<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix"><tt>Hello,<br>
<br>
The script you posted is doing the digest authentication
(password based). If you want to to do IP based authentication
you should use the permissions module (see the "address" table).
First try to auth based on IP and if the IP in unknown fallback
to digest auth.<br>
<br>
Regards,<br>
</tt>
<pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>
On 24.01.2014 02:10, Alec Doran-Twyford wrote:<br>
</div>
<blockquote
cite="mid:CADnYDZyhgSozw0ey-q3q_NAVysGFda0RTc9LZSBwD4Xz8MmWyA@mail.gmail.com"
type="cite">
<div dir="ltr">Hi,
<div><br>
</div>
<div>I'm currently working on authentication below is the
snipped of code used in our opensips.cfg which I believe
handles all the authentication and registering work.</div>
<div><br>
</div>
<div>With these setting only one of our endpoints works which is
a SIP phone programme called PhonerLite and the other SIP
phone don't work (unless I change the Domain IP address in the
table to the Opensips Servers IP address and FreePBX never
works.</div>
<div><br>
</div>
<div>The end goal is to be able to authenticate by using just
the Endpoints IP address or else by having the IP address and
a Username and Password.</div>
<div><br>
</div>
<div><br>
</div>
<div>
<div>## EC - auth</div>
<div>loadmodule "auth.so"</div>
<div>loadmodule "auth_db.so"</div>
<div>loadmodule "db_mysql.so"</div>
<div>#loadmodule "alias_db.so"</div>
<div>modparam("auth_db", "db_url",
"mysql://opensips:test@localhost/opensips")</div>
<div>modparam("auth_db", "calculate_ha1", 1)</div>
<div>modparam("auth_db", "load_credentials",
"$avp(cred)=rpid;email_address")</div>
<div>modparam("auth_db", "password_column", "password")</div>
<div><br>
</div>
<div># EC - enable domain auth</div>
<div>modparam("auth_db", "use_domain", 1)</div>
<div>loadmodule "domain.so"</div>
<div>modparam("domain", "db_url",
"mysql://opensips:test@localhost/opensips")</div>
<div><br>
</div>
<div><br>
</div>
<div>route{<br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>
<div><span class="" style="white-space:pre"> </span>if
(!is_method("REGISTER")) {</div>
<div><span class="" style="white-space:pre"> </span># EC -
auth</div>
<div><span class="" style="white-space:pre"> </span>if
(!proxy_authorize("", "subscriber")) {</div>
<div><span class="" style="white-space:pre"> </span>
xlog("proxy challenge!");</div>
<div><span class="" style="white-space:pre"> </span>proxy_challenge("",
"0"); # Realm will be autogenerated</div>
<div><span class="" style="white-space:pre"> </span>exit;</div>
<div><span class="" style="white-space:pre"> </span>}</div>
<div><br>
</div>
<div><span class="" style="white-space:pre"> </span>if
(!db_check_from()) {</div>
<div>
<span class="" style="white-space:pre"> </span>
xlog("forbidden!");</div>
<div><span class="" style="white-space:pre"> </span>
sl_send_reply("403","Forbidden auth ID");</div>
<div><span class="" style="white-space:pre"> </span> exit;</div>
<div><span class="" style="white-space:pre"> </span> }</div>
<div><span class="" style="white-space:pre"> </span>consume_credentials();</div>
<div><span class="" style="white-space:pre"> </span>} </div>
<div><span class="" style="white-space:pre"> </span></div>
<div><span class="" style="white-space:pre"> </span>#</div>
<div><span class="" style="white-space:pre"> </span>if
(is_method("REGISTER")){</div>
<div><span class="" style="white-space:pre"> </span>if
(!www_authorize("", "subscriber")) {</div>
<div><span class="" style="white-space:pre"> </span>
xlog("www challenge!");</div>
<div><span class="" style="white-space:pre"> </span>www_challenge("",
"0"); # Realm will be autogenerated</div>
<div><span class="" style="white-space:pre"> </span>exit;</div>
<div><span class="" style="white-space:pre"> </span>}</div>
<div><span class="" style="white-space:pre"> </span>if
(!db_check_from()) {</div>
<div><span class="" style="white-space:pre"> </span>
xlog("forbidden!");</div>
<div><span class="" style="white-space:pre"> </span>
sl_send_reply("403","Forbidden auth ID");</div>
<div><span class="" style="white-space:pre"> </span> exit;</div>
<div><span class="" style="white-space:pre"> </span> }</div>
<div><span class="" style="white-space:pre"> </span>xlog("register!");</div>
<div><span class="" style="white-space:pre"> </span>if
(!save("location")) {</div>
<div><span class="" style="white-space:pre"> </span>xlog("failed
to save location!");</div>
<div><span class="" style="white-space:pre"> </span>sl_reply_error();</div>
<div><span class="" style="white-space:pre"> </span>}</div>
<div><span class="" style="white-space:pre"> </span> exit;</div>
<div><span class="" style="white-space:pre"> </span>}</div>
</div>
<div><br>
</div>
<div>}</div>
<div><br>
</div>
<div>If anyone can help that would be great! or else point me
in the direction of examples of different authentication
would be greatly appreciated .</div>
<div><br>
</div>
<div>
Thanks</div>
<div><br clear="all">
<div>
<div dir="ltr">Alec Doran-Twyford
<div><br>
<div>| Junior Support Enginner for IVSTel</div>
</div>
<div>| E-mail: <a moz-do-not-send="true"
href="mailto:a.dorantwyford@ivstel.com"
target="_blank">a.dorantwyford@ivstel.com</a> |
Phone: <a moz-do-not-send="true"
href="tel:%2B61%202%209288%208890"
value="+61292888890" target="_blank">+61 2 9288 8890</a>
|</div>
<div><br>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>
<a class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</blockquote>
<br>
</body>
</html>