08-03-2016 07:36 PM
Hi
I am trying to perform GetUser on an SSO website. I got a session ticket using the Authenticate function. I replaced the <webexID> and <password> tags with <sessionTicket> tag and sent the request. When I got the xml response back, it says FAILED and the reason provided was "not a valid session ticket". I also tried sending a request with only <sessionTicket> and <siteName> tags contained in the <securityContext > tag. It also returned FAILED and gave the same reason. Were my xml request formats incorrect or something else is the problem?
This is the first XML request that I sent.
<?xml version="1.0" encoding="UTF8"?>
<serv:message xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<header>
<securityContext>
<sessionTicket>AAABVk44JPIAABUYA0gAKEgyU0sAAAACaaCI8StOkdoBKVlW69zBbv3PZVwSdo6BBhS NS jt/RBSAA8U0sAAAAC8X3FCTn0thaCXFdZxLHaAmyKIii6eaf94PEij4XoXZi OZZsLxWB2t3hyiyyx6pfrcCwCITU1vpitFnASFyLho3X6kHw6MBqhsucnO1sVXuPmQ6MWsOwwGf8xnQgFVIBZmmGJ5nSt vhU9sQgbrynu9 oE4Q0EtSpNwwrlOwu8G0pZeFGEsuLW66dI8r9llOLMyM29dhgq3TmdR4jWP5QOCJ4952hkasz2Hv/V 1wbpfRkxBR19BRERJTkdfU0hBMjU2X0FMR09SSVRITV8=</sessionTicket>
<siteID>xxxxxxx</siteID>
<partnerID>xxxxxxxxxxxxxxxxxx</partnerID>
</securityContext>
</header>
<body>
<bodyContent xsi:type="java:com.webex.service.binding.user.GetUser">
<webExId>rborgoni</webExId>
</bodyContent>
</body>
</serv:message>
This is the second XML request that I sent.
<?xml version="1.0" encoding="UTF8"?>
<serv:message xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<header>
<securityContext>
<sessionTicket>AAABVk44JPIAABUYA0gAKEgyU0sAAAACaaCI8StOkdoBKVlW69zBbv3PZVwSdo6BBhS NS jt/RBSAA8U0sAAAAC8X3FCTn0thaCXFdZxLHaAmyKIii6eaf94PEij4XoXZi OZZsLxWB2t3hyiyyx6pfrcCwCITU1vpitFnASFyLho3X6kHw6MBqhsucnO1sVXuPmQ6MWsOwwGf8xnQgFVIBZmmGJ5nSt vhU9sQgbrynu9 oE4Q0EtSpNwwrlOwu8G0pZeFGEsuLW66dI8r9llOLMyM29dhgq3TmdR4jWP5QOCJ4952hkasz2Hv/V 1wbpfRkxBR19BRERJTkdfU0hBMjU2X0FMR09SSVRITV8=</sessionTicket>
<siteName>xxxxxxxxx</siteName>
</securityContext>
</header>
<body>
<bodyContent xsi:type="java:com.webex.service.binding.user.GetUser">
<webExId>rborgoni</webExId>
</bodyContent>
</body>
</serv:message>
Solved! Go to Solution.
08-09-2016 05:38 PM
Rejean,
It appears that whatever is reading back your response is stripping the + characters from the sessionTicket and replacing them with space.. when I copy your response above and paste it into a single line I can locate several spaces in the sessionTicket, when I replace those spaces with a + (plus) character your sessionTicket is valid and works fine.
note the spaces and the wrapping:
AAABVnGLTEIAABUYA0gAKEgyU0sAAAACS7uiaX0xKqJ4k0VG3ZqlUAN8EEA/wmFmX931zP3BbmFBSAA8U0sAAAAC 2cvXmNdoWYxushSH1wr50Br6/UmFHthyIQ/l70QYsanZAmdTrGTXvRi8/OGKasg07x uJV8us/fdwCfbAK5X9feZF6YMcJxNQD86 6FFdaWEESs3fRaVloYYCgz4RGY4P9xxJw81uFMsraxzk1CC zMhG6Ofs115fi ISXlTk6eetoS6QgUZ7WqpCqW9mp1o 4rO2It9YsvI1HBBBCKkcxkiDYDxEzkqEVeT7KkbKdfRkxBR19BRERJTkdfU0hBMjU2X0FMR09SSVRITV8=
fixed session ticket:
AAABVnGLTEIAABUYA0gAKEgyU0sAAAACS7uiaX0xKqJ4k0VG3ZqlUAN8EEA/wmFmX931zP3BbmFBSAA8U0sAAAAC+2cvXmNdoWYxushSH1wr50Br6/UmFHthyIQ/l70QYsanZAmdTrGTXvRi8/OGKasg07x+uJV8us/fdwCfbAK5X9feZF6YMcJxNQD86+6FFdaWEESs3fRaVloYYCgz4RGY4P9xxJw81uFMsraxzk1CC+zMhG6Ofs115fi+ISXlTk6eetoS6QgUZ7WqpCqW9mp1o+4rO2It9YsvI1HBBBCKkcxkiDYDxEzkqEVeT7KkbKdfRkxBR19BRERJTkdfU0hBMjU2X0FMR09SSVRITV8=
08-05-2016 10:05 AM
The sessionTicket is a drop in replacement for password, it does not replace both the password and webexid elements.. you need to add: <webExID>username</webExID> to your securityContext.
