A A Web Service Client Example

This appendix provides an example for generating requests to the Web Service using the WebUtil application. The appendix includes:

Description of Web Service API Requests
Sending a Web Service Request
Creating Public and Private Keys
WebUtil Application Overview
Web Service Request Examples

Description of Web Service API Requests

This section provides a description of the information contained in a typical request to the Web Service. This section describes both types of requests:

AKM Request
IAAS Request

AKM Request

The following URL shows the information required in a typical AKM request to the Web Service API:

https://USER:PASSWORD@HOST/akm/?REQUEST_DATA

Name	Description
USER	Cloud user name
PASSWORD	Cloud user password
HOST	IP address or fully qualified hostname
REQUEST_DATA	The request data is made of a series of name=value parameters separated by "&"

REQUEST_DATA

The parameters required as part of the REQUEST_DATA depend on the value used for the AKM action. However, there are a set of common parameters required for every AKM request.

The following table shows the common required parameters for the REQUEST_DATA in every AKM request:

Name	Description
Action	One of the akm action. See, for a complete list of akm actions.
Version	1
Timestamp	Timestamp in milliseconds since 1st of January 1970.
Expires	Expiry date in milliseconds since 1st of January 1970, must be greater than the timestamp field above. A 300000ms difference between the 2 values should be more than enough.

See RegisterAccessKeyRequest, DescribeAccessKeysRequest, DeleteAccessKeyRequest, and DescribeAccountsRequest for a complete description and extra parameters that can be used for the AKM actions.

Example of a complete request

https://<username>:<password>@<EnterpriseControllerHostname>/akm/?Action= DescribeAccounts&Version=1&Timestamp=1330954619299&Expires=1330954919299

IAAS Request

The following URL shows the information required in a typical IAAS request using the Web Service API:

https://HOST/iaas/?REQUEST_IAAS_DATA&SIGNATURE_BLOCK

Name	Description
HOST	IP address or fully qualified hostname of Ops Center
REQUEST_IAAS_DATA	The request data is made of a series of name=value parameters separated by "&"
SIGNATURE_BLOCK	The signature block is a series of name=value parameters separated by "&"

REQUEST_IAAS_DATA

The parameters required as part of the REQUEST_IAAS_DATA depend on the value used for the IAAS action. However, there are a set of common parameters required for every IAAS request.

The following table shows the common required parameters for the REQUEST_IAAS_DATA in every IAAS request:

Name	Description
Action	One of the IAAS actions. See, for a complete list of the IAAS actions.
Version	1
Timestamp	Timestamp in milliseconds since 1st of January 1970
Expires	Expiry date in milliseconds since 1st of January 1970, must be greater than the timestamp field above. A 300000ms difference between the 2 values should be more than enough.
accessKeyId	The value returned by the akm RegisterAccessKey action.

See List of Actions, for a complete list of IAAS actions and extra parameters that can be used.

Example A-1 An Example of REQUEST_IAAS_DATA

Action= DescribeVnets&Version=1&Timestamp=1330954619299&Expires=1330954919299&accessKeyId=AK_1

SIGNATURE_BLOCK

The signature block consists of signing some IAAS data with a private key so the web service can authenticate the request. The web server should be able to verify the signature with the public key which has been registered with the RegisterAccessKey action.

The following table shows the series of name=value parameters that conform the SIGNATURE_BLOCK. These parameter are separated by "&":

Name	Description
SignatureVersion	1
SignatureMethod	SHA512withRSA (This is the only method supported)
Signature	Encoded Hash value of the data to be signed.

See "IAAS Data Used for Signature", for a complete description of the Signature field.

