2 query step, 3 verification step – CounterPath Bria 4 Provisioning Guide - Enterprise Deployments User Manual

CounterPath Corporation

12

2.3.2 Query Step

Bria sends the data from the Login dialog. The data is encoded application/x-www-form-urlencoded.

The data is sent to the login server (the server specified in feature:custom_login:server) in an HTTP POST. The
value will be blank if the branded Login dialog does not include the corresponding field; this is not an error.

For example a URL of

might become this POST used to log in the user:

where:

•

“Username” and “Password” (with initial capitals) are always sent in a login POST; the URL does not have
to include macros for this data.

•

platform and computerid are macros used by the login script; see “Use of Scripts and Macros” on page 5
and see page 22 for a list of macros.

License Key Management

You may want to maintain license key information such as the distribution of licenses to users and computers.

To help you maintain this information, you can capture data by including the appropriate macro in the login
URL.

The key information that you should maintain is the username and the computer ID. Capturing the computer ID
lets you match the license key information you maintain with the license key information on the CounterPath
Store.

For example, when a user logs on, you can use the username and computer ID to determine whether or not you
need to send down a license key in the provisioning response: Is this a valid user? Is there already a license key
on this computer? If you decide yes, then you can add the username and the computer ID to your database.

As another example, if some users log on at various computers and you have a policy that a user can draw down
a maximum of 3 keys, then capturing the combination of the username and computer ID lets you implement that
policy.

Finally, if you revoke the license keys for a user who is no longer valid, you can go to your login database and
look up the computer IDs associated with all the license keys that this user has obtained. You then go to the
Store and revoke the licenses for these computer IDs.

2.3.3 Verification Step

The login server should perform any suitable verification on the sent data, according to your business rules.

Typically, this verification will include a check for the license key, using the username and computer ID, as
described above. You may decide to send down a license key or (for an existing deployment) you will determine
that there is no need to send down a license key.

https://mycustomloginserver.com/login.php?platform=$platform$&cid=$computerid$

https://mycustomloginserver.com/login.php
--------------------------------------------------------------------------------------
Username=21187
Password=rosebud
platform=win32
cid=d3874ihfd8t23975v1iu5182ruity3iusapor236u545uye0r9qwjj