Changes between Version 38 and Version 39 of WebIf


Ignore:
Timestamp:
Jun 5, 2011, 3:06:28 PM (9 years ago)
Author:
Admin
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • WebIf

    v38 v39  
    11= Webinterface =
    22
    3 '''!!! Important !!! The Webinterface uses only simple authentication. This authentication is not secure enough for usage from outside of your LAN because the complete traffic including your user-id and password is sent in plain text. An Intruder could take over the whole management of your system. If you plan to use the webinterface via internet it is highly recommended to do it via a SSL secured reverse proxy like Apache. Everything else is very critical. If you redistribute binaries from this branch - please inform the recipient about that!
     3'''!!! Important !!! If you want to use the Webinterface from outside of your LAN you must think about the security. Although the authentication itself via [http://en.wikipedia.org/wiki/Digest_access_authentication digest authentication] is relativele secure (no username/password in clear text), the pages themselves are transmitted in clear text (and if you open the configuration an intruder may read all necessary passwords). An intruder could take over the whole management of your system. If you plan to use the webinterface via internet it is highly recommended to do it via a SSL secured reverse proxy like Apache or activate the SSL functionality in OSCam (not available in all binaries). Make also sure that your password is secure and set the httpallowed parameter if possible.
    44
    5 Information and discussion about the developement of Webinterface you find here: http://streamboard.gmc.to/wbb2/thread.php?goto=firstnew&threadid=26719
    6 
    7 = Features =
    8 
    9 '''Already implemented:
    10 
    11 .) Edit User Config (Read & Write)[[BR]]
    12 .) Edit Services (Read & Write)
    13 
    14 '''Work in progress:
    15 
    16 .) Edit Global Config (Read Ok, Write Ok, Update only after restart) [[BR]]
    17 .) Edit Readers (Read Ok (not all parameters yet), Write NOk)
    18 
    19 = Checkout Streamboard OSCam trunk =
    20 
    21 {{{
    22 svn co http://streamboard.gmc.to/svn/oscam/trunk <checkout-directory>
    23 }}}
    24 
    25 '''Please note: Always do a "make clean" before building the executable!
    26 
    27 If you can´t build - here you can find binaries for many platforms: [http://streamboard.gmc.to/wbb2/board.php?boardid=236]
     5Information and discussion about the developement of Webinterface can be found here: http://streamboard.gmc.to/wbb2/thread.php?goto=firstnew&threadid=30741
     6Information about the XML Api (based on Webinterface; for program/library access) can be found in this thread: http://www.streamboard.gmc.to/wbb2/thread.php?threadid=30478
    287
    298= Parameters for Webinterface =
    309
    31 Settings have to be done in the [webif] section of oscam.conf
    32 {{{
    33 httpport             - Port for Webinterface (mandatory)
    34 httpuser             - Username (needed for password protection)
    35 httppwd              - Password (needed for password protection)
    36 httpcss              - Path of external CSS File (optional)
    37 httptpl              - Path of external Templates (optional)
    38 httprefresh          - Status refresh in seconds (optional)
    39 httphideidleclients  - 0|1 enables hiding clients after idletime set in parameter hideclient_to (optional)
    40 httpscript           - define a path to an executable script which you wish to start from Webinterface (optional)
    41 httpallowed          - IP/IP-range(s) which is allowed connect the webinterface from. For syntax check oscam documentation
    42 httpdyndns           - allows access for the IP resolved from given address e.g. my.dyndns.org (optional, avail from SB SVN 1759 patchlevel8 onwards)
    43 }}}
    44 
    45 
     10See http://streamboard.gmc.to/wiki/index.php/OSCam/en/Config/oscam.conf#WebIf for all configuration options.
    4611
    4712= Template System =
    4813
    49 The Oscam webinterface allows you to create your own pages.
    50 To get the original tempates to start development request the non-linked page "savetemplates.html"
    51 Oscam will store this template files in the directory specified in "httptpl"
    52 
     14The Oscam webinterface allows a large customization by not only allowing custom css and js (see configuration options) but also by manipulating the html code itself.
     15To get the original templates request the non-linked page "savetemplates.html" via your web browser.
     16Oscam will store it's internal template files in the directory specified in "httptpl". You can then edit those files and they will be immediately used if you refresh your browser.
     17You should remove unmodified templates after completing your changes and recheck them if you change OSCam revision.
    5318
    5419= Using Apache to proxy requests to OSCam =
    5520
    56 The Apache module mod_proxy can be used to proxy requests from the Internet to an OSCam server. With this module it is possible to add additional security (SSL) to the OScam connection. For "howto set up Apache with SSL" please consult the Apache documentation.
     21The Apache module mod_proxy can be used to proxy requests from the Internet to an OSCam server. For details on how to setup Apache please consult the Apache documentation.
    5722
    5823{{{
     
    6530      ProxyPassReverse /oscam/ http://localhost:8080/
    6631}}}
    67 
    68 = OSCam Configuration Examples =
    69 
    70 If you are searching for tested Configuration Examples for various Platforms you can find them here:
    71 
    72 http://www.streamboard.gmc.to/wbb2/thread.php?threadid=26659
    7332
    7433= Known limitations =
     
    8948Q: If I try to call the Webinterface with my Browser I get only a page "Error 403 - Forbidden"[[BR]]
    9049A: You havn't defined an allowed IP/ IP Range wich is allowed to call the webinterface. Use the "httpallowed" Parameter
     50
     51Q: Authentication does not work when trying to authenticate via my own program/library xy.
     52A: Make sure that your program/library uses digest authentication and NOT basic authentication. Wget also seems to have it's bugs with digest authentication so use curl instead. An example usage of curl is
     53{{{
     54curl --verbose --digest -u <user>:<password> "http://user:password@myserver.dyndns.org:12345/oscamapi.html?part=status"
     55}}}
     56Please also remember to use the [http://www.streamboard.gmc.to/wbb2/thread.php?threadid=30478 XML Api] if possible as this is guaranteed to stay stable whereas WebIf parsing may fail someday when html code is changed.
    9157
    9258