<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix"><tt>Hi Diego,<br>
        <br>
        According to the log you posted (at the end of your email), the
        Proxy-Authorization was at least computed (the hdr is actually
        printed). If you do a t_relay() there, you should have the
        header in the new outgoing INVITE.<br>
        <br>
        Regards,<br>
      </tt>
      <pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>
      On 26.03.2014 20:36, Diego Barberio wrote:<br>
    </div>
    <blockquote
cite="mid:CABKsyb66d99YbezY_1Ry8ohH6jEkYSbdjOU=b6VeUoDQL7PFRw@mail.gmail.com"
      type="cite">
      <div dir="ltr">
        <div>
          <div>
            <div>
              <div>
                <div>
                  <div>Hi Bogdan,<br>
                    <br>
                  </div>
                  I followed your sugestion and found the follwing
                  error:<br>
                  <br>
                  Mar 26 12:53:15 [12396] DBG:uac:uac_auth: no
                  credential for realm "ctelpbx"<br>
                  <br>
                </div>
                So, I added the following lines to my configuration
                script:<br>
                <br>
                <span style="font-family:courier new,monospace">modparam("uac","auth_username_avp",
                  "$avp(user)")<br>
                  modparam("uac","auth_password_avp", "$avp(pass)")<br>
                  modparam("uac","auth_realm_avp", "$avp(realm)")<br>
                  <br>
                  route{<br>
                  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $avp(user)="268";<br>
                  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $avp(pass)="123456";<br>
                  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; $avp(realm)="ctelpbx";</span><br>
                <br>
              </div>
              Opensips is still not sending the invite with the
              Proxy-Authorizatin header, and now the log is showing
              this:<br>
              <br>
              <span style="font-family:courier new,monospace">Mar 26
                16:14:32 [5178] DBG:uac:uac_auth: picked reply is
                0xb6b68b68, code 407<br>
                Mar 26 16:14:32 [5178] DBG:core:parse_headers:
                flags=20000000000<br>
                Mar 26 16:14:32 [5178] DBG:core:parse_authenticate_body:
                &lt;algorithm&gt;="MD5" state=7<br>
                Mar 26 16:14:32 [5178] DBG:core:parse_authenticate_body:
                &lt;realm&gt;="ctelpbx" state=2<br>
                Mar 26 16:14:32 [5178] DBG:core:parse_authenticate_body:
                &lt;nonce&gt;="6f0a2c46" state=3<br>
                Mar 26 16:14:32 [5178]
                DBG:uac_auth:build_authorization_hdr: hdr is
                &lt;Proxy-Authorization: Digest username="268",
                realm="ctelpbx", nonce="6f0a2c46", uri="<a
                  moz-do-not-send="true"
                  href="http://sip:229@192.168.2.98:5060">sip:229@192.168.2.98:5060</a>",
                response="fc3cfd31f4a053d5d16b5ae8f463830d",
                algorithm=MD5<br>
                &gt;<br>
                Mar 26 16:14:32 [5178] DBG:core:parse_headers:
                flags=ffffffffffffffff<br>
                Mar 26 16:14:32 [5178] DBG:core:buf_init:
                initializing...<br>
              </span><br>
            </div>
            Any suggestion?<br>
            <br>
          </div>
          Thanks<br>
        </div>
        Diego<br>
      </div>
      <div class="gmail_extra">
        <br>
        <br>
        <div class="gmail_quote">On Fri, Mar 7, 2014 at 8:50 AM,
          Bogdan-Andrei Iancu <span dir="ltr">&lt;<a
              moz-do-not-send="true" href="mailto:bogdan@opensips.org"
              target="_blank">bogdan@opensips.org</a>&gt;</span> wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0
            .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div bgcolor="#FFFFFF" text="#000000">
              <div><tt>Hi Diego,<br>
                  <br>
                  Set debug = 4 and watch the logs from the uac_auth()
                  function (also the return code) - I assume the
                  function did not find any credentials (on the server
                  side) to match the authentication challenge (the
                  matching is done based on the realm).<br>
                  <br>
                  Regards,<br>
                </tt>
                <pre cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a moz-do-not-send="true" href="http://www.opensips-solutions.com" target="_blank">http://www.opensips-solutions.com</a></pre>
                <div>
                  <div class="h5"> On 05.03.2014 19:38, Diego Barberio
                    wrote:<br>
                  </div>
                </div>
              </div>
              <div>
                <div class="h5">
                  <blockquote type="cite">
                    <div dir="ltr">
                      <div>
                        <div>Hi Stefano, Vlad<br>
                          <br>
                        </div>
                        Thank you for your response I tried your
                        suggestion but still doesn't work. This is a
                        snippet from my script:<br>
                        <span style="font-family:courier new,monospace"><br>
modparam("uac_auth","credential","268:192.168.2.98:password")<br>
                          <br>
                          t_on_failure("2");<br>
                          t_relay();<br>
                          <br>
                          failure_route[2] {<br>
                          &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if(t_check_status("407")){<br>
                          &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; uac_auth();<br>
                          &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; xlog("In failure route 2\n");<br>
                          &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
                          }<br>
                          <br>
                        </span></div>
                      <div>According to the log, the uac_auth function
                        is being called but the following INVITEs
                        doesn't include the Proxy-Authorization header<span
                          style="font-family:courier new,monospace"><br>
                        </span></div>
                      <span style="font-family:courier new,monospace"><br>
                      </span>
                      <div>What am I missing?<br>
                        <br>
                      </div>
                      <div>Thanks<br>
                        Diego<br>
                      </div>
                      <div><span style="font-family:courier
                          new,monospace"></span></div>
                      <div><span style="font-family:courier
                          new,monospace"><br>
                        </span></div>
                    </div>
                    <div class="gmail_extra"><br>
                      <br>
                      <div class="gmail_quote">On Mon, Feb 24, 2014 at
                        2:12 PM, Vlad Paiu <span dir="ltr">&lt;<a
                            moz-do-not-send="true"
                            href="mailto:vladpaiu@opensips.org"
                            target="_blank">vladpaiu@opensips.org</a>&gt;</span>
                        wrote:<br>
                        <blockquote class="gmail_quote" style="margin:0
                          0 0 .8ex;border-left:1px #ccc
                          solid;padding-left:1ex">
                          <div text="#000000" bgcolor="#FFFFFF">
                            <div>Hello,<br>
                              <br>
                              The registrant module is to be used only
                              for generating REGISTER requests ( with
                              auth included ).<br>
                              For proxied calls, you need to use the uac
                              and uac_auth modules ( [1] ) for adding
                              the auth headers - call uac_auth() ( [2] )
                              function within failure route when
                              receiving a challenge.<br>
                              <br>
                              [1] <a moz-do-not-send="true"
                                href="http://www.opensips.org/html/docs/modules/1.11.x/uac_auth.html"
                                target="_blank">http://www.opensips.org/html/docs/modules/1.11.x/uac_auth.html</a><br>
                              [2] <a moz-do-not-send="true"
href="http://www.opensips.org/html/docs/modules/1.11.x/uac.html#id250288"
                                target="_blank">http://www.opensips.org/html/docs/modules/1.11.x/uac.html#id250288</a><br>
                              <br>
                              Best Regards<span><font color="#888888"><br>
                                  <pre cols="72">Vlad Paiu
OpenSIPS Developer
<a moz-do-not-send="true" href="http://www.opensips-solutions.com" target="_blank">http://www.opensips-solutions.com</a> </pre>
                                </font></span>
                              <div>
                                <div> On 24.02.2014 17:33, Stefano
                                  Pisani wrote:<br>
                                </div>
                              </div>
                            </div>
                            <div>
                              <div>
                                <blockquote type="cite">
                                  <div>You can use module UAC_AUTH<br>
                                    <br>
                                    Il 24/02/2014 16.18, Diego Barberio
                                    ha scritto:<br>
                                  </div>
                                  <blockquote type="cite">
                                    <div dir="ltr">
                                      <div>
                                        <div>
                                          <div>
                                            <div>Hi all,<br>
                                              <br>
                                            </div>
                                            I have opensips registered
                                            to an IP-PBX using
                                            registrant module and I want
                                            to make an outbound call to
                                            that PBX through the proxy.
                                            <br>
                                            <br>
                                          </div>
                                          I'm sending and INVITE from my
                                          application to the proxy with
                                          a From that is actually
                                          registered by the proxy,
                                          however OpenSIPs is not adding
                                          the Proxy-Authorization header
                                          so the INVITE is rejected with
                                          a 401 Unauthorized and that
                                          response is forwarded to my
                                          application.<br>
                                          <br>
                                        </div>
                                        I just want opensips to add the
                                        Proxy-Authorization header so
                                        the call is not rejected by the
                                        IP-PBX. Is it possible to
                                        achieve this?<br>
                                        <br>
                                      </div>
                                      Thanks<br>
                                      Diego<br>
                                    </div>
                                    <br>
                                    <fieldset></fieldset>
                                    <br>
                                    <pre>_______________________________________________
Users mailing list
<a moz-do-not-send="true" href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>
<a moz-do-not-send="true" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
                                  </blockquote>
                                  <br>
                                  <br>
                                  <fieldset></fieldset>
                                  <br>
                                  <pre>_______________________________________________
Users mailing list
<a moz-do-not-send="true" href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>
<a moz-do-not-send="true" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
                                </blockquote>
                                <br>
                              </div>
                            </div>
                          </div>
                          <br>
_______________________________________________<br>
                          Users mailing list<br>
                          <a moz-do-not-send="true"
                            href="mailto:Users@lists.opensips.org"
                            target="_blank">Users@lists.opensips.org</a><br>
                          <a moz-do-not-send="true"
                            href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users"
                            target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
                          <br>
                        </blockquote>
                      </div>
                      <br>
                    </div>
                    <br>
                    <fieldset></fieldset>
                    <br>
                    <pre>_______________________________________________
Users mailing list
<a moz-do-not-send="true" href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>
<a moz-do-not-send="true" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
                  </blockquote>
                  <br>
                </div>
              </div>
            </div>
          </blockquote>
        </div>
        <br>
      </div>
    </blockquote>
    <br>
  </body>
</html>