I've posted this in
SO, where the formatting is better and the question is more readable:
http://stackoverflow.com/questions/14043254/how-to-use-webexs-xml-api-with-sso-saml I am writing a small tool to open a WebEx with our support customers using the support ticket information.
When the site used Username/Password I could make it work, now we use SSO.
The WebEx server is already setup to accept SSO (by our IT manager - not me).
The WebEx reference (linked below) does not elaborate, and this dev forum is pretty mute when it comes to answers about this subject.
Anyone have an idea how to make the code below actually work?
What goes into the <samlResponse> tag and replace the below line in the code with something that will make it work:
<samlResponse>samlResponse message will go here</samlResponse>
What does
SAML assertion in the documentation (see below) means?
What I've found out till nowWebEx's
XML-API documentation (Page 68) describes the following:
> 3.1 AuthenticateUser
>
> The AuthenticateUser API will accept a SAML assertion in place of a user password. The
<sessionTicket> returned can be used for subsequent XML API requests without using
<password> for the session duration as defined in Super Admin. This can take the place of the current requirement for a <userName> and <password> for authentication.
> ...
>
> The following schema diagram shows the element structure of the AuthenticateUser request
message.
And then it provide the XML schema diagram, and a sample.
Referencing the example .NET code (which does not use SAML) I came up with the
following code: string strXMLServer = "https://varonis.webex.com/WBXService/XMLService";
WebRequest request = WebRequest.Create(strXMLServer);
// Set the Method property of the request to POST.
request.Method = "POST";
// Set the ContentType property of the WebRequest.
request.ContentType = "application/x-www-form-urlencoded";
// Create POST data and convert it to a byte array.
Func<StringBuilder, StringBuilder> webExXML =
bodySB => new StringBuilder(1024) // Currently 294 bytes in length
.AppendLine("<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>")
.Append("<serv:message xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"")
.Append(" xmlns:serv=\"http://www.webex.com/schemas/2002/06/service\"")
.Append(" xsi:schemaLocation=\"http://www.webex.com/schemas/2002/06/service")
.Append(" http://www.webex.com/schemas/2002/06/service/service.xsd\">")
.AppendLine("<header>")
.AppendLine("<securityContext>")
.AppendLine("<siteName>siteName</siteName>")
.AppendLine("<webExID>username</webExID>")
.AppendLine("<password></password>")
.AppendLine("<partnerID></partnerID>")
.AppendLine("</securityContext>")
.AppendLine("</header>")
.AppendLine()
.AppendLine("<body>")
.Append(bodyS
.AppendLine()
.AppendLine("</body>")
.AppendLine("</serv:message>");
var xmlAuthBodyContent = new StringBuilder()
.AppendLine("<bodyContent ")
.AppendLine("xsi:type=\"java:com.webex.service.binding.user.AuthenticateUser\">")
.AppendLine("<samlResponse>samlResponse message will go here</samlResponse>")
.AppendLine("</bodyContent>");
byte[] byteArray = Encoding.UTF8.GetBytes(webExXML(xmlAuthBodyContent).ToString());
// Set the ContentLength property of the WebRequest.
request.ContentLength = byteArray.Length;
// Get the request stream.
Stream dataStream = request.GetRequestStream();
// Write the data to the request stream.
dataStream.Write(byteArray, 0, byteArray.Length);
// Close the Stream object.
dataStream.Close();
// Get the response.
WebResponse response = request.GetResponse();
DataSet DSResponse = new DataSet();
DSResponse.ReadXml(response.GetResponseStream());
DSResponse.GetXml().Dump();
The result I get is: <serv:message xmlns:serv="http://www.webex.com/schemas/2002/06/service">
<serv:header>
<serv:response>
<serv:result>FAILURE</serv:result>
<serv:reason>Authentication Server can't generate a valid session ticket</serv:reason>
<serv:gsbStatus>PRIMARY</serv:gsbStatus>
<serv:exceptionID>030048</serv:exceptionID>
<serv:subErrors>
<serv:subError>
<serv:exceptionID>AS0062</serv:exceptionID>
<serv:reason>Validate assertion failed</serv:reason>
<serv:value />
</serv:subError>
</serv:subErrors>
</serv:response>
</serv:header>
<serv:body>
<serv:bodyContent />
</serv:body>
</serv:message>
