9/30/2011 10:04:09 AM
Ameya A
Posts: 4
|
Hi,
Our organization is using seceret server version Version: 7.1.000015.
What I want is to retieve secrets but through command line.
Input secretId, username & password.
Output:*For any template* I want field value of userName and Password*
curl -v --url "<a href="https://our-seceret-server-webservices-url/ss/webservices/sswebservice.asmx?op=GetSecret"">https://our-seceret-server-webservices-url/ss/webservices/sswebservice.asmx?op=GetSecret"</a> --user "username:password"
Firstly is curl the right way or should I use any other tool?
If curl is right way how can give secret id while passing through url?
Let say I want secretId 0001 to be fetched what should be my input url?
curl -v --url "<a href="https://our-seceret-server-webservices-url/ss/webservices/sswebservice.asmx?op=GetSecret"">https://our-seceret-server-webservices-url/ss/webservices/sswebservice.asmx?op=GetSecret"</a> --user "username:password"
Please assist here.
Many Thanks,
Ameya
|
|
|
0
• link
|
9/30/2011 11:07:54 AM
david c
Administrator
Posts: 22
|
Hi Ameya,
There are many ways of fetching Secret Server data through webservices. Perl, PowerShell, .NET, etc.
Curl can definitely be used.
You pass the secretId like so:
curl -v --url "<a href="http://our-secret-server-url/sswebservices/sswebservice.asmx?op=GetSecret&secretId=1"">http://our-secret-server-url/sswebservices/sswebservice.asmx?op=GetSecret&secretId=1"</a> --user "username:password"
The result will be XML.
If you want only specific information from the XML you will need to parse it or deserialize it to an object and fetch the value from the object.
You can find various examples in our Knowledge Base. For example, this post uses Perl: <a href="http://support.thycotic.com/KB/a86/accessing-secret-server-programmatically-perl-sample-script.aspx">http://support.thycotic.com/KB/a86/accessing-secret-server-programmatically-perl-sample-script.aspx</a>
--
-- Secret Server Development Team
|
|
|
0
• link
|
9/30/2011 5:33:26 PM
Ameya A
Posts: 4
|
Thanks for that David.
Yes I did saw that perl example but I don't know about perl I kept it aside 
Now If I do I am not getting any response.
I redirected the out to be xml file.
The operation was,
curl -v --url "<a href="https://secretserver.transurban.com/ss/webservices/sswebservice.asmx?op=GetSecret&secretId=1835"">https://secretserver.transurban.com/ss/webservices/sswebservice.asmx?op=GetSecret&secretId=1835"</a> --user "username:password" > 2.xml
[aagashe@tcolpdapp01 ~]$ cat 2.xml
BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
#content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
A:link { color: #336699; font-weight: bold; text-decoration: underline; }
A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
A:active { color: #336699; font-weight: bold; text-decoration: underline; }
A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
td { color: #000000; font-family: Verdana; font-size: .7em; }
h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
ul { margin-top: 10px; margin-left: 20px; }
ol { margin-top: 10px; margin-left: 20px; }
li { margin-top: 10px; color: #000000; }
font.value { color: darkblue; font: bold; }
font.key { color: darkgreen; font: bold; }
font.error { color: darkred; font: bold; }
.heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
.button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
.frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
.frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
.frmInput { font-family: Verdana; font-size: 1em; }
.intro { margin-left: -15px; }
SSWebService Web Service
SSWebService
Click here for a complete list of operations.
GetSecret
Test
To test the operation using the HTTP POST protocol, click the 'Invoke' button.
Parameter
Value
token:
secretId:
SOAP 1.1
The following is a sample SOAP 1.1 request and response. The placeholders shown need to be replaced with actual values.
