cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Authenticating an Agent when they are already logged on

360
Views
0
Helpful
0
Comments
This document was generated from CDN thread

Created by: Dale Gantous on 12-12-2012 03:40:03 PM
We have an application that starts a peripheral monitor on an Agent Instrument and logs on the Agent if necessary. We prompt for Agent ID, Password and Instrument, just like the Agent Desktop. We are using Protocol v13.
 
When we issue the SET_AGENT_STATE_REQ message with state AGENT_STATE_LOGIN, if the Agent wasn't logged on everything works perfectly. If however the Agent is already logged on (to this instrument), then we get back a CF_SPECIFIED_AGENT_ALREADY_SIGNED_ON error code. We get this same code back whether the password specified is correct or not.
 
According to the document "Cisco Unified Contact Center Express CTI Protocol Developer Guide, Release 8.0(1) September 2010.pdf", in the section "Agent Authentication Without Agent State Change", you can authenticate an agent without affecting state by sending a SET_AGENT_STATE_REQ message, passing in the state AGENT_STATE_LOGIN, the Agent ID and Password, an AgentExtension of "unknown" and a ForcedFlag value of 2.
 
Well, there is no AgentExtension field in this message. I tried all this with "unknown" in the AgentInstrument field, and that didn't work. I tried the actual instrument number in the AgentInstrument field, and all I get back, again, is the CF_SPECIFIED_AGENT_ALREADY_SIGNED_ON error, regardless of whether a valid password is passed or not.
 
No matter what the ForceFlag value is, 0, 1, or 2, the same result happens. The Agent is logged on if he was not, and the call returns CF_SPECIFIED_AGENT_ALREADY_SIGNED_ON if he was already logged on, regardless of password supplied.
 
How can I validate the agent credentials when the Agent is already logged on? Surely I don't have to cache the passwords myself.
 
Thanks for any help...

Subject: RE: New Message from Dale Gantous in CTI Server Protocol (GED-188) - CTI Se
Replied by: Dale Gantous on 13-12-2012 09:45:23 AM
David Lender:
Have you tried QUERY_AGENT_STATE_REQ with just the AgentID before trying the SET_AGENT_STATE_REQ?

 
Thanks for replying so quickly!
 
 
No, I haven't tried that.
 
Current Logic is:
 
1) MONITOR_START_REQ
2) MONITOR_START_CONF -> SET_AGENT_STATE_REQ (AGENT_STATE_LOGIN)
    a) SET_AGENT_STATE_CONF -> QUERY_DEVICE_INFO_REQ
or
    b) FAILURE_CONF (CF_SPECIFIED_AGENT_ALREADY_SIGNED_ON) -> SET_AGENT_STATE_REQ  (AGENT_STATE_LOGIN, ForcedFlag = 2)
 
Infinite loop.
 
Are you saying to check the agent state so that if they're already logged on I shouldn't call SET_AGENT_STATE_REQ with AGENT_STATE_LOGIN? If so, how do I validate the credentials?
Or, are you saying that doing a QUERY_AGENT_STATE_REQ before the SET_AGENT_STATE_REQ will somehow fix the server to return the correct result?

Subject: RE: New Message from Dale Gantous in CTI Server Protocol (GED-188) - CTI Se
Replied by: David Lender on 13-12-2012 09:06:57 AM
Have you tried QUERY_AGENT_STATE_REQ with just the AgentID before trying the SET_AGENT_STATE_REQ?

Subject: RE: New Message from Dale Gantous in CTI Server Protocol (GED-188) - CTI Se
Replied by: David Lender on 13-12-2012 10:01:57 AM
If you specify only agentID on the QUERY_AGENT_STATE_REQ and if the agent is logged in you should receive the extension on the QUERY_AGENT_STATE_CONF.  If the agent is not logged in then do the SET_AGENT_STATE_REQ.

