Subject: Troubleshooting authentication in Matrix.vNext
I'm trying to use Matrix.vNext to connect to Cisco IM & Presence.
Cisco says the login has to be done following this pattern
I'm at the moment using the same code I'm using to connect to XMPP which works fine on Cisco Finesse
Is there a way I can dump the messages being sent in/out to see what is going on behind the scenes?
I'm seeing the connection state changing from
Connected, Securing, Secure, Authenticating
then I'm getting a Matrix.AuthenticationException with this stanza
@edit: found an article about logging: https://matrix-xmpp.io/docs/logging/. It seems out-of-date though as XmppClient doesn't have a constructor using an Action<IChannelPipeline>
Cisco says the login has to be done following this pattern
1) When an XMPP Client connects to Cisco Unified CM IM and Presence, the server will return
the supported SASL authentication mechanisms in in stream features:
<mechanisms>
<mechanism>PLAIN</mechanism>
<mechanism>CISCO_VTG_TOKEN</mechanism>
</mechanisms>
2) The Client will reply to these SASL offering by sending an auth element that contains the SASL
Plain mechanism and a Base64 encoding of the username and password. An example is
shown below where “AGp1bGlldABwYXNzd29yZA==” is Base64 (user: juliet, password:
password):
<auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='PLAIN'>
AGp1bGlldABwYXNzd29yZA==
</auth>
3) The Cisco Unified CM IM and Presence Authentication Component will parse the Base 64
encoded Username and Password pair received from Client for the User Id and password to
search the database for a match. If there is no matching entry, Cisco Unified CM IM and
Presence will respond to Client with an Authentication Failure ERROR
4) The Cisco Unified CM IM and Presence Authentication Component will query the database for
the license status of the User. If the User is not enabled, Cisco Unified CM IM and Presence
will respond to the Client with an ERROR
5) If the Authentication Component is able to retrieve a match the Authentication Component will
reply with a SUCCESS message as follows:
<success xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/>
I'm at the moment using the same code I'm using to connect to XMPP which works fine on Cisco Finesse
xmppClient = new XmppClient()
{
Username = XmppLogin,
Password = XmppPassword,
XmppDomain = server,
//Resource = "web_framework",
HostnameResolver = new SrvNameResolver(),
};
if (notificationConfiguration.AcceptAllCertificates)
xmppClient.CertificateValidator = new AlwaysAcceptCertificateValidator();
{
Username = XmppLogin,
Password = XmppPassword,
XmppDomain = server,
//Resource = "web_framework",
HostnameResolver = new SrvNameResolver(),
};
if (notificationConfiguration.AcceptAllCertificates)
xmppClient.CertificateValidator = new AlwaysAcceptCertificateValidator();
Is there a way I can dump the messages being sent in/out to see what is going on behind the scenes?
I'm seeing the connection state changing from
Connected, Securing, Secure, Authenticating
then I'm getting a Matrix.AuthenticationException with this stanza
<failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
<not-authorized />
</failure>
<not-authorized />
</failure>
@edit: found an article about logging: https://matrix-xmpp.io/docs/logging/. It seems out-of-date though as XmppClient doesn't have a constructor using an Action<IChannelPipeline>
This post was edited on 2021-03-19, 19:45 by humba.