POST /ss/webservices/sswebservice.asmx HTTP/1.1
Host: secretserver.transurban.com
Content-Type: text/xml; charset=utf-8
Content-Length: length
SOAPAction: "urn:thesecretserver.com/GetSecret"
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance"">http://www.w3.org/2001/XMLSchema-instance"</a> xmlns:xsd="<a href="http://www.w3.org/2001/XMLSchema"">http://www.w3.org/2001/XMLSchema"</a> xmlns:soap="<a href="http://schemas.xmlsoap.org/soap/envelope/">">http://schemas.xmlsoap.org/soap/envelope/"></a>
<soap:Body>
<GetSecret xmlns="urn:thesecretserver.com">
<token>string</token>
<secretId>int</secretId>
</GetSecret>
</soap:Body>
</soap:Envelope>
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: length
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance"">http://www.w3.org/2001/XMLSchema-instance"</a> xmlns:xsd="<a href="http://www.w3.org/2001/XMLSchema"">http://www.w3.org/2001/XMLSchema"</a> xmlns:soap="<a href="http://schemas.xmlsoap.org/soap/envelope/">">http://schemas.xmlsoap.org/soap/envelope/"></a>
<soap:Body>
<GetSecretResponse xmlns="urn:thesecretserver.com">
<GetSecretResult>
<Errors>
<string>string</string>
<string>string</string>
</Errors>
<Secret>
<Name>string</Name>
<Items>
<SecretItem xsi:nil="true" />
<SecretItem xsi:nil="true" />
</Items>
<Id>int</Id>
<SecretTypeId>int</SecretTypeId>
<FolderId>int</FolderId>
<IsWebLauncher>boolean</IsWebLauncher>
</Secret>
</GetSecretResult>
</GetSecretResponse>
</soap:Body>
</soap:Envelope>
SOAP 1.2
The following is a sample SOAP 1.2 request and response. The placeholders shown need to be replaced with actual values.
POST /ss/webservices/sswebservice.asmx HTTP/1.1
Host: secretserver.transurban.com
Content-Type: application/soap+xml; charset=utf-8
Content-Length: length
<?xml version="1.0" encoding="utf-8"?>
<soap12:Envelope xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance"">http://www.w3.org/2001/XMLSchema-instance"</a> xmlns:xsd="<a href="http://www.w3.org/2001/XMLSchema"">http://www.w3.org/2001/XMLSchema"</a> xmlns:soap12="<a href="http://www.w3.org/2003/05/soap-envelope">">http://www.w3.org/2003/05/soap-envelope"></a>
<soap12:Body>
<GetSecret xmlns="urn:thesecretserver.com">
<token>string</token>
<secretId>int</secretId>
</GetSecret>
</soap12:Body>
</soap12:Envelope>
HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: length
<?xml version="1.0" encoding="utf-8"?>
<soap12:Envelope xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance"">http://www.w3.org/2001/XMLSchema-instance"</a> xmlns:xsd="<a href="http://www.w3.org/2001/XMLSchema"">http://www.w3.org/2001/XMLSchema"</a> xmlns:soap12="<a href="http://www.w3.org/2003/05/soap-envelope">">http://www.w3.org/2003/05/soap-envelope"></a>
<soap12:Body>
<GetSecretResponse xmlns="urn:thesecretserver.com">
<GetSecretResult>
<Errors>
<string>string</string>
<string>string</string>
</Errors>
<Secret>
<Name>string</Name>
<Items>
<SecretItem xsi:nil="true" />
<SecretItem xsi:nil="true" />
</Items>
<Id>int</Id>
<SecretTypeId>int</SecretTypeId>
<FolderId>int</FolderId>
<IsWebLauncher>boolean</IsWebLauncher>
</Secret>
</GetSecretResult>
</GetSecretResponse>
</soap12:Body>
</soap12:Envelope>
HTTP GET
The following is a sample HTTP GET request and response. The placeholders shown need to be replaced with actual values.
GET /ss/webservices/sswebservice.asmx/GetSecret?token=string&secretId=string HTTP/1.1
Host: secretserver.transurban.com
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: length
<?xml version="1.0" encoding="utf-8"?>
<GetSecretResult xmlns="urn:thesecretserver.com">
<Errors>
<string>string</string>
<string>string</string>
</Errors>
<Secret>
<Name>string</Name>
<Items>
<SecretItem>
<Value>string</Value>
<Id>int</Id>
<FieldId>int</FieldId>
<FieldName>string</FieldName>
<IsFile>boolean</IsFile>
<IsNotes>boolean</IsNotes>
<IsPassword>boolean</IsPassword>
<FieldDisplayName>string</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value>string</Value>
<Id>int</Id>
<FieldId>int</FieldId>
<FieldName>string</FieldName>
<IsFile>boolean</IsFile>
<IsNotes>boolean</IsNotes>
<IsPassword>boolean</IsPassword>
<FieldDisplayName>string</FieldDisplayName>
</SecretItem>
</Items>
<Id>int</Id>
<SecretTypeId>int</SecretTypeId>
<FolderId>int</FolderId>
<IsWebLauncher>boolean</IsWebLauncher>
</Secret>
</GetSecretResult>
HTTP POST
The following is a sample HTTP POST request and response. The placeholders shown need to be replaced with actual values.
