[asterisk-dev] [Code Review] 2649: ARI authentication
Joshua Colp
reviewboard at asterisk.org
Wed Jul 3 09:14:09 CDT 2013
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/2649/#review9059
-----------------------------------------------------------
Ship it!
I'll make you feel extra special and ship it too since I reviewed it previously ;)
- Joshua Colp
On June 28, 2013, 8:03 p.m., David Lee wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/2649/
> -----------------------------------------------------------
>
> (Updated June 28, 2013, 8:03 p.m.)
>
>
> Review request for Asterisk Developers.
>
>
> Bugs: ASTERISK-21277
> https://issues.asterisk.org/jira/browse/ASTERISK-21277
>
>
> Repository: Asterisk
>
>
> Description
> -------
>
> This patch adds authentication support to ARI.
>
> Two authentication methods are supported. The first is HTTP Basic
> authentication, as specified in RFC 2617[1]. The second is by simply
> passing the username and password as an ?api_key query parameter
> (which allows swagger-ui[2] to authenticate more easily).
>
> ARI usernames and passwords are configured in the stasis_http.conf
> file. The user may be set to `read_only`, which will prohibit the user
> from issuing POST, DELETE, etc. The user's password may be specified
> in either plaintext, or encrypted using the crypt() function.
>
> Several other notes about the patch.
>
> * A few command line commands for seeing ARI config and status were
> also added.
> * The configuration parsing grew big enough that I extracted it to
> its own file.
>
> [1]: http://www.ietf.org/rfc/rfc2617.txt
> [2]: https://github.com/wordnik/swagger-ui
>
>
> Diffs
> -----
>
> /trunk/configs/stasis_http.conf.sample 393124
> /trunk/configure UNKNOWN
> /trunk/configure.ac 393124
> /trunk/include/asterisk/autoconfig.h.in 393124
> /trunk/include/asterisk/http.h 393124
> /trunk/include/asterisk/utils.h 393124
> /trunk/main/Makefile 393124
> /trunk/main/http.c 393124
> /trunk/main/utils.c 393124
> /trunk/makeopts.in 393124
> /trunk/res/Makefile 393124
> /trunk/res/res_stasis_http.c 393124
> /trunk/res/stasis_http/cli.c PRE-CREATION
> /trunk/res/stasis_http/config.c PRE-CREATION
> /trunk/res/stasis_http/internal.h PRE-CREATION
> /trunk/tests/test_utils.c 393124
>
> Diff: https://reviewboard.asterisk.org/r/2649/diff/
>
>
> Testing
> -------
>
> Unit tests for crypt wrapper.
>
> Testsuite tests for authn testing. See https://reviewboard.asterisk.org/r/2650/
>
>
> Thanks,
>
> David Lee
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20130703/fac9e9ec/attachment.htm>
More information about the asterisk-dev
mailing list