Example A-2 An Example of SIGNATURE_BLOCK

SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=bj8GfJCqvPZZPU2JoWAGzZdCF+N767rQejILMQwNdgKLfoGGqAwDPRYMr/ghUoBc6RB3nKYgAyPdmtCfhzRGTqECgUWy0jCrE99+utGeeJ0/XRQ9LxyYeBgzjO3lHP+hFhUo+gUtQaSYPhUHH7eTkxg/CrolMxibglypJM/rIf90yEqSeqhphQt7hWxlT0DNAy6/cZt8isT/Tu8V7ZFjBFkEpLfN97bIOJ2vIIpOeetmftuw4ObtqjbUp6+7dpVkhhCQnX0MAIDj+mjorEOzcwK+F1pYuzES0fjaW0MowG+cA/9gttDjg7r5H29i3qbbjIlvAt6fk1HPpSxQTSTOTg==

IAAS Data Used for Signature

To generate the encoded hash value of the SIGNATURE_BLOCK for a IAAS request, the following data is used, this data needs to be signed and base64 encoded:

Name	Description
Http Request type	POST.
HostName	IP address or fully qualified hostname of Ops Center)
Base URL of the Web service	iaas
REQUEST_IAAS_DATA	The request data is made of a series of name=value parameters separated by "&". See also REQUEST_IAAS_DATA.

Example A-3 Example of the IAAS data to sign

Note that there is a "\n" between every field.

POST
<EnterpriseControllerHostname>
/iaas/
Action= DescribeAccounts&Version=1&Timestamp=1330954619299&Expires=1330954919299

Example A-4 Java representation of the data to sign

Note that there is a "\n" between every field.

StringBuilder message = new StringBuilder();Message.setLength(0);message.append("POST").append("\n");message.append("<EnterpriseControllerHostname>") .append("\n");message.append("/iaas/").append("\n");message.append("Action= DescribeVnets&Version=1&Timestamp=1330954619299&Expires=1330954919299&accessKeyId=AK_1").append("\n");

See A Web Service Client Example, for an example of generating IAAS request with signed data.

Sending a Web Service Request

Request to the Web Service API are simple web POST or GET operations. Once a AKM or IAAS request is dynamically generated, static technology is used to send the request. This section mentions the use of the web browser and WGET.

Using the Web Browser

To use the web browser to send a request to the Web service API, enter the complete request in the address bar of the browser.

The following URL is an example of a complete AKM request. The request should be entered in the address bar as a one line command:

https://<username>:<password>@<EnterpriseControllerHostname>/akm/? Action= DescribeAccounts&Version=1&Timestamp=1330954619299&Expires=1330954919299

Using WGET

To use WGET, it is necessary to use the --no-check-certificate option.

The following is an example of sending a request using WGET with the same AKM request used previously:

wget https://<username>:<password>@<EnterpriseControllerHostname>/akm/?Action= DescribeAccounts&Version=1&Timestamp=1330954619299&Expires=1330954919299 --nocheck-certificate

Creating Public and Private Keys

A public and private RSA keys are required for signing the required IAAS data so that the web service can authenticate the request.

Private Key

Before creating a public key a private key must be created. A private key can be created executing the following command:

openssl genrsa -out privatekey.pem 2048

The private key is stored in the privatekey.pem file and this file is used to create the public key. Once the public key is registered with the RegisterAccessKey action, this private key can be used to sign IAAS data.

To use WebTuil to sign IAAS data, the private key must be stored in DER format, this can be achieved by using the following command:

openssl pkcs8 -topk8 -inform PEM -outform DER -in privatekey.pem -nocrypt > privatekey.DER

The private key is stored in privatekey.DER file.

Public Key

To create a public key use the following command:

openssl rsa -in privatekey.pem -pubout -out publickey.pem

The public key is stored in the publickey.pem file and can be used with the RegisterAccessKey action so that the web server can verify the signed data with the public key.

WebUtil Application Overview

WebUtil is a simple java application that generates the signature for an IAAS request to the Web Service API. WebUtil uses the SHA512withRSA method and base64 encode to signed the required data.

The following is the code of the WebUtil application. When building the application with the javac compiler it is possible that 2 warnings are being displayed.

