In a CME environment, when connecting to IP phones to push commands (like to force a phone to dial a number), the authentication performed is determined by the CME configuration. Specifically, if "url authentication http://W.X.Y.Z/CCMCIP/authenticate.asp" then the CME's "authentication credential" command determines which username and password must be sent to the IP Phone to sucessfully make it dial.
 
However, CME supports external authentication with the "url authentication http://..." command. When I point this to a web server, it connects to the URL I specify and POSTs the following: UserID=admin&Password=admin&devicename=SEPXXXXXXXXXXXX. The web server then needs to send something back to say "you're authorized" or "authorization failed."
 
That's where my problem comes in. I can find no documentation on what the web server needs to send back in order to tell the IP Phone "you're authorized." Does anyone have any idea what the web server needs to respond back with in order for successful authentication to occur?

That did it!
 
The response from the server has to be the string AUTHORIZED, without any HTML at all. Anything other than that results in a rejection.
 
Thanks for your help!