/v1/SessionService/Sessions/89abd1ef7686e27c"
},
{
"@odata.id": "/redfish/v1/SessionService/Sessions/49b1cae017c90672"
},
{
"@odata.id": "/redfish/v1/SessionService/Sessions/b65fe6a850bad141"
},
{
"@odata.id": "/redfish/v1/SessionService/Sessions/28e6328de3853cdd"
}
]
}响应码:200
POST(CREATE)
命令功能
创建会话
命令格式
URL: https://device_ip/redfish/v1/SessionService/Sessions
请求头:
Content-Type: header_type请求消息体:
{
"UserName": name,
"Password": password,
"Oem": {
"Public": {
"Domain": domain
}
}
}请求头参数说明
参见 请求头参数说明
请求体参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| name | 新建会话对应的用户 | BMC系统的用户 |
| password | 新建会话对应的用户的密码 | BMC系统的用户对应的密码 |
| domain | 用户所在的域,可选参数,无此参数时默认为AutomaticMatching | ● LocaliBMC----本地用户 ● AutomaticMatching----先匹配本地用户,再依次匹配LDAP用户 ● LDAP的用户域----只匹配指定LDAP域的用户 |
使用指南
在对服务器的Redfish操作过程中,该POST操作是首先要执行的。因为后续大部分操作,都需要在"Headers"中携带"X-Auth-Token"值用于鉴权,而"X-Auth-Token"可通过本操作获得。 为了防止自动踢出不及时导致的会话占满,使用完会话后请主动释放。
使用实例
请求样例:
POST https://device_ip/redfish/v1/SessionService/Sessions请求头:
Content-Type: application/json请求消息体:
{
"UserName": "username",
"Password": "password"
}响应样例:
{
"@odata.context": "/redfish/v1/$metadata#Session.Session",
"@odata.id": "/redfish/v1/SessionService/Sessions/461360e420ee911d",
"@odata.type": "#Session.v1_0_2.Session",
"Id": "461360e420ee911d",
"Name": "User Session",
"ClientOriginIPAddress": "10.10.10.1",
"CreatedTime": "2017-08-05T14:28:18+00:00",
"Roles": ["Administrator"],
"SessionType": "Redfish",
"OemSessionType": "Redfish",
"Oem": {
"Public": {
"UserAccount": "test1",
"LoginTime": "2017-08-05T14:28:18+00:00",
"UserIP": "10.10.10.1",
"UserTag": "Redfish",
"MySession": false,
"UserId": 4,
"UserValidDays": null,
"AccountInsecurePromptEnabled": false,
"UserRole": ["Administrator"]
}
}
}响应码:201
响应头样例:
Cache-Control → max-age=0, no-cache, no-store, must-revalidate
Connection → Keep-Alive
Content-Length → 392
Content-Security-Policy → default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self'; frame-src 'self'; font-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'
Content-Type → application/json;charset=utf-8
Date → Wed, 17 May 2017 13:26:45 GMT
ETag → W/"49652606"
Expires → 0
Keep-Alive → timeout=1, max=32
Location → /redfish/v1/SessionService/Sessions/8925f1599a34e7cc
OData-Version → 4.0
Strict-Transport-Security → max-age=31536000; includeSubDomains
X-Auth-Token → f38d4148774822d02e4fe8e5bd85ad41
X-Content-Type-Options → nosniff
X-Frame-Options → SAMEORIGIN
X-XSS-Protection → 1; mode=blockPOST(CREATE)
命令功能
创建 Web 会话
命令格式
URL: https://device_ip/redfish/v1/SessionService/Sessions
请求头:
Content-Type: header_type
From: interface请求消息体:
{
"UserName": name,
"Password": password,
"Oem": {
"Public": {
"Domain": domain
}
}
}请求头参数说明
参见 请求头参数说明
请求体参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| name | 新建会话对应的用户 | BMC系统的用户 |
| password | 新建会话对应的用户的密码 | BMC系统的用户对应的密码 |
| domain | 用户所在的域,可选参数,无此参数时默认为AutomaticMatching | ● LocaliBMC----本地用户 ● AutomaticMatching----先匹配本地用户,再匹配Kerberos用户,最后依次匹配LDAP用户 ● LDAP的用户域----只匹配指定LDAP域的用户 ● Kerberos的用户域----只匹配指定Kerberos域的用户 ● KerberosSSO----单点登录用户 ● Kerberos及KerberosSSO登录方式当前未支持 |
使用指南
Web对服务器的Redfish接口调用前,该请求需要先执行。因为后续大部分操作,都需要"Headers"中携带"Cookie"值用于鉴权,"Token"值用于防止CSRF攻击。这些信息可通过该请求响应头中"Set-Cookie"、"Token"获得。
使用实例
请求样例:
POST https://device_ip/redfish/v1/SessionService/Sessions请求头:
Content-Type: application/json