/*
 *  Copyright (c) 2007, 2012 Oracle and/or its affiliates.  All rights reserved.
 *  Use is subject to license terms.
 */
import java.io.*;
import java.nio.charset.Charset;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.interfaces.RSAPrivateKey;
public class WebUtil {
        final static String UTF_8_ENCODER = "UTF-8";
        private static final Charset CHARSET_ENCODING_UTF_8    = Charset.forName("UTF-8");
        private static final long   IAAS_REQUEST_TIMEOUT_MS = 300000; //default expiry time is 5 minutes
        public static void main(String[] args) {
        if(args.length<=0) {
                WebUtil.usage();
        }
        String argument=new String(args[0]);        
        if(argument.compareTo("signature") ==0 && args.length != 6){
                WebUtil.usage();
        }
        if(argument.compareTo("template") == 0 && args.length != 2){
                WebUtil.usage();                
        }
                
        try{
 
        if(argument.compareTo("template") == 0){
                WebUtil.generateTemplate(args[1]);                
        
        }        
        
        if(argument.compareTo("signature") ==0 && args.length == 6){         
                WebUtil.signDataToFile(args[1],args[2],args[3],args[4],args[5]);
                
        }        
 
        }catch (Exception e){
                System.err.println("Caught exception " + e.toString());
        }
 
 
 
        }
        static void usage(){
                
            System.out.println("Usage: WebUtil template destinationFile");
            System.out.println("Usage: WebUtil signature privateKeyDER  HTTP_TYPE  HOST_IP  DATA_TO_SIGN  signatureData");
            System.out.println("Usage: HTTP_TYPE: POST or GET\n   HOST_IP=ip address of OC \n    DATA_TO_SIGN:without Timestamp and Expire but needs to have the access key id \n  signatureData:filename to store the signature");
            System.exit(0);
            
        }
 
        static void generateTemplate(String filename)throws Exception {
                StringBuilder message = new StringBuilder();
 
                message.setLength(0);
                message.append("POST").append("\n");
                message.append("10.169.79.76").append("\n");
                message.append("/iaas/").append("\n");
                message.append("Action=DescribeVnets&Version=1");
                message.append("&Timestamp=1330797956376");
                message.append("&Expires=1330798256376");
                message.append("&AccessKeyId=AK_1");
                message.append("\n");
                FileOutputStream iaas = new FileOutputStream(filename);
                iaas.write(message.toString().getBytes(CHARSET_ENCODING_UTF_8));
                iaas.close();
        }        
 
 
        static void signDataToFile(String keyPrivFile, String httpType, String host, String dataRequest,String signedDataFile) throws Exception {
                
                
long tsnow = System.currentTimeMillis();
long tsexpires = tsnow + IAAS_REQUEST_TIMEOUT_MS;
String tNow=Long.toString(tsnow);
String tEXPIRE=Long.toString(tsexpires);
 
StringBuilder message = new StringBuilder();
message.setLength(0);
message.append(httpType).append("\n");
message.append(host).append("\n");
message.append("/iaas/").append("\n");
message.append(dataRequest);
message.append("&Timestamp="); message.append(tNow);
message.append("&Expires="); message.append(tEXPIRE);
message.append("\n");
 
StringBuilder iaasmessage = new StringBuilder();
iaasmessage.append("https://").append(host);
iaasmessage.append("/iaas/?").append(dataRequest);
iaasmessage.append("&Timestamp="); iaasmessage.append(tNow);
iaasmessage.append("&Expires="); iaasmessage.append(tEXPIRE);
iaasmessage.append("&SignatureMethod=SHA512withRSA&SignatureVersion=1");
iaasmessage.append("&Signature=");
        
                
                String messageStr = message.toString();        
                
 
                /* Read private keyfile DER */
                FileInputStream in = new FileInputStream( keyPrivFile);
 
                FileInputStream keyfis =    new FileInputStream(keyPrivFile);
                byte[] encKey = new byte[keyfis.available()];
                keyfis.read(encKey);
                keyfis.close();
 
                PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec(encKey);
 
                KeyFactory keyFactory =    KeyFactory.getInstance("RSA");
                PrivateKey privKey =    keyFactory.generatePrivate(privKeySpec);
 
                Signature rsa = Signature.getInstance("SHA512withRSA"); 
 
                rsa.initSign(privKey);
                rsa.update(messageStr.getBytes(CHARSET_ENCODING_UTF_8));
 
                /* Now that all the data to be signed has been read in, 
                    generate a signature for it */
 
                byte[] realSig = rsa.sign();
                
                /* base64 encode the signed data */
                String signatureUrlEncoded = getBase64Encoder().encode(realSig);
 
 
        
                /* Copy data to file */
        
                FileOutputStream iaas = new FileOutputStream(signedDataFile);
                iaas.write(signatureUrlEncoded.getBytes(CHARSET_ENCODING_UTF_8));
                iaas.close();
 
                /* copy part of request to request file */
                FileOutputStream iaasreq = new FileOutputStream("iaasPartRequest");
                iaasreq.write(iaasmessage.toString().getBytes(CHARSET_ENCODING_UTF_8));
                iaasreq.close();
 
 
        }        
 
/**
     * @return a new base 64 encoder
     */
    public static sun.misc.BASE64Encoder getBase64Encoder() {
        /*
         * This helper method was introduced to minimize the warnings about
         * using a Sun proprietary API. Use full package names to avoid
         * warning on import statement.
         */
        return new sun.misc.BASE64Encoder();
    }
 
}

How the WebUtil Application Works

Before using the WebUtil application an access key for an account needs to be created. See Creating an Access Key for more information.

Once the access key is created, the IAAS data must be defined, see also IAAS Data Used for Signature.

The following is an example of this data for viewing vNets information.:

POST
<EnterpriseControllerHostname>
Action=DescribeVnets&Version=1&accessKeyId=AK_1&Timestamp=12333333&Expires=13333444

To generate the signature and base64 encoded use the WebUtil by running the following command:

java WebUtil signature privatekey.DER "POST" "<EnterpriseControllerHostname>" "Action=DescribeVnets&Version=1&accessKeyId=AK_1" signedData

WebUtil generates and stores the signed data in the signedData file:

Content of signedData: bj8GfJCqvPZZPU2JoWAGzZdCF+N767rQejILMQwNdgKLfoGGqAwDPRYMr/ghUoBc6RB3nKYgAyPdmtCfhzRGTqECgUWy0jCrE99+utGeeJ0/XRQ9LxyYeBgzjO3lHP+hFhUo+gUtQaSYPhUHH7eTkxg/CrolMxibglypJM/rIf90yEqSeqhphQt7hWxlT0DNAy6/cZt8isT/Tu8V7ZFjBFkEpLfN97bIOJ2vIIpOeetmftuw4ObtqjbUp6+7dpVkhhCQnX0MAIDj+mjorEOzcwK+F1pYuzES0fjaW0MowG+cA/9gttDjg7r5H29i3qbbjIlvAt6fk1HPpSxQTSTOTg==

WebUtil also generates the iaasPartRequest file with the following information:

https://<EnterpriseControllerHostname>/iaas/?Action=DescribeVnets&Version=1&AccessKeyId=AK_1&Timestamp=1331058169938&Expires=1331058469938&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=

To generate the complete HTTP request, append the content of the signedData file to the iaasPartRequest file as a single line command. After that, the HTTP request can be sent, see Sending a Web Service Request

Web Service Request Examples

This section presents an example for creating requests to the Web service that allows a cloud user to perform actions for an account. This section includes:

Creating an Access Key
Executing actions for an account:

Creating an Access Key

An access key is created for an account. The registered access key is needed to perform any IAAS action in the account.

