01-31-2015 06:06 AM - edited 03-19-2019 09:07 AM
Hello Everyone,
I have my Mac connected to our CallManager via Expressway 8.5.1 MRA using SAML SSO using Jabber Version 10.6.0 (202336).
Our CallManager, IM&P and Unity Connection Servers are all 10.5.2
My issue is that Voicemail shows as "has stopped working". It does not do this for SSO users who are not using MRA.
If I disable SSO it works fine (username/password on Jabber starup and same username/password on Voicemail login page once connected)
I have not yet tested if Jabber for Windows is affected when using MRA via Expressway.
UPDATE: This issue affects Jabber for iOS as well with the same error
I have a Problem Report from the machine if required.
Any help you can provide will be appreciated.
Many Thanks,
Brian Skelly
07-28-2015 05:12 PM
Hi,
Have you fixed this. I am having the same issue with SSO enabled for MRA.
01-18-2016 01:42 PM
Did either of you get an answer to this? I've just deployed a similar solution and seeing the exact same issue.
Thanks!
04-12-2016 03:46 AM
I have the same issue. Looks like unity is denying the request, even though SSO is configured on unity and works fine.
2016-04-12T06:38:21-04:00 uschixxx05 edgeconfigprovisioning: UTCTime="2016-04-12 10:38:21,868" Module="developer.edgeconfigprovisioning.server.sso" Level="WARN" CodeLocation="samlhelpers(684)" Service="SSO" Detail="Required AuthnInstance attribute not found"
2016-04-12T06:38:21-04:00 uschixxx05 edgeconfigprovisioning: UTCTime="2016-04-12 10:38:21,869" Module="developer.edgeconfigprovisioning.uds" Level="INFO" CodeLocation="udsmanager(590)" Service="UDSManager" Detail="Verifying UDS" Domain="companyuc.com" Deployment="1" Identity="('username', 'TestUC.Boston2')"
2016-04-12T06:38:21-04:00 uschixxx05 edgeconfigprovisioning: Level="INFO" Event="Edge SSO" Service="SSO" Detail="Received request for Edge SSO access" Local-ip="127.0.0.1" Local-port="22111" Src-ip="127.0.0.1" Src-port="33811" username="TestUC.Boston2" UTCTime="2016-04-12 10:38:21,869"
2016-04-12T06:38:21-04:00 uschixxx05 edgeconfigprovisioning UTCTime="2016-04-12 10:38:21,875" Module="network.http.sso.server" Level="DEBUG" Action="Send" Url="https://uklonxxx06.eu.companyuc.com:8443/ssosp/token/authorize_proxy"
HTTPMSG:
|POST //uklonxxx06.eu.companyuc.com:8443/ssosp/token/authorize_proxy HTTP/1.1
Content-Type: ['application/x-www-form-urlencoded']
Authorization: <CONCEALED>
User-Agent: ['TANDBERG-Video-Communication-Server/X8.7.1']
client_id=***REMOVED BY CARL***
|
2016-04-12T06:38:21-04:00 uschixxx05 edgeconfigprovisioning: UTCTime="2016-04-12 10:38:21,875" Module="developer.edgeconfigprovisioning.twisted" Level="INFO" CodeLocation="_observer(131)" Starting factory <twisted.web.client._HTTP11ClientFactory instance at 0x7f2e63de6cf8>
2016-04-12T06:38:22-04:00 uschixxx05 edgeconfigprovisioning UTCTime="2016-04-12 10:38:22,515" Module="network.http.sso.server" Level="DEBUG" Action="Received" Request-url="https://uklonxxx06.eu.companyuc.com:8443/ssosp/token/authorize_proxy"
HTTPMSG:
|HTTP/1.1 401 Unauthorized
<!-- custom Cisco error page --><html> <head> <title> Cisco System - Error report </title> <style type="text/css"> a { color: #316984; text-decoration: none; } a:hover { color: #316984; text-decoration: underline; } a:visted { color: #316984; text-decoration: none; } body { background-attachment: fixed; background-color: #ffffff; background-repeat: no-repeat; color: #316984; font-family: arial,helvetica,sans-serif; } #content { border: 1px solid #d6d7d6; font-size: 93.5%; margin: 0px 10% 30px 10%; } #content-header { background-color: #eeeeee; border-bottom: 1px solid #666666; color: #666666; font-size: 124.5%; padding: 5px 15px 5px 15px; } #copyright { font-size: 75%; margin: 0px 10% 0px 10%; padding: 3px 0px 0px 0px; text-align: right; } img { display: block; margin: 0px 0px 20px 0px; } #logo { margin: 30px 10% 0px 10%; } p { padding: 5px 15px 5px 15px; } pre { padding: 5px 15px 5px 30px; } </style> </head> <body> <div id="logo"> <img src="/ciscologo.gif" alt="Cisco Systems, Inc." /> </div> <div id="content"> <div id="content-header">HTTP Status 401 - </div> <p> <b> type: </b> Status report </p> <p> <b>message: </b> </p> <p> <b>description: </b> This request requires HTTP authentication. </p> </div> </body></html>
|
2016-04-12T06:38:22-04:00 uschixxx05 edgeconfigprovisioning: Level="WARN" Event="Edge SSO" Service="SSO" Detail="Authorization failed" Dst-ip="127.0.0.1" Dst-port="33811" Local-ip="127.0.0.1" Local-port="22111" Reason="Invalid response code from authorization server: expected 200, got 401" username="TestUC.Boston2" UTCTime="2016-04-12 10:38:22,516"
2016-04-12T06:38:22-04:00 uschixxx05 edgeconfigprovisioning UTCTime="2016-04-12 10:38:22,516" Module="network.http.sso.server" Level="DEBUG" Action="Sent" Local-ip="127.0.0.1" Local-port="22111" Dst-ip="127.0.0.1" Dst-port="33811" Code="403"
HTTPMSG:
|HTTP/1.1 403 Forbidden
Server: ['CE_C ECS']
04-13-2016 04:29 AM
I had a similar issue that was based on this Bug: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCux52984/
The account i was using in Expressway-Core to connect with the UCXN servers did not have access to /ssosp/token/authorize_proxy.
I changed the account the the administrator account used when installing UCXN, turned off TLS and reset my Jabber client, when logging back in i got visual voicemail.
05-06-2016 10:24 AM
Simon,
Thanks for your post, it helped me out, as I ran into the same issue.
The Jabber client connection just noted that there was a permission issue. I used an account with all the roles I could possibly assign. Changed it to the original admin account and it worked right away.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide