Raphael Coeffic writes: > I'll look into the issues ASAP. Regarding the extra_headers, do you > think that we could specify that in the config file? I don't like too > much the idea of either hard-coding or getting them passed from the > flash_client. Any suggestions/preferences?
ok, here is what i have been thinking today. there are many uses for this kind of flash phone. for example, a company could place it on their web page to facilitate calling to customer info. in that application it does not matter who makes a call and there is no need to pass anything caller specific from sems to outbound proxy. another example is when flash phone is placed on user's web page, where the user needs to login. in that case, flash phone could pass user's identity and password to sems in extra_headers parameter, which the web page in turn passes to flash phone in query string: sono.swf?extra_headers=P-Calling-URI=sip:[email protected]\r\nP-UserId=foo\r\nP-Password=foobar\r\n (here of course extra_headers value would need to be encoded). passing password should be safe when https is used. sems would then pass these extra headers on to outbound proxy so that it can check caller's uri/userid/password and charge the right user if call ends up to pstn for example. finally, in the latter example, it might be a good idea to be able to already authorize Connect, but i'm not sure about the details. perhaps the web server could ask sems for a temporary cookie that web page then passes to flash phone via another query string parameter or something like that. -- juha _______________________________________________ Semsdev mailing list [email protected] http://lists.iptel.org/mailman/listinfo/semsdev
