cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
918
Views
0
Helpful
2
Replies
Highlighted
Rising star

ISE 2.0 Guestportal login flow changed?

Hi There,

I have a Cisco ISE Guest add-on product i developed, which integrates using the Guest API from v1.3, and auto-logins guests via some different iframe calls to the ISE guest portal. which i have deciphered by looking at the ISE guestportal login flow of HTTP GETs and POSTs and so on, and then duplicated these in my own PHP/Javascript code. This has been working fine through all versions since the Guest API was released. However since i started working with ISE 2.0, i am getting nowhere, as Cisco has chosen to put this little nugget in the http headers :

"X-frame-origins=SAMEORIGIN", which means the page on my external portal server, can no longer do any kind of iframe loads from the ise guestportal, as they are not on the same site :-(

Since i have no way of modifiying the headers from ISE, does anyone have an idea how sso type solutions would be possible now ? I have seen that there is supposed to support for SAML for the guest portal now, which is one route i could investigate, hpowever Cisco claims this only works with Oracle Access Manager SAML solution...not really something i wan't to get into for a simple guest login solution.

Also, the flow seems to require a portalsessionid now, which is not part of the initial url, but somehow created with the javascript on the ise guestportal, which i can't use, as it is loaded in an iframe, and if i try to load it into my own page, it fails as javascript ressourcers are not allowed to be loaded from another site :-(

Any suggestions ?

Everyone's tags (4)
2 REPLIES 2
Highlighted
Rising star

Re: ISE 2.0 Guestportal login flow changed?

Sorry, what i meant to say was of course "x-frame-options:SAMEORIGIN"

Highlighted
Rising star

Re: ISE 2.0 Guestportal login flow changed?

Just to clarify, i am not just suggesting that this is the reason, i installed a firefox plugin in my browser that removes the x-frame-options from the stream, and everything works as before ISE 2.0, i haven't changed i single line of code.

CreatePlease to create content
Content for Community-Ad
Cisco Community May 2020 Spotlight Award Winners