Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
759
Views
15
Helpful
5
Replies

SSO with third-party chat client using CAXL

ilyageller
Level 1
Level 1

‎03-13-2022 08:10 AM

Hi,

I'm trying to implement a third-party chat application using the CAXL library, that will integrate into my web application.

I have looked into the basic chat demo that is available in the Jabber SDK docs, and played around with it, and so far I have managed to log in with an existing Presence user that has a username and a password, since the CAXL library uses the "jabberwerx.Client" api to connect to the presence server.

This "jabberwerx.Client", according to the docs, requires a username, password, and additional arguments.

 

My UC infrastructure uses SSO to log in to all the services, and I would like to be able to log in to the chat application with an LDAP user that uses SSO, and not a username+password.

 

Does the jabber SDK, and specifically the CAXL library support SSO as login method?

Any docs on the matter would be appreciated.

 

Thanks.

Labels:
0 Helpful
5 Replies 5

dstaudt
Cisco Employee
Cisco Employee

‎03-14-2022 12:11 PM

Unfortunately, CAXL does not support SSO.  As a pure-JS library it could probably be extended to do so, but so far it has not happened...

ilyageller
Level 1
Level 1
In response to dstaudt

‎03-15-2022 06:38 AM

That's too bad.

If I do need that functionality anyway, what would you say is the best way to try implementing it?

So far I've looked into the authentication flow code and figured I'd have to implement a new SASL auth mechanism (currently only 'PLAIN' and 'Digest MD5' are implemented) but modifying the bundled library without the source code available seems dumb.

Also obtaining an SSO token would require a redirect from my app to the auth provider, which is a problem as well.

0 Helpful

dstaudt
Cisco Employee
Cisco Employee
In response to ilyageller

‎03-15-2022 12:36 PM

A few clues I've gathered over the years if you feel adventurous...

The token type for CUCM SSO should be 'CISCO-VTG-TOKEN' i.e. vs. 'PLAIN' or 'DIGEST-MD5'

Obtaining a CUCM SSO token is a known quantity: https://developer.cisco.com/site/sso/
You can configure an OAuth redirect URL on IM&P: Screenshot-20220315142720-361x133.png

 

As I understand it, the CAXL download contains all of the unbundled/debug JS code - there is no additional source code.

I do have this snippet of code which purported to extend CAXL to implement SSO for the old Webex Connect XMPP-based cloud product.  This could possibly be modified/inserted into the CAXL library to work for IM&P... (attached)

 

 

Example of WEBEX-TOKEN.zip

ilyageller
Level 1
Level 1
In response to dstaudt

‎03-15-2022 02:31 PM

Thank you so much for pointing me at the right direction.

I have experimented with obtaining an SSO token while trying to use the Jabber SDK to implement voice and video functionality so this should not be much different.

I will look into everything you said and play around with it, see if I can get it working.

 

I'll post an update here if I manage to get it done. Thanks!

mukul chauhan
Spotlight
Spotlight

‎06-12-2024 11:39 PM

hi @ilyageller have you get any Solution.

0 Helpful
Customers Also Viewed These Support Documents