Introduction

Enswitch has various internal facilities to validate the passwords of people and telephone lines when creating or updating the person or telephone line. These facilities include checks on minimum and maximum password length, matching against a regular expression, and a longest allowed common substring with the username. These are all controlled by global configuration settings.

For more complex password validation, an external web service can be consulted. Enswitch will send details of the person or telephone line to the configured URL using HTTP/HTTPS POST. The web service then returns "status: ok" or "status: fail" to tell Enswitch whether or not to accept the chosen password.

WARNING: Enswitch sends the new password to the web service unencrypted. It is essential that either HTTPS is used, or that the web request passes over only trusted networks. The web service must take care not to log the new password in web server or database log files.

People

To use an external password validation service when creating or updating people, set the "Person password validation URL" global configuration setting. Enswitch will pass the following parameters:

  • customer: The ID of the customer the person is in.
  • id: The ID of the person being updated, or 0 if creating a new person.
  • password: The new password.
  • username: The username of the person.

Telephone lines

To use an external password validation service when creating or updating telephone lines, set the "Telephone line password validation URL" global configuration setting. Enswitch will pass the following parameters:

  • customer: The ID of the customer the telephone line is in.
  • name: The name of the telephone line.
  • password: The new password.

Return data

The web server is expected to return a text document with content type "text/plain", and containing either "status: ok" or "status: fail". Any other result is considered to be the same as "status: fail". The status line may be terminated by newline ("\n") or carriage return followed by newline ("\r\n"). Don't forget to add any HTTP headers required by your web server such as "Content-Type: text/plain\r\n\r\n".

Copyright © Integrics Ltd., all rights reserved. Permission is granted for Enswitch partners, customers, and their resellers to copy the contents of this page into their own documentation and redistribute this to their customers.