Hi Dan,

Yes sorry let me be clear on the requirements.

I need a handset on site, whereby a user can just come up to it, and enter their credentials to login and register for SIP.

Ideally I would just want the SPA sat there with a login button and no Host profile registered for SIP, or unregistered for that matter so the lamp is not flashing orange.

So users can use it for hot-desking so calls follow them wherever they might be working.

From what your saying though there will always be a need for a host profile which I get.

On my current setup, the host profile isnt loading without me being prompted for username and password, again is that normal or an issue with configuration?

Thanks

Jon

Host profile doesn't mean that a SIP account needs to be configured. No configuration = no registration to exchange, all Line buttons dark, no way to call. Only login PSK avaiable here.

Mobile configuration loaded upon login = proper SIP configuration, appropriate Line buttons configured in, green lights on (if succesfully registered to exchange), calls works like a charm.

On logout button, all those things needs to be turned off - and it's the job of host mode configuration.

Just beware of local law. For example, emergency calls must be allowed regardless of device state (so no PIN nor login nor coin) in my country.

On my current setup, the host profile isnt loading without me being prompted for username and password

It's not correct. If phone will be turned off when a user logged in, then turned on later, the mobile configuration remain in effect (because it is saved in device and no host configuration is defined). And even casual LOGOUT will not work properly.

Do you remember the example from Montila's document ? It's conditional has "else" part as well. You need follow such example. Something like it:

("$EMS" eq "mobile" and "$MUID" ne "" and "$MPWD" ne "") ? [--uid $MUID$PDOM --pwd $MPWD] http://192.168.1.103/mobility/spa$MA-USER$MUID.cfg | http://192.168.1.103/mobility/spa$MA-HOST.cfg

The orange is conditional. If true, the green part will apply (it define URL for mobile mode and order HTTP authentication using $MUID$PDOM name and $MPWD password). If false, blue part will apply. It define URL requested without authentication (e.g. host mode configuration).

Thanks again for the help Dan.

I have tested successfully on a server running the latest apache2 version, Im now troubleshooting on a server running apache 2.2.22 where the HTTP authentication username(--uid) isnt being presented to the server, I just see " ".

Once I resolve that I will have a fully working version and will post any details.

Thanks

Jon

Catch the HTTP session. I suspect it's problem of Apache's digest authentication configuration.

Hi Dan,

One last thing, is there anyway to make the handset logout and unregister if a user forgets to logout?

As I know with other solutions there is an inactivity timer or another timer you can set to logout at session, is this possible with EM and SPA handsets?

Thanks again.

Jon

As far as I know, no.

You may try to play with reload of host provisioning after a timeout, but I'm not sure it can switch EM status from mobile to host.

Hi Dan,

Seasons greetings, thanks again for all your comments on this.

One last thing, Im adding the profile to our existing provisioning mechanism, which actually uses multiple provisioning profiles, an example of which is below;

[--key w7A_SqGFeaEa] http://test.com/cfg/individual/spa$MA.xml

[--key Y24xduzWWYbo] http://test.com/cfg/tenant/NORTH.xml

("$EMS" eq "mobile" and "$MUID" ne "" and "$MPWD" ne "") ? [--uid $MUID$PDOM --pwd $MPWD] http://test.com/hotdesk/N0RTH/$(MUID)mobile.cfg | ("$PUID" ne "" and "$PPWD" ne "") ? [--uid $PUID$PDOM --pwd $PPWD]  http://test.com/hotdesk/N0RTH/HDhost.cfg

Yes

  @test.com

  "mobile"

The EM is enabled and I can login, but when I do I see HTTP GET requests for Profile B and C, but not D, I thought D would override the previous two requests?

As these profiles then overwrite the EM one.  Ive been trying to find a document that explains profiles in more detail, do you know where one is I can review?

Many thanks

Jon

Two possible reasons:

1. problem with C-profile. If a profile can't be loaded then process will not continue with next profile
2. D-profile conditions evaluate to false

Modify D-profile to be plain URL (unconditional). It give you a chance to distinquish between those two posibilities. If you will see HTTP request for D-URL it's [2], if not it's [1]

Great thanks Dan, thats sorted, I was trying to overwrite too many profiles.

I think thats finally there, I will post working configuration shortly.

I presume that with the whole profile mechanism in use the SPA has to reboot when switching between profiles?

Theres nothing that can be done to stop that?

Thank

Jon

I presume that with the whole profile mechanism in use the SPA has to reboot when switching between profiles? 
Theres nothing that can be done to stop that?

You can do nothing with it. Despite EM switching look like a magic, it's simple method based on configuration reload. Following document apply here in full:

If you will not split configuration into A-D sub-profiles but use server-side script to generate one configuration at once instead, the reconfiguration process will be slightly faster.

I'm not sure what you mean saying "I am not sure how to create authentication" . This is standard HTTP digest authentication, nothing Cisco specific, so you need to configure it on your HTTP server. Consult your HTTP server documentation for "how to configure authentication".

It's so long time I tried to configure it, so I don't know whats the value of $PDOM. Just try to fill any option with 'domain' in its name with an arbitrary string, then check the content of $PDOM. Or remove it from Profile_Rule and forget it at all.

Hi Dan,

I have managed to do it without authentication and I think I know how to add authentication using apache.

Thanks for you reply,

Glad to hear.