Users can't access /recordings (voicemail etc) -- password requested


I’m running PBX in a flash on CentOS 6.5. The asterisk version is 11.10.0.

When I access the “voicemail” page by nagivating to http://my.pbx/ (i.e. http://my.pbx/recordings), I get prompted for password. The “maint” (administrative) credentials work, but I can’t give my users this credential for obvious reasons. The authentication popup is a htaccess one, and the realm is “Restricted Area”.

As per this article, I have run the command and set the voicemail password. But when I enter this password, the system still asks me to authenticate. If I click cancel 3 times, I can THEN see the voicemail login page where users can normally login with their ext # and vm PINs.

The apache logs show that:

 /admin/assets/js/jquery-1.11.1.min.js failed, reason: user 'voicemail' does not meet 'require'ments for user/valid-user to be allowed access, referer: http://my.pbx/recordings/index.php?m=Voicemail&q=&folder=INBOX

So the problem is clear here, it looks like the recordings page references the javascript stored within the /admin/assets/js folder. There is a .htaccess file inside the /recordings/ folder, it looks like this:

# Disallow all file access first
<FilesMatch "\..*$">
        Deny from all

# Now allow /recordings, /recordings/index.php as well as the various assets
<FilesMatch "(^$|index\.php|play_page\.php|audio\.php|callme_page\.php|\.(gif|GIF|jpg|jpeg|png|css|js|ttf|svg|eot|woff|wav|mp3|aac|ogg|webm)$)">
        Allow from all

In httpd.conf, I attempted to open up /admin/assets/js/ folder with this snippet and restarted apache:

<Directory "/var/www/html/admin/assets/js">
   Order allow,deny
   Allow from all

However this did not rectify the situation. My knowledge of htaccess etc is quite limited – I feel like the fix is pretty simple, if only I knew what was looking for!! Can someone please point me in the correct direction?

That is surely a question to ask in the PIAF forum, .htaccess is not part of the FreePBX infrastructure.

1 Like