- play_arrow Overview
- play_arrow Junos XML Management Protocol and Junos XML API Overview
- play_arrow Junos XML Protocol and Junos XML Tags Overview
- XML and Junos OS Overview
- XML Overview
- XML and Junos XML Management Protocol Conventions Overview
- Map Junos OS Commands and Command Output to Junos XML Tag Elements
- Map Configuration Statements to Junos XML Tag Elements
- Using Configuration Response Tag Elements in Junos XML Protocol Requests and Configuration Changes
- play_arrow Junos XML Protocol and JSON Overview
-
- play_arrow Manage Configurations Using the Junos XML Protocol
- play_arrow Change the Configuration Using the Junos XML Protocol
- Request Configuration Changes Using the Junos XML Protocol
- Upload and Format Configuration Data in a Junos XML Protocol Session
- Upload Configuration Data as a File Using the Junos XML Protocol
- Upload Configuration Data as a Data Stream Using the Junos XML Protocol
- Define the Format of Configuration Data to Upload in a Junos XML Protocol Session
- Specify the Scope of Configuration Data to Upload in a Junos XML Protocol Session
- Replace the Configuration Using the Junos XML Protocol
- Create, Modify, or Delete Configuration Elements Using the Junos XML Protocol
- Create New Elements in Configuration Data Using the Junos XML Protocol
- Merge Elements in Configuration Data Using the Junos XML Protocol
- Replace Elements in Configuration Data Using the Junos XML Protocol
- Replace Only Updated Elements in Configuration Data Using the Junos XML Protocol
- Delete Elements in Configuration Data Using the Junos XML Protocol
- Rename Objects In Configuration Data Using the Junos XML Protocol
- Reorder Elements In Configuration Data Using the Junos XML Protocol
- Protect or Unprotect a Configuration Object Using the Junos XML Protocol
- Change a Configuration Element’s Activation State Using the Junos XML Protocol
- Change a Configuration Element’s Activation State Simultaneously with Other Changes Using the Junos XML Protocol
- Replace Patterns in Configuration Data Using the NETCONF or Junos XML Protocol
- play_arrow Commit the Configuration on a Device Using the Junos XML Protocol
- Verify Configuration Syntax Using the Junos XML Protocol
- Commit the Candidate Configuration Using the Junos XML Protocol
- Commit a Private Copy of the Configuration Using the Junos XML Protocol
- Commit a Configuration at a Specified Time Using the Junos XML Protocol
- Commit the Candidate Configuration Only After Confirmation Using the Junos XML Protocol
- Commit and Synchronize a Configuration on Redundant Control Planes Using the Junos XML Protocol
- Log a Message About a Commit Operation Using the Junos XML Protocol
- View the Configuration Revision Identifier for Determining Synchronization Status of Devices with NMS
- play_arrow Ephemeral Configuration Database
- Understanding the Ephemeral Configuration Database
- Unsupported Configuration Statements in the Ephemeral Configuration Database
- Enable and Configure Instances of the Ephemeral Configuration Database
- Commit and Synchronize Ephemeral Configuration Data Using the NETCONF or Junos XML Protocol
- Managing Ephemeral Configuration Database Space
-
- play_arrow Request Operational and Configuration Information Using the Junos XML Protocol
- play_arrow Request Operational Information Using the Junos XML Protocol
- play_arrow Request Configuration Information Using the Junos XML Protocol
- Request Configuration Data Using the Junos XML Protocol
- Specify the Source for Configuration Information Requests in a Junos XML Protocol Session
- Specify the Output Format for Configuration Data in a Junos XML Protocol Session
- Request Commit-Script-Style XML Configuration Data Using the Junos XML Protocol
- Specify the Output Format for Configuration Groups and Interface Ranges Using the Junos XML Protocol
- Request Identifier Indicators for Configuration Elements Using the Junos XML Protocol
- Request Change Indicators for Configuration Elements Using the Junos XML Protocol
- Specify the Scope of Configuration Data to Return in a Junos XML Protocol Session
- Request the Complete Configuration Using the Junos XML Protocol
- Request a Configuration Hierarchy Level or Container Object Without an Identifier Using the Junos XML Protocol
- Request All Configuration Objects of a Specific Type Using the Junos XML Protocol
- Request a Specific Number of Configuration Objects Using the Junos XML Protocol
- Request Identifiers for Configuration Objects of a Specific Type Using the Junos XML Protocol
- Request a Single Configuration Object Using the Junos XML Protocol
- Request Subsets of Configuration Objects Using Regular Expressions
- Request Multiple Configuration Elements Using the Junos XML Protocol
- Retrieve a Previous (Rollback) Configuration Using the Junos XML Protocol
- Retrieve the Rescue Configuration Using the Junos XML Protocol
- Compare the Active or Candidate Configuration to a Prior Version Using the Junos XML Protocol
- Compare Two Previous (Rollback) Configurations Using the Junos XML Protocol
- Request an XML Schema for the Configuration Hierarchy Using the Junos XML Protocol
-
- play_arrow Junos XML Protocol Utilities
- play_arrow Develop Junos XML Protocol C Client Applications
-
- play_arrow Configuration Statements and Operational Commands
Authenticate with the Junos XML Protocol Server for Cleartext or SSL Connections
A client application that uses cleartext or the SSL protocol must authenticate with the Junos XML protocol server. (Applications that use the SSH or Telnet protocol use the protocol’s built-in authentication mechanism.)
