[asterisk-users] polycom with http/https basic authentication

Alexander Lopez Alex.Lopez at OpSys.com
Fri Jun 27 13:07:58 CDT 2008 

I could never get the http stuff to work, I tried Ftp like what you have


ftp://user:password@server/customomer

It worked fine for me the first time, and I just ran with it. Has worked
without an issue since day one.  If FTP not an option for you????

Alex

> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-
> bounces at lists.digium.com] On Behalf Of Robert McNaught
> Sent: Friday, June 27, 2008 1:20 PM
> To: Asterisk Users Mailing List - Non-Commercial Discussion
> Subject: [asterisk-users] polycom with http/https basic authentication
> 
> Hi,
> 
> I apologize that this is not directly associated with Asterisk, I have
> been trying to solve this, but not having any luck.
> 
> Does anyone have a setup with http or https with basic authentication
> for provisioning Polycom Phones.  We use edgemarc 4500 routers and use
> Option 66 to auto-provision phones using DHCP.  I am trying to set up
> an apache server with subdirectories for different customers protected
> by a username and password so that their phones can only access their
> own directory.
> 
> The string I am putting in Option 66 is:
> 
> "http://username:password@http.server.com/dir1/"
> 
> This is packet dumps of the polycom phone trying to grab files from
> the server - using basic authentication - I have set up .htaccess
> files which work correctly when pulling down files using firefox.
> 
> GET FILE WITH POLYCOM
> [root at server3 ~]# ngrep -q 'HTTP/1.[01]'
> interface: eth0 (XXX.XXX.XXX.XXX/255.255.254.0)
> match: HTTP/1.[01]
> 
> T XXX.XXX.XXX.XXX:1024 -> XXX.XXX.XXX.XXX [AP]
>   GET /dir1/2345-12200-002.bootrom.ld HTTP/1.1..Host:
> http.server.com..Accept: */*..U
>   ser-Agent: FileTransport
PolycomSoundPointIP-SPIP_320-UA/4.0.0.0423....
> 
> T XXX.XXX.XXX.XXX:80 -> XXX.XXX.XXX.XXX:1024 [AP]
>   HTTP/1.1 401 Authorization Required..Date: Fri, 27 Jun 2008 16:46:59
> GMT..Server: A
>   pache/2.0.61 (Unix) mod_ssl/2.0.61 OpenSSL/0.9.8b
> mod_auth_passthrough/2.1 mod_bwli
>   mited/1.4 FrontPage/5.0.2.2635 PHP/5.2.5..WWW-Authenticate: Basic
> realm="Restricted
>    Area"..Content-Length: 703..Content-Type: text/html;
> charset=iso-8859-1....<!DOCTY
>   PE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">.<html><head>.<title>401
> Authorization R
>   equired</title>.</head><body>.<h1>Authorization
> Required</h1>.<p>This server could
>   not verify that you.are authorized to access the document.requested.
>  Either you su
>   pplied the wrong.credentials (e.g., bad password), or your.browser
> doesn't understa
>   nd how to supply.the credentials required.</p>.<p>Additionally, a
> 404 Not Found.err
>   or was encountered while trying to use an ErrorDocument to handle
> the request.</p>.
>   <hr>.<address>Apache/2.0.61 (Unix) mod_ssl/2.0.61 OpenSSL/0.9.8b
> mod_auth_passthrou
>   gh/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.5 Server at
> prov.xiptel.net P
>   ort 80</address>.</body></html>.
> 
> T XXX.XXX.XXX.XXX:1025 -> XXX.XXX.XXX.XXX:80 [AP]
>   GET /dir1/bootrom.ld HTTP/1.1..Host: http.server.com..Accept:
> */*..User-Agent: File
>   Transport PolycomSoundPointIP-SPIP_320-UA/4.0.0.0423....
> 
> 
> 
> USING FIREFOX
> [root at server3 ~]# ngrep -q 'HTTP/1.[01]'
> interface: eth0 (69.73.146.0/255.255.254.0)
> match: HTTP/1.[01]
> 
> T XXX.XXX.XXX.XXX:57773 -> XXX.XXX.XXX.XXX:80 [AP]
>   GET /dir1/2345-11300-010.bootrom.ld HTTP/1.1..Host:
> http.server.com..User-Agent: Mo
>   zilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008061015
> Firefox/3.0..Accept:
> 
>
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8..Accept-
> Language:
>   en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
> ISO-8859-1,utf-8;q=0
>   .7,*;q=0.7..Keep-Alive: 300..Connection: keep-alive..Referer:
