[asterisk-bugs] [JIRA] (ASTERISK-21277) stasis-http authentication
Digium Subversion (JIRA)
noreply at issues.asterisk.org
Wed Jul 3 12:23:04 CDT 2013
[ https://issues.asterisk.org/jira/browse/ASTERISK-21277?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Digium Subversion closed ASTERISK-21277.
----------------------------------------
Resolution: Fixed
> stasis-http authentication
> --------------------------
>
> Key: ASTERISK-21277
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-21277
> Project: Asterisk
> Issue Type: New Feature
> Security Level: None
> Components: Core/Stasis, Resources/res_stasis_http
> Reporter: David M. Lee
> Labels: Asterisk12
>
> {{stasis-http}} currently does no authentication checking. The, needless to say, is a Bad Thing™.
> We should support:
> * HTTP Basic authentication
> * {{crypt(3)}} encrypted password
> * Password-less authentication (logging in using ?api_key=username)
> * Read-only users
> The sample config should be something like this:
> {code:none}
> ;[user-username]
> ;read_only = no ; When set to yes, user is only authorized for
> ; ; read-only requests
> ;
> ; If a password is specified, user must authenticate using HTTP Basic
> ; authentication. If no password is specified, then the user may authenticate
> ; simply by adding ?api_key=username to their requests.
> ;
> ;password = ; Crypted or plaintext password (see crypt_password)
> ;
> ; crypt_password may be set to crypt (the default) or plain. When set to crypt,
> ; crypt(3) is used to encrypt the password. A crypted password can be generated
> ; using mkpasswd -m sha-512.
> ;
> ; When set to plain, the password is in plaintext
> ;
> ;crypt_password = crypt
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the asterisk-bugs
mailing list