On Fri, 2005-08-19 at 11:30 -0500, Alejandro Ríos Peña wrote: > > > Also, why does restarting destar log me back in? If i initially visit > > > the destar interface, I'm logged in, then I click logout, and > > > thenConfiguration tips > > > restart the server, and then any page, and I'm logged back in again. The > > > user page says the following: > > > > > > > Because you don't have any user configured. Create a used whit > > configurator privileges. > > From destar's Configuration tips: > > "You should create a user with type 'Configurator'. Without this user, > everyone connecting to DeStar can configure everything.You can do it in > the Configuration -> Options -> DeStar user form." > > This is buggy since if you log-out and there are no users, then you > can't log-in again, unless you restart the destar daemon. > > I think there should be a "default" configurator user and if there are > no users, the "logout" option shouln't be available.
Thanks for the tips. This seems like a minor security issue, since by default, destar listens on all interfaces, instead of just localhost, meaning anyone could change your configs if you don't create a configurator user straight away. If destar is going to listen on external interfaces, it should also probably run over https to protect passwords and configuration from sniffers, an easy way to do this would be to depend on stunnel/sslwrap and have destar itself only listen on localhost, and have stunnel/sslwrap forward and decrypt requests from the external interface to the localhost listener. > > Also, http://localhost:8080/user/pbxstate/ doesn't seem to work, it > > shows the following and a one cell empty table. > > > > Status of Asterisk > > Asterisk is not running! > > asterisk is actually running? > Do you have created the managemente API entry? You can do that in: > http://localhost:8080/config/add/CfgOptManager Asterisk is running, although I didn't create them management API entry. If destar cannot work out-of-the-box on debian (like most debian packages aspire to do), it would be nice if the additional steps needed to get destar up and running were documented in README.Debian. -- bye, pabs http://qa.debian.org/developer.php?login=Paul+Wise&comaint=yes
signature.asc
Description: This is a digitally signed message part
