Asynchronous programming & phone notifications

Version 1
    This document was generated from CDN thread

    Created by: Itay Even Hen on 26-04-2010 07:36:57 AM
    I'm trying to understand if it is possible to develop an application that accesses the phone and display notification when specific business event occurs.
    To be more specific, I'd like my users to login to the applicaton via the phone. I store the logged in clients list in my service.
    If specific threshold is achieved (i.e. stock price), I'd like to display notification to the logged in clients.
    I know that the phone is running simple web-server, but the question if it is capable of handling such requirements (security wise, and technicality wise).

    Subject: RE: Asynchronous programming & phone notifications
    Replied by: David Staudt on 26-04-2010 07:42:42 PM
    Such an application is possible, and rather quite common.  A web-based app can HTTP POST a CiscoIPPhoneExecute XML object to the phone's web server, and the phone will perform the action (i.e. display something on the screen, retrieve a URL for another XML object, play and RTP stream, etc.)
    The IP Phone Services SDK has several examples of this funcitonality.
    One caveat: you mention security.  Currently IPPS supports only HTTP transport.  As of UCM8.0 phones have HTTPS IPPS capability, but final testing and documentation is pending.

    Subject: RE: Asynchronous programming & phone notifications
    Replied by: David Staudt on 27-04-2010 12:56:36 PM
    Yep, self-signed certs will be handled by the existing UCM cert management tools - no worries.

    Subject: RE: Asynchronous programming & phone notifications
    Replied by: Stephan Steiner on 27-04-2010 08:42:02 AM
    David - I very much hope you guys consider that getting valid certs for self-standing servers can be next to impossible. Cisco boxes generally run with self signed certs, so I hope that the route you take will allow the use of self signed certs for IPSS as well (even if it's an enterprise parameter you can turn on /off.. having a cert warning pop up or the app not showing up if there's no valid cert from a CA the phones recognize would pretty much ensure that HTTPs be only used when we can't talk our customers out of it).