[asterisk-bugs] [Asterisk 0010961]: [patch] Add HTTP Basic & Digest Auth (rfc2617) for manager web interface.

noreply at bugs.digium.com noreply at bugs.digium.com
Mon May 26 07:49:17 CDT 2008


A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=10961 
====================================================================== 
Reported By:                ys
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   10961
Category:                   Core/NewFeature
Reproducibility:            N/A
Severity:                   feature
Priority:                   normal
Status:                     ready for testing
Asterisk Version:           SVN 
SVN Branch (only for SVN checkouts, not tarball releases):  trunk 
SVN Revision (number only!): 85514 
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             10-12-2007 06:48 CDT
Last Modified:              05-26-2008 07:49 CDT
====================================================================== 
Summary:                    [patch] Add HTTP Basic & Digest Auth (rfc2617) for
manager web interface.
Description: 
I found, that manager web interface used "Cookie" Header for authenticate
the user. This require two http request, one for authenticate and next for
commands.
This patch add only Basic authentication scheme implementation, as defined
in rfc2617.
If used this scheme, httptimeout are unused, but we don't need to keep a
http session (and mansession) alive, after HTTP Request is processed.







======================================================================
Relationships       ID      Summary
----------------------------------------------------------------------
related to          0011414 [patch] Move loading users from authent...
====================================================================== 

---------------------------------------------------------------------- 
 ys - 05-26-08 07:49  
---------------------------------------------------------------------- 
digest_auth_r118255_v4.diff:

Sync with actual revision 118255.

Make xml_translate() more logical. (and prevent memory leak).
Move mansession to astobj2 container.

Decision about suproted method are moved to http callback, that can make
it more adaptable in future.
Removed http "GET" varible processing limitation (from uri string) only
for GET http method, but this is not violate the standart. Such as in PHP
language, this variables comes to $_GET[] global array. 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
05-26-08 07:49  ys             Note Added: 0087312                          
======================================================================




More information about the asterisk-bugs mailing list