Xingjun Chu wrote: > See inline for answers. > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Krzeminski, Damian > (BL60:9D30) > Sent: Tuesday, October 13, 2009 11:50 AM > To: [email protected] > Subject: Re: [sipX-dev] sipXconfig/jetty authentication for apache webDAV? > > Xingjun Chu wrote: >> Hi, >> >> I am working on an issue to automatically download contact list >> (sipXconfig world – phonebook) from sipX to couterpath client. >> >> Right now WebDAV is supported by counterpath and used for this matter. > > Is WebDAV the only protocol that Bria supports to retrieve the phonebooks? > [Chu, Xingjun [CAR:9D10:EXCH]] XCAP is supported too. But webDAV is simpler > to configure > >> Basically what I did is >> >> 1) Modified the couterpath provision servlet (cmcprov) to generate >> per user contact list during counterpath log in > > If Bria is using WebDAV why would we also push phonebook trough cmc > provisioning servlet. And if Bria supports direct provisioning why would we > also support WebDAV? > > [Chu, Xingjun [CAR:9D10:EXCH]] the .ini only includes info for how/where to > get contact list, not contact list info itself.
OK - that was not clear to me. >> 2) Modified the counterpath plug in to set a default WebDAV URL >> >> Right now since Jetty doesn’t have native webDAV support and the Apache >> WebDAV module already available on sipX. I configured apache to enable >> webDAV via port 80 by added a httpd-dav.conf into the dir httpd.conf.d. > > So to summarize all the changes: the goal is to configure the Bria to > retrieve the phonebook (through WebDAV) and configure some apache service > to query sipXconfig or some files generated by sipXconfig to provide info > for the said WebDAV service, right? > [Chu, Xingjun [CAR:9D10:EXCH]] the cmcprov servlet querys sipXconfig and > generate the contact list into webDAV dir. Counterpath uses apache webDAV to > retrieve the contact list. > > Is that what you have in mind? > [Bria] <--- WebDAV ---> [Apache] <--- REST ----> [sipXconfig] > [Chu, Xingjun [CAR:9D10:EXCH]] > > 1) In sipXconfig, Superadmin configures Bria to use webDAV > 2) user logs in Bria and Bria send request to cmcprov, cmcprov genereates the > file for web DAV and send back the .ini > 3) Bria downloads the contact list file from apache web dav according to the > .ini. > This is different from what I imagined and I suppose it only provides for READ-ONLY access (since you need REST to actually push modified contacts back to sipXconfig) but it might just work. >> Now I have a question regarding the authentication, I would like to >> reuse the sip credentials used by sipXconfig for authentication of webDAV. >> > > Why? I don't see a reason here (at least not yet) why sipXconfig should > allow for authentication based on SIP credentials. > [Chu, Xingjun [CAR:9D10:EXCH]] > In step 3 above, authentication kicks in where Bria needs to be authenticated > for downloading using sipX credentials. > In step 3 above Bria talks to Apache (not to sipXconfig) right? If that's the case, and if you need to authenticate WebDAV, you need to configure such authentication in Apache. You can probably make Bria plug-in to add whatever credentials you need into its config files. (What do you mean by sipX credentials above?) sipXconfig - and by extension Bria plug-in - has access to SIP passwords and voicemail HA1 tokens - what you can use is probably determined by what Bria can authenticate with. >> But I am not sure how sipXconfig authentication is done , is it using >> jetty native authentication method or its own, either way can it be >> reused by sharing the authentication database or file if applicable. > > sipXconfig is using Acegi to support various authentication methods but > that does not seem to be very relevant here. > > If you are adding a new service that needs to access REST you should use > shared secret authentication (shared secret is in domain-config). > >> I could use a jetty WebDAV servlet if the solution for apache to reuse >> jetty/sipXconfig requires comparatively more efforts. > > Even if do you use jetty, your service needs to be separate from > sipXconfig. Use whatever you think is simpler: but the fact that you are > using Java or Jetty will not give you access to any private sipXconfig > data. And is not going to let you take any shortcuts with authentication. > D. _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev sipXecs IP PBX -- http://www.sipfoundry.org/
