09-20-2014 07:48 PM - edited 06-04-2019 02:15 AM
I've used a few samples with the shared endpoint lab with the same resulting error on the web console:
Exception during connection: <error><mechanism-too-weak xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/></error>
<error><mechanism-too-weak xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/></error>
My config settings are basic and follow everything I've read elsewhere in this forum and Cisco doc.
var demoConfig = {
domain: "psdtemea.cisco.com", //the domain specified for your CUP server
httpBindingURL: "http://cup.psdtemea.cisco.com:7335/httpbinding", //the BOSH url for your server
//httpBindingURL: "https://im1.ciscowebex.com/http-bind",
unsecureAllowed: true
};
The VPN is connected and my host files contains the IP (10.10.20.20) I received in the email after reserving the lab.
I debugged the exception back to jabberwerx._handleAuthOpened(feats). From what I can tell, this may be due to the response I'm getting back from the CUP server.
POST to CUP
<body xmlns="http://jabber.org/protocol/httpbind" xmlns:xmpp="urn:xmpp:xbosh" hold="1" ver="1.9" from="van_staub@psdtemea.cisco.com" to="psdtemea.cisco.com" secure="true" wait="30" xmpp:version="1.0" rid="2383855057"/>
Response from CUP
<body authid='571AEE5A47' inactivity='60' polling='5' requests='2' secure='true' sid='571AEE5A47' ver='1.8' wait='30' xmlns='http://jabber.org/protocol/httpbind' xmlns:stream='http://etherx.jabber.org/streams'><stream:features/></body>
I believe I should be getting the XML node (or similar) as part of the response:
<stream:features xmlns='jabber:client'><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>WEBEX-TOKEN</mechanism><mechanism>PLAIN</mechanism></mechanisms></stream:features>
Since it's missing, an exception gets thrown. So why would this occur? During the reservation process, I did run the command to add the SDK for Web. I should also mention that the email I received after reserving is similar in format to the one seen in this post Can't authorize using devsandbox and sampleclient.html. The username is blank similar to the post. The result of that post was seemingly a failed setup. Is this issue a similar failure?
Solved! Go to Solution.
09-30-2014 01:21 PM
Ok, I deleted and recreated your account. Same password (I assume it was cisco1234, the standard password). I logged in with my sample code, and it worked for me.
09-25-2014 12:31 PM
Hi Van,
This means the authentication mechanisms supported by the client and those reported by the server do not match. Since it is recommended to use an HTTPS binding URL. can you try using HTTPS and setting unsecureAllowed to false?
Thanks,
Adrienne
09-25-2014 12:44 PM
Hi Van,
I spoke too soon before verifying. I don't think the Sandbox is setup for secure.
Thanks,
Adrienne
09-25-2014 12:46 PM
Adrienne, yes that is certainly doable in my code. What is the SSL port? The HTTP port is 7335 given the URL http://cup.psdtemea.cisco.com:7335/httpbinding. The implicit 443 port does not work, for example, https://cup.psdtemea.cisco.com/httpbinding.
09-25-2014 01:14 PM
There may be a problem with the cup server or pub-local server configuration. My demo programs which used to work fine no longer work. I get an authentication error. We'll look into it.
09-25-2014 02:00 PM
Give it another try. I changed a configuration setting on the server and my demo programs work again.
09-26-2014 09:51 AM
Re-tested. The behavior is better, but still getting an error. This was tested with the jabberUIDemo.html and CAXL-debug-2014.04.10787/doc/examples/sampleclient.html.
POST request:
POST response:
<body authid='839F3E897' inactivity='60' polling='5' requests='2' secure='true' sid='839F3E897' ver='1.8' wait='30' xmlns='http://jabber.org/protocol/httpbind' xmlns:stream='http://etherx.jabber.org/streams'><stream:features><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>PLAIN</mechanism><mechanism>CISCO-VTG-TOKEN</mechanism><hostname xmlns='urn:xmpp:domain-based-name:0'>cup.psdtemea.cisco.com</hostname></mechanisms></stream:features></body>
POST request:
POST response:
<body xmlns='http://jabber.org/protocol/httpbind' xmlns:stream='http://etherx.jabber.org/streams'><failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-authorized/></failure></body>
What I find interesting about this is the Base64 value: AHZhbl9zdGF1YgBjaXNjbzEyMzQ=
If you decode that, it's van_staubcisco1234. Normally in a basic auth header you'd delimit with a colon. But this is all handled in the SDK, which I've not modified. What's the format of your auth value?
09-29-2014 09:43 AM
Yes, I've seen this problem with the Jabber UI code before. I don't have an answer for it, and I haven't gotten an answer from the Jabber UI developers. I don't recommend the Jabber UI approach anyway, but that's just my personal preference. It's easier and more reliable to do the authentication yourself. Give my demo app (attached) a try, and view the code there. jQuery UI is easier to customize (and prettier, IMO).
09-29-2014 11:55 AM
Thanks, Nicholas. Same error with your code. Presumably, the reservation isn't adding my account ID to the CUP server. This seems to be the same issue that happened with Re: A question about using Jabber API on a sandbox server. Using your code, I can authenticate with the name:password pair listed in that forum thread.
The delimiter theory I had is incorrect, since I can see the same behavior with the working user ID. I guess you don't need a delimiter if you also know the username. You can then compute the password starting point of the base64 decoded string using the number of chars in the username.
09-30-2014 01:14 PM
Yes, I've seen that problem before (the reservation not creating the user correctly). I'll have a look at it and fix it if I can. I assume your username is van_staub, right?
09-30-2014 01:21 PM
Ok, I deleted and recreated your account. Same password (I assume it was cisco1234, the standard password). I logged in with my sample code, and it worked for me.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide