You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 15 Next »

Introduction

To insure that a device is right device that is allowed to download the provisioning file, the access to the (HTTP(S))provisioning server can be protected using HTTP Digest.

A username and password can be used to confirm the identity of a user before sending sensitive information.

Normal HTTP Digest Authentication Scheme

 

 

  1. The Maxwell sends the server a request to download the provisioning template.
  2. The WEB-server receives the request and requires an authentication. The WEB-server checks if the authentication information is in the request. Because this is the first request, there is no authentication information available. The WEB-server responds returning an 401 Unauthorized.
  3. The client receives the WEB-server challenge and gathers the required credentials. A new request is send containing the username and hashed secret key.

    Username = Maxwell MAC address (12 Digits)
    Password = Maxwell MAC-ID (12 Digits)

    The MAC-ID can be collected when you register the device to the Gigaset Re-direct server.

First Authentication fails

 

 

When the first authentication fails using MAC and MAC-ID then the device will try again using the credentials added via the web-interface.

 

 

  • No labels