[OpenSIPS-Users] Regrarding is_user_in problem in opensips-1.5
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Mon Aug 24 12:39:12 CEST 2009
Hi Ashwini,
As your script shows, you do either IP auth (allow trusted) or digest
auth , but "credentials" are present only after digest auth.
So, if it is a trusted peer, there will be no digest auth, no
credentials and is_user_in() will fail.
My advice is to replace is_user_in("credentials"); with
is_user_in("from"); - anyhow you required both FROM USERNAME and AUTH
USERNAME to be the same when doing check_from().
Regards,
Bogdan
ASHWINI NAIDU wrote:
>
> Hi Bogdan,
>
> Authen tication is done
>
> *# ----- auth_db params -----
> /* uncomment the following lines if you want to enable the DB based
> authentication */
> modparam("auth_db", "calculate_ha1", yes)
> modparam("auth_db", "password_column", "password")
> modparam("auth_db", "db_url",
> "mysql://opensips:opensipsrw@localhost/opensips")
> modparam("auth_db", "load_credentials", "")
> *
>
> *if (is_from_local()){
> # From an internal domain -> check the credentials and the FROM
> if (method=="MESSAGE") {
> log(1,"\n--------------------------------------> ROUTE
> 3 MESSAGE Looop-----------------------\n");
> route(17);
> };
> if(!allow_trusted()){
> if (!proxy_authorize("","subscriber")) {
> proxy_challenge("","0");
> exit;
> } else if(!check_from()) {
> sl_send_reply("403", "Forbidden, use From=ID");
> exit;
> };
> };
> if (client_nat_test("3")) {
> append_hf("P-hint: setflag7|forcerport|fix_contact\r\n");
> setbflag(7);
> force_rport();
> fix_contact();
> };
> #unconditional call forward
> if(avp_db_load("$ru/username","$avp(s:callfwd)")) {
> avp_pushto("$ru", "$avp(s:callfwd)");
> route(1);
> exit;
> }
>
> * *consume_credentials();*
>
> * if (uri=~"^sip:00[0-9]{6,20}@") {
> if (is_user_in("Credentials","local")) {
> route(6);
> log(1,"\n*********************** I AM GOING TO ENTER ROUTE
> 4");
> route(4);
> exit;
> } else {
> sl_send_reply("403", "No permissions for local calls");
> exit;
> };
> };*
>
>
> Can you tell me where i may be going wrong
>
>
> This is the piece of script
> On Fri, Aug 21, 2009 at 5:58 PM, Bogdan-Andrei Iancu
> <bogdan at voice-system.ro <mailto:bogdan at voice-system.ro>> wrote:
>
> HI Ashwini,
>
> If you wan to used the Credentials, then you need to be sure you did
> authentication before (in script).
>
> Regards,
> Bogdan
>
> ASHWINI NAIDU wrote:
> > Hi all,
> >
> > I have installed opensips-1.5. I have applied the required
> patch
> > for group. When i use
> >
> > * is_user_in("Credentials", "local") { *
> >
> > I get the following error
> >
> > *ERROR:auth:consume_credentials: no authorized credentials found
> > (error in scripts)
> > Aug 21 17:09:30 debian /sbin/opensips[18916]:
> > ERROR:group:get_username_domain: no authorized credentials found
> > (error in scripts)
> > Aug 21 17:09:30 debian /sbin/opensips[18916]:
> ERROR:group:is_user_in:
> > failed to get username at domain*
> >
> > Can anyone say what may be the problem.
> > --
> > Thanking You,
> > Ashwini BR Naidu
> >
> ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Users mailing list
> > Users at lists.opensips.org <mailto:Users at lists.opensips.org>
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> >
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org <mailto:Users at lists.opensips.org>
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
>
> --
> Thanking You,
> Ashwini BR Naidu
> ------------------------------------------------------------------------
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
More information about the Users
mailing list