-Ryan
08-07-2016 08:13 PM
Hi Ryan
I tried to send these two requests but got "Not a valid session ticket" for both of them.
<?xml version="1.0" encoding="UTF8"?>
<serv:message xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<header>
<securityContext>
<webExID>rborgoni</webExID>
<sessionTicket>AAABVmgg7NYAABUYA0gAKEgyU0sAAAACiuMJ0mlJeK6VokjV3AatK8Jlorof5NOJJYod/wV4by1BSAA8U0sAAAACu6xY29jrUFCyVRYqhAECJXawKlkb3WsFrKQMkZp92ZHxt uEbYMeOwfxW7It toYg5gEo62eLztrtv8pzJ8twQHKWISY1MY4i/cEtLJXSHn9kR7YNle5FtMan8615OHoMp3RGF3NOOtBbR/yYWq9uFhyA0sAp0AjvFEaYVfdVvakrA0uJuX/AUCFq37Hd2h0NFFaDGAoR4BoxQSEQxkbbgJNFVKkKhd0vDtWaHHjDjtfRkxBR19BRERJTkdfU0hBMjU2X0FMR09SSVRITV8=</sessionTicket>
<siteID>988152</siteID>
<partnerID>ZQLlsg2_eJVQD4dOzQLX2A</partnerID>
</securityContext>
</header>
<body>
<bodyContent xsi:type="java:com.webex.service.binding.user.GetUser">
<webExId>rborgoni</webExId>
</bodyContent>
</body>
</serv:message>
<?xml version="1.0" encoding="UTF8"?>
<serv:message xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<header>
<securityContext>
<webExID>rborgoni</webExID>
<sessionTicket>AAABVmgg7NYAABUYA0gAKEgyU0sAAAACiuMJ0mlJeK6VokjV3AatK8Jlorof5NOJJYod/wV4by1BSAA8U0sAAAACu6xY29jrUFCyVRYqhAECJXawKlkb3WsFrKQMkZp92ZHxt uEbYMeOwfxW7It toYg5gEo62eLztrtv8pzJ8twQHKWISY1MY4i/cEtLJXSHn9kR7YNle5FtMan8615OHoMp3RGF3NOOtBbR/yYWq9uFhyA0sAp0AjvFEaYVfdVvakrA0uJuX/AUCFq37Hd2h0NFFaDGAoR4BoxQSEQxkbbgJNFVKkKhd0vDtWaHHjDjtfRkxBR19BRERJTkdfU0hBMjU2X0FMR09SSVRITV8=</sessionTicket>
<siteName>xxxxxxxxxx</siteName>
</securityContext>
</header>
<body>
<bodyContent xsi:type="java:com.webex.service.binding.user.GetUser">
<webExId>rborgoni</webExId>
</bodyContent>
</body>
</serv:message>
08-08-2016 11:25 AM
Are you sure thats a valid session ticket? Try requesting a fresh one or login manually and use the sessionTicket you find in your browser cookie: ticket
I used the following XML without issue:
<?xml version="1.0" encoding="UTF-8"?>
<serv:message xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<header>
<securityContext>
<siteName>XXXXXXX</siteName>
<returnAdditionalInfo>TRUE</returnAdditionalInfo>
<webExID>ryanhunt</webExID>
<sessionTicket>AXABVlulIGcAABUYA0gAKEgyU0sAAAACCdAhdrnPnImA/kBCC3flXyceUp21alnS+um2OwOoEBdBSAA8U0sAAAACr0ZIxuk9ieDiq+WjHhyAbmY9GxiJyxgx5kvIWAcNVIz/CPheLk0NuoomfoOrpja6Mo9awb4gAU85bhN9vdRofzj6ihhoDFyoA/v9Ud6wz/Io34nXwIk2AwuXoUeWosimOVaLrJhl+BTMpQdGIZiHgmvv8W8IcfomyCDWoHgkhDoOsF3NZvSEGaWEJfMBdI3dmjgXVd++LSbhZeZsDNblbOU7CkT7FB4RAo+AcdByNPJfRkxBR19BRERJTkdfU0hBMjU2X0FMR09SSVRITV8=</sessionTicket>
</securityContext>
</header>
<body>
<bodyContent xsi:type="java:com.webex.service.binding.user.GetUser">
<webExId>ryanhunt</webExId>
</bodyContent>
</body>
</serv:message>
08-08-2016 04:53 PM
When I used the ticket from my browser's logs, get user function worked fine. But when I used the ticket being returned by the authenticate function, it says "Not a valid session ticket". Also, I checked the logs on my browser's dev tools. The session ticket there (the one that worked) is different from the one being returned by the authenticate function.
Below is the response of authenticate function. I used the ticket here and I got "Not a valid session ticket".
