Page 257 - Asterisk™: The Future of Telephony
P. 257
Action: login
Username: oreilly
Secret: notvery
<CR+LF>
An extra CR+LF on a blank line will submit the entire package to Manager.
Once authenticated, you will be able to initiate actions, as well as see events generated
by Asterisk. On a busy system, this can get quite complicated and become totally im-
possible to keep track of with the unaided eye. To turn keep Asterisk from sending
events, you can add the Events parameter to your login command, like this:
Action: login
Username: oreilly
Secret: notvery
Events: off
<CR+LF>
If you’re worried about sending your secret across the wire in plain text (which you
should be), you can also authenticate using an MD5 challenge-response system, which
works very similar to HTTP digest authentication. To do this, you first call the
Challenge action, which will present you with a challenge token:
Action: Challenge
AuthType: MD5
Response: Success
Challenge: 840415273
You can then take that challenge token, concatenate the plaintext secret onto the end
of it, and calculate the MD5 checksum of the resulting string. The result can then be
used to login without passing your secret in plain text.
Action: Login
AuthType: MD5
Username: Admin
Key: e7a056e1488882c6c509bbe71a049978
Response: Success
Message: Authentication accepted
Sending Commands
Once you’ve successfully logged into the AMI system, you can send commands to
Asterisk by using the other actions. We'll show a few commands here so that you can
get a feel for how they work.
Transferring a call
The Redirect action can be used to transfer a call. After logging in, you should send an
action like the one below:
The Manager Interface | 229
