Connection request auth not working
Dan Morphis
dan at milkcarton.com
Mon Apr 10 18:44:19 EDT 2017
v1.1 supports auth via both the device model and config/auth.js. I haven't
been able to get the config/auth.js method to work. My config/auth.js file
looks like this:
"use strict";
function connectionRequest(deviceId, url, username, password, callback) {
return callback("someUsername", "aPassword");
}
exports.connectionRequest = connectionRequest;
The values from the auth.js file don't appear to ever be used as no
successful connection requests happen until I manually set the
InternetGatewayDevice.ManagementServer.ConnectionRequestUsername/Password
values for the CPE.
I fired up wireshark and here is the results of a conn request:
GET / HTTP/1.1
Host: 172.27.240.20:30005
Connection: keep-alive
HTTP/1.1 401 Unauthorized
Content-Length: 0
WWW-Authenticate: Digest realm="IgdAuthentication", domain="/",
nonce="OGM1NmI5NDU6MWYzZDZkMTc6ZWQ4MDgxZTE=", qop="auth", algorithm=MD5,
opaque="5ccc09c403ebaf9f0171e9517f40e41"
GET / HTTP/1.1
Authorization: Digest
username="00236a-96318REF-SR360NA0A4%2D0003196",realm="IgdAuthentication",nonce="OGM1NmI5NDU6MWYzZDZkMTc6ZWQ4MDgxZTE=",uri="/",algorithm=MD5,qop=auth,nc=00000001,cnonce="0a4f113b",response="cfaf291431af2daf9ba57b0aa59c12bd",opaque="5ccc09c403ebaf9f0171e9517f40e41"
Host: 172.27.240.20:30005
Connection: keep-alive
HTTP/1.1 401 Unauthorized
Content-Length: 0
We can see that the ACS is trying to use the device id as the username
instead of the username/password in the auth.js file.
-dan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genieacs.com/pipermail/users/attachments/20170410/b38334aa/attachment.html>
More information about the Users
mailing list