> http://prov.xiptel.ne
>   t/dir1/..Cookie: logintheme=cpanel; cprelogin=no;
cpsession=closed....
> 
> T XXX.XXX.XXX.XXX:80 -> XXX.XXX.XXX.XXX:57773 [AP]
>   HTTP/1.1 401 Authorization Required..Date: Fri, 27 Jun 2008 16:36:20
> GMT..Server: A
>   pache/2.0.61 (Unix) mod_ssl/2.0.61 OpenSSL/0.9.8b
> mod_auth_passthrough/2.1 mod_bwli
>   mited/1.4 FrontPage/5.0.2.2635 PHP/5.2.5..WWW-Authenticate: Basic
> realm="Restricted
>    Area"..Content-Length: 703..Keep-Alive: timeout=15,
> max=100..Connection: Keep-Aliv
>   e..Content-Type: text/html; charset=iso-8859-1....<!DOCTYPE HTML
> PUBLIC "-//IETF//D
>   TD HTML 2.0//EN">.<html><head>.<title>401 Authorization
> Required</title>.</head><bo
>   dy>.<h1>Authorization Required</h1>.<p>This server could not verify
> that you.are au
>   thorized to access the document.requested.  Either you supplied the
> wrong.credentia
>   ls (e.g., bad password), or your.browser doesn't understand how to
> supply.the crede
>   ntials required.</p>.<p>Additionally, a 404 Not Found.error was
> encountered while t
>   rying to use an ErrorDocument to handle the
> request.</p>.<hr>.<address>Apache/2.0.6
>   1 (Unix) mod_ssl/2.0.61 OpenSSL/0.9.8b mod_auth_passthrough/2.1
> mod_bwlimited/1.4 F
>   rontPage/5.0.2.2635 PHP/5.2.5 Server at prov.xiptel.net Port
> 80</address>.</body></
>   html>.
> 
> T XXX.XXX.XXX.XXX:57773 -> XXX.XXX.XXX.XXX:80 [AP]
>   GET /dir1/2345-11300-010.bootrom.ld HTTP/1.1..Host:
> http.server.com..User-Agent: Mo
>   zilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008061015
> Firefox/3.0..Accept:
> 
>
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8..Accept-
> Language:
>   en-us,en;q=0.5..Accept-Encoding: gzip,deflate..Accept-Charset:
> ISO-8859-1,utf-8;q=0
>   .7,*;q=0.7..Keep-Alive: 300..Connection: keep-alive..Referer:
> http://prov.xiptel.ne
>   t/dir1/..Cookie: logintheme=cpanel; cprelogin=no;
> cpsession=closed..Authorization:
>   Basic ZGlyMTppcGd2MTMxNA==....
> 
> 
> As you can see, the server responds asking for authorization
> credentials, which are not responded to by the Polycom in its next
> HTTP message, whereas with a browser, when I type in my username and
> password in the dialog box, a response is made.
> 
> I have been assured by Polycom that basic authentication works with
> their new models of phones - I am using a ip320.  Further their admin
> guide states:
> 
> "The protocol that will be used to transfer files from the boot server
> depends on
> several factors including the phone model and whether the bootROM or
SIP
> application stage of provisioning is in progress. By default, the
phones
> are
> shipped with FTP enabled as the provisioning protocol. If an
unsupported
> protocol is specified, this may result in a defined behavior (see the
> table below
> for details of which protocol the phone will use). The Specified
Protocol
> listed
> in the table can be selected in the Server Type field or the Server
> Address can
> include a transfer protocol, for example http://usr:pwd@server (refer
to
> Server Menu on page 3-9). The boot server address can be an IP
address,
> domain string name, or URL. The boot server address can also be
obtained
> through DHCP. Configuration file names in the <Ethernet address>.cfg
file
> can include a transfer protocol, for example
> https://usr:pwd@server/dir/file.cfg. If a user name and password are
> specified as part of the server address or file name, they will be
> used only if the
> server supports them."
> 
> 
> Anyone familiar with this situation, or have a different Option 66
> string?  or any troubleshooting tips
> 
> Thanks
> 
> Robert
> 
> _______________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> 
> AstriCon 2008 - September 22 - 25 Phoenix, Arizona
> Register Now: http://www.astricon.net
> 
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list