[OpenSIPS-Users] using avops for authentication

Gabriel Bermudez elgabo81 at gmail.com
Wed Jul 14 00:41:53 CEST 2010


I'm forgetting about something, the userpassword field is a plain text
password.

Regards,

2010/7/13 Gabriel Bermudez <elgabo81 at gmail.com>

> Hi,
>
> I need to authenticate and register users that are stored on the opensips
> db AND a different database.  For that I have the following code
>
>     if (is_method("REGISTER") && $fu=~"^sip:[0-9]{10}@")
>     {
>         # authenticate the REGISTER based on a different DB
>         xlog("getting valid credentials for calling card $fu");
>         avp_db_query("select userpass from anothertable where
> username='$au'", "$avp(s:password)", "1");
>         $var(username)=$au; *# line 392*
>         xlog("credentials for user $var(username) : $avp(s:password)");
>         if(!pv_www_authorize(""))
>         {
>                         www_challenge("", "0");
>                         xlog("registration from $fu has been challenged");
>                         exit;
>         }
>         xlog("$fu authorized!!!");
>         if (!db_check_to())
>         {
>                 sl_send_reply("403","Forbidden auth ID");
>                 exit;
>         }
>
>         if (!save("location"))
>                 sl_reply_error();
>
>         xlog("location saved for $fu");
>         exit;
>     }
>     if (is_method("REGISTER") && $fu=~"^sip:[0-9]{9}@")
>     {
>         # authenticate the REGISTER requests (uncomment to enable auth)
>         if (!www_authorize("", "subscriber"))
>         {
>             www_challenge("", "0");
>             xlog("registration from $fu has been challenged");
>             exit;
>         }
>
>         if (!db_check_to())
>         {
>             sl_send_reply("403","Forbidden auth ID");
>             exit;
>         }
>
>         if (!save("location"))
>             sl_reply_error();
>
>         xlog("location saved for $fu");
>         exit;
>     }
>
> if the username part of the From header has 10 digits the script will try
> to authenticate against the other DB, but it won't go further than the
> pv_www_authorize line because on the logs I get the following.
>
> Jul 13 21:28:00 opensips /usr/sbin/opensips[3139]: getting valid
> credentials for user sip:9999999999 at xx.xx.xx.xx
> Jul 13 21:28:00 opensips /usr/sbin/opensips[3139]: ERROR:core:do_assign: no
> value in right expression
> Jul 13 21:28:00 opensips /usr/sbin/opensips[3139]: ERROR:core:do_assign:
> error at line: 397
> Jul 13 21:28:00 opensips /usr/sbin/opensips[3139]: credentials for user 0 :
> <null>
> Jul 13 21:28:01 opensips /usr/sbin/opensips[3141]: getting valid
> credentials for user sip:9999999999 at xx.xx.xx.xx
> Jul 13 21:28:01 opensips /usr/sbin/opensips[3141]: credentials for user
> 9999999999 : 9999999999
>
> I don't know if I'm doing something really wrong or maybe the ERROR message
> has something to do with this auth failure.  Please can someone clarify this
> issue.
> Thanks,
>
>
> Kind regards,
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20100713/b59446cf/attachment-0001.htm 


More information about the Users mailing list