<?xml version="1.0" encoding="UTF-8"?><serv:message xmlns:serv="http://www.webex.com/schemas/2002/06/service" xmlns:com="http://www.webex.com/schemas/2002/06/common" xmlns:use="http://www.webex.com/schemas/2002/06/service/user"><serv:header><serv:response><serv:result>SUCCESS</serv:result><serv:gsbStatus>PRIMARY</serv:gsbStatus></serv:response></serv:header><serv:body><serv:bodyContent xsi:type="use:authenticateUserResponse" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><use:sessionTicket>AAABVmyPJksAABUYA0gAKEgyU0sAAAACX5u/sgULN2neNnVBlFs2pSw2elrkly02X7ZvuQPpeX9BSAA8U0sAAAACj5TRgiVHNtJlj6Vfa72FGY0jf3v67ZaJhDb7BF GzIkOz580ttPY7YdCjzjQC8ETPkbQuyGCa4LOQeJZBE6rMQLfSIhsfje9yUL0Hk9LY7thZDCd WyuyIePF/fsEamUhypkQgDz4v /SUQQZ3yMLSKzG 3fftreKI9kHCY/7bCO95ypysuzG89iS8I3 191y5gfH2smjkFdLKx6CtuZTWnbeDUXeExxkbZX5XYwsSNfRkxBR19BRERJTkdfU0hBMjU2X0FMR09SSVRITV8=</use:sessionTicket></serv:bodyContent></serv:body></serv:message>
08-09-2016 12:06 PM
The samlResponse element in your authenticateUser request, is the nameid matching the WebExId of the user your trying to authenticate as?
08-09-2016 04:30 PM
Yes I double checked it by decoding the samlResponse. Below is the decoded samlResponse. The nameid here is rborgoni which is my webexID.
<samlp:Response Version="2.0" ID="b1CVa42im_CSERDnH9bO8LijBkz" IssueInstant="2016-08-09T23:02:10.253Z" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:idp:lachlanstg</saml:Issuer><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status><saml:Assertion ID="NuSjOl64uAp8cg_O49VJU-Hk__L" IssueInstant="2016-08-09T23:02:10.565Z" Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"><saml:Issuer>urn:idp:lachlanstg</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#NuSjOl64uAp8cg_O49VJU-Hk__L">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>gf/zAeigb/wc6WRC7olffmi3aEE=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
EFdQym6oUbI/dsugmXnpiQaCJLcSu++v4Q9fELO9GwXiNBK+cPd5DN9dYsF/zK6HDaJrpn32Pnoo
vnw9cqBv6pEUNLkuHSL7LXpvImwfQ0gONWCV9kkd/OXhLRW3LO9ZXvncRvwzJncKuqVFlpcSZ/20
MiqHzRstDHfnv7oR3e9ZKEZ53QIVuuEMA4Q/TjOaKhR+Fi/WoQ5VWjl3He1yKn8nViliMaw4fSE8
yfK4aJ2/JgEJU01XMUBxPqV5/LNEjYJbgv6P5NPii0qDv3bZ4pklnQqPxDwWyjq3ndtUPN4qESPi
gEI+x8OCaeCa/f3nueUqJjB9QycLgZj5eCQdlA==
</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIIcDCCB1igAwIBAgIKeDKzYAACAAMyyzANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQGEwJBVTEP
MA0GA1UEBxMGU3lkbmV5MR8wHQYDVQQKExZNYWNxdWFyaWUgQmFuayBMaW1pdGVkMTYwNAYDVQQD
Ey1NYWNxdWFyaWUgQmFuayBMaW1pdGVkIElzc3VpbmcgQ0EgTlRTWURBU1AxMDYwHhcNMTQxMDE0
MTEzODIyWhcNMTYwODMwMDg1MjI5WjCBjDELMAkGA1UEBhMCQVUxGDAWBgNVBAgTD05ldyBTb3V0
aCBXYWxlczEPMA0GA1UEBxMGU3lkbmV5MRwwGgYDVQQKExNNYWNxdWFyaWUgR3JvdXAgTHRkMREw
DwYDVQQLEwhTZWN1cml0eTEhMB8GA1UEAxMYU3RhZmYgRmVkZXJhdGlvbiBTdGFnaW5nMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixn0CGu8/M4txn4pdp8Km8RQfVa+cHX25/a5sPmz
P49u7YlQsRvtOexzgdwDcfUJm3hHMZcbZBtrHKsS8q4QQtGQioyVml8EaLuFNFYisaIEldVyRbXF
G54FNp03vSU9ImS/cOiM9swo+1w5JgWOF9efy7JO40LA9E7lv64COUYjFhrn+HRZuKoblL19+Sj4
9FyXexAUS29UM9PfIdY6ar1FA8cxzPqW7EkXZ0Mua3IzNnYcjMvUL9TJwoLAAz9S1Tv4Is5jupy9
UXkuJ4r8Jx9DqI3Q3ur0VekYSd5tnTI4K+no9ABCFVv7+6Q45Ec2eB0xMwlqI+phcGhGMVCX1QID
AQABo4IE5jCCBOIwHQYDVR0OBBYEFNqcEHuchjHcRLn14QnwMcCLYe9nMB8GA1UdIwQYMBaAFM6U
3G5zwoCSE/KhR9Z3QsQ5sLj0MIIB+AYDVR0fBIIB7zCCAeswggHnoIIB46CCAd+GgfpsZGFwOi8v
L2NuPU1hY3F1YXJpZSUyMEJhbmslMjBMaW1pdGVkJTIwSXNzdWluZyUyMENBJTIwTlRTWURBU1Ax
MDYoMiksY249TlRTWURJTlAxMTQ1LGNuPUNEUCxjbj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxj
bj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPXBjLERDPWludGVybmFsLERDPW1hY3F1YXJp
ZSxEQz1jb20/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERp
