= Webinterface = '''!!! Important !!! The Webinterface uses only simple authentication. This authentication is not secure enough for usage from outside of your LAN because the complete traffic including your user-id and password is sent in plain text. An Intruder could take over the whole management of your system. If you plan to use the webinterface via internet it is highly recommended to do it via a SSL secured reverse proxy like Apache. Everything else is very critical. If you redistribute binaries from this branch - please inform the recipient about that! Information and discussion about the developement of Webinterface you find here: http://streamboard.gmc.to/wbb2/thread.php?goto=firstnew&threadid=26719 = Features = '''Already implemented: .) Edit User Config (Read & Write)[[BR]] .) Edit Services (Read & Write) '''Work in progress: .) Edit Global Config (Read Ok, Write Ok, Update only after restart) [[BR]] .) Edit Readers (Read Ok (not all parameters yet), Write NOk) = Checkout Streamboard OSCam trunk = {{{ svn co http://streamboard.gmc.to/svn/oscam/trunk }}} '''Please note: Always do a "make clean" before building the executable! If you canĀ“t build - here you can find binaries for many platforms: [http://streamboard.gmc.to/wbb2/board.php?boardid=236] = Parameters for Webinterface = Settings have to be done in the [webif] section of oscam.conf {{{ httpport - Port for Webinterface (mandatory) httpuser - Username (needed for password protection) httppwd - Password (needed for password protection) httpcss - Path of external CSS File (optional) httptpl - Path of external Templates (optional) httprefresh - Status refresh in seconds (optional) httphideidleclients - 0|1 enables hiding clients after idletime set in parameter hideclient_to (optional) hideclient_to - Idletime in seconds (optional) httpscript - define a path to an executable script which you wish to start from Webinterface (optional) httpallowed - IP/IP-range(s) which is allowed connect the webinterface from. For syntax check oscam documentation }}} = Template System = The Oscam webinterface allows you to create your own pages. To get the original tempates to start development request the non-linked page "savetemplates.html" Oscam will store this template files in the directory specified in "httptpl" = Using Apache to proxy requests to OSCam = The Apache module mod_proxy can be used to proxy requests from the Internet to an OSCam server. With this module it is possible to add additional security (SSL) to the OScam connection. For "howto set up Apache with SSL" please consult the Apache documentation. {{{ ProxyRequests Off Order deny,allow Allow from all ProxyPass /oscam/ http://localhost:8080/ ProxyPassReverse /oscam/ http://localhost:8080/ }}} = OSCam Configuration Examples = If you are searching for tested Configuration Examples for various Platforms you can find them here: http://www.streamboard.gmc.to/wbb2/thread.php?threadid=26659 = Known limitations = '''.) Safari Browser (Macbook, Snow Tiger, Iphone) - No Login possible This is a bug in Safari which does not correctly handle the "stale" flag at the first login (like it should according to RFC). The authentication uses a [http://en.wikipedia.org/wiki/Cryptographic_nonce nonce] to fight replay attacks. The nonce is always valid for a limited time (default: 15 seconds). However, this time does not count from when you begin to login but from unixtime 0 onwards. Thus in worst case you might only have a second to login. To get higher chances for login to work in Safari browsers (but with a little bit decreased security) just increase the following value as you like in the oscam-http.h before you build OSCam. {{{ #define AUTHNONCEVALIDSECS 15 }}} == FAQ == Q: The webinterface do not work[[BR]] A: Check whether you use a binary compiled from monitor-improvement branch. Trunk doesn't contain the webinterface as all other branches Q: I have a binary compiled from monitor-improvement branch but the webinterface does not work.[[BR]] A: Check whether you have set the "httpport" parameter to a free port in your LAN. Check the startup log for "HTTP Server listening on port " Q: If I try to call the Webinterface with my Browser I get only a page "Error 403 - Forbidden"[[BR]] A: You havn't defined an allowed IP/ IP Range wich is allowed to call the webinterface. Use the "nocrypt" Parameter == Reader Settings == {{{ #!rst ==================== ===== =========== ======== ==== ====== ====== ====== ==== ===== ======== ========== ========== Parameter \ Type mouse smartreader internal pcsc serial cs357x cs378x gbox cccam radegast newcamd525 newcamd524 -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- . camd35 newcamd ==================== ===== =========== ======== ==== ====== ====== ====== ==== ===== ======== ========== ========== device x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- key x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- password x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- premium x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- account x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- pincode x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- readnano -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- services x x x x x x x x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- inactivitytimeout x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- reconnecttimeout -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- disableserverfilter -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- label x x x x x x x x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- fallback x x x x x x x x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- logport x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- caid x x x x x x x x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- boxid -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- aeskey -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- detect x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- protocol x x x x x x x x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- n3_rsakey x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- tiger_rsakey x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- n3_boxkey -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- tiger_ideakey -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- detect x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- mhz x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- cardmhz x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- ident -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- class -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- chid -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- showcls -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- maxqlen -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- group x x x x x x x x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- emmcache x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- blocknano x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- savenano x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- readnano x x x x x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- cccversion x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- cccbuild x -------------------- ----- ----------- -------- ---- ------ ------ ------ ---- ----- -------- ---------- ---------- cccmaxhop x ==================== ===== =========== ======== ==== ====== ====== ====== ==== ===== ======== ========== ========== }}} Please help us to document new features here. Feel free to pick informations we give in the forum and write down here. Thanks, A., A.