[Asterisk-Users] Simple Manager Proxy
David Troy
dave at popvox.com
Sat Sep 25 13:35:37 MST 2004
If you have developed CGI, PHP or other synchronous web-based applications
that utilize the Asterisk manager interface, you know that they don't
scale well, since each invocation from the web requires a connection to
Asterisk and authentication there (thus putting a potentially large amount
of connection and authentication load directly onto asterisk).
There has been some discussion as to how to address this; some folks are
talking about databases, others have developed specialized 'middleware' to
bridge between the code at the edge and Asterisk. Nicolas Gudino's Flash
Operator Panel is one such piece of code.
I had a need for a much simpler proxy than his op_server.pl; to meet my
need I re-worked and simplified his code. See below for this simplified
proxy:
http://www.popvox.com/simpleproxy.pl
It's *very* simple: connects to Asterisk manager with a single
authenticated connection, and listens on a configurable port (1234 by
default) for inbound connections.
Any commands passed from client->proxy are forwarded to Asterisk. Any
events passed from asterisk->proxy are forwarded to all connected clients.
They all share a common connection context so all clients will see the
same thing, all clients will share the rights of the authenticated user.
I make no pretense that this is particularly good code; I'm putting it
out there for now as it helps me with testing something I'm working on,
and it may be of use to others -- maybe we can start the ball rolling on
something a bit more robust.
Uses for this include:
- Making a web-services/XMLRPC wrapper for asterisk manager
- Building simple web-based applications
- Backend for scalable, heterogeneous operator panels
- Insulating Asterisk manager internals from user community
Some potential next steps/enhancements for this basic design might be:
- Test for robustness/IO interruptions on either side
- Creating a connection pool of n (configurable) connections to * manager
- Tracking connection contexts for clients
- Redo with c/pthreads for speed (imapproxy is someplace to look)
- Utilize libwrap to control access
- Implement a simple authentication mechanism
- Add TLS to clients for secure manager interactions
Right now it is assumed that you will use this proxy in a secured
environment -- either listening on localhost only, on a private LAN or
behind a firewall. If you do not take some precautions you may be opening
up a completely unauthenticated proxy to your * box!!
Let me know if you have questions/thoughts/comments about this.
Thanks,
Dave
--
David Troy
popvox, llc
More information about the asterisk-users
mailing list