We have an issue with the $user_hash1 variable in 8.9.3.80. Usually we use this value in combination with $user_pname1 to authenticate users to access a phonebook directory xml app on a Teles C5 platform.
We've now upgraded a few phones from 8.9.3.46 and 8.9.3.60 to 8.9.3.80 and as a first test result, these phones are not able to provide the hash parameter to the directory platform anymore.
The value is simply left empty.
What's the solution for this?
Kind regards,
Alex
Best Answer
C
Catalina Moritz
said
over 1 year ago
Hi Alex,
The value of user_hash isn't anymore accessible/viewable on the settings page: the setting also isn't anymore accessible from the Action URL module.
This change was needed due to security reasons. From a security point of view, having the user_hash accessible from the settings page is the same of publishing the SIP password on the settings page. The user_hash cannot provide any additional security value (is the same of the cleartext password).
I suggest that you use for example the user_pname or the user_name instead of the user_hash .
Thanks and best regards
Catalina
1 Comment
C
Catalina Moritz
said
over 1 year ago
Answer
Hi Alex,
The value of user_hash isn't anymore accessible/viewable on the settings page: the setting also isn't anymore accessible from the Action URL module.
This change was needed due to security reasons. From a security point of view, having the user_hash accessible from the settings page is the same of publishing the SIP password on the settings page. The user_hash cannot provide any additional security value (is the same of the cleartext password).
I suggest that you use for example the user_pname or the user_name instead of the user_hash .
Alexander Janoszek
Dear support team,
We have an issue with the $user_hash1 variable in 8.9.3.80. Usually we use this value in combination with $user_pname1 to authenticate users to access a phonebook directory xml app on a Teles C5 platform.
We've now upgraded a few phones from 8.9.3.46 and 8.9.3.60 to 8.9.3.80 and as a first test result, these phones are not able to provide the hash parameter to the directory platform anymore.
The value is simply left empty.
What's the solution for this?
Kind regards,
Alex
Hi Alex,
This change was needed due to security reasons. From a security point of view, having the user_hash accessible from the settings page is the same of publishing the SIP password on the settings page. The user_hash cannot provide any additional security value (is the same of the cleartext password).
Catalina
Catalina Moritz
Hi Alex,
This change was needed due to security reasons. From a security point of view, having the user_hash accessible from the settings page is the same of publishing the SIP password on the settings page. The user_hash cannot provide any additional security value (is the same of the cleartext password).
Catalina
-
LDAP and country code
-
Settings are changed when user logs on
-
USB Bluetooth compatibility for D725
-
Low volume with Plantronics Headset
-
Change Log for FW 8.8.3.32
-
Subscriptions failing after time since upgrade to 8.7.5.28
-
SNOM 870 - INBAND DTMF
-
SNOM 320 + Headset Plantronics CS540A with Snom EHS
-
Configure Settings - Set all to Read Only
-
Can't enter "+" sign in directory via WUI
See all 716 topics