POST /ss/webservices/sswebservice.asmx/GetSecret HTTP/1.1
Host: secretserver.transurban.com
Content-Type: application/x-www-form-urlencoded
Content-Length: length
token=string&secretId=string
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: length
<?xml version="1.0" encoding="utf-8"?>
<GetSecretResult xmlns="urn:thesecretserver.com">
<Errors>
<string>string</string>
<string>string</string>
</Errors>
<Secret>
<Name>string</Name>
<Items>
<SecretItem>
<Value>string</Value>
<Id>int</Id>
<FieldId>int</FieldId>
<FieldName>string</FieldName>
<IsFile>boolean</IsFile>
<IsNotes>boolean</IsNotes>
<IsPassword>boolean</IsPassword>
<FieldDisplayName>string</FieldDisplayName>
</SecretItem>
<SecretItem>
<Value>string</Value>
<Id>int</Id>
<FieldId>int</FieldId>
<FieldName>string</FieldName>
<IsFile>boolean</IsFile>
<IsNotes>boolean</IsNotes>
<IsPassword>boolean</IsPassword>
<FieldDisplayName>string</FieldDisplayName>
</SecretItem>
</Items>
<Id>int</Id>
<SecretTypeId>int</SecretTypeId>
<FolderId>int</FolderId>
<IsWebLauncher>boolean</IsWebLauncher>
</Secret>
</GetSecretResult>
I tried operation "Authenticate" but same no reponse for node value "token".
Kindly advise.
Many thanks,
Ameya
|
|
|
0
• link
|
10/1/2011 1:53:13 AM
Ameya A
Posts: 4
|
I can confirm that webservices works, that is first authenticate to get token and then use token to have secretId but I am not sure why it doesn't work via curl?
|
|
|
0
• link
|
10/5/2011 9:38:59 AM
david c
Administrator
Posts: 22
|
Hi Ameya,
My earlier response was incorrect, commands that work are as follows:
This returns the token:
curl -v -H "Content-Type: application/x-www-form-urlencoded" -d "username={NAME}&password={PASSWORD}&organization=&domain=" --url "<a href="http://{URL">http://{URL</a> TO SS}/webservices/sswebservice.asmx/Authenticate"
This uses the token to get the Secret:
curl -v -H "Content-Type: application/x-www-form-urlencoded" -d "secretId=1&token={TOKEN}" --url "<a href="http://{URL">http://{URL</a> TO SS}/webservices/sswebservice.asmx/GetSecret"
When testing I used the Win 64 no-ssl version of Curl, obtainable along with its SSL equivalent here: <a href="http://curl.haxx.se/dlwiz/?type=bin&os=Win64">http://curl.haxx.se/dlwiz/?type=bin&os=Win64</a>
Please let us know how this works on your end.
--
-- Secret Server Development Team
|
|
|
0
• link
|
10/5/2011 10:48:50 AM
david c
Administrator
Posts: 22
|
Hi Ameya,
We have just created a KB article covering a couple different ways to interact with Secret Server's web services (installed edition). The article is located at <a href="http://support.thycotic.com/KB/a181/using-curl-with-web-services.aspx">http://support.thycotic.com/KB/a181/using-curl-with-web-services.aspx</a>
--
-- Secret Server Development Team
|
|
|
0
• link
|
10/6/2011 9:25:25 AM
Ameya A
Posts: 4
|
Thanks for that.
I did try and still it is not working.
I am logging in a support ticket as I do not wish to expose the details of server on forums.
Hope that is okay with you.
Regards,
Ameya Agashe.
|
|
|
0
• link
|
Secret Server 
Secret Server on Facebook 
Password Reset Server 
Group Management Server
Company 
Thycotic on Twitter