[AMI] Manager tester from HTTP connection

mroux · February 11, 2022, 3:35pm

Hello,

I have a quick question for accessing the Asterisk Manager Interface (AMI) from a HTTP connection, it’s probably stupid.

So I can login to the AMI with the telnet command from the TCP port 5083 →

root@freepbx-1-vm:~# telnet [FREEPBX IP] 5038
Trying [FREEPBX IP]…
Connected to [FREEPBX IP].
Escape character is ‘^]’.
Asterisk Call Manager/5.0.1
Action: Login
Events: off
Username: admin
Secret: my_secret

Response: Success
Message: Authentication accepted

Ok so I know my credentials work. Now I would like to proceed to the same but from an HTTP connection.
From Freepbx I’ve setup the HTTP Mini server so that I can access from the web.

It looks like this

Capture

Here’s my (silly) question : How can I login as my admin user just like I did from a TCP connection?
Because I’ve been trying different things but I don’t know what is the exact configuration to type.

Like, from “Action” I can select “Login”, but what’s the use of the “or” input or the “CLI command” input ? (see image below)

Capture

I couldn’t find any examples from the internet so here I am today, if someone knows what I need to enter to access the AMI.

Many thanks

dicko · February 11, 2022, 4:20pm

https://wiki.asterisk.org/wiki/display/AST/Allow+Manager+Access+via+HTTP

mroux · February 11, 2022, 4:28pm

Already saw this page and I’ve already tried.

If I try to connect while giving my credentials directly in the URL as sugested, I’m still getting “Authentication failed”.

If I try to do the same but from the GUI (as shown in the pictures above), same result.

Meanwhile I can authenticate from port 5083 with TCP protocol.

dicko · February 11, 2022, 4:45pm

dies your manager account cover the address and port you are browsing from.

david55 · February 11, 2022, 4:45pm

My understanding is that AMI over TCP is not well supported, and you would be well advised to avoid it.

mroux · February 11, 2022, 4:59pm

The manager account does permit the IP address and the port is covered too.

By the way, I did set yes to both “enabled” and “webenabled” in manager.conf, and my firewall is setup to let things pass through http port 8080.

mroux · February 11, 2022, 5:00pm

Yes that is one of the reason why I’m trying to use AMI over HTTP

Thanks for helping me guys!

dicko · February 11, 2022, 5:10pm

Actually the AMI always runs on TCP be it over http or directly on port 5038 (or 5083 as some prefer)
. if more exposed than to localhost I would suggest setting up the cert protected ‘secure’ server on 5039 by default.

However, back to the subject on hand. I would start with a connection from the pbx itself

curl -vv http://localhost:8088/manager\?action\=login\&username\=foo\&secret\=bar

and work your way up.

mroux · February 15, 2022, 10:02am

Hello Dicko,

Hope you’re doing well today,

I’ve tried to start a connection with the curl command but all I got is a 404 Not Found

Here’s my output →

root@freepbx-1-vm:/usr/src/freepbx# curl -vv http://localhost:8088/manager\?>action=login&username=admin&secret=mysecret

Trying 127.0.0.1…

TCP_NODELAY set

Connected to localhost (127.0.0.1) port 8088 (#0)
GET /manager?action=login&username=admin&secret=mysecret HTTP/1.1
Host: localhost:8088
User-Agent: curl/7.58.0
Accept: /

< HTTP/1.1 404 Not Found
< Server: Asterisk/16.10.0
< Date: Tue, 15 Feb 2022 09:50:54 GMT
< Cache-Control: no-cache, no-store
< Content-type: text/html
< Content-Length: 248
404 Not Found
Not Found

The requested URL was not found on this server.

Asterisk/16.10.0 * Connection #0 to host localhost left intact

I’ve looked up on the internet and this error generally means the Web Manager isn’t enabled but mine is:

Global Settings:

Manager (AMI): Yes
Web Manager (AMI/HTTP): Yes
TCP Bindaddress: 0.0.0.0:5038
HTTP Timeout (seconds): 60
TLS Enable: No
TLS Bindaddress: Disabled
TLS Certfile: asterisk.pem
TLS Privatekey:
TLS Cipher:
Allow multiple login: Yes
Display connects: No
Timestamp events: No
Channel vars:
Debug: No

So I don’t understand what I am doing wrong that keeps me from connecting with HTTP.

mroux · February 15, 2022, 10:52am

To resume my HTTP server seems to be well setup, on this side Asterisk tells me everything works and is running.

I can access it from the web as well as from another computer.

But the main problem is that I can’t authenticate at all and I don’t understand why because my credentials works perfectly well with TCP.

When I try to connect I only get a 404 URL Not found, which is weird.

I’m open to any ideas and I’m ready to show you my conf files !

dicko · February 15, 2022, 1:43pm

after you have webenabled your AMI

rasterisk -x 'http show status'

should return something like

HTTP Server Status:                                     
Prefix:                                                 
Server: Asterisk/16.3.0                                 
Server Enabled and Bound to 127.0.0.1:8088                                                                      HTTPS Server Enabled and Bound to [::]:8089                                                                     Enabled URI's:                                          
/httpstatus => Asterisk HTTP General Status             
/amanager => HTML Manager Event Interface w/Digest authentication
/arawman => Raw HTTP Manager Event Interface w/Digest authentication  
/manager => HTML Manager Event Interface
/rawman => Raw HTTP Manager Event Interface       
/amxml => XML Manager Event Interface w/Digest authentication                      
/mxml => XML Manager Event Interface                    
/ari/... => Asterisk RESTful API                        
/ws => Asterisk HTTP WebSocket                                                                                  Enabled Redirects:                                        None.

Show us yours

system · March 17, 2022, 1:43pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.