Submitting an Authentication Request
The client application begins the authentication process by emitting an
<rpc>
tag enclosing the
<request-login>
element. The
<request-login>
element encloses the
<username>
element to specify the Junos OS account
(username) under which to establish the connection. You can choose whether the
application provides the account password as part of the initial tag
sequence.
Any XML special characters in the username or password elements of a
<request-login>
RPC request must be escaped.
Special characters include: greater than (>), less than (<), single
quote ('), double quote ("), and ampersand (&). Both entity references
and character references are acceptable escape sequence formats. For
example, &
and &
are valid
representations of an ampersand.
Providing the Username and Password
An application initially provides both the username and password if:
The application automates access to Junos device information and does not interact with users.
The application obtains the password from a user before beginning the authentication process.
To provide both the username and password, the application emits the following tag sequence:
<rpc> <request-login> <username>username</username> <challenge-response>password</challenge-response> </request-login> </rpc>
Providing Only the Username
If the application instead obtains the password after the authentication process has begun, the application initially specifies only the username.
To specify only the username and omit the password, the application emits the following tag sequence:
<rpc> <request-login> <username>username</username> </request-login> </rpc>
In this case, the Junos XML protocol server returns an
<rpc-reply>
element with the
<challenge>
tag to request the password associated
with the username. The element encloses the Password:
string,
which the client application can forward to the screen as a prompt for the user.
The echo="no"
attribute specifies that the password string
typed by the user does not echo on the screen. The tag sequence is as
follows:
<rpc-reply xmlns:junos="URL"> <challenge echo="no">Password:</challenge> </rpc-reply>
The client application obtains the password and emits the following tag sequence to forward it to the Junos XML protocol server:
<rpc> <request-login> <username>username</username> <challenge-response>password</challenge-response> </request-login> </rpc>
Interpreting the Authentication Response
After it receives the username and password, the Junos XML protocol
server emits the <authentication-response>
element to indicate whether the authentication attempt is successful.
Server Response When Authentication Succeeds
If the password is correct, the authentication attempt succeeds and the Junos XML protocol server emits the following tag sequence:
<rpc-reply xmlns:junos="URL"> <authentication-response> <status>success</status> <message>username</message> <login-name>remote-username</login-name> </authentication-response> </rpc-reply>
The <message>
element contains
the Junos username under which the connection is established.
The <login-name>
element contains
the username that the client application provided to an authentication
utility such as RADIUS or TACACS+. This element appears only if the
username differs from the username contained in the <message>
element.
The Junos XML protocol session begins, as described in Starting Junos XML Protocol Sessions.
Server Response When Authentication Fails
If the password is not correct or the <request-login>
element is otherwise malformed, the authentication attempt fails
and the Junos XML protocol server emits the following tag sequence:
<rpc-reply xmlns:junos="URL"> <authentication-response> <status>fail</status> <message>error-message</message> </authentication-response> </rpc-reply>
The error-message string in the <message>
element explains why the authentication
attempt failed. The Junos XML protocol server emits the <challenge>
tag up to two more times before rejecting
the authentication attempt and closing the connection.
Change History Table
Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.
<request-login>
RPC request must be escaped.