<div dir="ltr">I think I understand now. I think you would need to set up an AVPops to switch registration/authentication on and off per user<div><br></div><div>So you might have <span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">$avp(AuthSet)</span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)"><br></span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">if( $avp(AuthSet) == "n" && </span><span style="font-size:13px">is_method("REGISTER")</span><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">)</span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">{</span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)"> </span><span style="font-size:13px">save("location");</span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">}</span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)"><br></span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)"><br></span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">if( </span><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">$avp(AuthSet) == "n" && </span><span style="font-size:13px">is_method("INVITE")</span><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">)</span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">{</span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)"> "don't challenge for password"</span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)"> </span><font color="#000000">t_relay();</font></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">}</span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)"><br></span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">Then you would have more if statements to handle REGISTER or INVITE if $avp(AuthSet) equals yes. The logic here is pretty simple. Sure it will be more detailed then what I provided.</span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)"><br></span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">This way if the user sets their account to not register then your webpage needs to update the avp that is for them to "n" or no. How ever you want to do it.</span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)"><br></span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)">Is that what you were looking to accomplish?</span></div><div><span style="color:rgb(0,0,0);background-color:rgb(254,254,238)"><br></span></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Jan 2, 2015 at 9:09 AM, Satish Patel <span dir="ltr"><<a href="mailto:satish.txt@gmail.com" target="_blank">satish.txt@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div>Lets say i have user "A" using IP base authentication to send call outside using Opensips Proxy. ( Same user has option to Username/Password to register and send calls). <br><br></div>We have developed web GUI to give control control to "customer" so they can enable/disable their registration base method ( Reason we give that control to user because if user has dedicated Public IP then he can disable "Registration" base method so hacker can't exploit their users accounts. <br><br></div>So my Original question is, How or what i should use or configure in Opensips so i can switch on/off user base registration? ( We only allowing to send calls outside, no inbound calls allowed)<br><br></div><div>Hope it helps you to understand my scenario, Let me know if i am wrong anywhere in above scenario. <br></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Dec 31, 2014 at 1:30 PM, Duane Larson <span dir="ltr"><<a href="mailto:duane.larson@gmail.com" target="_blank">duane.larson@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">My logic saves the user that is registering into the location table without challenging them for a password or checking that the user or domain is local to the OpenSIPs instance. If you are looking for something more you might want to provide more detail.<div><br></div><div>This would allow fake accounts to register if they are from a friendly IP.<div><div><span></span><br><br>On Wednesday, December 31, 2014, Satish Patel <<a href="mailto:satish.txt@gmail.com" target="_blank">satish.txt@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">How it will help if i want to allow only IP auth for specific user but not registration auth? How your logic deal with User level?<div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Dec 31, 2014 at 12:22 PM, Duane Larson <span dir="ltr"><<a>duane.larson@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Would you not just do something like this?<div><br></div><div>If(FriendlyIP && is_method("REGISTER"))</div><div>{</div><div><div> if (t_newtran()) {</div><div> save("location");</div><div> }</div><div><br></div><div> exit;</div></div><div>}</div></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div>On Wed, Dec 31, 2014 at 10:22 AM, Satish Patel <span dir="ltr"><<a>satish.txt@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div><div dir="ltr">Hi,<div><br></div><div>We have many users using both registration method and IP auth method to send calls but i wants if they use IP Auth method then we can disable registration method ( just prevention from hacking attack). </div><div><br></div><div>I believe registration is only required for incoming calls to find user location, right? How do i tell opensips don't accept user registration method even opensips challenge for proxy auth. any suggestion? </div></div>
<br></div></div>_______________________________________________<br>
Users mailing list<br>
<a>Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br></blockquote></div><br></div>
<br>_______________________________________________<br>
Users mailing list<br>
<a>Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br></blockquote></div><br></div>
</blockquote></div></div></div>
<br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br></blockquote></div><br></div>
</div></div><br>_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
<br></blockquote></div><br></div>