For this example the following information is used to create the access key:

USER: clouduser
PASSWORD: <password>
HOST: 10.16.79.70

To create an access key:

Create a private RSA key stored as DER file.
1. Run the following command to create a private RSA key file:
  
  openssl genrsa -out privatekey.pem 2048
2. Run the following command to store the private key as DER:
  
  openssl pcks8 -topk8 -inform PEM -outform DER -in privatekey.pem -nocrypt > privatekey.DER

Create a public RSA key base on the privateRSA key. Run the following command:

openssl rsa -in privatekey.pem -pubout -out publickey.pem

The openssl public key generated must be similar to the following:

Describe accounts for a cloud user.
1. Create and send an AKM request using the DescribeAccounts action. The appropriate hostname, cloud user, timestamp and expires information must be filled properly:
  
  https://<username>:<password>@<EnterpriseControllerHostname>/akm/? Action=DescribeAccounts&Version=1&Timestamp=1330954619299&Expires=1330954919299
2. Choose the account ID from the result returned from the previous AKM request, for example: ACC-0162da5a-5d25-4096-af59-3dd1de27cfad
```
<result xsi:type="DescribeAccountsResult" requestId="803">
<items>
<account>ACC-0162da5a-5d25-4096-af59-3dd1de27cfad</account>
<name>acc1</name>
</items>
<forUser><username></forUser>
</result>
```
Create the access key for a cloud user account.
1. Register the public key previously created using the RegisterAccessKey action. Ensure that the data is represented as a single line. The following URL shows the https request to create an access key. The account used is the one from the DescribeAccount action used previously:
  
  https://<username>:<password>@<EnterpriseControllerHostname>/akm/?Action=RegisterAccessKey&Version=1&Timestamp=1330975344&Expires=1333975344&account=ACC-0162da5a-5d25-4096-af59-3dd1de27cfad&publicKey=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufVdjdp0MmOLbNypLVMWXfmhusawid4Wg4n4FZewSmoBEYA8f8wIA0SI87Shi7RtMcWsEoXvNNHA0wcJoA1RjyVLsI3rtrq0c0k7AxQSwb4UK/rSXW1NXxMh/mE7b3gdA6d9VuwIPnZJ5ZFQUZCLyhaAotLCdACrzbgzYXdqt+rstutT1AVkE2UAMcm5O3KnIoObZKb8JtepSt74A9RgVBkcCBjmKGfLNOL1KlZconkITm85TWKRaGRFuASxdl2ZrD723ZNb66X/a9ebxTMr6vVeskcaZpPlHzvgMOpiyDGwRvxn9yM5WB83zFDGT26Lihn/bKzLJXa+F2YNkLrTJQIDAQAB
2. Get the access key ID generated. The access key ID is part of the results returned from the RegisterAccessKey action. This access key ID is used for all next IAAS request. For this example: AK_1
```
<result xsi:type="RegisterAccessKeyResult" requestId="1013"> 
<accessKeyId>AK_1</accessKeyId> 
</result>
```

Executing actions for an account

The following actions are explained in this section:

Describe vNets
Describe vNets filtering by vNet ids
Create a private vNet
Describe a Vnet using filters

To execute these actions using the Web Service, the access key ID and private key file obtained from previous steps is used.

Describe vNets

Define the data to be signed using DescribeVnets action:

Action=DescribeVnets&Version=1&AccessKeyId=AK_1

Sign the data using the WebUtil application.

java WebUtil signature  privatekey.DER  "POST" "<EnterpriseControllerHostname>"  "Action=DescribeVnets&Version=1&accessKeyId=AK_1" signedData

Get the signed data stored in iaasPartRequest and signedData files.

