[cisco-voip] Flexible JID / MRA
Ryan Huff
ryanhuff at outlook.com
Mon Feb 27 10:27:47 EST 2017
It seems obvious to me (and apparently you) that it should work.
As I understand it FJID was more of an after thought and was intended to allow XMPP routing to an alternate alias in federated scenarios.
However, that's a bit like letting the cat out of the bag ... if your going to make it 'sort of' work. From a lay perspective, I would expect this to work right out of the gate (especially since it does through non proxy authentication i.e, internal).
Doesn't seem like this would be a difficult ask for the BUs involved ... seems like a couple of COP files maybe and it's off to the races. Although, not sure what the priorities are; all things 'Spark' considered :).
Thanks,
Ryan
On Feb 27, 2017, at 10:19 AM, Nick <csvoip at googlemail.com<mailto:csvoip at googlemail.com>> wrote:
Hi Ryan
Thanks for your reply, thats saved me a lot of time. I can't believe this is not supported. I'll log a case and get it added to the enhancement.
Regards
Nick
On 27 February 2017 at 12:14, Ryan Huff <ryanhuff at outlook.com<mailto:ryanhuff at outlook.com>> wrote:
I can confirm that FJID is not supported over MRA. There is a bug ID for an enhancement request. It's only got 10 case on it though so you might want to jump on that wagon ;) .... squeaky wheel gets the attention and all.
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuy33691/?reffering_site=dumpcr
If you enable the experimental menu (assuming your EXP version has that capability) and you look in the unified log of Exp-C during a MRA login attempt with FJID (you could see this in the normal event log but there is a lot more noise) you'll notice that Exp-C is doing the standard UDS Service Discovery and then asking about the UserID being attempted, to the host it found in the discovery.
CCM (assuming that is your UDS target) will only respond positively to requests for the actual UserID ... which of course, is not the user's FJID.
Either CCM/IMP would have to be modified to also be able to authenticate and identify users with the Directory URI OR, Expressway would have to have some sort of MRA alias authentication capability .... or a combination of both.
The solution I've come up with is for the user to login with FJID initially (internally), thereby caching the real UserID (which is subsequently pre-populated in future login attempts...assuming a recent client version). Then, whether MRA or not, the user is simply entering the password or using auto sign in.
On Feb 27, 2017, at 6:40 AM, Nick <csvoip at googlemail.com<mailto:csvoip at googlemail.com>> wrote:
Hi Ryan
Did you get this working, I have exactly the same issue, flexible JID works fine internally, when the service discovery is done, it presents the actual user id and password prompt, however when using MRA, it does its service discovery but prompts the email address and password field which it doesnt allow you to log in with, if you then change it to user id you can log in?
Anyone else come across this?
Regards
Nick
On 15 February 2017 at 18:15, Ryan Huff <ryanhuff at outlook.com<mailto:ryanhuff at outlook.com>> wrote:
Has anyone got Flexible JID to work via MRA for the Jabber client's INITIAL, registration? FJID is working fine internally for INITIAL registration (and then the bootstrap is cached with the actual user ID so after that, doesn't really matter).
J4W 11.8
Exp c/e 8.7.1
CUCM / imp 11.0.1
(No LDAP, all CCM locally managed end users)
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20170227/ee432284/attachment.html>
More information about the cisco-voip
mailing list