[OpenSIPS-Users] Issues using memcache auth
Tito Cumpen
tito at xsvoce.com
Tue Jun 2 00:58:36 CEST 2015
my db http returns the password in plain string by the way.
On Mon, Jun 1, 2015 at 6:57 PM, Tito Cumpen <tito at xsvoce.com> wrote:
> Hello group,
>
>
> I am attempting to add memcache auth validation in opensips 2.1. I was
> using http db which returns a string of the user password password. This
> was working prior to utilizing pv_www_authorize. I used this document as a
> guideline http://www.opensips.org/Documentation/Tutorials-MemoryCaching
>
> Here is my auth mod param config
> loadmodule "cachedb_local.so"
> loadmodule "auth.so"
> loadmodule "auth_db.so"
> modparam("auth","username_spec","$avp(i:54)")
> modparam("auth","password_spec","$avp(i:55)")
> modparam("auth","calculate_ha1",1)
>
> modparam("auth_db", "calculate_ha1", yes)
>
> modparam("auth_db", "password_column", "password")
> #modparam("auth_db", "db_url",
> modparam("auth_db", "db_url",
> "http://mysubscriberdatabase.com")
>
> modparam("auth_db", "load_credentials", "$avp(i:55)=password")
>
>
> if (is_method("REGISTER")) {
>
> # indicate that the client supports DTLS
> # so we know when he is called
> if (isflagset(SRC_WS))
> setbflag(DST_WS);
>
> if ( isflagset(uac_ws) ) {
> xlog("setting avp attribute in register for websocket \n");
>
> $avp(attr)="websocket";
> }
> if(cache_fetch("local","passwd_$tu",$avp(i:55))) {
> xlog("$tU 's credentials are stored in local cache using it for this
> register request \n");
> $avp(i:54) = $tU;
> xlog("SCRIPT: stored password is $avp(i:55)\n");
> # perform auth from variables
> # $avp(i:54) contains the username
> # $avp(i:55) contains the password
> if (!pv_www_authorize("")) {
> $var(rc2) = pv_www_authorize("");
> # $var(rc2) = www_authorize("", "subscriber");
> xlog("Return code is $var(rc2) \n");
> switch ( $var(rc2) ) {
> case 1 :
> # if ( proto==TCP || 0 ) {
> # setflag(TCP_PERSISTENT);
> # setflag(6);
> # }
>
>
> if (!save("location","f"))
> sl_reply_error();
>
> exit;
>
>
> # success
> break;
> case -1:
> sl_send_reply("404","User not found");
> exit;
> break;
> case -2:
> sl_send_reply("403","Forbidden (Bad auth)");
> exit;
> break;
> case -3:
> www_challenge("", "0");
> exit;
> #sl_send_reply("403","Forbidden auth ID");
> #break;
> default:
> www_challenge("", "0");
> exit;
>
> }
>
> };
>
> if (!save("location","f"))
> sl_reply_error();
>
> exit;
> }else{
> xlog("could not find the auth info in local cache for $tU\n");
> xlog("accessing the external db for auth info");
> # authenticate the REGISTER requests
> if (!www_authorize("", "subscriber"))
> {
> xlog("new challenger
> $tU\n");
>
>
> # www_challenge("", "0");
>
>
>
> $var(rc) = www_authorize("", "subscriber");
> xlog("Return code is $var(rc) \n");
>
> switch ( $var(rc) ) {
> case 1 :
> # if ( proto==TCP || 0 ) {
> # setflag(TCP_PERSISTENT);
> # setflag(6);
> # }
> # $avp(me) =
> $(tU{s.tolower});
>
> cache_store("local","passwd_$tu","$avp(i:55)",1200);
>
> if (!save("location","f"))
> sl_reply_error();
>
> exit;
>
>
> # success
> break;
> case -1:
> sl_send_reply("404","User not found");
> exit;
> break;
> case -2:
> sl_send_reply("403","Forbidden (Bad auth)");
> exit;
> break;
> case -3:
> www_challenge("", "0");
> exit;
> #sl_send_reply("403","Forbidden auth ID");
> #break;
> default:
> www_challenge("", "0");
> exit;
>
> }
> }
>
> xlog("should be storing local now that it has been authorized\n");
>
> cache_store("local","passwd_$tu","$avp(i:55)",1200);
> }
>
> if (!save("location","f"))
> sl_reply_error();
>
> exit;
> }
>
>
>
> The issue is the pv__www_authorize method after the verification wether
> the password is stored locally always returns -2 which means the password
> is incorrect. Can anyone provide any guidence as to why this is ?
>
>
> Thanks,
> Tito
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20150601/59b864bf/attachment.htm>
More information about the Users
mailing list