[OpenSIPS-Users] OpenSIPS - OpenXCAP integration
Sanjeev BA
as2902.b at samsung.com
Thu Oct 15 09:49:55 CEST 2009
Tried to get around this by adding IP address individually to trusted_peer
list. Seems to do the trick.
A config setting like 10.0.0.0/24 does not seem to work.
Kindly check this ticket.
http://openxcap.org/ticket/90
Regards
Sanjeev
-----Original Message-----
From: Sanjeev BA [mailto:as2902.b at samsung.com]
Sent: Thursday, October 15, 2009 2:56 PM
To: 'OpenSIPS users mailling list'
Subject: RE: [OpenSIPS-Users] OpenSIPS - OpenXCAP integration
Has anyonbe been able to make OpenXCAP work with OpenSIPS using digest
authentication?I am seeing an error in twisted/web2 python script, but I do
not know how to fix it.
I cannot proceed any further due to the error detailed below. Any help
regarding this issue would be highly appreciated.
Thanks in advance,
Regards
Sanjeev
-----Original Message-----
From: Sanjeev BA [mailto:as2902.b at samsung.com]
Sent: Thursday, October 15, 2009 8:50 AM
To: 'OpenSIPS users mailling list'
Subject: RE: [OpenSIPS-Users] OpenSIPS - OpenXCAP integration
Yes. Here's the sequence. After changing to digest, I can observe a 500
Internal Server Error in the OpenXCAP server.
Logs are provided below.
Client Request
T 2009/10/15 08:42:04.997913 10.254.140.240:43525 -> 10.89.10.235:80 [AP]
GET
/xcap-root/org.openmobilealliance.xcap-directory/users/sip%3Atester%40imsdem
o.com/directory.xml HTTP/1.1.
Host: 10.89.10.235:80.
Content-length: 0.
Connection: keep-alive.
.
401 Response
##
T 2009/10/15 08:42:05.106696 10.89.10.235:80 -> 10.254.140.240:43525 [AP]
HTTP/1.1 401 Unauthorized.
Date: Wed, 14 Oct 2009 23:42:05 GMT.
Content-Length: 141.
Content-Type: text/html.
WWW-Authenticate: digest nonce="624444026475982401434245613",
opaque="23870f726b78fb5d872eced92ca0c1dd-NjI0NDQ0MDI2NDc1OTgyNDAxNDM0MjQ1NjE
zLDEwLjI1NC4xNDAuMjQwLDEyNTU1NjM3MjU=", realm="imsdemo.com", algorithm=MD5,
qop="auth".
Server: OpenXCAP/1.1.2..
Date: Wed, 14 Oct 2009 12:17:24 GMT.
Content-Length: 141.
Content-Type: text/html.
WWW-Authenticate: basic realm="imsdemo.com".
Server: OpenXCAP/1.1.2.
.
<html><head><title>Unauthorized</title></head><body><h1>Unauthorized</h1><p>
You are not authorized to access this resource.</p></body></html>
Second GET from client
#####
T 2009/10/15 08:42:05.378179 10.254.140.240:43527 -> 10.89.10.235:80 [AP]
GET
/xcap-root/org.openmobilealliance.xcap-directory/users/sip%3Atester%40imsdem
o.com/directory.xml HTTP/1.1.
Host: 10.89.10.235:80.
Authorization: Digest username="tester", realm="imsdemo.com", qop=auth,
nonce="624444026475982401434245613", algorithm=MD5,
uri="/xcap-root/org.openmobilealliance.xcap-directory/users/sip%3Atester%40i
msdemo.com/directory.xml", response="", cnonce="poc123test",
opaque="23870f726b78fb5d872eced92ca0c1dd-NjI0NDQ0MDI2NDc1OTgyNDAxNDM0MjQ1NjE
zLDEwLjI1NC4xNDAuMjQwLDEyNTU1NjM.", nc=00000001.
Content-length: 0.
Connection: keep-alive.
500 Internal Server Error
##
T 2009/10/15 08:42:05.387184 10.89.10.235:80 -> 10.254.140.240:43527 [AP]
HTTP/1.1 500 Internal Server Error.
Date: Wed, 14 Oct 2009 23:42:05 GMT.
Content-Length: 96.
Content-Type: text/plain.
Server: OpenXCAP/1.1.2.
.
An error occurred while processing the request. More information is
available in the server log.
XCAP Server Error Log.
