- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
INFOBLOX & RAPID7 NEXPOSE INTEGRATION - SESSION, LOGIN & LOGOUT TEMPLATES
Hi there,
In this post I’m going to review session, login and logout templates. Do not copy/past templates from the post, they may not work. Download templates attached to this post. The templates are provided “as-is”, please check them in you Lab environment and modify for your needs before implementing them in production.
Session template does not require a detailed description. All parameters are described in the NIOS administrator guide
| Template | Comments |
|---|---|
{
"name": "Rapid7 Session",
"version": "2.0",
"type": "REST_ENDPOINT",
"comment": "no comments",
"vendor_identifier": "Rapid7",
"path": "/api/1.1/xml",
|
Version must be set to “2.0” |
"login_template": "Rapid7_Login", "logout_template": "Rapid7_Logout", |
Login_template, Logout_template must contains exact template names (defined in a template itself, it is not a file name) |
"logout_only_at_template_end": true, "step_execution_limit": 100, "inactivity_interval": 100000, "keepalive": true, "override_path": true, "rate_limit": 0, "rate_limit_requests": 10, "rate_limit_interval": 1000, "rate_limit_reset": 1000, "retry": 0, "retry_template": 0, "timeout": 10, "logout_any_condition": true, "logout_regexp": "asd.*", "logout_status_code": 34 } |
“Step_execution_limit” defines maximum loop iteration. If you system has more than 100 sites or more 100 “real” assets per site increase this number up to a desired value (it is required only for delete operation). |
Rapid7_Login template is used for authentication because Rapid7 Nexpose doesn’t support basic authentication.
| Template | Comments |
|---|---|
{
"vendor_identifier": "Rapid7",
"version": "2.0",
"name": "Rapid7_Login",
"content_type": "text/xml",
"quoting": "XMLA",
"type": "REST_EVENT",
"event_type": ["SESSION"],
|
“version” must be set to “2.0” “event_type” should be set to [“Session”] XMLA quoting is used by default. |
"steps": [
{
"name": "login: remove basic auth headers",
"body": "${XC:ASSIGN:{H:Authorization}:{S:}}",
"operation": "NOP"
},
|
Rapid7 Nexpose does not allow to login if basic authorisation headers contains correct credentials, so set the header variable H:Authorization to empty value |
{
"name": "login: request",
"parse": "XMLA",
"operation": "POST",
"no_connection_debug": false,
"body_list": [
"",
""
]
},
|
Authenticate on Rapid7 Nexpose using LoginRequest method |
{
"name": "login: errorcheck",
"operation": "CONDITION",
"condition": {
"statements": [
{
"op": "!=",
"right": "${P:A:PARSE[[name]]}",
"left": "LoginResponse"
},
{
"op": "!=",
"right": "1",
"left": "${P:A:PARSE{{success}}}"
}
],
"condition_type": "AND",
"else_eval": "${XC:COPY:{S:SESSID}:{P:PARSE{{session-id}}}}",
"error": true
}
}
]
}
|
Check that the authentication was successful and copy the session id to S: SESSID variable. S: SESSID should be used in all API requests send to Rapid7 Nexpose. |
Rapid7_Logout template is used to terminate a session
| Template | Comments |
|---|---|
{
"vendor_identifier": "Rapid7",
"version": "2.0",
"name": "Rapid7_Logout",
"content_type": "text/xml",
"quoting": "XMLA",
"type": "REST_EVENT",
"event_type": ["SESSION"],
|
“version” must be set to “2.0” “event_type” should be set to [“Session”] XMLA quoting will be used by default. |
"steps": [
{
"name": "logout: request",
"parse": "XMLA",
"operation": "POST",
"no_connection_debug": false,
"body_list": [
"",
""
]
},
{
"operation": "CONDITION",
"name": "logout: errorcheck",
"condition": {
"statements": [
{
"op": "!=",
"right": "${P:A:PARSE[[name]]}",
"left": "LogoutResponse"
},
{
"op": "!=",
"right": "1",
"left": "${P:A:PARSE{{success}}}"
}
],
"condition_type": "AND",
"error": true
}
}
]
}
|
Send a LogoutRequest. S: SESSID is used to identify a session. Response is analysed for errors. |
Any feedback and/or questions are appreciated and very welcome.
BR,
Vadim Pavlov