Subject: RE: New Message from Dale Gantous in CTI Server Protocol (GED-188) - CTI Se
Replied by: Dale Gantous on 13-12-2012 10:38:45 AM
David Lender:
If you specify only agentID on the QUERY_AGENT_STATE_REQ and if the agent is logged in you should receive the extension on the QUERY_AGENT_STATE_CONF. If the agent is not logged in then do the SET_AGENT_STATE_REQ.

 
That's great, but I also want to validate the password even though the agent is already logged on. We prompt for credentials and don't want anybody to be able to steal an already-logged-in agent session unless they are that agent. How do I do that?
 
The Cisco Agent Desktop can do this, but I imagine that's because it's a dedicated client app and is using OPEN_REQ as the one agent it wants to control. We're a web-based server app monitoring multiple agents over one connection to the CTI server.
 

Subject: RE: New Message from Dale Gantous in CTI Server Protocol (GED-188) - CTI Se
Replied by: David Lender on 13-12-2012 11:04:18 AM
I don’t know of any way for password validation without actually logging in the agent.

Subject: RE: New Message from Dale Gantous in CTI Server Protocol (GED-188) - CTI Se
Replied by: David Lender on 13-12-2012 12:33:57 PM
There is a “forced flag” you can set in the SET_AGENT_STATE_REQ message which you set to 2 = Agent authentication only. No agent
state change. Use with
AGENT_STATE_LOGIN

Subject: RE: New Message from Dale Gantous in CTI Server Protocol (GED-188) - CTI Se
Replied by: Dale Gantous on 13-12-2012 12:07:52 PM
David Lender:
I don’t know of any way for password validation without actually logging in the agent.

 
The document  "Cisco Unified Contact Center Express CTI Protocol Developer Guide, Release 8.0(1) September 2010.pdf" (in the section "Agent Authentication Without Agent State Change", page 5-5) specifically says you can do this, but the parameters it specifies (e.g. AgentExtension, Reserved) are not present in the SET_AGENT_STATE_REQ message.
 
The Cisco Agent Desktop can do this. If I log on as a particular agent on one computer and then run the Agent Desktop on another computer, I can log in again as the same agent via Agent Desktop and if I don't specify the correct password it rejects the login.
 
Therefore it is possible to do this, but the documentation is wrong. Is there any way to find out the correct way to do this?

Subject: RE: New Message from Dale Gantous in CTI Server Protocol (GED-188) - CTI Se
Replied by: Dale Gantous on 13-12-2012 02:49:18 PM
David Lender:
There is a “forced flag” you can set in the SET_AGENT_STATE_REQ message which you set to 2 = Agent authentication only. No agent
state change. Use with
AGENT_STATE_LOGIN

 
That was the first thing I had tried. I get back CF_SPECIFIED_AGENT_ALREADY_SIGNED_ON regardless of whether I pass the correct password or a bogus one. Is there something special I need to put in any other parameter? I'm passing the PeripheralID, AGENT_STATE_LOGIN, AWM_UNSPECIFIED, NumSkillGroups=0, EventReasonCode=0, ForcedFlag=2, AgentServiceReq=0, AgentInstrument/ID/Password.

Subject: RE: New Message from David Lender in CTI Server Protocol (GED-188) - CTI Se
Replied by: David Lender on 19-12-2012 09:37:56 AM
The parameter forced flag is implemented in the Protocol, but just not used in the application layer.
This parameter is not used in CTI Server, and it is currently reserved for future use.

So, there is no way to authenticate an agent only using CTI Server protocol.

Subject: RE: Authenticating an Agent when they are already logged on
Replied by: Dale Gantous on 19-12-2012 10:31:12 AM
Thanks for investigating.
 
Bummer that this functionality isn't available, especially since it's documented that it is.
 
The documentation should be corrected, at least.

Subject: RE: New Message from Dale Gantous in CTI Server Protocol (GED-188) - CTI Se
Replied by: David Lender on 19-12-2012 10:34:56 AM
Yes, I have opened a doc defect CSCud79679
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here