06-15-2016 03:32 AM
I am writing a third party application running in a server environment that needs to get notifications from Finesse server. I have written the app in Java and I am using Babbler 0.7 as the means of creating an XMPP session. I can see the finesse server (I guess I mean openfire) replying with available stream mechanisms. In this case it seems only PLAIN is supported.
<body xmlns="http://jabber.org/protocol/httpbind" xmlns:stream="http://etherx.jabber.org/streams" authid="89f6eb70" sid="89f6eb70" secure="true" requests="4" inactivity="60" polling="5" wait="60" hold="1" ack="1535782836973282" maxpause="300" ver="1.6">
<stream:features>
<mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
<mechanism>PLAIN</mechanism>
</mechanisms>
<compression xmlns="http://jabber.org/features/compress">
<method>zlib</method>
</compression>
<bind xmlns="urn:ietf:params:xml:ns:xmpp-bind"/>
<session xmlns="urn:ietf:params:xml:ns:xmpp-session"/>
</stream:features>
</body>
My app then sends a log in request using PLAIN:
<body xmlns="http://jabber.org/protocol/httpbind" rid="1535782836973283" sid="89f6eb70">
<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="PLAIN">AEJUNjQ4ODkAMTIzNDU2Nzg=</auth>
</body>
but gets the following rejection:
<body xmlns="http://jabber.org/protocol/httpbind">
<failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
<not-authorized/>
</failure>
</body>
I have checked the BASE64 encoding and it follows the \0+username+\0+password format that I would expect with the PLAIN mechanism and the account I am using is one that I can login with to the login server using Jabber. I have tried the Administration account and similarly it fails.
I have also tried "restclient" to send RESTful requests into Finesse using the same account via the http "Authorized" header, and that works. Is there an enablement stage to allow XMPP access from a third part app that I may have overlooked?
Many thanks
06-22-2016 04:56 AM
I have only just been able to get to the logs but I think I see what is going on now. The “not-authorized” return I keep getting isn’t strictly true. If I use BTTest1 as the user to login to the finesse notification server I get a genuine unauthorized response back. It seems that BTTest1 is not recognized by finesse notification server.
…
If I use the administrator account details then finesse server returns “Not Found” in response to:
…
However as this “GET” activity is still part of the login process (not anything directly driven by my client) what is actually returned to my client is “Not-authorized” again. The reason for the failure is that it is looking for “/finesse/api/User/administrator” which does not exist. It looks like I need an account which is recognized by the finesse notification server like the administrator but which is also a Cisco agent. Is that a correct interpretation of these results? I hope you can help.
Thus is the full authorization part of the log using the administrator account:
2016.06.21 10:28:36 HTTPBindLog: HTTP RECV(f8be244): <body rid="210641646423296" sid="f8be244"><auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="PLAIN">removed</auth></body>
2016.06.21 10:28:36 consumeResponse: org.jivesoftware.openfire.http.HttpSession@130e87 status: 1 address: sllfin.slllab.icm/f8be244 id: f8be244 presence:
<presence type="unavailable"/> rid: 210641646423296
2016.06.21 10:28:36 suspended org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@dad1e8@172.23.97.9:7443<->172.23.97.30:55826
2016.06.21 10:28:36 AWSAuthProvider:Authentication request received: username=administrator
2016.06.21 10:28:36 AWSAuthProvider:awsHost and awsPort retrieved from properties is: localhost and 8080
2016.06.21 10:28:36 AWSAuthProvider:administrator is to use custom authentication
2016.06.21 10:28:36 Set parameter http.connection.timeout = 30000
2016.06.21 10:28:36 Set parameter http.authentication.preemptive = true
2016.06.21 10:28:36 Preemptively sending default basic credentials
2016.06.21 10:28:36 Authenticating with BASIC <any realm>@localhost:8080
2016.06.21 10:28:36 Credential charset not configured, using HTTP element charset
2016.06.21 10:28:36 Open connection to localhost:8080
2016.06.21 10:28:36 >> "GET /finesse/api/User/administrator HTTP/1.1[\r][\n]"
2016.06.21 10:28:36 Adding Host request header
2016.06.21 10:28:36 >> "Authorization: Basic removed [\r][\n]"
2016.06.21 10:28:36 >> "User-Agent: Jakarta Commons-HttpClient/3.1[\r][\n]"
2016.06.21 10:28:36 >> "Host: localhost:8080[\r][\n]"
2016.06.21 10:28:36 >> "[\r][\n]"
2016.06.21 10:28:36 << "HTTP/1.1 404 Not Found[\r][\n]"
2016.06.21 10:28:36 << "HTTP/1.1 404 Not Found[\r][\n]"
2016.06.21 10:28:36 << "Pragma: No-cache[\r][\n]"
2016.06.21 10:28:36 << "Cache-Control: no-cache[\r][\n]"
2016.06.21 10:28:36 << "Expires: Thu, 01 Jan 1970 00:00:00 UTC[\r][\n]"
2016.06.21 10:28:36 << "Content-Type: text/html;charset=utf-8[\r][\n]"
2016.06.21 10:28:36 << "Content-Length: 2211[\r][\n]"
2016.06.21 10:28:36 << "Date: Tue, 21 Jun 2016 10:28:36 GMT[\r][\n]"
2016.06.21 10:28:36 << "Server: [\r][\n]"
2016.06.21 10:28:36 << "[\r][\n]"
2016.06.21 10:28:36 Buffering response body
…
2016.06.21 10:28:36 Resorting to protocol version default close connection policy
2016.06.21 10:28:36 Should NOT close connection, using HTTP/1.1
2016.06.21 10:28:36 Releasing connection back to connection manager.
…
2016.06.21 10:28:36 REQUEST /http-bind/ on org.eclipse.jetty.server.nio.SelectChannelConnector$SelectChannelHttpConnection@dad1e8@172.23.97.9:7443<->172.23.97.30:55826
2016.06.21 10:28:36 scope null||/http-bind/ @ o.e.j.s.ServletContextHandler{/http-bind,null}
2016.06.21 10:28:36 context=/http-bind||/ @ o.e.j.s.ServletContextHandler{/http-bind,null}
2016.06.21 10:28:36 sessionManager=org.eclipse.jetty.server.session.HashSessionManager@1e6cecc#STARTED
2016.06.21 10:28:36 session=null
2016.06.21 10:28:36 servlet /http-bind||/ -> org.jivesoftware.openfire.http.HttpBindServlet-33000926
2016.06.21 10:28:36 chain=null
2016.06.21 10:28:36 consumeResponse: org.jivesoftware.openfire.http.HttpSession@130e87 status: 1 address: sllfin.slllab.icm/f8be244 id: f8be244 presence:
<presence type="unavailable"/> rid: 210641646423296
2016.06.21 10:28:36 HTTPBindLog: HTTP SENT(f8be244): <body xmlns='http://jabber.org/protocol/httpbind'><failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><not-authorized/></failure></body>
06-29-2016 09:47 AM
Hi,
Sorry for the late reply. Your post has been moved from the general developer forum to the Finesse forum. For faster response, please post your Finesse questions directly to the Finesse forum in the future.
Each user/agent should be logging in via XMPP, so when making this login request, you should be using the user/agent (which should also be successful if logged in via Finesse REST API request). The best thing to do to see if you are using the right user & settings is to use an XMPP client application to test it out. If using Windows, follow the instructions from the Lab Development Environment Validation with Cisco Finesse Web Services APIs section of the Developer guide. If using a Mac, I have successfully used Adium but you have to turn on XMPP using the hidden preference option. (For some reason, there are some issues with the Adium site right now).
Thanx,
Denise
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide