CUCM - Authorization Error

Version 1
    This document was generated from CDN thread

    Created by: Rashmi Shamsundar on 21-10-2011 12:41:04 AM
    Hi All,
              I am trying to query the IP address of a Cisco phone providing its call number. My SOAP Header is as below. When I send a SOAP request to the CUCM, i get back a 401 http error response saying "This request requires HTTPAuthentication()". The user name and password passed in match the ones on the CUCM. I have LDAP enabled and the end user used has the following access
      1. Standard AXL API Access
      2. Standard CCM Admin Users
      3. Standard SERVICEABILITY read only
     
     Could some one throw ideas as to what possibly could have gone wrong? I don't know if its due to the Authorization method. If so then how do I find out if its Basic or Secure?
     
     SOAP header:
    POST /realtimeservice/services/RisPort HTTP/1.0
    Host:192.168.1.144:8443
    Authorization: Basic ZGV2ZWxvcGVyOnI0X0RHYkQ2
    Accept: text/*
    Content-type: text/xml
    SOAPAction: "http://schemas.cisco.com/ast/soap/action/#RisPort#SelectCmDevice"
    Content-length: 1405

    Subject: RE: Re: New Message from Rashmi Shamsundar in Administration XML (AXL) - Ad
    Replied by: Rashmi Shamsundar on 21-10-2011 02:04:10 AM
    Tried that already. It did not make any difference. I was doubting if this has got to do with the permissions? Or Is there any place in the CUCM where the authentication can be configured to be something other than "Basic" ?

    Subject: RE: CUCM - Authorization Error
    Replied by: Claus Pedersen on 21-10-2011 01:50:03 AM
    Hi Rashmi, Im sorry that I'm not able to help you on the current issue, but I would however be gratefull if I you would share your solution if you get it working

    With kindest regards
    Claus Pedersen

    Subject: Re: New Message from Rashmi Shamsundar in Administration XML (AXL) - Admini
    Replied by: Sascha Monteiro on 21-10-2011 01:57:17 AM
    try to use BASIC instead of Basic for the Authorization,
    I am not sure but that is the only difference I notice on the first glance

    Subject: Re: New Message from Rashmi Shamsundar in Administration XML (AXL) - Admini
    Replied by: Sascha Monteiro on 21-10-2011 03:25:17 AM
    The permissions look okay, will dbl check later, I don't use the Auth header, but pass the credentials in the url instead, like;
    Https://user:pass@1.1.1.1:8443/

    Sent from my iPhone4

    On 21/10/2011, at 17:04, Cisco Developer Community Forums <cdicuser@developer.cisco.com> wrote:

    > Rashmi Shamsundar has created a new message in the forum "Administration XML Questions":
    >
    > --------------------------------------------------------------
    > Tried that already. It did not make any difference. I was doubting if this has got to do with the permissions? Or Is there any place in the CUCM where the authentication can be configured to be something other than "Basic" ?
    > --
    > To respond to this post, please click the following link:
    >
    > <http://developer.cisco.com/web/axl/forums/-/message_boards/view_message/4632651>
    >
    > or simply reply to this email.

    Subject: Re: New Message from Rashmi Shamsundar in Administration XML (AXL) - Admini
    Replied by: Wes Schochet on 21-10-2011 01:47:17 PM
    I set a standard auth header with the base64 coded version of user:pass

                    final String risSOAPaction = http://schemas.cisco.com/ast/soap/action/#RisPort#SelectCmDevice";
                    final String ccmAXLurl = "https://cpccm1:8443/realtimeservice/services/RisPort";
                    authString = AuthBase64(ccmUser, ccmPWD);

                    HttpsURLConnection cucmConn = new icURLConn(ccmAXLurl).Connection;
                  
                    cucmConn.setRequestProperty("SOAPAction", risSOAPaction);
                    cucmConn.setRequestProperty("Content-Type", "text/xml");
                    cucmConn.setRequestProperty("Content-Length", "" + strSOAP.length());
                    cucmConn.setRequestProperty("Authorization", authString);
     
    It works every time...

    >>> On 10/20/2011 at 11:41 PM, Cisco Developer Community Forums <cdicuser@developer.cisco.com> wrote:

    Rashmi Shamsundar has created a new message in the forum "Administration XML Questions":

    --------------------------------------------------------------
    Hi All,
    I am trying to query the IP address of a Cisco phone providing its call number. My SOAP Header is as below. When I send a SOAP request to the CUCM, i get back a 401 http error response saying "This request requires HTTPAuthentication()". The user name and password passed in match the ones on the CUCM. I have LDAP enabled and the end user used has the following access
    1. Standard AXL API Access
    2. Standard CCM Admin Users
    3. Standard SERVICEABILITY read only

    Could some one throw ideas as to what possibly could have gone wrong? I don't know if its due to the Authorization method. If so then how do I find out if its Basic or Secure?

    SOAP header:
    POST /realtimeservice/services/RisPort HTTP/1.0
    Host:192.168.1.144:8443
    Authorization: Basic ZGV2ZWxvcGVyOnI0X0RHYkQ2
    Accept: text/*
    Content-type: text/xml
    SOAPAction: "http://schemas.cisco.com/ast/soap/action/#RisPort#SelectCmDevice"
    Content-length: 1405
    --
    To respond to this post, please click the following link:

    <http://developer.cisco.com/web/axl/forums/-/message_boards/view_message/4632606>

    or simply reply to this email.

    Confidentiality Statement:
    This email/fax, including attachments, may include confidential
    and/or proprietary information and may be used only by the
    person or entity to which it is addressed. If the reader of
    this email/fax is not the intended recipient or his or her
    agent, the reader is hereby notified that any dissemination,
    distribution or copying of this email/fax is prohibited. If you
    have received this email/fax in error, please notify the sender
    by replying to this message and deleting this email or
    destroying this facsimile immediately.

    Subject: RE: CUCM - Authorization Error
    Replied by: Axel Schemberg on 24-10-2011 03:45:34 AM
    Hello Rashmi,
     
    ...The user name and password passed in match the ones on the CUCM. I have LDAP enabled and the end user used has the following access...

    I never tried to do SOAP with end user credentials - assuming, you are using CUCM > 4.3 - but may be this is not working. I use an application user.
     
    Kind regards
     
    Axel

    Subject: RE: Re: New Message from Rashmi Shamsundar in Administration XML (AXL) - Ad
    Replied by: Rashmi Shamsundar on 25-10-2011 12:52:28 AM
    I found where the problem was. The Cisco IP phones had web access configured as disabled. Because of this, the phone was rejecting all Http requests. A very silly thing but worth remembering.

    Thanks for all your help

    Regards

    Rashmi

    Subject: New Message from Rashmi Shamsundar in Administration XML (AXL) - Administra
    Replied by: Wes Schochet on 25-10-2011 12:49:43 PM
    This is the default now - I wish there was a way to set the default!

    >>> On 10/24/2011 at 11:52 PM, Cisco Developer Community Forums <cdicuser@developer.cisco.com> wrote:

    Rashmi Shamsundar has created a new message in the forum "Administration XML Questions":

    --------------------------------------------------------------
    I found where the problem was. The Cisco IP phones had web access configured as disabled. Because of this, the phone was rejecting all Http requests. A very silly thing but worth remembering.

    Thanks for all your help

    Regards

    Rashmi
    --
    To respond to this post, please click the following link:

    <http://developer.cisco.com/web/axl/forums/-/message_boards/view_message/4644720>

    or simply reply to this email.

    Confidentiality Statement:
    This email/fax, including attachments, may include confidential
    and/or proprietary information and may be used only by the
    person or entity to which it is addressed. If the reader of
    this email/fax is not the intended recipient or his or her
    agent, the reader is hereby notified that any dissemination,
    distribution or copying of this email/fax is prohibited. If you
    have received this email/fax in error, please notify the sender
    by replying to this message and deleting this email or
    destroying this facsimile immediately.