Content of iaasPartRequest: https://<EnterpriseControllerHostname>/iaas/?Action=DescribeVnets&Version=1&AccessKeyId=AK_1&Timestamp=1331058169938&Expires=1331058469938&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=

Content of signedData: bj8GfJCqvPZZPU2JoWAGzZdCF+N767rQejILMQwNdgKLfoGGqAwDPRYMr/ghUoBc6RB3nKYgAyPdmtCfhzRGTqECgUWy0jCrE99+utGeeJ0/XRQ9LxyYeBgzjO3lHP+hFhUo+gUtQaSYPhUHH7eTkxg/CrolMxibglypJM/rIf90yEqSeqhphQt7hWxlT0DNAy6/cZt8isT/Tu8V7ZFjBFkEpLfN97bIOJ2vIIpOeetmftuw4ObtqjbUp6+7dpVkhhCQnX0MAIDj+mjorEOzcwK+F1pYuzES0fjaW0MowG+cA/9gttDjg7r5H29i3qbbjIlvAt6fk1HPpSxQTSTOTg==
Append the signature to get the complete IAAS request, for example:

https://<EnterpriseControllerHostname>/iaas/?Action=DescribeVnets&Version=1&AccessKeyId=AK_1&Timestamp=1331058169938&Expires=1331058469938&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=bj8GfJCqvPZZPU2JoWAGzZdCF+N767rQejILMQwNdgKLfoGGqAwDPRYMr/ghUoBc6RB3nKYgAyPdmtCfhzRGTqECgUWy0jCrE99+utGeeJ0/XRQ9LxyYeBgzjO3lHP+hFhUo+gUtQaSYPhUHH7eTkxg/CrolMxibglypJM/rIf90yEqSeqhphQt7hWxlT0DNAy6/cZt8isT/Tu8V7ZFjBFkEpLfN97bIOJ2vIIpOeetmftuw4ObtqjbUp6+7dpVkhhCQnX0MAIDj+mjorEOzcwK+F1pYuzES0fjaW0MowG+cA/9gttDjg7r5H29i3qbbjIlvAt6fk1HPpSxQTSTOTg==

Note:
The complete request to the Web service must be created as single line request.

Send the complete IAAS request using the browser or wget. The result returned is similar to:

<result xsi:type="DescribeVnetsResult" requestId="102">
<items>
<id>VNET-6c774d08-d0a7-493b-9fa1-c93a80702f8d</id>
<name>10.169.69.0/24</name>
<description>OVM Discovered Network OVM Discovered Network </description>
<status>OK</status>
<ipAddress>10.169.69.0/24</ipAddress>
</items>
</result>

Describe vNets filtering by vNet ids

Define the data to be signed using DescribeVnets action:

Action=DescribeVnets&Version=1&AccessKeyId=AK_1&ids.1=VNET-6c774d08-d0a7-493b-9fa1-c93a80702f8d

Sign the data using the WebUtil application.

java WebUtil signature  privatekey.DER  "POST" "<EnterpriseControllerHostname>"  "Action=DescribeVnets&Version=1&AccessKeyId=AK_1&ids.1=VNET-6c774d08-d0a7-493b-9fa1-c93a80702f8d" signedData

Get the signed data stored in iaasPartRequest and signedData files.

Content of iaasPartRequest: https://<EnterpriseControllerHostname>/iaas/?Action=DescribeVnets&Version=1&AccessKeyId=AK_1&ids.1=VNET-6c774d08-d0a7-493b-9fa1-c93a80702f8d&Timestamp=1331058449900&Expires=1331058749900&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=

Content of signedData: B15A5WdQkIwTrlR/NDXbn1RFwWyBFAQFtZTfZ1jH8ftkRgvfwU93nxukpw23sHBdRvhzLuhyW2LWm90EIhZHd3H2x9s8D1wCAUFTsSAZoPuIlW40qn0sf9VTEXOlqwnxfray6eSGCcpHQWXaA+TjpCitzguoPmHa3LjGKECnbNuqJS15L8VuVfE6otaxyTBzmhH7iI7pBC8gcpomnDZhxZkAFaVT0TFf88epbJal5Yl6aTpptjlUNEz6jDhuV2Qaa3bI5OqnJc0PJgCkhuKU7un8us1JVEk/nf/or5RCBMmPGAluuILIfYBEe/euVUy7wQ00eyKPRuplZkORmVbFLg==
Append the signature to get the complete IAAS request, for example:

