Manualshelf

Specifications

ManualsBrandsHP ManualsComputer equipment3350 - Cisco NAC Appliance
631632633634635636637638639640
B-2
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Appendix B API Support
Authentication Requirements
Authentication Requirements
Authentication over SSL is required to access the API. Two authentication methods are supported:
Session-Based Authentication
With this method, the administrator uses the adminlogin and adminlogout functions to create a
cookie-based session with the server. The adminlogin function logs in the admin user and if
successful, the HTTP response from the server will contain the session cookie to be used for the
duration of the session. The adminlogout function logs out the admin user and invalidates the
session. However, if the adminlogout function is not used, the CAM terminates the session by the
configured or default admin session timeout.
Function-Based Authentication
If you do not want to used session-based authentication, you can use function-based authentication.
With this method, the admin authenticates by passing his or her admin account credentials in every
call to the API using the admin and passwd arguments in the request URL. If authenticating by
function, you must add the admin and passwd parameters to all functions that you are using in your
existing script. In this case, you do not use the adminlogin and adminlogout functions.
Administrator Operations
Use the adminlogin and adminlogout functions to create a shell script for session-based authentication
using a session ID cookie. If you decide not to use session-based authentication, you will need to include
the admin and passwd arguments within each API call instead.
adminlogin
The adminlogin function logs in the admin and starts the cookie-based session.
Required In Parameters:
op: adminlogin
admin: Administrator account username
passwd: Administrator account password.
Out Parameters: <!--error=mesg--> comment
Success: mesg value of 0
Failure: error string
<any subsequent operation>
The HTTP session cookie obtained through the adminlogin needs to be passed back as part of the HTTP
request in any subsequent operation.
Required In Parameters:
op: <ANY operation>
<any operation specific parameters>