[OpenSIPS-Users] Issues using memcache auth
Tito Cumpen
tito at xsvoce.com
Tue Jun 2 00:57:48 CEST 2015
Hello group,
I am attempting to add memcache auth validation in opensips 2.1. I was
using http db which returns a string of the user password password. This
was working prior to utilizing pv_www_authorize. I used this document as a
guideline http://www.opensips.org/Documentation/Tutorials-MemoryCaching
Here is my auth mod param config
loadmodule "cachedb_local.so"
loadmodule "auth.so"
loadmodule "auth_db.so"
modparam("auth","username_spec","$avp(i:54)")
modparam("auth","password_spec","$avp(i:55)")
modparam("auth","calculate_ha1",1)
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")
#modparam("auth_db", "db_url",
modparam("auth_db", "db_url",
"http://mysubscriberdatabase.com")
modparam("auth_db", "load_credentials", "$avp(i:55)=password")
if (is_method("REGISTER")) {
# indicate that the client supports DTLS
# so we know when he is called
if (isflagset(SRC_WS))
setbflag(DST_WS);
if ( isflagset(uac_ws) ) {
xlog("setting avp attribute in register for websocket \n");
$avp(attr)="websocket";
}
if(cache_fetch("local","passwd_$tu",$avp(i:55))) {
xlog("$tU 's credentials are stored in local cache using it for this
register request \n");
$avp(i:54) = $tU;
xlog("SCRIPT: stored password is $avp(i:55)\n");
# perform auth from variables
# $avp(i:54) contains the username
# $avp(i:55) contains the password
if (!pv_www_authorize("")) {
$var(rc2) = pv_www_authorize("");
# $var(rc2) = www_authorize("", "subscriber");
xlog("Return code is $var(rc2) \n");
switch ( $var(rc2) ) {
case 1 :
# if ( proto==TCP || 0 ) {
# setflag(TCP_PERSISTENT);
# setflag(6);
# }
if (!save("location","f"))
sl_reply_error();
exit;
# success
break;
case -1:
sl_send_reply("404","User not found");
exit;
break;
case -2:
sl_send_reply("403","Forbidden (Bad auth)");
exit;
break;
case -3:
www_challenge("", "0");
exit;
#sl_send_reply("403","Forbidden auth ID");
#break;
default:
www_challenge("", "0");
exit;
}
};
if (!save("location","f"))
sl_reply_error();
exit;
}else{
xlog("could not find the auth info in local cache for $tU\n");
xlog("accessing the external db for auth info");
# authenticate the REGISTER requests
if (!www_authorize("", "subscriber"))
{
xlog("new challenger
$tU\n");
# www_challenge("", "0");
$var(rc) = www_authorize("", "subscriber");
xlog("Return code is $var(rc) \n");
switch ( $var(rc) ) {
case 1 :
# if ( proto==TCP || 0 ) {
# setflag(TCP_PERSISTENT);
# setflag(6);
# }
# $avp(me) =
$(tU{s.tolower});
cache_store("local","passwd_$tu","$avp(i:55)",1200);
if (!save("location","f"))
sl_reply_error();
exit;
# success
break;
case -1:
sl_send_reply("404","User not found");
exit;
break;
case -2:
sl_send_reply("403","Forbidden (Bad auth)");
exit;
break;
case -3:
www_challenge("", "0");
exit;
#sl_send_reply("403","Forbidden auth ID");
#break;
default:
www_challenge("", "0");
exit;
}
}
xlog("should be storing local now that it has been authorized\n");
cache_store("local","passwd_$tu","$avp(i:55)",1200);
}
if (!save("location","f"))
sl_reply_error();
exit;
}
The issue is the pv__www_authorize method after the verification wether the
password is stored locally always returns -2 which means the password is
incorrect. Can anyone provide any guidence as to why this is ?
Thanks,
Tito
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20150601/8a3816eb/attachment-0001.htm>
More information about the Users
mailing list