[OpenSIPS-Users] Authentication problem

Daniel Goepp dan at goepp.net
Thu Dec 24 19:12:16 CET 2009 

Yes, the section in the script was not modified from the default, so it is:

        if (!(method=="REGISTER") && is_from_local())  /*multidomain
version*/
        {
                if (!proxy_authorize("", "subscriber")) {
                        proxy_challenge("", "0");
                        exit;
                }
                if (!db_check_from()) {
                        sl_send_reply("403","Forbidden auth ID");
                        exit;
                }

                consume_credentials();
                # caller authenticated
        }

I am thinking perhaps this is to do with the domain, I don't see a query in
my sql trace log showing a query for domain, and the domain of the request
is in memory and the DB.  I did have an initial problem where I was getting
the "Preload Route denied", but I added the IP of the server to the domain
list, and that went away.

Thanks

-dg


On Thu, Dec 24, 2009 at 12:13 AM, Bogdan-Andrei Iancu <
bogdan at voice-system.ro> wrote:

> Hi Daniel,
>
> The auth part is not sending by itself a 403 -> probably this is
> explicitly sent from the script, so you need to check what function is
> failing triggering the 403 in script -> is it the db_check_to()  ?
>
> Regards,
> Bogdan
>
> Daniel Goepp wrote:
> > I am having another issue with this latest version also, and I believe
> > it could perhaps be related to my last post.  Very straight forward
> > here, I have just two users on this new lab system.
> >
> > The problem:
> >
> > First register comes in, challenged with 401 no problem, then a
> > register with auth header, which is responded to with:
> >
> > SIP/2.0 403 Forbidden auth ID.
> >
> > I did an SQL trace, and the query is select password from subscriber
> > where username='2001':
> >
> > When I execute manually, no problem:
> >
> > mysql> select password from subscriber where username='2001';
> > +----------+
> > | password |
> > +----------+
> > | 2001     |
> > +----------+
> >
> > Did something change recently regarding how users are auth'd?  This is
> > a very very basic setup, pretty much out of the box.  And ideas about
> > what boneheaded thing I have done here?
> >
> > Thanks
> >
> > -dg
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Users mailing list
> > Users at lists.opensips.org
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> >
>
>
> --
> Bogdan-Andrei Iancu
> www.voice-system.ro
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20091224/edb9060b/attachment.htm

More information about the Users mailing list