[Freeswitch-users] Security for mod_xml_curl
jay binks
jaybinks at gmail.com
Fri Jul 25 18:15:14 PDT 2008
I would imagine, that if you were to use mod_xml_curl for provisioning, the
idea would not be to have it on a public IP address.
there is nothing stopping you from having a web server on a private network
behind your FS boxes..
and the webservice can look at the IP of who the connection is from, and
deny based upon that.
also you could run the web service on the same machine as FS, and connect on
127.0.0.1
I would imagine implementing SSL for mod_xml_curl is probably not HARD to do
, but I would bet that you will
have saleability issues if you tried to use it on a busy box.
Jay Binks
On Sat, Jul 26, 2008 at 5:55 AM, Ashutosh <ashutosh.kumars at gmail.com> wrote:
> Hi,
> i am using mod_xml_curl for user provioning. I am concerned for the fact
> that the output generated by the mod_xml_curl hander script gets returned to
> FS in plain text, and it contains attributes like password etc., in
> plain-text. Is there something, or planned, like SSL , or something else
> that will make the output secure. Though, i have been using the a1-hash
> attrib for password, still i wondered if the whole XML output could be
> secured someway?
>
> Thanks for all you do!
>
> Best Regards,
> ashutosh
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
--
Sincerely
Jay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20080726/af28bc04/attachment-0002.html
More information about the FreeSWITCH-users
mailing list