Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1256
Views
5
Helpful
2
Replies

Pass username and password in SPA5XX XML URL?

Go to solution
jaydcarter
Level 1
Level 1

‎03-26-2021 02:11 PM

Hello,

 

Can anyone enlighten me on how to send a username and password in an XML URL for a Cisco SPAxxx phone's progammable soft key? The syntax used for the provisioning URL does not seem to work in an XML PSK field.

 

I have an xml directory which I would like to host on a public http server. I want to protect it with a username password. This works when no userid/password is set for the ciscoxml diretory:

 

PSK1 fnc=xml;url=http://www.sitename.com/ciscoxml/dir.xml;nme=Dir

 

If I set a userid/password, I can view the .xml file from a browser using  http://userid:password@www.sitename.com/ciscoxml/dir.xml

but if I set the phone PSK line to

PSK1 fnc=xml;url=http://userid:password@www.sitename.com/ciscoxml/dir.xml;nme=Dir

I get Request failed

I've tried a bunch of different patterns including:

http://[ --uid userid --pwd password] www.sitename.com/ciscoxml/dir.xml

...this seems to work for the provisioning URL but not for the PSK when fnc=xml.

 

I also would prefer to use https:// , I get request failed even without a user ID/password if I attempt to use https.

 

Suggestions?

Thanks!

JDC

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Dan Lukes
VIP Alumni
VIP Alumni

‎03-27-2021 12:25 AM

Can anyone enlighten me on how to send a username and password in an XML URL for a Cisco SPAxxx phone's progammable soft key?

No one, You can't. As far as I know.

As a just blind shot try to set XML User Name and XML Password in the configuration, but I suspect it will not work. Be sure your HTTP server is supporting "Basic" kind of authorization for the purpose of test. Yours chances are slightly higher.

 

If it will not work, consider different approach. Just make name and password part of URL and verify them on server by script serving the XML content. The security consequences are the same.

 

I also would prefer to use https://

I'm pretty sure you wish not to use https even if possible. Phone have very limited computing power and initial https hanshaking take a lot of time. Such delay between PSK press and requested action will be considered very user-unfriendly by your user. See Cisco XML Phone application over https (SSL)

 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Dan Lukes
VIP Alumni
VIP Alumni

‎03-27-2021 12:25 AM

Can anyone enlighten me on how to send a username and password in an XML URL for a Cisco SPAxxx phone's progammable soft key?

No one, You can't. As far as I know.

As a just blind shot try to set XML User Name and XML Password in the configuration, but I suspect it will not work. Be sure your HTTP server is supporting "Basic" kind of authorization for the purpose of test. Yours chances are slightly higher.

 

If it will not work, consider different approach. Just make name and password part of URL and verify them on server by script serving the XML content. The security consequences are the same.

 

I also would prefer to use https://

I'm pretty sure you wish not to use https even if possible. Phone have very limited computing power and initial https hanshaking take a lot of time. Such delay between PSK press and requested action will be considered very user-unfriendly by your user. See Cisco XML Phone application over https (SSL)

 

0 Helpful

Go to solution
jaydcarter
Level 1
Level 1
In response to Dan Lukes

‎03-28-2021 11:57 AM

I did try setting XML_Username and XML_Password - it  did not work.

 

I guess these phones were designed before hosted PBXs were really a thing! I will go back to putting the directory on an internal server; it is for a small installation so it's not worth the extra scripting to try to secure by other means.

 

Thanks!

JDC

0 Helpful
Customers Also Viewed These Support Documents