Interesting. It appears this app doesn't query any of the normal Tomcat services (e.g. CCMCIP) that would require End User authentication. The admin guide supports your statement that you only need a TCT device ID and TFTP server address.
Normally, the way to address this would be SIP Digest Authentication. Unfortuantely, Jabber and/or CUCM decide to embed the digest credentials into the TFTP XML config file, rendering the security feature entirely useless without a mixed-mode cluster.
In this instance, I believe you're stuck from a security perspective. Not at all useful but worth noting: this is the same level of security every other CUCM device, including physical phones, have operated under from the beginning. Anyone with any degree of motivation could do emulate another device using [redacted] client application as long as they knew the model and MAC address of the device... which they can get from the webpage of the phone if they know it's IP address... which they can see by calling it and sniffing the RTP traffic when the call connects.
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...
This document describe how DST changes and how time changes are
implemented in DST. Daylight Saving Time (DST) is the practice of
setting the clocks forward 1 hour from standard time during the summer
months, and back again in the fall, in order to make b...