3

I have an asterisk server with AMI web enabled on port 8088, prefix asterisk. So my rawman url would be http://myserver:8088/asterisk/rawman

I just tried to login and ping with 2 urls
http://myserver:8088/asterisk/rawman?action=login&username=admin&secret=admin
http://myserver:8088/asterisk/rawman?action=ping

It works when I enter 2 above urls into the web browsers, but it does not when I use cURL from terminal.

Result from Terminal:
curl 'http://myserver:8088/asterisk/rawman?action=login&username=admin&secret=admin'
Response: Success
Message: Authentication accepted

curl 'http://myserver:8088/asterisk/rawman?action=ping'
Response: Error
Message: Permission denied

Error from Asterisk CLI: (X.X.X.X is my LAN ip address)

HTTP Connect attempt from 'X.X.X.X' unable to authenticate

So I can not execute any further command like the way I did when dealing with AJAM.
If anybody have an idea, please help me out, thank you.
Best Regards
Loi Dang

Loi Dang
  • 408
  • 5
  • 23

3 Answers3

4

Hate to answer my own question, but I post this for someone else who would get into this trouble

Reference to http://curl.haxx.se/docs/http-cookies.html in short:

Store the cookiejar when login:

curl -c ./cookie-file -v http://myserver:8088/asterisk/rawman?action=login&username=admin&secret=admin

Use the cookiejar with ping or other commands:

curl -b ./cookie-file -v http://myserver:8088/asterisk/rawman?action=ping

It should work.

Loi Dang

Loi Dang
  • 408
  • 5
  • 23
  • If asterisk returns "unable to autenticate" like it happened to me, use the double quotes in the curl command `curl -c ./cookie-file -v "http://myserver:8088/asterisk/rawman?action=login&username=admin&secret=admin"` – z3d0 Sep 11 '16 at 19:20
3

With your first request in browser you pass through authentication process and Asterisk respond with a cookie that your browser keeps and uses in further requests. You should see it in AMI response Set-Cookie header.

However that doesn't happen when you use cURL, it doesn't save the cookie for you. You should explicitly tell cURL to use the cookie in the request. Refer to cURL manual to find details http://curl.haxx.se/docs/http-cookies.html

OR

You can provide digest authentication for every single request with the alternate a* commands. For instance your ping action will look like this:

curl -v --digest -u admin:admin http://myserver:8088/asterisk/arawman?action=ping
Mark Finn
  • 53
  • 1
  • 5
Misha Slyusarev
  • 1,353
  • 2
  • 18
  • 45
  • Your fast and easy way (your 'OR') does not work for me, but the reference to 'http-cookies' do. Thank you very much @Misha – Loi Dang Jan 08 '16 at 04:57
0

curl -c /path/to/cookiefile http://yourhost/ to write to a cookie file and start engine and to use cookie you can use

curl -b /path/to/cookiefile http://yourhost/** its works for me

Zahid
  • 54
  • 2
  • 4
  • Welcome to stackoverflow. You need to fully explain your answer. Also please format your code as code `it should appear like this`. – Simon.S.A. Feb 04 '19 at 20:28