Connection request auth not working

Dan Morphis dan at milkcarton.com
Mon Apr 10 18:44:19 EDT 2017


v1.1 supports auth via both the device model and config/auth.js. I haven't
been able to get the config/auth.js method to work. My config/auth.js file
looks like this:


"use strict";

function connectionRequest(deviceId, url, username, password, callback) {
  return callback("someUsername", "aPassword");
}

exports.connectionRequest = connectionRequest;



The values from the auth.js file don't appear to ever be used as no
successful connection requests happen until I manually set the
InternetGatewayDevice.ManagementServer.ConnectionRequestUsername/Password
values for the CPE.

I fired up wireshark and here is the results of a conn request:

GET / HTTP/1.1

Host: 172.27.240.20:30005

Connection: keep-alive


HTTP/1.1 401 Unauthorized

Content-Length: 0

WWW-Authenticate: Digest realm="IgdAuthentication", domain="/",
nonce="OGM1NmI5NDU6MWYzZDZkMTc6ZWQ4MDgxZTE=", qop="auth", algorithm=MD5,
opaque="5ccc09c403ebaf9f0171e9517f40e41"


GET / HTTP/1.1

Authorization: Digest
username="00236a-96318REF-SR360NA0A4%2D0003196",realm="IgdAuthentication",nonce="OGM1NmI5NDU6MWYzZDZkMTc6ZWQ4MDgxZTE=",uri="/",algorithm=MD5,qop=auth,nc=00000001,cnonce="0a4f113b",response="cfaf291431af2daf9ba57b0aa59c12bd",opaque="5ccc09c403ebaf9f0171e9517f40e41"

Host: 172.27.240.20:30005

Connection: keep-alive


HTTP/1.1 401 Unauthorized

Content-Length: 0


We can see that the ACS is trying to use the device id as the username
instead of the username/password in the auth.js file.


-dan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genieacs.com/pipermail/users/attachments/20170410/b38334aa/attachment.html>


More information about the Users mailing list