Polycom MGC WebCommander Version 9.0 B

B-1

In version 6.0, a single conference can be monitored from any browser

based application by entering the URL that includes the user login name and

password to the WebCommander site. In this mode, the user name and

password were not secured and appeared in the recent URL.

In version 7.5 & 8.0, the user name and password can be sent separately,

using the HTTP Form method, hence increasing the connection security.

You can open a monitoring window o f a sin gle confer ence in any Web-based

application by adding the conference URL to that application.

The conference URL must include the appropriate variables to allow

connection to the WebCommander site and identify the conference on the

appropriate MCU. The WebCommander user name and user password can

be sent as part of the URL itself or send them separately using the HTTP

Form method.

Optional Parameter Scenario Description

1. When the user name (Param2) and password (Param3) are sent in the

URL (see TableB-1 on page B-2 for parameter descriptions):

a. In the Web Server Manager, Permissions - Settings2 tab, if the

user’s permission "Always prompt for confer ence password" check

box is selected and the correct conference entry password is sent as

part of the URL, the user is granted access to the conference.

Although the WebCommander login name and password are hidden , they a re sent as

plain text and they can still be detected by a network sniff er . To secure the connection,

it is recommended to use the SSL authentication and data encryption layer.