[asterisk-dev] Pinemango -- Authorization API
Brian Degenhardt
bmd at digium.com
Tue Oct 14 11:25:09 CDT 2008
Russell Bryant wrote:
> Johansson Olle E wrote:
>> The fact that Russell, who's the current maintainer of Asterisk, votes
>> for taking authorization out of the
>> picture is very disappointing to me.
>
> I do not vote for taking it out of the picture. I am simply in
> agreement with the things that Brian, Tim and now Kevin have been
> saying, which is that we should allow the framework to handle policy
> decisions.
The hooks component from the PineMango diagram is a great way to do this
too. The hooks don't even have to be really security-related. Imagine
that asterisk executed a hook every time the following things happened:
* SIP registration
* Codec negotiation
* SIP REINVITE
* res_features transfer
* Barge/Whisper/Spy toggle
* External MWI Event/NOTIFY
If my app controlling Asterisk is asked, via a hook, each time these
things happen, I can then impose my external business-rules governed
security policy. Maybe the user hasn't paid for MWI service, or perhaps
they are only allowed to Barge on certain callers. Possibly they can
only register phones on nights and weekends.
I don't need a mechanism to define these policies in the core. I
desperately need a mechanism to control these things from outside of
Asterisk.
cheers
-bmd
More information about the asterisk-dev
mailing list