diff options
authorDavid Troy <>2006-04-07 21:12:37 +0000
committerDavid Troy <>2006-04-07 21:12:37 +0000
commit2b4352d5ebd67ece2a473e5e3b7f14d6af216dbd (patch)
parent27aa7a3382cf0ed4973fa7e207d4ffc9733f69d5 (diff)
git-svn-id: f02b47b9-160a-0410-81a6-dc3441afb0ec
1 files changed, 94 insertions, 21 deletions
diff --git a/README b/README
index 8c5578e..4a8b89d 100644
--- a/README
+++ b/README
@@ -29,8 +29,9 @@ Features include:
For example, you can use Astmanproxy as a single point of contact to
communicate with multiple Asterisk servers.
-You can use Astmanproxy as the basis for a web-based application:
-send it data using HTTP POST or HTTP GET, and receive XML output.
+You can use Astmanproxy as the basis for a web-based application:
+send it data using HTTP POST or HTTP GET, and receive XML output.
+Or use HTTP POST and get Standard (text/plain) output back!
No web server required!
You can use Astmanproxy as an XML feed for a .NET program that keeps
@@ -140,15 +141,19 @@ Server: (x.x.x.x|hostname)
The proxy also intercepts the following Actions:
Action: Login
- Since the proxy logs in on behalf of your clients, and you are
- using key-based or network-level security to secure the proxy,
- logins should not be passed to asterisk. Ideally, your apps
- will be written not to issue Logins in the first place, but
- if you do, the proxy will intercept them and NOT pass them
- to Asterisk. Instead, it will respond with an Authentication
- Successful message, just as Asterisk would upon successful
- authentication. Note it will do this regardless of information
- supplied.
+ You can login to astmanproxy just as you would the Asterisk
+ Manager Interface. The user credentials are stored in
+ astmanproxy.users.
+Action: Challenge
+ Astmanproxy now supports the MD5 challenge authentication
+ mechanism. See section below for more information on
+ this authentication mechanism and how you can use it
+ in your applications to avoid having to send a password
+ over the internet, and instead use a MD5 challenge to
+ hash your password before sending. Note that this is
+ somewhat less of an issue with SSL support now enabled,
+ however, some apps require this mechanism, and we support it.
Action: Logoff
You don't want your applications logging the proxy off of
@@ -163,23 +168,91 @@ Blank Commands
blank command blocks.
-Author Contact Info
+On the Action: Challenge Authentication Mechanism
-This code is intended primarily as a foundation for others to add
-new features and capabilities going forward. While I will attempt
-to keep up with it and add to it, I make no guarantees that I'll be
-able to do that. My hope is that the wonderful asterisk community
-will start making changes, and that those changes can be managed
-through Digium's great CVS process.
+John Todd wrote this excellent summary of the Action: Challenge
+Authentication Mechanism, and it accurately describes the
+implementation included in astmanproxy:
-However, you can concact me at, and I will endeavor
-to post the latest code here:
+While the SSL encryption of the AMI is great, it's always a good
+policy to never send passwords at all if you have an alternative.
+ After connecting to the AMI port, send this message:
+ Action: Challenge
+ AuthType: MD5
+ You should receive a challenge string:
+ Response: Success
+ Challenge: 125065091
+Then, assuming that the manager username is "joebob" and the
+password is "yoyodyne11", perform this on a shell line of a handy
+UNIX system (you programmers will figure out how to do this with a
+library call, I'm sure):
+ bash-3.00# md5 -s 125065091yoyodyne11
+ MD5 ("125065091yoyodyne11") = e83a9e59e7c8d1bb6554982275d05016
+ bash-3.00#
+ Now use this key to log in, so type this to the AMI:
+ Action: Login
+ AuthType: MD5
+ Username: joebob
+ Key: e83a9e59e7c8d1bb6554982275d05016
+ ...and you'll get:
+ Response: Success
+ Message: Authentication accepted
+Software Updates, Author Info, and How to Contribute
+Digium has graciously agreed to host the development of AstManProxy
+on their Subversion Community Server.
+Latest releases can be found here:
+For development branches & experimental features:
+For current development/stable snapshot:
+For stable release versions:
+To download from these repositories:
+ - Install Subversion (yum -y install subversion -- or equivalent)
+ - svn checkout
+Be sure to use the full URL path to the version you wish to check out;
+for example, do not checkout the 'branches' tree, but instead choose
+which branch to checkout, as in:
+I will also try to post current tarballs here:
-Donations are accepted via paypal to
+Donations are accepted via paypal to; beer is also
+accepted at Astricon events. :)
+To contact me about contributing to the project, please email:
+I acknowledge all contributions and encourage your experimentation!
+AstManProxy would not be where it is without your support!!
+AstManProxy Background Information
Developing web-based realtime applications for the asterisk
open-source PBX often requires interacting with asterisk's Manager
interface. The Asterisk Manager runs on port 5038 by default and