Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
569
Views
0
Helpful
0
Comments

Application User instead of End User?

cdnadmin
Level 11
Level 11

on ‎01-24-2014 01:12 AM

This document was generated from CDN thread

Created by: ERIC CORNWELL on 11-11-2009 05:02:14 PM
Hello,

I'm in the process of trying to get the IP Phone SDK Screenshot tool to work.  Is it possible to use an Application User for authentication instead of an End User?  We're LDAP integrated so I don't want to create another user if I don't have to.
 
Edit: We're on CUCM 7.0.2.
 
Thanks!

Subject: RE: Application User instead of End User?
Replied by: David Staudt on 11-11-2009 06:13:00 PM
An application user should work fine.

Subject: RE: Application User instead of End User?
Replied by: ERIC CORNWELL on 11-11-2009 06:34:07 PM
I was doing the test that many suggested on here using
 
http://[IPADDR CCM]/ccmcip/authenticate.jsp?UserID=&Password=&devicename=SEP001122334455
 
with the username and password of my application user.  I kept getting a reponse of UN-AUTHORIZED.   I was hoping that I wouldn't have to add every phone as well but it doens't look like I can get around that requirement.

Subject: RE: Application User instead of End User?
Replied by: David Staudt on 11-11-2009 07:37:13 PM
Yes, the app user still has to be associated to the phones it is allowed to control.
 
If you need universal authorization (all phones, all the time), there is a technique you may want to look into, as follows:
 
- In the UCM Enterprise parameters, configure the phone Authentication URL to a custom URL, hosted on a web server you control
- Your webserver will accept the incoming phone authentication requests (from every phone, all the time)
- You can then implement whatever authentication scheme you desire.  Most simply this can be checking the credentials against a set in a config file.
- The web server can then do one of the following:
  - return AUTHORIZED (say, if the credentials match with your 'universal user' set)
  - return UN-AUTHORIZED (if you are performing some kind of real back-end authentication check, which fails)
  - Return an HTTP redirect, pointing back to the built-in UCM authenticaion URL (typical, as this allows regular UCM user authentication to then act as backup)

Subject: RE: Application User instead of End User?
Replied by: ERIC CORNWELL on 12-11-2009 05:32:40 PM
Yes, the app user still has to be associated to the phones it is allowed to control.

 
Interesting... I tried the normal CUCM authorization link and it always returned UN-AUTHORIZED for the app user even though I had the phone registered to the account.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links
Discussions
Customers Also Viewed These Support Documents