cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3321
Views
5
Helpful
6
Replies

XMPP authorization error when connecting to Finesse

lvj00000111
Level 1
Level 1

I've been trying to connect to Finesse's XMPP events, but I'm getting a

<failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><not-authorized/></failure>

back.

My auth. XML looks like this:

<auth mechanism="PLAIN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">AEFnZW50MDAyAGNpc2NvcHNkdA==</auth>

I use the Finesse 11.6 Sandbox.

I connect using

Host=10.10.20.10,

Port=5222

User=Agent002

Pw=ciscopsdt

 

I've tried both with and without a certificate. Same error. 

In Cisco_Finesse_Web_Services_Developer_Guide_Release_11.6.pdf it says (p. 315) that I should download a PEM file for the certificate that starts with "tomcat". As there are 11 of those, I've tried the ones marked here

CiscoCertificates.png

In https://community.cisco.com/t5/contact-center/xmpp-error-not-authorized/m-p/3477823#M2971 it was suggested to use "the numeric" agent id. So I tried to use Agent002's extension 6002. Same problem.

 

I've had to use a third party XMPP module (actually, I've tried two, same result). I code in C#, so I can't use any java modules etc (some pre-made modules was mentioned in the PDF).

 

Also: if or when I am accepted by the server, I assume I don't have to do other than listening for incoming messages, as it was mentioned on p. 287 in the PDF, that an agent would automatically receive user, dialog and media notifications, which is just what I need.

6 Replies 6

dekwan
Cisco Employee
Cisco Employee

Hi,

 

Have you tried to connect to the XMPP server using a XMPP client such as adium or pidgin? https://developer.cisco.com/docs/finesse/#!environment-and-tools

 

The configuration to connect to the XMPP server is very particular. You need to have the right options turned on. In particular:

Allow plaintext auth over unencrypted streams, Use encryption if available, and the right SASL authentication.

 

This thread might be useful for you because it is specifically about C# and connecting to the notification server:

https://community.cisco.com/t5/contact-center/xmpp-with-net/m-p/3422184#M246

 

Thanx,

Denise

I got the Pidgin client now, and that _could_ connect. After enabling the XMPP Console plugin I saw the XMPP that it sends to authenticate. I send the exact same XML....but I don't think I'm on the guest list, because I get the same error.

Are there by chance some logs on the server side so I can see what Pidgin and I send (or rather, what Finesse receives)?

 

Edit: Today I've used Agent013.

I and Pidgin both sent:

<auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='PLAIN' client-uses-full-bind-result='true'>AGFnZW50MDEzAGNpc2NvcHNkdA==</auth>

 

When using Wireshark to examine data more closely, it seems Pidgin sent a little more than its XMPP console claimed:

<auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='PLAIN' xmlns:ga='http://www.google.com/talk/protocol/auth' ga:client-uses-full-bind-result='true'>AGFnZW50MDEzAGNpc2NvcHNkdA==</auth>

 

I tried to send the same, but still with not luck.

Hi,

 

I am not sure if it actually shows what you are looking for, but you can take a look at the openfire logs. You may need to turn on debug logs: https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/finesse/finesse_1161/Admin/guide/cfin_b_cisco-finesse-administration-guide-116/cfin_b_cisco-finesse-administration-guide-116_appendix_010000.html#CFIN_RF_CDE007C4_00

 

Did you take a look at that example C# code I referenced in the previous reply?

 

Thanx,

Denise

I have tried to experiment a bit with the Matrix .Net, and I learned what i was missing.

I have used https://github.com/araditc/Artalk.Xmpp (which is free) but with some changes.

I will list them here, in case this can help others.
XmppIm.cs:
void EstablishSession() is skipped. It gave an error, and omitting it didn't seem to hamper the flow of messages from Finesse
void OnMessage(Message message)
I added the lines
if(message.Data["event"]!=null) //CONSIDER: make a specific one for this!
Message.Raise(this, new MessageEventArgs(message.From, message));
as the message didn't have a body, but it did have an event. I might make this nicer later.

XmppCore.cs
In XmlElement InitiateStream(string hostname) I removed the Attribute xml:lang
In XmlElement Authenticate(IEnumerable<string> mechanisms, string username,
string password, string hostname)
I forced the username to lower case.

This is an early version of my project, and I might clean things up later.


I have noticed, that in some cases Dialogs arrive as:
<Update><data><dialogs><Dialog>...
In others, the update looked like:
<Update><data><dialog>....
I wonder why that is so, especially why a Dialog is sometimes shown with uppder case D and others lower case d. Makes it a bit tougher to deserialize...
I have checked using Pidgin, that this is indeed how it looks.

From Pidgin's XML log:

<message from='pubsub.hq-uccx.abc.inc' to='agent013@hq-uccx.abc.inc' id='V8EL2hdR'>
<event xmlns='http://jabber.org/protocol/pubsub#event'>
<items node='/finesse/api/User/Agent013/Dialogs'>
<item id='68c3f39c-fe60-4aa7-8ed4-7b96841a72ff862'>
<notification xmlns='http://jabber.org/protocol/pubsub'><Update><data><dialogs><Dialog><associatedDialogUri></associatedDialogUri><fromAddress>6013</fromAddress><id>33566464</id><mediaProperties><DNIS></DNIS><callType>OUT</callType><dialedNumber></dialedNumber><outboundC...>
</item>
</items>
</event>
</message>

vs

<message from='pubsub.hq-uccx.abc.inc' to='agent013@hq-uccx.abc.inc' id='yDFnbkd3'>
<event xmlns='http://jabber.org/protocol/pubsub#event'>
<items node='/finesse/api/User/Agent013/Dialogs'>
<item id='68c3f39c-fe60-4aa7-8ed4-7b96841a72ff865'>
<notification xmlns='http://jabber.org/protocol/pubsub'><Update><data><dialog><associatedDialogUri></associatedDialogUri><fromAddress>6013</fromAddress><id>33566464</id><mediaProperties><DNIS></DNIS><callType>OUT</callType><dialedNumber>6001</dialedNumber><outboundClassi...>
</item>
</items>
</event>
</message>

Hi,

 

I'm so glad that you were able to figure out the connection and thank you for posting your solution for other folks.

 


@lvj00000111 wrote:
I have noticed, that in some cases Dialogs arrive as:
<Update><data><dialogs><Dialog>...
In others, the update looked like:
<Update><data><dialog>....
I wonder why that is so, especially why a Dialog is sometimes shown with uppder case D and others lower case d. 

So the first one <Update><data><dialogs><Dialog> is an update on the user's list of dialogs, hence the <dialogs><Dialog>. It is usually when a dialog gets added or deleted.

 

The second one <Update><data><dialog> is an update on the individual dialog itself, which is why there isn't a <dialogs>. I can't remember why one has a capital and one doesn't anymore, but there was a reason.

 

Thanx,

Denise