From:WebUI请求消息体:
{
"UserName": "username",
"Password": "password"
}响应样例:
{
"@odata.context": "/redfish/v1/$metadata#Session.Session",
"@odata.id": "/redfish/v1/SessionService/Sessions/461360e420ee911d",
"@odata.type": "#Session.v1_0_2.Session",
"Id": "461360e420ee911d",
"Name": "User Session",
"Oem": {
"Public": {
"UserAccount": "test1",
"LoginTime": "2017-08-05T14:28:18+00:00",
"UserIP": "10.10.10.1",
"LastLoginTime": "2019-03-07T19:35:21+00:00",
"LastLoginIP": "192.168.2.100",
"UserTag": "GUI",
"MySession": false,
"UserId": 4,
"UserValidDays": null,
"AccountInsecurePromptEnabled": false,
"UserRole": ["Administrator"]
}
}
}响应码:201
响应头样例:
Cache-Control →max-age=0, no-cache, no-store, must-revalidate
Connection →Keep-Alive
Content-Length →476
Content-Security-Policy →default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self' wss://*:*; img-src 'self' data:; frame-src 'self'; font-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'
Content-Type →application/json;charset=utf-8
Date →Wed, 28 Nov 2018 10:21:17 GMT
Expires →0
From →WebUI
Keep-Alive →timeout=1, max=32
Location →/redfish/v1/SessionService/Sessions/759d12915010ef9c
OData-Version →4.0
Set-Cookie →SessionId=b2a8ab46d51a8add88618495bcbf99d5; path=/; secure; httponly
Strict-Transport-Security →max-age=31536000; includeSubDomains
Token →172c4234fc85636c4a0130681fbac4a6
X-Content-Type-Options →nosniff
X-Frame-Options →SAMEORIGIN
X-XSS-Protection →1; mode=blockWeb操作
命令功能
Web执行操作
说明
使用Web会话通过Redfish接口执行查询、设置操作。所有请求中不再携带X-Auth-Token,所有操作响应头中不再返回"ETag"参数,PATCH操作请求头不再携带"If-Match"。
命令格式
URL: https://device_ip/redfish/v1/SessionService/Sessions
请求头:
From: interface
Token:token
Cookie:SessionId=sessionid请求消息体: 无
参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| device_ip | 登录设备的IP地址 | IPv4或IPv6地址 |
| interface | 目前仅在Web页面创建Redfish会话时使用,执行该请求时,必须在"Headers"中携带"From:WebUI" | WebUI |
| token | 执行该请求时,必须在"Headers"中携带"Token:xxx"用于CSRF防护 | 可通过/redfish/v1/SessionService/Sessions创建Web会话时获得 |
| sessionid | 执行该请求时,必须在"Headers"中携带"Cookie:SessionId=xxx"用于鉴权 | 可通过/redfish/v1/SessionService/Sessions创建Web会话时获得 |
使用指南
无
使用实例
请求样例:
GET https://device_ip/redfish/v1/SessionService/Sessions请求头:
Content-Type: application/json
From:WebUI
Token:172c4234fc85636c4a0130681fbac4a6
Cookie:SessionId=b2a8ab46d51a8add88618495bcbf99d5请求消息体:无
响应样例:
{
"@odata.context": "/redfish/v1/$metadata#SessionService/Sessions/$entity",
"@odata.id": "/redfish/v1/SessionService/Sessions",
"@odata.type": "#SessionCollection.SessionCollection",
"Name": "Session Collection",
"Members@odata.count": 1,
"Members": [
{
"@odata.id": "/redfish/v1/SessionService/Sessions/759d12915010ef9c"
}
]
}响应码:200
响应头样例:
Allow →GET,POST
Cache-Control →max-age=0, no-cache, no-store, must-revalidate
Connection →Keep-Alive
Content-Length →324
Content-Security-Policy →default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self' wss://*:*; img-src 'self' data:; frame-src 'self'; font-src 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'
Content-Type →application/json;charset=utf-8
Date →Wed, 28 Nov 2018 10:47:25 GMT
Expires →0
Keep-Alive →timeout=1, max=32
Link →</redfish/v1/SchemaStore/en/SessionCollection.json>;rel=describedby
OData-Version →4.0
Strict-Transport-Security →max-age=31536000; includeSubDomains
X-Content-Type-Options →nosniff
X-Frame-Options →SAMEORIGIN
X-XSS-Protection →1; mode=block