https://<EnterpriseControllerHostname>/iaas/?Action=DescribeVnets&Version=1&AccessKeyId=AK_1&ids.1=VNET-6c774d08-d0a7-493b-9fa1-c93a80702f8d&Timestamp=1331058449900&Expires=1331058749900&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=B15A5WdQkIwTrlR/NDXbn1RFwWyBFAQFtZTfZ1jH8ftkRgvfwU93nxukpw23sHBdRvhzLuhyW2LWm90EIhZHd3H2x9s8D1wCAUFTsSAZoPuIlW40qn0sf9VTEXOlqwnxfray6eSGCcpHQWXaA+TjpCitzguoPmHa3LjGKECnbNuqJS15L8VuVfE6otaxyTBzmhH7iI7pBC8gcpomnDZhxZkAFaVT0TFf88epbJal5Yl6aTpptjlUNEz6jDhuV2Qaa3bI5OqnJc0PJgCkhuKU7un8us1JVEk/nf/or5RCBMmPGAluuILIfYBEe/euVUy7wQ00eyKPRuplZkORmVbFLg==

Note:
The complete request to the Web service must be created as single line request.

Send the complete IAAS request using the browser or wget. The result returned is similar to:

<result xsi:type="DescribeVnetsResult" requestId="107">
<items>
<id>VNET-6c774d08-d0a7-493b-9fa1-c93a80702f8d</id>
<name>10.169.69.0/24</name>
<description>OVM Discovered Network OVM Discovered Network </description>
<status>OK</status>
<ipAddress>10.169.69.0/24</ipAddress>
</items>
</result>

Create a private vNet

Define the data to be signed using DescribeVnets action:

Action=CreateVnet&Version=1&AccessKeyId=AK_1&name=privatevnetWebApi

Sign the data using the WebUtil application.

java WebUtil signature  privatekey.DER  "POST" "<EnterpriseControllerHostname>"  "Action=CreateVnet&Version=1&AccessKeyId=AK_1&name=privatevnetWebApi" signedData

Get the signed data stored in iaasPartRequest and signedData files.

Content of iaasPartRequest: https://<EnterpriseControllerHostname>/iaas/?Action=CreateVnet&Version=1&AccessKeyId=AK_1&name=privatevnetWebApi&Timestamp=1331058639019&Expires=1331058939019&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=

Content of signedData: B15A5WdQkIwTrlR/NDXbn1RFwWyBFAQFtZTfZ1jH8ftkRgvfwU93nxukpw23sHBdRvhzLuhyW2LWm90EIhZHd3H2x9s8D1wCAUFTsSAZoPuIlW40qn0sf9VTEXOlqwnxfray6eSGCcpHQWXaA+TjpCitzguoPmHa3LjGKECnbNuqJS15L8VuVfE6otaxyTBzmhH7iI7pBC8gcpomnDZhxZkAFaVT0TFf88epbJal5Yl6aTpptjlUNEz6jDhuV2Qaa3bI5OqnJc0PJgCkhuKU7un8us1JVEk/nf/or5RCBMmPGAluuILIfYBEe/euVUy7wQ00eyKPRuplZkORmVbFLg==
Append the signature to get the complete IAAS request, for example:

https://<EnterpriseControllerHostname>/iaas/?Action=CreateVnet&Version=1&AccessKeyId=AK_1&name=privatevnetWebApi&Timestamp=1331058639019&Expires=1331058939019&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=B15A5WdQkIwTrlR/NDXbn1RFwWyBFAQFtZTfZ1jH8ftkRgvfwU93nxukpw23sHBdRvhzLuhyW2LWm90EIhZHd3H2x9s8D1wCAUFTsSAZoPuIlW40qn0sf9VTEXOlqwnxfray6eSGCcpHQWXaA+TjpCitzguoPmHa3LjGKECnbNuqJS15L8VuVfE6otaxyTBzmhH7iI7pBC8gcpomnDZhxZkAFaVT0TFf88epbJal5Yl6aTpptjlUNEz6jDhuV2Qaa3bI5OqnJc0PJgCkhuKU7un8us1JVEk/nf/or5RCBMmPGAluuILIfYBEe/euVUy7wQ00eyKPRuplZkORmVbFLg==

Note:
The complete request to the Web service must be created as single line request.

