I'm working on a phone application and I want to use the CallManager UserIDs and Passwords for user authentication to start up the application.
I tried using AXL, but the getUser request returned empty elements for password and pin.
Right now I'm using JTAPI's peer.getProvider method. If it's successful, great, I have a match. If it throws com.cisco.jtapi.PlatformExceptionImpl, then I know authentication failed, I can catch the error and send back a bad password / login message to the phone.
Is this a good idea or has someone come across a better way?
I take it not showing the pin and password is a security precaution. But you could always try to access the DC directory manually - though that would no longer be possible in CCM 5.
Another way would be using the built-in authentication page on the call manager. If you access certain urls on the phone, you have to provide a login and password. E.g. http:///CGI/ModeInfo .. so you could make a http get for that url and provide the user provided login and password in an authentication header.. if you get http 200 response, the l/p is valid, if you get a 401, the l/p is invalid.
The PlatformExceptionImpl could also signify another error and since there's no specific "bad login/pw" jtapi error, it may not be the most reliable way (if the cti manager has crashed, you'll get this message as well and you're relying on a component that you potentially don't need... plus this approach requires that the device association has been made.. in most installations I've come across, there was either EM, or the owner user id was set.. I've rarely seen device associations as this is only useful for cti).
"and you're relying on a component that you potentially don't need"
The concept of the app is a time clock (punch clock) where users can clock in or out from any IP Phone in the building and their times will be stored in an ERP system for payroll, yada yada...
I'm hearing preliminary information that the customer interested in this app may have locations where 1 IP Phone is being shared by 3 or 4 people (warehouse perhaps?) so I can't gaurantee a direct correlation of user to phone.
I figured it would be a clean solution to piggyback CallManager's userIDs and passwords since they would be used for other phone apps like Extension Mobility.
A funny thing about the AXL getUser "security" is that if I do a getPhone request, some of the information returned about services such as Fast Dials and the Address Book display the userID and PIN in the URL :D
SIP traces provide key information in troubleshooting SIP Trunks, SIP
endpoints and other SIP related issues. Even though these traces are in
clear text, these texts can be gibberish unless you understand fully
what they mean. This document attempts to br...
Please find the attached HTML document, download and open it on your PC.
This provides an easy to use form where you simply answer a few
questions and it will render the proper jabber-config.xml file for you
to copy/paste. There is built in logic to verif...
CUCM Database Replication is an area in which Cisco customers and
partners have asked for more in-depth training in being able to properly
assess a replication problem and potentially resolve an issue without
involving TAC. This document discusses the bas...