© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Otomo End User SSO - TOI March 2014 Otomo 10.5 – End User SSO Support.

Slides:



Advertisements
Similar presentations
Suchin Rengan Principal Technical Architect Salesforce.com
Advertisements

FI-WARE Testbed Access Control temporary solution.
Dexter Team IPv6 in Connection 8.5.
REST support for B2B access to your AppServer PUG Challenge Americas Michael Jacobs : Senior Software Architect Edsel Garcia : Principal Software.
FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.
Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 1 Unity Connection Qualification for Prime Collaboration Development Release.
Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 1 Cisco Unity Connection Cross- Origin Resource Sharing (CORS) for VMRest APIs.
Access Control Patterns & Practices with WSO2 Middleware Prabath Siriwardena.
6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
© 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Learning Partner Associate Application Process.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 ANNOUNCING Command Lookup Tool 2.0 Something new is happening!
Cisco Confidential © 2011 Cisco and/or its affiliates. All rights reserved bit RHEL 6 Update 2 OS Upgrade RHEL TEAM
Shibboleth 2.0 IdP Training: Basics and Installation January, 2009.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Backup, Restore, and Server Replacement Josh Rose UCBU Software Engineer.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Unity Connection 2.0 Architecture TOI Part I – System Level Overview.
Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 1 SAN Certificate in Unity Connection Presenter Name: Bhawna Goel.
© 2013 Cisco System Inc. All rights reserved Cisco Confidential 1 © 2013 Cisco System Inc. All rights reserved. 1 Allow System Distribution Lists to be.
Timothy Heeney| Microsoft Corporation. Discuss the purpose of Identity Federation Explain how to implement Identity Federation Explain how Identity Federation.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco Unity Connection 2.0 VUI Troubleshooting Mike Maas, Unified Communications.
© 2012 Cisco and/or its affiliates. All rights reserved. BRKUCC Cisco Public (SAML) Single Sign-On (SSO) for Cisco Unified Communications 10.x By.
Copyright ®xSpring Pte Ltd, All rights reserved Versions DateVersionDescriptionAuthor May First version. Modified from Enterprise edition.NBL.
W. Sliwinski – eLTC – 7March08 1 LSA & Safety – Integration of RBAC and MCS in the LHC control system.
Integrating with UCSF’s Shibboleth system
1 © 2004, Cisco Systems, Inc. All rights reserved. CISCO CONFIDENTIAL Using Internet Explorer 7.0 to Access Cisco Unity 5.0(1) Web Interfaces Unity 5.0(1)
ArcGIS Server and Portal for ArcGIS An Introduction to Security
© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2012 Cisco and/or its affiliates. All rights reserved. 1 Voice Mailbox.
Phone: Mega AS Consulting Ltd © 2007  CAT – the problem & the solution  Using the CAT - Administrator  Mega.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Partitions & Search Spaces TOI Aaron Belcher.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Unity Connection 2.0 Architecture TOI Part II – Technical Area Overview.
© 2015 Cisco System Inc. All rights reserved Cisco Confidential 1 © 2015 Cisco System Inc. All rights reserved. 1 Next Generation Security Support in Unity.
© 2013 Cisco System Inc. All rights reserved Cisco Confidential 1 © 2013 Cisco System Inc. All rights reserved. 1 System Backup And Restore Utility.
Presentation_ID © 2012, Cisco Systems, Inc. All rights reserved. Cisco Confidential.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco Unity Connection 2.0 Phone View Troubleshooting Mike Maas, Unified.
Using Enterprise Logins in Portal for ArcGIS via SAML Greg Ponto & Tom Shippee.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Digital Networking TOI David Smith
© 2006 Cisco Systems, Inc. All rights reserved.1 Connection 7.0 Serviceability Reports Todd Blaisdell.
Integrating and Troubleshooting Citrix Access Gateway.
© 2006 Cisco Systems, Inc. All rights reserved.1.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lucas TOI – CUC Upgrade and Rollback Monica Price Cohen.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Cisco Unity Connection Reports Administration Radha Radhakrishnan 10/13/2005.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Add User - To My Account - To a Clients Account eDelivery Team Oct 8.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Cisco Unity Connection Version 2.0 Database TOI Matt Penning –
© 2015 Cisco System Inc. All rights reserved Cisco Confidential 1 © 2015 Cisco System Inc. All rights reserved. 1 Subject Line Customization for Notifications.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 UC 7.0 Install and Upgrade Changes TOI Josh Rose UCBU Software Engineer.
Secure Mobile Development with NetIQ Access Manager
Business Objects XIr2 Windows NT Authentication Single Sign-on 18 August 2006.
Access Policy - Federation March 23, 2016
Analyn Policarpio Andrew Jazon Gupaal
Federation made simple
Prime Service Catalog 12.0 SAML 2.0 Single Sign-On Support
Cisco Unity Connection
Cisco Unity Connection
Addressing the Beast: Single Sign-On II
SQL Server 2005 Installation
Cisco Unity Connection Logon Session Limit – TUI/VUI
Enterprise Service Bus (ESB) (Chapter 9)
Cisco Unity Connection Customized Log-on Message
Cisco Unity Connection Minimum TLS Version Support
Cisco Unity Connection Common PIN
X-Road as a Platform to Exchange MyData
Cisco Unity Connection -
Office 365 Development.
Una herramienta para la gestión de identidad, el control de acceso y uso compatible con la regulación de identidad europea eIDAS.
INTEGRATIONS WITH Single Sign-On
INTEGRATIONS WITH Content Providers
INTEGRATIONS WITH Enterprise HRIS
Presentation transcript:

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Otomo End User SSO - TOI March 2014 Otomo 10.5 – End User SSO Support Presenter – Aastha Wal (aawal)

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 2 Table of Contents  Abbreviations  Added Functionality in current release  OAuth API/Endpoints  Jabber- CUC SSO Flow  Enterprise parameters  OAuth token expiry  Counters  CLI command to set trace Level  Collect Logs from RTMT  Troubleshooting tips

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 3 Abbreviations  CUC: Cisco Unity Connection  IDP: Identity Provider  OAuth: Authorization protocol / framework  SAML: Security Assertion Markup Language  SP: Service Provider  SSO: Single Sign On  SSOSP: CUC specific SP implementation  RTMT: Real Time Monitoring Tool

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 4 Added Functionality in current release Oz 10.0  SAML SSO, only Web Applications single sign on was possible.  CUC Admin  CUC Client Web Applications: - CiscoPCA - Web-Inbox - Mini-inbox Otomo 10.5 In addition to features present in 10.0, this release has:  SAML enabled for CUC Serviceability  OAuth token based access to services like: - VMRest (on Unity Connection)

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 5 OAuth API / Endpoints

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 6

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 7 Enterprise Parameters  There would be two new Enterprise level parameters specific to OAuth. 1)Enterprise parameter to set OAuth token expiry time in minutes. 2)Enterprise parameter to set a redirect URL for third party client. (no default value)  Once the administrator changes the timer, SSOSP web application pick up the new value instantaneously without having to restart Tomcat or SSOSP web application Note: Clicking on Enterprise parameter gives the description about the parameter.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 8 OAuth Token Expiry Settings in CUC

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 9 OAuth token expiry  The Authorization service /validate endpoint will return a HTTP 400 Bad Request for an expired token

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 10 Counters  Two new counters introduced to track the number of failed/invalid SAML Requests/Responses SAML_FAILED_REQUESTS SAML_FAILED_RESPONSES In case of a failed SAML request or a failed response counters will be incremented (like if request/response has some mandatory field missing etc. )  OAuth tokens are tracked by the following counters: OAUTH_TOKENS_ISSUED OAUTH_TOKENS_ACTIVE OAUTH_TOKENS_VALIDATED OAUTH_TOKENS_EXPIRED OAUTH_TOKENS_REVOKED  CLI command to get counter values: show perf query class "SAML SSO"

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 11 Counters

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 12 CLI Command to Set Trace Level Log level can be changed using the following CLI commands:  set samltrace level DEBUG  set samltrace level INFO (default)  set samltrace level WARNING  set samltrace level ERROR  set samltrace level FATAL Note: They are used for troubleshooting, DEBUG mode is best for troubleshooting

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 13 © 2005, Cisco Systems, Inc. Company Confidential Collect Logs from RTMT Following log files can be collected from RTMT: ssosp.log: ssospxxxxx.log security.log: securityxxxxx.log Tomcat access: localhost_access_log.txt Below are the steps to follow on RTMT Login to RTMT Goto: System  Tools  Trace  Trace & Log Central For ssosp logs: Click on Collect files  click next  select Cisco SSO  finish For security logs: Click on collect files  click next  select Cisco Tomcat Security  finish For Tomcat access logs: Click on collect files  click next  select Cisco Tomcat  finish Log files will be downloaded

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 14 Troubleshooting tips Logs Location  OAuth endpoint logs: On all the nodes in the cluster /var/log/active/tomcat/logs/ssosp/log4j/ssosp*  IMS: On all the nodes in the cluster /var/log/active/tomcat/logs/security/log4j/security*  CUC Tomcat access logs: /var/log/active/tomcat/logs/localhost_access_log.txt

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 15 Troubleshooting tips for CUC cont..  Problem Description 1.VMRest API throws 401 response error  Solution 1.Check if OAuth Token has expired 2.Check if OAuth Token is no longer valid -If the Tomcat service is restarted then all previous tokens are no longer valid and the client have to request for a new token. - If the publisher server of Unity Connection cluster went down then the token generated on the publisher server becomes invalid, and clients have to request the subscriber to generate a new token.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 16

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.