Send the complete IAAS request using the browser or wget. The result returned is similar to:

<result xsi:type="CreateVnetResult" requestId="109"><vnetId>VNET-7e33ee2e-d0f9-4b39-b8c9-32b8c8bfed87</vnetId></result>

Describe a Vnet using filters

Define the data to be signed using DescribeVnets action:

Action=DescribeVnets&Version=1&AccessKeyId=AK_1&filters.1.filterValue=privatevnet1&filters.1.filterName=name

Sign the data using the WebUtil application.

java WebUtil signature  privatekey.DER  "POST" "<EnterpriseControllerHostname>"  "Action=DescribeVnets&Version=1&AccessKeyId=AK_1&filters.1.filterValue=privatevnet1&filters.1.filterName=name" signedData

Get the signed data stored in iaasPartRequest and signedData files.

Content of iaasPartRequest: https://<EnterpriseControllerHostname>/iaas/?Action=DescribeVnets&Version=1&AccessKeyId=AK_1&filters.1.filterValue=privatevnet1&filters.1.filterName=name&Timestamp=1331058887344&Expires=1331059187344&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=

Content of signedData: B15A5WdQkIwTrlR/NDXbn1RFwWyBFAQFtZTfZ1jH8ftkRgvfwU93nxukpw23sHBdRvhzLuhyW2LWm90EIhZHd3H2x9s8D1wCAUFTsSAZoPuIlW40qn0sf9VTEXOlqwnxfray6eSGCcpHQWXaA+TjpCitzguoPmHa3LjGKECnbNuqJS15L8VuVfE6otaxyTBzmhH7iI7pBC8gcpomnDZhxZkAFaVT0TFf88epbJal5Yl6aTpptjlUNEz6jDhuV2Qaa3bI5OqnJc0PJgCkhuKU7un8us1JVEk/nf/or5RCBMmPGAluuILIfYBEe/euVUy7wQ00eyKPRuplZkORmVbFLg==
Append the signature to get the complete IAAS request, for example:

https://<EnterpriseControllerHostname>/iaas/?Action=CreateVnet&Version=1&AccessKeyId=AK_1&name=privatevnetWebApi&Timestamp=1331058639019&Expires=1331058939019&SignatureMethod=SHA512withRSA&SignatureVersion=1&Signature=B15A5WdQkIwTrlR/NDXbn1RFwWyBFAQFtZTfZ1jH8ftkRgvfwU93nxukpw23sHBdRvhzLuhyW2LWm90EIhZHd3H2x9s8D1wCAUFTsSAZoPuIlW40qn0sf9VTEXOlqwnxfray6eSGCcpHQWXaA+TjpCitzguoPmHa3LjGKECnbNuqJS15L8VuVfE6otaxyTBzmhH7iI7pBC8gcpomnDZhxZkAFaVT0TFf88epbJal5Yl6aTpptjlUNEz6jDhuV2Qaa3bI5OqnJc0PJgCkhuKU7un8us1JVEk/nf/or5RCBMmPGAluuILIfYBEe/euVUy7wQ00eyKPRuplZkORmVbFLg==

Note:
The complete request to the Web service must be created as single line request.

Send the complete IAAS request using the browser or wget. The result returned is similar to:

<result xsi:type="DescribeVnetsResult" requestId="111"><items><id>VNET-8028fbfa-9e6f-4494-82c5-b35367340240</id><name>privatevnet1</name><description>privatevnet1</description><status>OK</status><ipAddress>192.168.0.0/24</ipAddress></items></result>