c3RyaWJ1dGlvblBvaW50hm9odHRwOi8vcGtpZHAxLnBjLmludGVybmFsLm1hY3F1YXJpZS5jb20v
Q2VydERhdGEvTWFjcXVhcmllJTIwQmFuayUyMExpbWl0ZWQlMjBJc3N1aW5nJTIwQ0ElMjBOVFNZ
REFTUDEwNigyKS5jcmyGb2h0dHA6Ly9wa2lkcDIucGMuaW50ZXJuYWwubWFjcXVhcmllLmNvbS9D
ZXJ0RGF0YS9NYWNxdWFyaWUlMjBCYW5rJTIwTGltaXRlZCUyMElzc3VpbmclMjBDQSUyME5UU1lE
QVNQMTA2KDIpLmNybDCCAiUGCCsGAQUFBwEBBIICFzCCAhMwgeoGCCsGAQUFBzAChoHdbGRhcDov
Ly9jbj1NYWNxdWFyaWUlMjBCYW5rJTIwTGltaXRlZCUyMElzc3VpbmclMjBDQSUyME5UU1lEQVNQ
MTA2LGNuPWFpYSxjbj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxjbj1zZXJ2aWNlcyxDTj1Db25m
aWd1cmF0aW9uLERDPXBjLERDPWludGVybmFsLERDPW1hY3F1YXJpZSxEQz1jb20/Y0FDZXJ0aWZp
Y2F0ZT9iYXNlP29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkwewYIKwYBBQUHMAKG
b2h0dHA6Ly9wa2lkcDEucGMuaW50ZXJuYWwubWFjcXVhcmllLmNvbS9DZXJ0RGF0YS9NYWNxdWFy
aWUlMjBCYW5rJTIwTGltaXRlZCUyMElzc3VpbmclMjBDQSUyME5UU1lEQVNQMTA2KDIpLmNydDB7
BggrBgEFBQcwAoZvaHR0cDovL3BraWRwMi5wYy5pbnRlcm5hbC5tYWNxdWFyaWUuY29tL0NlcnRE
YXRhL01hY3F1YXJpZSUyMEJhbmslMjBMaW1pdGVkJTIwSXNzdWluZyUyMENBJTIwTlRTWURBU1Ax
MDYoMikuY3J0MCoGCCsGAQUFBzABhh5odHRwOi8vbWdsb2NzcC5sYi5tYWNiYW5rL29jc3AwCwYD
VR0PBAQDAgWgMDwGCSsGAQQBgjcVBwQvMC0GJSsGAQQBgjcVCL3BToGBjXGEkZsphY+gbIPGnnFA
gcn4DYbyqgkCAWQCAQQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGwYJKwYBBAGCNxUKBA4wDDAKBggr
BgEFBQcDATANBgkqhkiG9w0BAQUFAAOCAQEAe3I4t2gc44krJcIISXYIf29PmORpgO4YF3SZnxPT
UdOISYRuSVUA9pMVOvz7x3OVe1N8nunWVWL2E5EvHFCoZZgWUnY+BCw3/QAYVOUwQB1g1KbthvJg
/Q7npcWyVSW6hUNBXteM+ai9GZjj6ZR/CXriLnl9yjd2iF/kAV1qxMAaDxXMEF0MImorhp8AKK0o
k/1NmTXOliDV44TzPJtwycDX0RY7qJOaI4ylBQIYBy0ijbWsbESacwEDaLrBf4T9ACqYcuMwEqBU
lZBvj3hvQVfwHUhp2RHsf07+0kGJHifp+q9us/dKlKKJ/+YmanKuofxIYyojpk91P6DXEF2kVA==
</ds:X509Certificate>
</ds:X509Data>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>
ixn0CGu8/M4txn4pdp8Km8RQfVa+cHX25/a5sPmzP49u7YlQsRvtOexzgdwDcfUJm3hHMZcbZBtr
HKsS8q4QQtGQioyVml8EaLuFNFYisaIEldVyRbXFG54FNp03vSU9ImS/cOiM9swo+1w5JgWOF9ef
y7JO40LA9E7lv64COUYjFhrn+HRZuKoblL19+Sj49FyXexAUS29UM9PfIdY6ar1FA8cxzPqW7EkX
Z0Mua3IzNnYcjMvUL9TJwoLAAz9S1Tv4Is5jupy9UXkuJ4r8Jx9DqI3Q3ur0VekYSd5tnTI4K+no
9ABCFVv7+6Q45Ec2eB0xMwlqI+phcGhGMVCX1Q==
</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature><saml:Subject><saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">rborgoni</saml:NameID><saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData Recipient="https://siteName.webex.com/dispatcher/SAML2AuthService.do?siteurl=siteName" NotOnOrAfter="2016-08-09T23:07:10.565Z"/></saml:SubjectConfirmation></saml:Subject><saml:Conditions NotBefore="2016-08-09T22:57:10.565Z" NotOnOrAfter="2016-08-09T23:07:10.565Z"><saml:AudienceRestriction><saml:Audience>siteName.webex.com</saml:Audience></saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement SessionIndex="NuSjOl64uAp8cg_O49VJU-Hk__L" AuthnInstant="2016-08-09T23:02:10.565Z"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement><saml:AttributeStatement><saml:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">rborgoni</saml:AttributeValue></saml:Attribute><saml:Attribute Name="firstname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">firstName</saml:AttributeValue></saml:Attribute><saml:Attribute Name="updateTimeStamp" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">20160807231026.0Z</saml:AttributeValue></saml:Attribute><saml:Attribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">firstNamelastName@testmail.com</saml:AttributeValue></saml:Attribute><saml:Attribute Name="lastname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">lastName</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion></samlp:Response>
Below is the request I'm sending using authenticate function. The saml here is the one posted above.
