[OpenSIPS-Users] using avops for authentication
Gabriel Bermudez
elgabo81 at gmail.com
Wed Jul 14 23:45:19 CEST 2010
Hi Bodgan,
Thanks for your answer, is there a way to know if $au is set or check
for the WWW-Authenticate header? If it isn't I can www_challenge the
user for credentials. After some trial and error I managed to
authenticate my users, I setted calculate_ha1 param to 1
modparam("auth", "calculate_ha1", 1)
Again, thanks for your help.
Regards,
2010/7/14 Bogdan-Andrei Iancu <bogdan at voice-system.ro>
>
> Hi Gabriel,
>
> I guess the problem is at:
> $var(username)=$au;
>
> as without doing auth, $au is not defined (parsed) yet.
> better try:
> $var(username)=$fU;
>
> Regards,
> Bogdan
>
> Gabriel Bermudez wrote:
> > Hi,
> >
> > I need to authenticate and register users that are stored on the
> > opensips db AND a different database. For that I have the following code
> >
> > if (is_method("REGISTER") && $fu=~"^sip:[0-9]{10}@")
> > {
> > # authenticate the REGISTER based on a different DB
> > xlog("getting valid credentials for calling card $fu");
> > avp_db_query("select userpass from anothertable where
> > username='$au'", "$avp(s:password)", "1");
> > $var(username)=$au; *# line 392*
> > xlog("credentials for user $var(username) : $avp(s:password)");
> > if(!pv_www_authorize(""))
> > {
> > www_challenge("", "0");
> > xlog("registration from $fu has been challenged");
> > exit;
> > }
> > xlog("$fu authorized!!!");
> > if (!db_check_to())
> > {
> > sl_send_reply("403","Forbidden auth ID");
> > exit;
> > }
> >
> > if (!save("location"))
> > sl_reply_error();
> >
> > xlog("location saved for $fu");
> > exit;
> > }
> > if (is_method("REGISTER") && $fu=~"^sip:[0-9]{9}@")
> > {
> > # authenticate the REGISTER requests (uncomment to enable auth)
> > if (!www_authorize("", "subscriber"))
> > {
> > www_challenge("", "0");
> > xlog("registration from $fu has been challenged");
> > exit;
> > }
> >
> > if (!db_check_to())
> > {
> > sl_send_reply("403","Forbidden auth ID");
> > exit;
> > }
> >
> > if (!save("location"))
> > sl_reply_error();
> >
> > xlog("location saved for $fu");
> > exit;
> > }
> >
> > if the username part of the From header has 10 digits the script will
> > try to authenticate against the other DB, but it won't go further than
> > the pv_www_authorize line because on the logs I get the following.
> >
> > Jul 13 21:28:00 opensips /usr/sbin/opensips[3139]: getting valid
> > credentials for user sip:9999999999 at xx.xx.xx.xx
> > Jul 13 21:28:00 opensips /usr/sbin/opensips[3139]:
> > ERROR:core:do_assign: no value in right expression
> > Jul 13 21:28:00 opensips /usr/sbin/opensips[3139]:
> > ERROR:core:do_assign: error at line: 397
> > Jul 13 21:28:00 opensips /usr/sbin/opensips[3139]: credentials for
> > user 0 : <null>
> > Jul 13 21:28:01 opensips /usr/sbin/opensips[3141]: getting valid
> > credentials for user sip:9999999999 at xx.xx.xx.xx
> > Jul 13 21:28:01 opensips /usr/sbin/opensips[3141]: credentials for
> > user 9999999999 : 9999999999
> >
> > I don't know if I'm doing something really wrong or maybe the ERROR
> > message has something to do with this auth failure. Please can
> > someone clarify this issue.
> > Thanks,
> >
> >
> > Kind regards,
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Users mailing list
> > Users at lists.opensips.org
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> >
>
>
> --
> Bogdan-Andrei Iancu
> OpenSIPS Bootcamp
> 20 - 24 September 2010, Frankfurt, Germany
> www.voice-system.ro
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
More information about the Users
mailing list