10.254.140.240 'GET
/xcap-root/org.openmobilealliance.xcap-directory/users/sip%3Atester%40imsdem
o.com/directory.xml HTTP/1.1' 401 0 141 - -
REQUEST headers:
Host: 10.89.10.235:80
NjI0NDQ0MDI2NDc1OTgyNDAxNDM0MjQ1NjEzLDEwLjI1NC4xNDAuMjQwLDEyNTU1NjM
error: 10.254.140.240 'GET
/xcap-root/org.openmobilealliance.xcap-directory/users/sip%3Atester%40imsdem
o.com/directory.xml HTTP/1.1' 500 0 96 - -
error: REQUEST headers:
error: Host: 10.89.10.235:80
error: Authorization: Digest username="tester", realm="imsdemo.com",
qop=auth, nonce="624444026475982401434245613", algorithm=MD5,
uri="/xcap-root/org.openmobilealliance.xcap-directory/users/sip%3Atester%40i
msdemo.com/directory.xml", response="", cnonce="poc123test",
opaque="23870f726b78fb5d872eced92ca0c1dd-NjI0NDQ0MDI2NDc1OTgyNDAxNDM0MjQ1NjE
zLDEwLjI1NC4xNDAuMjQwLDEyNTU1NjM", nc=00000001
error: RESPONSE headers:
error: Content-Type: text/plain
error: RESPONSE: Content-Type: text/plain
error: An error occurred while processing the request. More information is
available in the server log.
error: TRACEBACK (most recent call last):
error: File "/usr/lib/python2.5/site-packages/twisted/web2/server.py",
line 268, in <lambda>
error: d.addCallback(lambda res, req: res.renderHTTP(req), self)
error: File "/usr/lib/python2.5/site-packages/xcap/authentication.py",
line 284, in renderHTTP
error: d = self.authenticate(request)
error: File "/usr/lib/python2.5/site-packages/xcap/authentication.py",
line 212, in authenticate
error: (request,), None)
error: File "/usr/lib/python2.5/site-packages/twisted/internet/defer.py",
line 186, in addCallbacks
error: self._runCallbacks()
error: --- <exception caught here> ---
error: File "/usr/lib/python2.5/site-packages/twisted/internet/defer.py",
line 328, in _runCallbacks
error: self.result = callback(self.result, *args, **kw)
error: File "/usr/lib/python2.5/site-packages/xcap/authentication.py",
line 217, in _trustedPeerLoginFailed
error: return HTTPAuthResource.authenticate(self, request)
error: File
"/usr/lib/python2.5/site-packages/twisted/web2/auth/wrapper.py", line 181,
in authenticate
error: authHeader[1], request)
error: File
"/usr/lib/python2.5/site-packages/twisted/web2/auth/wrapper.py", line 145,
in login
error: creds = factory.decode(response, request)
error: File
"/usr/lib/python2.5/site-packages/twisted/web2/auth/digest.py", line 344, in
decode
error: request.remoteAddr.host):
error: File
"/usr/lib/python2.5/site-packages/twisted/web2/auth/digest.py", line 257, in
verifyOpaque
error: key = opaqueParts[1].decode('base64')
error: File "/usr/lib/python2.5/encodings/base64_codec.py", line 43, in
base64_decode
error: output = base64.decodestring(input)
error: File "base64.py", line 321, in decodestring
error: return binascii.a2b_base64(s)
error: binascii.Error: Incorrect padding
-----Original Message-----
From: users-bounces at lists.opensips.org
[mailto:users-bounces at lists.opensips.org] On Behalf Of Inaki Baz Castillo
Sent: Wednesday, October 14, 2009 9:41 PM
To: users at lists.opensips.org
Subject: Re: [OpenSIPS-Users] OpenSIPS - OpenXCAP integration
El Miércoles, 14 de Octubre de 2009, Sanjeev BA escribió:
> T 2009/10/14 21:17:24.833815 10.254.140.202:34878 -> 10.89.10.235:80 [AP]
> GET
>
/xcap-root/org.openmobilealliance.xcap-directory/users/sip%3Atester%40imsde
> m o.com/directory.xml HTTP/1.1.
> Host: 10.89.10.235:80.
> Content-length: 0.
> Connection: keep-alive.
> .
>
> ##
> T 2009/10/14 21:17:24.835431 10.89.10.235:80 -> 10.254.140.202:34878 [AP]
> HTTP/1.1 401 Unauthorized.
> Date: Wed, 14 Oct 2009 12:17:24 GMT.
> Content-Length: 141.
> Content-Type: text/html.
> WWW-Authenticate: basic realm="imsdemo.com".
> Server: OpenXCAP/1.1.2.
Doesn't the client send a new GET request containing credentials after that
401???
Note however that, theorically, XCAP doesn't allow Basic authentication, but
just Digest. And some clients (as EyeBeam) just implements Digest.
If you client doesn't re-send the request with credentials upon receipt of
401
then:
- Your XCAP client doesn't support Basic.
- You XCAP client doesn't like the 401 for any other reason.
--
Iñaki Baz Castillo <ibc at aliax.net>
_______________________________________________
Users mailing list
Users at lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
More information about the Users
mailing list