Feature #30
Streamline Module http authentication
| Status: | Closed | Start: | 05/04/2009 | |
|---|---|---|---|---|
| Priority: | High | Due date: | ||
| Assigned to: | jacobsj | % Done: | 100% |
|
| Category: | - | |||
| Target version: | Caller ID Superfecta v 2.0.0 | Estimated time: | 1.00 hour |
Description
We can completely eliminate the http authentication by placing the callerid.php file in a sub folder and playing an .httaccess file in that folder.
In that file is we specify AuthType none as indicated here:http://www.clearchain.com/blog/posts/removing-htaccess-authentication-restrictionswe should be able to eliminiate the need for authentication and make this system work out of the box much easier.
Edit: Elimination of authentication does not appear achievable at this time. The goal of the ticket has therefor changed to:
Provide ability to set this username and password in the Superfecta admin section of FreePBX so that only one configuration page needs to be used to get this working.
History
Updated by tshif about 4 years ago
- Status changed from New to Reviewed
- Priority changed from Normal to High
- Target version changed from Caller ID Superfecta v 2.1.0 to 6
- Estimated time set to 1.00
There is no real down side to allowing un authenticated access to the callerid.php script. I don't see it being a security issue since it makes no changes to the system.
This makes sense to me. I dont like having to use the password - especially since FreePBX displays it in clear text in the Caller ID Lookup Sources field.
Updated by jacobsj about 4 years ago
- % Done changed from 0 to 100
Updated by tshif about 4 years ago
- Status changed from Reviewed to Closed
- Assigned to set to jacobsj
Updated by jacobsj about 4 years ago
After further testing, this is not fixed, and I'm not entirely sure it can be fixed.
Updated by tshif about 4 years ago
- Status changed from Closed to Assigned
In previous interim revisions, the maint user ID and password were automatically populated in the CallerID LookUp Sources Table for the Caller ID Superfecta source.
When we tried eliminating login requirements, this code was dropped.
Could we bring it back - or was there another negative to having it do that that I missed?
Updated by tshif about 4 years ago
- Target version changed from 6 to Caller ID Superfecta v 2.0.0
Updated by jacobsj about 4 years ago
I brought the code back already, it's just not in an install file yet.
Updated by tshif about 4 years ago
We dont seem to be parsing the amportal file and prepopulating the userid and password any more.
Auto parse and populate is going to be restored - right?
Updated by tshif about 4 years ago
- Subject changed from Eliminate http Authentication to Streamline Module http authentication
Updated by jacobsj about 4 years ago
tshif wrote:
We dont seem to be parsing the amportal file and prepopulating the userid and password any more.
Auto parse and populate is going to be restored - right?
Just to clarify, we're talking about the http authentication username and password? If this is the case, it seems to be working properly on my system. I can enter the username and password through the UI in this module and it seems to be populating properly.
Updated by tshif about 4 years ago
- Status changed from Assigned to Closed
- % Done changed from 90 to 100
Function IS working as designed. I was thinking about prepopulating with values parsed from amportal - but I finaly realize that the values we need are from Apache security, and are not available in amportal.conf.