Basic Authentication

Hi,

I have installed Genieacs gui 1.2.1. Easycwmp got registered with genieacs. Digest Authentication has been enabled by using following configuration.
cwmp.connectionRequestAuth and value AUTH(“cpeuser”, “password”). And it is working fine.
Now I am working for enabling “Basic authentication”.

Can you please tell me how to enable “basic authentication”

Thanks
Durga K

Hi there,

I was struggeling with the same issue. As the matter of fact I had a lot of problems with 100k clients connected and cwmp.auth enabled on the system. It was resulting to this:
Sep 24 10:28:22 gacs-sb1 genieacs-cwmp: 2020-09-24T08:28:22.827Z [ERROR] Uncaught exception; pid=2072 exceptionName="Error" exceptionMessage="Unable to parse auth header" exceptionStack="Error: Unable to parse auth header\n at /opt/genieacs/dist/bin/genieacs-cwmp:2:12279\n at me (/opt/genieacs/dist/bin/genieacs-cwmp:2:12596)\n at an (/opt/genieacs/dist/bin/genieacs-cwmp:2:91081)\n at yn (/opt/genieacs/dist/bin/genieacs-cwmp:2:105859)\n at process._tickCallback (internal/process/next_tick.js:68:7)"

So I did the following added this lines in enviroment file:

GENIEACS_CWMP_INTERFACE=127.0.0.1
GENIEACS_CWMP_PORT=7547

Create a .htpasswd:

sudo htpasswd -c /opt/genieacs-env/.htpasswd user1

Installed nginx and made a configuration of the nginx server:

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

include /usr/share/nginx/modules/*.conf;

events {
worker_connections 1024;
}

http {
log_format main '$remote_addr - $remote_user [$time_local] “$request” ’
'$status $body_bytes_sent “$http_referer” ’
‘"$http_user_agent" “$http_x_forwarded_for”’;

access_log  /var/log/nginx/access.log  main;

sendfile            on;
tcp_nopush          on;
tcp_nodelay         on;
keepalive_timeout   65;
types_hash_max_size 2048;

include             /etc/nginx/mime.types;
default_type        application/octet-stream;

server {
    listen       1.1.1.1:7547;
    server_name  genieacs-cwmp;

    location / {
            auth_basic           "Authentication required";
            auth_basic_user_file /opt/genieacs-env/.htpasswd;
  proxy_pass http://127.0.0.1:7547;
    }

}

}

Where 1.1.1.1 should be real IP of your server.

In this case you can even switch authentication methods as you preffer from digest to basic.

I hope it helped.
Here are also some links:



BR,
Janko Bajc

Thanks @bajojoba, I will try this.

GenieACS doesn’t give you a choice between Digest and Basic auth. It uses Digest with HTTP and Basic auth with HTTPS.

Hi @zaidka,

I am using easycwmp client. So for using Basic, do I need to
configure acs url as “https://acsexample.com/” in easycwmp configuration.?. In genieacs server, we need to configure “cwmp.auth” configuration also right?

Thanks
Durga K

Correct. And you need to configure HTTPS in Genie by setting GENIEACS_CWMP_SSL_KEY and GENIEACS_CWMP_SSL_CERT environment variables.

1 Like

Hi

i installed genieacs1.2.5, how to register with genieacs with CPE,

Please create a new forum entry instead of resurrecting a random topic to ask a question.