09-27-2011 05:45 AM - edited 03-16-2019 07:12 AM
Does anyone know if it is possible to pass the Username and Password (instead of entering it after calling the URL i spassed) as a part of the URL using CGI/Screenshot.
09-27-2011 06:13 AM
To bypass phone authentication you need to re-define "URL Authentication" parameter in Enterprise Parameters Configuration. This parameter must point to the URL, which answers with "AUTHORIZED" string to any HTTP rquest. For example, you may create .jsp file with following content:
response.addHeader("Content-Type", "text/html");
out.print("AUTHORIZED");
09-27-2011 06:50 AM
Thanks for the reply. Can't get it to work though. Is the URL/file required to be on the same server or can it be on another server?
09-27-2011 07:03 AM
Hi,
The file may be located on any web-server in your network. Of course, IP connectivity must exist between IP phone and this server.
Also I need to say, that this authentication scheme is a big security issue. Anyone in your network will be able to see Screenshots of all your IP phones and send to them XML commands for pressing buttons and even establishing calls. I suggest you to re-define authentication URL only for testing purposes on per-phone basis.
09-27-2011 07:30 AM
Yes, thanks. I've got a task of confirming the background of every phone has a specific image. (DOD customer with classified phones.) Trying to find a way to quickly view without putting Username/Password in each time. If I can get this to work I'd only set it while I was viewing and then set it back to the standard location.
Doesn't appear to work using another server though. CM can reach the web server I put the file at, not sure the actual phones can. Current file is at http://CM-ip/ccmcip/authenticate.jsp. Is there a way to put a temp.jsp file in this same directory? Using the CLI I can't seem to find this location/file.
Sorry for the simple question - very new to this system.
09-27-2011 10:41 PM
Hi!
There is no way to put your own files to the internal web-server. On Linux-based CUCM appliances you have no direct access to the filesystem.
Maybe your http server does not support javascript? What happens if you access your custom authentication URL using web browser?
10-12-2011 08:53 AM
Back to this - using a browser the result is the word "AUTHORIZED"
Does the call manager need to be restarted for this to take effect?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: