mamusmesut
New Member
I am writing a small tool to open a WebEx with our support customers using the support ticket information.When the site used Username/Password I could make it work, now we use SSO.The WebEx server is already setup to accept SSO (by our IT manager - not me).The WebEx reference (linked below) does not elaborate, and the WebEx dev forum over the official site is so dormant, and void of answers about the subject, that I've decided to try my luck over here.posted this same question over the official forumAnyone have an idea how to make the code below actually work?What goes into the <samlResponse> tag and replace the below line in the code with something that will make it work: <samlResponse>samlResponse message will go here</samlResponse>What does SAML assertion in the documentation (see below) means?What I've found out till nowWebEx's XML-API documentation (Page 68) describes the following: 3.1 AuthenticateUser The AuthenticateUser API will accept a SAML assertion in place of a user password. The returned can be used for subsequent XML API requests without using for the session duration as defined in Super Admin. This can take the place of the current requirement for a and for authentication. ... The following schema diagram shows the element structure of the AuthenticateUser request message.And then it provide the XML schema diagram, and a sample.Referencing the example .NET code (which does not use SAML) I came up with the following code:string strXMLServer = "https://varonis.webex.com/WBXService/XMLService";WebRequest request = WebRequest.Create(strXMLServer);// Set the Method property of the request to POST.request.Method = "POST";// Set the ContentType property of the WebRequest.request.ContentType = "application/x-www-form-urlencoded";// Create POST data and convert it to a byte array.Func<StringBuilder, StringBuilder> webExXML = bodySB => new StringBuilder(1024) // Currently 294 bytes in length .AppendLine("<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>") .Append("<serv:message xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"") .Append(" xmlns:serv=\"http://www.webex.com/schemas/2002/06/service\"") .Append(" xsi:schemaLocation=\"http://www.webex.com/schemas/2002/06/service") .Append(" http://www.webex.com/schemas/2002/06/service/service.xsd\">") .AppendLine("<header>") .AppendLine("<securityContext>") .AppendLine("<siteName>siteName</siteName>") .AppendLine("<webExID>username</webExID>") .AppendLine("<password></password>") .AppendLine("<partnerID></partnerID>") .AppendLine("</securityContext>") .AppendLine("</header>") .AppendLine() .AppendLine("<body>") .Append(bodySB) .AppendLine() .AppendLine("</body>") .AppendLine("</serv:message>");var xmlAuthBodyContent = new StringBuilder() .AppendLine("<bodyContent ") .AppendLine("xsi:type=\"java:com.webex.service.binding.user.AuthenticateUser\">") .AppendLine("<samlResponse>samlResponse message will go here</samlResponse>") .AppendLine("</bodyContent>");byte[] byteArray = Encoding.UTF8.GetBytes(webExXML(xmlAuthBodyContent).ToString());// Set the ContentLength property of the WebRequest.request.ContentLength = byteArray.Length;// Get the request stream.Stream dataStream = request.GetRequestStream();// Write the data to the request stream.dataStream.Write(byteArray, 0, byteArray.Length);// Close the Stream object.dataStream.Close();// Get the response.WebResponse response = request.GetResponse();DataSet DSResponse = new DataSet();DSResponse.ReadXml(response.GetResponseStream());DSResponse.GetXml().Dump();The result I get is:<serv:message xmlns:serv="http://www.webex.com/schemas/2002/06/service"><serv:header> <serv:response> <serv:result>FAILURE</serv:result> <serv:reason>Authentication Server can't generate a valid session ticket</serv:reason> <serv:gsbStatus>PRIMARY</serv:gsbStatus> <serv:exceptionID>030048</serv:exceptionID> <serv:subErrors> <serv:subError> <serv:exceptionID>AS0062</serv:exceptionID> <serv:reason>Validate assertion failed</serv:reason> <serv:value /> </serv:subError> </serv:subErrors> </serv:response></serv:header><serv:body> <serv:bodyContent /></serv:body></serv:message>