Not logged in. · Lost password · Register
Forum: MatriX RSS
CISCO_VTG_TOKEN
Avatar
SimonBrinkmann #1
Member since Sep 2013 · 7 posts · Location: Norway
Group memberships: Members
Show profile
Subject: Sasl mechanism for Cisco Presence
I need to login to login to Cisco's presence server which provides the following sasl-mechanisms:

  1. <mechanisms>
  2. <mechanism>PLAIN</mechanism>
  3. <mechanism>CISCO_VTG_TOKEN</mechanism>
  4. </mechanisms>

The token is obtained from another cisco-service.

  1. <auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='CISCO-VTGTOKEN'>
  2. dXNlcmlkPWp1bGlldEBjYXB1bGV0LmNvbQB0b2tlbj0yMzQ1Njc4</auth>

How do I do this when I don't find this mechanism in the SaslMechanisms enum?

Thanks.
Simon
This post was edited on 2013-10-02, 14:11 by SimonBrinkmann.
Edit reason: Incorrect statement
Avatar
Alex #2
Member since Feb 2003 · 4298 posts · Location: Germany
Group memberships: Administrators, Members
Show profile
Quote by SimonBrinkmann:
I need to login to login to Cisco's presence server whichs provides the following sasl-mechanisms:

  1. <mechanisms>
  2. <mechanism>PLAIN</mechanism>
  3. <mechanism>CISCO_VTG_TOKEN</mechanism>
  4. </mechanisms>

with teh current MAtriX version you can login only with SASL PLAIN (username and password).

Quote by SimonBrinkmann:
How do I do this when I don't find this mechanism in the SaslMechanisms enum?

you can't. When this is important for you we can add the CISCO_VTG_TOKEN SASL mechanism to MatriX. The documentation you provided looks pretty simple. We could provide you a new build for this pretty fast.
Avatar
SimonBrinkmann #3
Member since Sep 2013 · 7 posts · Location: Norway
Group memberships: Members
Show profile
Thank you - that would be great!
Avatar
Alex #4
Member since Feb 2003 · 4298 posts · Location: Germany
Group memberships: Administrators, Members
Show profile
let me know which MatriX edition you are using. I will attach a new build in the next 30 minutes to this thread then.
Avatar
SimonBrinkmann #5
Member since Sep 2013 · 7 posts · Location: Norway
Group memberships: Members
Show profile
MatriX for .NET     1.5.3.6

Thanks!
Avatar
Alex #6
Member since Feb 2003 · 4298 posts · Location: Germany
Group memberships: Administrators, Members
Show profile
do you have more info on this? Maybe an official Cisco doc page?

Because in your mechanisms you have:

...
<mechanism>CISCO_VTG_TOKEN</mechanism>
...

and in your auth package you have:

<auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='CISCO-VTGTOKEN'>
dXNlcmlkPWp1bGlldEBjYXB1bGV0LmNvbQB0b2tlbj0yMzQ1Njc4</auth>

normally this strings are identical. Once I have this info I can compile a new build.

Edit: also in other logs I have seen CISCO-VTG-TOKEN. Which one id correct?
This post was edited on 2013-10-01, 14:31 by Alex.
Avatar
SimonBrinkmann #7
Member since Sep 2013 · 7 posts · Location: Norway
Group memberships: Members
Show profile
I've tried to find more examples and it seems like it should be

CISCO-VTG-TOKEN

So inconsistent use of _ and -

My bad in the copy paste of CISCO-VTGTOKEN
Avatar
Alex #8
Member since Feb 2003 · 4298 posts · Location: Germany
Group memberships: Administrators, Members
Show profile
ok, new test build is attached.

  • When you setup the Xmpplient set only Username and XmppDomain. Password is not required.
  • In the OnBeforeSasl event select the Sasl mechanism and provide your username.

  1. void xmppClient_OnBeforeSasl(object sender, SaslEventArgs e)
  2. {    
  3.     e.Auto = false;
  4.     e.SaslMechanism = SaslMechanism.CISCO_VTG_TOKEN;
  5.     e.SaslProperties = new CiscoVtgTokenProperties
  6.     {
  7.         AccessToken = "your_cisco_vtg_token"
  8.     };
  9. }

Please let me know if it works.
The author has attached one file to this post:
The file “MatriX_1.5.4.1.zip” attached to this post was not found!
Avatar
SimonBrinkmann #9
Member since Sep 2013 · 7 posts · Location: Norway
Group memberships: Members
Show profile
Subject: Problem solved!
Works perfekt!  :-)

Thank you!
Avatar
Alex #10
Member since Feb 2003 · 4298 posts · Location: Germany
Group memberships: Administrators, Members
Show profile
great to hear, thanks for your feedback.
So this changes go to the latest stable code now.
Avatar
Jingxian #11
Member since Jun 2014 · 10 posts
Group memberships: Members
Show profile
We are currently reviewing Matrix to consider implementing a chat solution against cisco CUPS. I'm using the MiniClient to connect to CUPS but always fails on Authentication:

  1. SEND: <auth mechanism="CISCO-VTG-TOKEN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">dXNlcmlkPWpvc2llbFw0MGN1Y20xMC5sb2NhbEAxNzIuMjMuMzEuNgB0b2tlbj1qb3NpZWxAY3VjbTEwLmxvY2FsOjEyMzQ=</auth>
  2. RECV: <failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
  3.  <temporary-auth-failure />
  4. </failure>

It appears it is not happy with the access token I passed in here:

  1. private void xmppClient_OnBeforeSasl(object sender, Matrix.Xmpp.Sasl.SaslEventArgs e)
  2. {
  3.             e.Auto = false;
  4.             e.SaslMechanism = SaslMechanism.CISCO_VTG_TOKEN;
  5.             e.SaslProperties = new CiscoVtgTokenProperties
  6.             {
  7.                 AccessToken = "userid=josiel@cucm10.local" + '\0' + "token=1234"
  8.             };
  9. }

The user id is josiel@cucm10.local and my password is 1234.
I also tried this format: josiel@cucm10.local:1234

Could you please let me know what the exact format for the access token is and if it is required to be base64 encoded beforehand?

Thx
This post was edited on 2014-06-05, 09:08 by Alex.
Avatar
Alex #12
Member since Feb 2003 · 4298 posts · Location: Germany
Group memberships: Administrators, Members
Show profile
The complete auth mesage without authentication looks like:

userid=juliet@capulet.com/0/token=2345678

In AccessToken you pass only the token part which is marked red. Then MatriX builds the string and encodes its base64 for you.
Because MatriX knows the username and XmppDomain which you set before in XmppClient properties.

Alex
This post was edited on 2014-06-06, 07:14 by Alex.
Avatar
Jingxian #13
Member since Jun 2014 · 10 posts
Group memberships: Members
Show profile
Thank you for the quick response. I have modified the code. Now the encoded string has reasonable size however it still fails on the same error. Any chance do you know who is responsible for generating the access token/onetimepassword? if Cisco CUPS is responsible for it, how can I retrieve it from the application?

Thx
Avatar
Alex #14
Member since Feb 2003 · 4298 posts · Location: Germany
Group memberships: Administrators, Members
Show profile
How to get the Token is described in the Cisco documentation.
e.g. in the DEVELOPER GUIDE FOR CISCO UNIFIED CM IM AND PRESENCE 9.0

Alex
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Forum: MatriX RSS