Created by: Mayank Mishra on 17-02-2010 07:55:15 PM Is there a way to authenticate a user without performing login to Extension mobility services(XML over HTTP)?A successful login applies the device profile to the phone which may be undesirable.Is there any way in Call manager to directly authenticate to the underlying database or directorythough some undocumented API/LDAP etc.I am NOT using an external directory server for users.
Subject: RE: Authentication problem Replied by: David Staudt on 17-02-2010 10:09:29 PM The AXL SOAP API has <doAuthenticateUser> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns="http://www.cisco.com/AXL/API/7.0"> <soapenv:Header/> <soapenv:Body> <ns:doAuthenticateUser sequence="1"> <userid>testUser</userid> <password>password</password> </ns:doAuthenticateUser> </soapenv:Body> </soapenv:Envelope> ---------------------- <SOAP-ENV:Envelope SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Header/> <SOAP-ENV:Body> <axl:doAuthenticateUserResponse sequence="1" xmlns:axl="http://www.cisco.com/AXL/API/7.0" xmlns:xsi="http://www.cisco.com/AXL/API/7.0"> <return> <userAuthenticated>true</userAuthenticated> <code>0</code> </return> </axl:doAuthenticateUserResponse> </SOAP-ENV:Body> </SOAP-ENV:Envelope>
Subject: RE: Authentication problem Replied by: Mayank Mishra on 18-02-2010 08:14:30 PM Thanks for the information David.I had a concern as in the documentation for AXL services it was mentioned that : "CautionThe AXL API allows you to modify the Cisco Unified Communications Manager system database. Use caution when using AXL because each API call affects the system. Misuse of the API can lead to dropped calls and slower performance. AXL should act as a provisioning and configuration API, not as a real-time API." (1)I am not sure as to how big of an impact is an authentication request on the system.Do you have any views on this? (2)The HTTP basic authentication response itself is an indicator of authentication. Is there any specific reason for this webservice call or does it do the same thing conveniently wrapped as a WS call? Thanks.
Subject: RE: Authentication problem Replied by: Stephan Steiner on 01-03-2010 03:30:43 PM 1) What exactly are you going to use the call for? For performance reasons it's always a good idea to cache certain things instead of making requests all the time. But if you're doing something like allowing a user to configure his/her phone, then I see no issue with calling doAuthenticateUser, and if it passes let the user proceed with making changes. 2) The basic authentication refers to the authentication to the CCM of the connecting application. If you get past that, it means your user is authorized to use AXL. Normally you'd configure an application user with AXL permissions, then use that user's credential for basic authentication to access AXL.. then perform the authentication of the end user using doAuthenticateUser.
Subject: RE: Authentication problem Replied by: Mayank Mishra on 04-03-2010 09:14:38 PM Thanks Stephan and David.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
