[OpenSIPS-Users] Authentication using Username, Password, IP address or Just IP address
Bogdan-Andrei Iancu
bogdan at opensips.org
Sun Feb 9 18:50:01 CET 2014
Hello,
The script you posted is doing the digest authentication (password
based). If you want to to do IP based authentication you should use the
permissions module (see the "address" table). First try to auth based on
IP and if the IP in unknown fallback to digest auth.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 24.01.2014 02:10, Alec Doran-Twyford wrote:
> Hi,
>
> I'm currently working on authentication below is the snipped of code
> used in our opensips.cfg which I believe handles all the
> authentication and registering work.
>
> With these setting only one of our endpoints works which is a SIP
> phone programme called PhonerLite and the other SIP phone don't work
> (unless I change the Domain IP address in the table to the Opensips
> Servers IP address and FreePBX never works.
>
> The end goal is to be able to authenticate by using just the Endpoints
> IP address or else by having the IP address and a Username and Password.
>
>
> ## EC - auth
> loadmodule "auth.so"
> loadmodule "auth_db.so"
> loadmodule "db_mysql.so"
> #loadmodule "alias_db.so"
> modparam("auth_db", "db_url", "mysql://opensips:test@localhost/opensips")
> modparam("auth_db", "calculate_ha1", 1)
> modparam("auth_db", "load_credentials", "$avp(cred)=rpid;email_address")
> modparam("auth_db", "password_column", "password")
>
> # EC - enable domain auth
> modparam("auth_db", "use_domain", 1)
> loadmodule "domain.so"
> modparam("domain", "db_url", "mysql://opensips:test@localhost/opensips")
>
>
> route{
>
>
> if (!is_method("REGISTER")) {
> # EC - auth
> if (!proxy_authorize("", "subscriber")) {
> xlog("proxy challenge!");
> proxy_challenge("", "0"); # Realm will be autogenerated
> exit;
> }
>
> if (!db_check_from()) {
> xlog("forbidden!");
> sl_send_reply("403","Forbidden auth ID");
> exit;
> }
> consume_credentials();
> }
> #
> if (is_method("REGISTER")){
> if (!www_authorize("", "subscriber")) {
> xlog("www challenge!");
> www_challenge("", "0"); # Realm will be autogenerated
> exit;
> }
> if (!db_check_from()) {
> xlog("forbidden!");
> sl_send_reply("403","Forbidden auth ID");
> exit;
> }
> xlog("register!");
> if (!save("location")) {
> xlog("failed to save location!");
> sl_reply_error();
> }
> exit;
> }
>
> }
>
> If anyone can help that would be great! or else point me in the
> direction of examples of different authentication would be greatly
> appreciated .
>
> Thanks
>
> Alec Doran-Twyford
>
> | Junior Support Enginner for IVSTel
> | E-mail: a.dorantwyford at ivstel.com <mailto:a.dorantwyford at ivstel.com>
> | Phone: +61 2 9288 8890 <tel:%2B61%202%209288%208890> |
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20140209/b7d8da5a/attachment.htm>
More information about the Users
mailing list