<?xml version="1.0" encoding="UTF-8"?>
<serv:message xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:serv="http://www.webex.com/schemas/2002/06/service">
<serv:header>
<serv:securityContext>
<com:webExID>rborgoni</com:webExID>
<com:siteName>siteName</com:siteName>
</serv:securityContext>
</serv:header>
<serv:body>
<serv:bodyContent xsi:type="java:com.webex.xmlapi.service.binding.user.AuthenticateUser">
<protocol>SAML2.0</protocol>
<use:samlResponse>
PHNhbWxwOlJlc3BvbnNlIFZlcnNpb249IjIuMCIgSUQ9ImIxQ1ZhNDJpbV9DU0VSRG5IOWJPOExpakJreiIgSXNzdWVJbnN0YW50PSIyMDE2LTA4LTA5VDIzOjAyOjEwLjI1M1oiIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiPjxzYW1sOklzc3VlciB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj51cm46aWRwOmxhY2hsYW5zdGc8L3NhbWw6SXNzdWVyPjxzYW1scDpTdGF0dXM+PHNhbWxwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2FtbHA6U3RhdHVzPjxzYW1sOkFzc2VydGlvbiBJRD0iTnVTak9sNjR1QXA4Y2dfTzQ5VkpVLUhrX19MIiBJc3N1ZUluc3RhbnQ9IjIwMTYtMDgtMDlUMjM6MDI6MTAuNTY1WiIgVmVyc2lvbj0iMi4wIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDpJc3N1ZXI+dXJuOmlkcDpsYWNobGFuc3RnPC9zYW1sOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj4KPGRzOlNpZ25lZEluZm8+CjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4KPGRzOlJlZmVyZW5jZSBVUkk9IiNOdVNqT2w2NHVBcDhjZ19PNDlWSlUtSGtfX0wiPgo8ZHM6VHJhbnNmb3Jtcz4KPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+CjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KPC9kczpUcmFuc2Zvcm1zPgo8ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz4KPGRzOkRpZ2VzdFZhbHVlPmdmL3pBZWlnYi93YzZXUkM3b2xmZm1pM2FFRT08L2RzOkRpZ2VzdFZhbHVlPgo8L2RzOlJlZmVyZW5jZT4KPC9kczpTaWduZWRJbmZvPgo8ZHM6U2lnbmF0dXJlVmFsdWU+CkVGZFF5bTZvVWJJL2RzdWdtWG5waVFhQ0pMY1N1Kyt2NFE5ZkVMTzlHd1hpTkJLK2NQZDVETjlkWXNGL3pLNkhEYUpycG4zMlBub28Kdm53OWNxQnY2cEVVTkxrdUhTTDdMWHB2SW13ZlEwZ09OV0NWOWtrZC9PWGhMUlczTE85Wlh2bmNSdnd6Sm5jS3VxVkZscGNTWi8yMApNaXFIelJzdERIZm52N29SM2U5WktFWjUzUUlWdXVFTUE0US9Uak9hS2hSK0ZpL1dvUTVWV2psM0hlMXlLbjhuVmlsaU1hdzRmU0U4CnlmSzRhSjIvSmdFSlUwMVhNVUJ4UHFWNS9MTkVqWUpiZ3Y2UDVOUGlpMHFEdjNiWjRwa2xuUXFQeER3V3lqcTNuZHRVUE40cUVTUGkKZ0VJK3g4T0NhZUNhL2YzbnVlVXFKakI5UXljTGdaajVlQ1FkbEE9PQo8L2RzOlNpZ25hdHVyZVZhbHVlPgo8ZHM6S2V5SW5mbz4KPGRzOlg1MDlEYXRhPgo8ZHM6WDUwOUNlcnRpZmljYXRlPgpNSUlJY0RDQ0IxaWdBd0lCQWdJS2VES3pZQUFDQUFNeXl6QU5CZ2txaGtpRzl3MEJBUVVGQURCM01Rc3dDUVlEVlFRR0V3SkJWVEVQCk1BMEdBMVVFQnhNR1UzbGtibVY1TVI4d0hRWURWUVFLRXhaTllXTnhkV0Z5YVdVZ1FtRnVheUJNYVcxcGRHVmtNVFl3TkFZRFZRUUQKRXkxTllXTnhkV0Z5YVdVZ1FtRnVheUJNYVcxcGRHVmtJRWx6YzNWcGJtY2dRMEVnVGxSVFdVUkJVMUF4TURZd0hoY05NVFF4TURFMApNVEV6T0RJeVdoY05NVFl3T0RNd01EZzFNakk1V2pDQmpERUxNQWtHQTFVRUJoTUNRVlV4R0RBV0JnTlZCQWdURDA1bGR5QlRiM1YwCmFDQlhZV3hsY3pFUE1BMEdBMVVFQnhNR1UzbGtibVY1TVJ3d0dnWURWUVFLRXhOTllXTnhkV0Z5YVdVZ1IzSnZkWEFnVEhSa01SRXcKRHdZRFZRUUxFd2hUWldOMWNtbDBlVEVoTUI4R0ExVUVBeE1ZVTNSaFptWWdSbVZrWlhKaGRHbHZiaUJUZEdGbmFXNW5NSUlCSWpBTgpCZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFpeG4wQ0d1OC9NNHR4bjRwZHA4S204UlFmVmErY0hYMjUvYTVzUG16ClA0OXU3WWxRc1J2dE9leHpnZHdEY2ZVSm0zaEhNWmNiWkJ0ckhLc1M4cTRRUXRHUWlveVZtbDhFYUx1Rk5GWWlzYUlFbGRWeVJiWEYKRzU0Rk5wMDN2U1U5SW1TL2NPaU05c3dvKzF3NUpnV09GOWVmeTdKTzQwTEE5RTdsdjY0Q09VWWpGaHJuK0hSWnVLb2JsTDE5K1NqNAo5RnlYZXhBVVMyOVVNOVBmSWRZNmFyMUZBOGN4elBxVzdFa1haME11YTNJek5uWWNqTXZVTDlUSndvTEFBejlTMVR2NElzNWp1cHk5ClVYa3VKNHI4Sng5RHFJM1EzdXIwVmVrWVNkNXRuVEk0SytubzlBQkNGVnY3KzZRNDVFYzJlQjB4TXdscUkrcGhjR2hHTVZDWDFRSUQKQVFBQm80SUU1akNDQk9Jd0hRWURWUjBPQkJZRUZOcWNFSHVjaGpIY1JMbjE0UW53TWNDTFllOW5NQjhHQTFVZEl3UVlNQmFBRk02VQozRzV6d29DU0UvS2hSOVozUXNRNXNMajBNSUlCK0FZRFZSMGZCSUlCN3pDQ0Flc3dnZ0hub0lJQjQ2Q0NBZCtHZ2Zwc1pHRndPaTh2CkwyTnVQVTFoWTNGMVlYSnBaU1V5TUVKaGJtc2xNakJNYVcxcGRHVmtKVEl3U1hOemRXbHVaeVV5TUVOQkpUSXdUbFJUV1VSQlUxQXgKTURZb01pa3NZMjQ5VGxSVFdVUkpUbEF4TVRRMUxHTnVQVU5FVUN4amJqMVFkV0pzYVdNbE1qQkxaWGtsTWpCVFpYSjJhV05sY3l4agpiajFUWlhKMmFXTmxjeXhEVGoxRGIyNW1hV2QxY21GMGFXOXVMRVJEUFhCakxFUkRQV2x1ZEdWeWJtRnNMRVJEUFcxaFkzRjFZWEpwClpTeEVRejFqYjIwL1kyVnlkR2xtYVdOaGRHVlNaWFp2WTJGMGFXOXVUR2x6ZEQ5aVlYTmxQMjlpYW1WamRFTnNZWE56UFdOU1RFUnAKYzNSeWFXSjFkR2x2YmxCdmFXNTBobTlvZEhSd09pOHZjR3RwWkhBeExuQmpMbWx1ZEdWeWJtRnNMbTFoWTNGMVlYSnBaUzVqYjIwdgpRMlZ5ZEVSaGRHRXZUV0ZqY1hWaGNtbGxKVEl3UW1GdWF5VXlNRXhwYldsMFpXUWxNakJKYzNOMWFXNW5KVEl3UTBFbE1qQk9WRk5aClJFRlRVREV3TmlneUtTNWpjbXlHYjJoMGRIQTZMeTl3YTJsa2NESXVjR011YVc1MFpYSnVZV3d1YldGamNYVmhjbWxsTG1OdmJTOUQKWlhKMFJHRjBZUzlOWVdOeGRXRnlhV1VsTWpCQ1lXNXJKVEl3VEdsdGFYUmxaQ1V5TUVsemMzVnBibWNsTWpCRFFTVXlNRTVVVTFsRQpRVk5RTVRBMktESXBMbU55YkRDQ0FpVUdDQ3NHQVFVRkJ3RUJCSUlDRnpDQ0FoTXdnZW9HQ0NzR0FRVUZCekFDaG9IZGJHUmhjRG92Ckx5OWpiajFOWVdOeGRXRnlhV1VsTWpCQ1lXNXJKVEl3VEdsdGFYUmxaQ1V5TUVsemMzVnBibWNsTWpCRFFTVXlNRTVVVTFsRVFWTlEKTVRBMkxHTnVQV0ZwWVN4amJqMVFkV0pzYVdNbE1qQkxaWGtsTWpCVFpYSjJhV05sY3l4amJqMXpaWEoyYVdObGN5eERUajFEYjI1bQphV2QxY21GMGFXOXVMRVJEUFhCakxFUkRQV2x1ZEdWeWJtRnNMRVJEUFcxaFkzRjFZWEpwWlN4RVF6MWpiMjAvWTBGRFpYSjBhV1pwClkyRjBaVDlpWVhObFAyOWlhbVZqZEVOc1lYTnpQV05sY25ScFptbGpZWFJwYjI1QmRYUm9iM0pwZEhrd2V3WUlLd1lCQlFVSE1BS0cKYjJoMGRIQTZMeTl3YTJsa2NERXVjR011YVc1MFpYSnVZV3d1YldGamNYVmhjbWxsTG1OdmJTOURaWEowUkdGMFlTOU5ZV054ZFdGeQphV1VsTWpCQ1lXNXJKVEl3VEdsdGFYUmxaQ1V5TUVsemMzVnBibWNsTWpCRFFTVXlNRTVVVTFsRVFWTlFNVEEyS0RJcExtTnlkREI3CkJnZ3JCZ0VGQlFjd0FvWnZhSFIwY0RvdkwzQnJhV1J3TWk1d1l5NXBiblJsY201aGJDNXRZV054ZFdGeWFXVXVZMjl0TDBObGNuUkUKWVhSaEwwMWhZM0YxWVhKcFpTVXlNRUpoYm1zbE1qQk1hVzFwZEdWa0pUSXdTWE56ZFdsdVp5VXlNRU5CSlRJd1RsUlRXVVJCVTFBeApNRFlvTWlrdVkzSjBNQ29HQ0NzR0FRVUZCekFCaGg1b2RIUndPaTh2Yldkc2IyTnpjQzVzWWk1dFlXTmlZVzVyTDI5amMzQXdDd1lEClZSMFBCQVFEQWdXZ01Ed0dDU3NHQVFRQmdqY1ZCd1F2TUMwR0pTc0dBUVFCZ2pjVkNMM0JUb0dCalhHRWtac3BoWStnYklQR25uRkEKZ2NuNERZYnlxZ2tDQVdRQ0FRUXdFd1lEVlIwbEJBd3dDZ1lJS3dZQkJRVUhBd0V3R3dZSkt3WUJCQUdDTnhVS0JBNHdEREFLQmdncgpCZ0VGQlFjREFUQU5CZ2txaGtpRzl3MEJBUVVGQUFPQ0FRRUFlM0k0dDJnYzQ0a3JKY0lJU1hZSWYyOVBtT1JwZ080WUYzU1pueFBUClVkT0lTWVJ1U1ZVQTlwTVZPdno3eDNPVmUxTjhudW5XVldMMkU1RXZIRkNvWlpnV1VuWStCQ3czL1FBWVZPVXdRQjFnMUtidGh2SmcKL1E3bnBjV3lWU1c2aFVOQlh0ZU0rYWk5R1pqajZaUi9DWHJpTG5sOXlqZDJpRi9rQVYxcXhNQWFEeFhNRUYwTUltb3JocDhBS0swbwprLzFObVRYT2xpRFY0NFR6UEp0d3ljRFgwUlk3cUpPYUk0eWxCUUlZQnkwaWpiV3NiRVNhY3dFRGFMckJmNFQ5QUNxWWN1TXdFcUJVCmxaQnZqM2h2UVZmd0hVaHAyUkhzZjA3KzBrR0pIaWZwK3E5dXMvZEtsS0tKLytZbWFuS3VvZnhJWXlvanBrOTFQNkRYRUYya1ZBPT0KPC9kczpYNTA5Q2VydGlmaWNhdGU+CjwvZHM6WDUwOURhdGE+CjxkczpLZXlWYWx1ZT4KPGRzOlJTQUtleVZhbHVlPgo8ZHM6TW9kdWx1cz4KaXhuMENHdTgvTTR0eG40cGRwOEttOFJRZlZhK2NIWDI1L2E1c1BtelA0OXU3WWxRc1J2dE9leHpnZHdEY2ZVSm0zaEhNWmNiWkJ0cgpIS3NTOHE0UVF0R1Fpb3lWbWw4RWFMdUZORllpc2FJRWxkVnlSYlhGRzU0Rk5wMDN2U1U5SW1TL2NPaU05c3dvKzF3NUpnV09GOWVmCnk3Sk80MExBOUU3bHY2NENPVVlqRmhybitIUlp1S29ibEwxOStTajQ5RnlYZXhBVVMyOVVNOVBmSWRZNmFyMUZBOGN4elBxVzdFa1gKWjBNdWEzSXpOblljak12VUw5VEp3b0xBQXo5UzFUdjRJczVqdXB5OVVYa3VKNHI4Sng5RHFJM1EzdXIwVmVrWVNkNXRuVEk0Sytubwo5QUJDRlZ2Nys2UTQ1RWMyZUIweE13bHFJK3BoY0doR01WQ1gxUT09CjwvZHM6TW9kdWx1cz4KPGRzOkV4cG9uZW50PkFRQUI8L2RzOkV4cG9uZW50Pgo8L2RzOlJTQUtleVZhbHVlPgo8L2RzOktleVZhbHVlPgo8L2RzOktleUluZm8+CjwvZHM6U2lnbmF0dXJlPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQiPnJib3Jnb25pPC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgUmVjaXBpZW50PSJodHRwczovL21nbHVhdC53ZWJleC5jb20vZGlzcGF0Y2hlci9TQU1MMkF1dGhTZXJ2aWNlLmRvP3NpdGV1cmw9bWdsdWF0IiBOb3RPbk9yQWZ0ZXI9IjIwMTYtMDgtMDlUMjM6MDc6MTAuNTY1WiIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE2LTA4LTA5VDIyOjU3OjEwLjU2NVoiIE5vdE9uT3JBZnRlcj0iMjAxNi0wOC0wOVQyMzowNzoxMC41NjVaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPm1nbHVhdC53ZWJleC5jb208L3NhbWw6QXVkaWVuY2U+PC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgU2Vzc2lvbkluZGV4PSJOdVNqT2w2NHVBcDhjZ19PNDlWSlUtSGtfX0wiIEF1dGhuSW5zdGFudD0iMjAxNi0wOC0wOVQyMzowMjoxMC41NjVaIj48c2FtbDpBdXRobkNvbnRleHQ+PHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6dW5zcGVjaWZpZWQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PC9zYW1sOkF1dGhuQ29udGV4dD48L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJ1aWQiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSI+cmJvcmdvbmk8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iZmlyc3RuYW1lIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiPlJlamVhbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSBOYW1lPSJ1cGRhdGVUaW1lU3RhbXAiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSI+MjAxNjA4MDcyMzEwMjYuMFo8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iZW1haWwiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSI+UmVqZWFuLkJvcmdvbmlhQG1hY3F1YXJpZS5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0ibGFzdG5hbWUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSI+Qm9yZ29uaWE8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4=</use:samlResponse>
</serv:bodyContent>
</serv:body>
</serv:message>
When I sent that using authenticate, I got this as response.
