Thanks for the reply,

1. CUPS is not configured over SSL, when i try to access https://10.106.13.173:7335/httpbinding it says "Secure Connection Failed", what ever the response you are talking about i can see the same with non secured URL http://10.106.13.173:7335/httpbinding

2. The issue here is CUPS is authenticating against User Principal Name(UPN) and not against sAMAccountName of AD, if i use UPN the sample app is not working

3. I have another CUPS server which authenticates against sAMAccountName and the sample app mentioned in the thread works fine

Can you share a screen shot of your security settings?  System->Security->Settings, for example:

Also, when you say, "what ever the response you are talking about i can see the same with non secured URL", I'm not sure what you mean.  This is basically what you should see:

Is that what you see?

1. security settings:

2. Below is the response,when I access http://10.106.13.173:7335/httpbinding

This URI is for XMPP communication via the BOSH protocol.

Please reference the following protocols:

• RFC 3920: Extensible Messaging and Presence Protocol (XMPP): Core
• RFC 3921: Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence
• XEP-0124: Bidirectional-streams Over Synchronous HTTP (BOSH)
• XEP-0206: XMPP Over BOSH

3. below is the response when i access  https://10.106.13.173:7335/httpbinding

It looks like everything is working as intended.  Keep in mind that only http or https will work. You can't set it up for both to work at the same time.  Right now, http is working.  If you want https, check the box for "Enable Web Client to IM/P Service Secure Mode", save the settings, and try to browse to https://10.106.13.173:7335/httpbinding again. 

Is the domain for your UPN login different than the domain for your Jabber IM&P server?  If they're the same, then you can log in with your username and password using Jabber SDK.  Depending on your Javascript, you may want to avoid logging in as user@doman, and just log in as user.  If your Javascript isn't written to accept user@domain, then what it will do is try to log in as user@doman@domain, and that will produce an error.  The basic chat demo adds a pre-defined domain to the username, which may be causing the problem you're seeing.

     client.connect(jabberwerx.$("#username").val() + "@" + demoConfig.domain,

                                jabberwerx.$("#password").val(), arg);

It gets demoConfig.domain from here:

            var demoConfig = {

                domain: "psdtemea.cisco.com", //the domain specified for your CUP server

                httpBindingURL: "https://cup.psdtemea.cisco.com:7335/httpbinding", //the BOSH url for your server

                unsecureAllowed: false

            };

Even if you set it to the correct domain, you'll still get an error if you try to log in as user@domain, because it will end up trying to log in as user@domain@domain. 

Also, note the unsecureAllowed parameter.  It should be set to false if you're using https.  Set it to true if you're using http.

1. Iam using http so the config would be

var demoConfig = {

                domain: "exch2k10.sn-qa.com",

                httpBindingURL: "http://10.106.13.173:7335/httpbinding",

               unsecureAllowed: true

            };

2. I used both username:rbalu and also rabble@exch2k10.sn-qa.com, both are giving error, below are the errors

1. Tried to login to the html with user rbalu and password Cisco_123 and getting the error  - Could not connect: <error><not-authorized xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/></error>
2. Tried to login with user rbalu@exch2k10.sn-qa.com and the error - Could not connect: <stream:error xmlns:stream="http://etherx.jabber.org/streams"><service-unavailable xmlns="urn:ietf:params:xml:ns:xmpp-streams"/></stream:error>

3. In jabber client iam using the same domain exch2k10.sn-qa.com

If you look at your profile popup, you'll see that your Chat (IM address) is rbalu@exch2k10.sn-qa.com@exch2k10.sn-qa.com

This double domain is not a valid Jabber ID (JID).  A valid Jabber ID is user@domain, not user@domain@domain.

I don't know why Jabber for Windows allows it, but Jabber SDK doesn't. I have a feeling your user name in CUCM is rbalu@exch2k10.sn-qa.com and not rbalu.  It this correct?

Right, the username is rbalu@exch2k10.sn-qa.com (which is User Principal Name in Active Directory) in CUCM

Jabber SDK is simply doing what should be expected.  It is rejecting an invalid Jabber ID.  See this specification, which tells you that you can't have an @ sign in the Jabber user name (node). 

2.3 Node Identifier

Node identifiers are restricted to 256 bytes, They may contain any Unicode character higher than #x20 with the exception of the following:

1. #x22 (")
2. #x26 (&)
3. #x27 (')
4. #x2F
5. #x3A (:)
6. #x3C (<)
7. #x3E (>)
8. #x40 (@)  <--- not allowed
9. #x7F (del)
10. #xFFFE (BOM)
11. #xFFFF (BOM)

XEP-0029: Definition of Jabber Identifiers (JIDs)

Thanks,

curious to know how jabber clients is working with UPN

I don't know why Jabber for Windows allows that user name.  It shouldn't, because it violates the XMPP standard. A bigger question is why the Cisco IM&P server allows it!  Again, it shouldn't allow a user name with an @ in it. 

I suppose there's nothing wrong with expanding beyond the XMPP specification to add features, but apparently the Jabber SDK engineers adhered to the XMPP standard.

Hi Nicholas,

        Is there any way to make it work? as it doesn't work for either rbalu or rabble@exch2k10.sn-qa.com, if it was working for rbalu then i would have changed my code to truncate "@domain" and send only the first half.