[asterisk-bugs] [Asterisk 0010961]: [patch] Add HTTP Basic & Digest Auth (rfc2617) for manager web interface.
Asterisk Bug Tracker
noreply at bugs.digium.com
Tue Dec 9 10:14:20 CST 2008
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=10961
======================================================================
Reported By: ys
Assigned To: otherwiseguy
======================================================================
Project: Asterisk
Issue ID: 10961
Category: Core/NewFeature
Reproducibility: N/A
Severity: feature
Priority: normal
Status: assigned
Asterisk Version: SVN
SVN Branch (only for SVN checkouts, not tarball releases): trunk
SVN Revision (number only!): 85514
Disclaimer on File?: N/A
Request Review:
======================================================================
Date Submitted: 2007-10-12 06:48 CDT
Last Modified: 2008-12-09 10:14 CST
======================================================================
Summary: [patch] Add HTTP Basic & Digest Auth (rfc2617) for
manager web interface.
Description:
I found, that manager web interface used "Cookie" Header for authenticate
the user. This require two http request, one for authenticate and next for
commands.
This patch add only Basic authentication scheme implementation, as defined
in rfc2617.
If used this scheme, httptimeout are unused, but we don't need to keep a
http session (and mansession) alive, after HTTP Request is processed.
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0011414 [patch] Move loading users from authent...
======================================================================
----------------------------------------------------------------------
(0096010) otherwiseguy (administrator) - 2008-12-09 10:14
http://bugs.digium.com/view.php?id=10961#c96010
----------------------------------------------------------------------
Ok, I have brought the branch back up to trunk and merged your latest patch
into the branch. If you could make any future patches against the
http://svn.digium.com/svn/asterisk/team/group/manager_http_auth branch, it
should make keeping this up to date easier.
In response to my last comment, I guess I can see how one might want to
use both methods of auth at the same time, so I can see the usefulness of
having separate uris. I'm going to go ahead and go through the patch and
see if I can come up with anything that it would need before merging, do
some testing, etc.
Issue History
Date Modified Username Field Change
======================================================================
2008-12-09 10:14 otherwiseguy Note Added: 0096010
======================================================================
More information about the asterisk-bugs
mailing list