<?xml version="1.0" encoding="UTF-8"?><serv:message xmlns:serv="http://www.webex.com/schemas/2002/06/service" xmlns:com="http://www.webex.com/schemas/2002/06/common" xmlns:use="http://www.webex.com/schemas/2002/06/service/user"><serv:header><serv:response><serv:result>SUCCESS</serv:result><serv:gsbStatus>PRIMARY</serv:gsbStatus></serv:response></serv:header><serv:body><serv:bodyContent xsi:type="use:authenticateUserResponse" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><use:sessionTicket>AAABVnGLTEIAABUYA0gAKEgyU0sAAAACS7uiaX0xKqJ4k0VG3ZqlUAN8EEA/wmFmX931zP3BbmFBSAA8U0sAAAAC 2cvXmNdoWYxushSH1wr50Br6/UmFHthyIQ/l70QYsanZAmdTrGTXvRi8/OGKasg07x uJV8us/fdwCfbAK5X9feZF6YMcJxNQD86 6FFdaWEESs3fRaVloYYCgz4RGY4P9xxJw81uFMsraxzk1CC zMhG6Ofs115fi ISXlTk6eetoS6QgUZ7WqpCqW9mp1o 4rO2It9YsvI1HBBBCKkcxkiDYDxEzkqEVeT7KkbKdfRkxBR19BRERJTkdfU0hBMjU2X0FMR09SSVRITV8=</use:sessionTicket></serv:bodyContent></serv:body></serv:message>
The ticket in the response doesn't work. It gives me error of "Not a valid session ticket". When I checked my browser's logs, the ticket (which worked for my get user) is different from the one returned by authenticate. Below is the ticket from the browser.
AAABVnGKtloAABUYA0gAKEgyU0sAAAACR6c4B8lbY4Bg7H2Swk1zbHzh0KIAo3JB7dqAJIayuUdBSAA8U0sAAAACpYhEYK91TP+OloHcaK77IQsvHMK3pg9IBJL6QKgHgGOny9PqcLPIZEs9xD4HegXK0Ti5ofTfSHsYBAap5pzuuznMNw4mAhyQoNNlnc/Q6D0bfpQZPMbdetgg6eTU7lBHe6iFy6ouwJIk+5kMduJd76hWohrZu8iKE/uJXY771ZKl+A1stfhxn3E8S9JLeiDDCyy/7hGcDHlRQ/Wy5nyPAqd9VQVxBF084PuHLg3MWrJfRkxBR19BRERJTkdfU0hBMjU2X0FMR09SSVRITV8=
08-09-2016 05:38 PM
Rejean,
It appears that whatever is reading back your response is stripping the + characters from the sessionTicket and replacing them with space.. when I copy your response above and paste it into a single line I can locate several spaces in the sessionTicket, when I replace those spaces with a + (plus) character your sessionTicket is valid and works fine.
note the spaces and the wrapping:
AAABVnGLTEIAABUYA0gAKEgyU0sAAAACS7uiaX0xKqJ4k0VG3ZqlUAN8EEA/wmFmX931zP3BbmFBSAA8U0sAAAAC 2cvXmNdoWYxushSH1wr50Br6/UmFHthyIQ/l70QYsanZAmdTrGTXvRi8/OGKasg07x uJV8us/fdwCfbAK5X9feZF6YMcJxNQD86 6FFdaWEESs3fRaVloYYCgz4RGY4P9xxJw81uFMsraxzk1CC zMhG6Ofs115fi ISXlTk6eetoS6QgUZ7WqpCqW9mp1o 4rO2It9YsvI1HBBBCKkcxkiDYDxEzkqEVeT7KkbKdfRkxBR19BRERJTkdfU0hBMjU2X0FMR09SSVRITV8=
fixed session ticket:
AAABVnGLTEIAABUYA0gAKEgyU0sAAAACS7uiaX0xKqJ4k0VG3ZqlUAN8EEA/wmFmX931zP3BbmFBSAA8U0sAAAAC+2cvXmNdoWYxushSH1wr50Br6/UmFHthyIQ/l70QYsanZAmdTrGTXvRi8/OGKasg07x+uJV8us/fdwCfbAK5X9feZF6YMcJxNQD86+6FFdaWEESs3fRaVloYYCgz4RGY4P9xxJw81uFMsraxzk1CC+zMhG6Ofs115fi+ISXlTk6eetoS6QgUZ7WqpCqW9mp1o+4rO2It9YsvI1HBBBCKkcxkiDYDxEzkqEVeT7KkbKdfRkxBR19BRERJTkdfU0hBMjU2X0FMR09SSVRITV8=
08-09-2016 09:04 PM
I replaced the spaces with + and it worked. Thanks so much!!
Would you know the possible causes why the + is being skipped?
08-10-2016 10:08 AM
The program your using to read the response thinks the plus sign is an encoded space, many times a space in a URL is encoded as a plus sign.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide