Jump to content

Yitzchok

Members
  • Posts

    10
  • Joined

  • Last visited

Everything posted by Yitzchok

  1. Yitzchok

    Rescan Message

    How do you share the data between the main instance and the failover one? I am not talking about sharing state.
  2. Yitzchok

    Rescan Message

    Representational_State_Transfer Your right that by just putting the xml files into a Database won't help with the need to restarts the pbx to reload the settings (I am not sure if a caching the data for a few minutes or something will work here but maybe this can be tested) but I think it will help for a failover scenario (the second box has access to the same database and just picks up from where the other left off) Are there any ORM's or database agnostic api for C (I am a .NET programmer so I don't know if they have this in the unmanaged programming world) that can abstract away the database so the person can choose what database to use?
  3. I see there is auto-login script in this file do you already have an update for the pbx so that it doesn't redirect on the first call?
  4. Yitzchok

    Rescan Message

    To tell you the truth I hate the email as an API idea. Here are some things that can help some for development on the pbxnsip platform. Putting out a WSDL for the WebService will help. Designing a RESTfull service will be great. Also what about hosting the xml config files in a normal database (even without moving the tables to RDBMS) that can be shared across servers (for failover) and multi server support (domains get a server id and can be moved from one server to another from one web ui). Thanks
  5. Yitzchok

    Rescan Message

    I was thinking of storing the database files (the folders containing the xml files) on the network and point pbxnsip to that directory and changes from the outside by an external system will then submit a change signal to the pbx about changes. Or maybe using one PBX for managing all the servers settings while phone registrations are done to a specific server. I was thinking maybe using something like FUSE to give each PBX there own files while giving the main pbx all the files (I have no idea if this will work). (I would love to see some WSDL files for the SOAP messages)
  6. What you posted is an option but not one that will really work for us since I don't want to expose the users password as clear text in the url even if I use ssl because I don't want the password to show up in the url in clear text in any case, a person looking over my shoulder can see it. If you use Public/Private key encryption then it is not possible to get the password from the info passed to the browser except if the person has the private key. I would love to see this but it is probably complicated to implement. You can contact me if you want more info on this. What about also adding a page where the request doesn't get redirected to the login page so I can add the page to the html folder and use javascript to login the person. For now I am not interested in changing settings in the PBX using URL's that should be implemented using REST or SOAP. Thanks
  7. That will work as long as I am willing to put the password in the query-string (html PUT) unencrypted and un-encoded. Another option I think can work, is not redirecting just the page auto.htm (but a request to that page should create new session even if he had one before) and I can add a auto.htm page in the html folder and post the login form on that page using javascript so the user kind of gets logged in automatically. The best and most secure option (so that we don't have to expose the users password admin/other) would be to have some encryption key in the pbx (that is not exposed in the admin web ui but only in the bpx.xml file (or another file that wont get exported with the configuration export for extra security) since there can only be one admin user and this shouldn't be exposed to all admin users). So to auto login the user from a custom application I can send the user to a url with something like this http://pbx/auto.htm?auth=RW543tfw45tads54G...eg_settings.htm (auth might have to be url encoded) The auth filed will be an encrypted string that has in it the password and an expiration time or even better the time the key was generated (and maybe also the users IP address) this will allow the user to login without exposing the password to the user and to hackers, and will make this auth key worthless after a few minutes from anywhere and non accessible from other ip's right away. (To make things more complicated and secure you can use public/private key encryption but I don't know if this is necessary) Thanks, Yitzchok
  8. Yitzchok

    Rescan Message

    What about adding a rescan message to the system that will scan for new changes in the xml files so that we can edit the configuration xml's on a live box then just tell pbxnsip rescan or reload it without the need to restart the PBX.
  9. Is there a reason that on the first request to the login.htm page (or any other web page in the system even if you add your own page into the html folder) gets redirected with a 302 Moved Temporarily to the login.htm? This happens on the first request of a new web session to the server and after that it all works fine for that session. That problem for me is that I am trying to send a request with a query string attached to the url (that I use in the javascript of the page) but I must always click the link twice to get it to go to the right page (even if the request is to the login.html) Is there anyway to get around this problem? Thanks Yitzchok
×
×
  • Create New...