<div dir="ltr">my db http returns the password in plain string by the way.</div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jun 1, 2015 at 6:57 PM, Tito Cumpen <span dir="ltr"><<a href="mailto:tito@xsvoce.com" target="_blank">tito@xsvoce.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello group,<div><br></div><div><br></div><div>I am attempting to add memcache auth validation in opensips 2.1. I was using http db which returns a string of the user password password. This was working prior to utilizing pv_www_authorize. I used this document as a guideline <a href="http://www.opensips.org/Documentation/Tutorials-MemoryCaching" target="_blank">http://www.opensips.org/Documentation/Tutorials-MemoryCaching</a></div><div><br></div><div>Here is my auth mod param config</div><div><div>loadmodule "cachedb_local.so"</div><div>loadmodule "auth.so"</div><div>loadmodule "auth_db.so"</div><div>modparam("auth","username_spec","$avp(i:54)")</div><div>modparam("auth","password_spec","$avp(i:55)")</div><div>modparam("auth","calculate_ha1",1)</div><div><br></div><div>modparam("auth_db", "calculate_ha1", yes)</div><div><br></div><div>modparam("auth_db", "password_column", "password")</div><div>#modparam("auth_db", "db_url",</div><div>modparam("auth_db", "db_url",<br></div><div> "<a href="http://mysubscriberdatabase.com" target="_blank">http://mysubscriberdatabase.com</a>")</div><div><br></div><div>modparam("auth_db", "load_credentials", "$avp(i:55)=password")</div></div><div><br></div><div><br></div><div><span style="white-space:pre-wrap"> </span>if (is_method("REGISTER")) {</div><div><br></div><div><span style="white-space:pre-wrap"> </span># indicate that the client supports DTLS</div><div><span style="white-space:pre-wrap"> </span># so we know when he is called</div><div><span style="white-space:pre-wrap"> </span>if (isflagset(SRC_WS))</div><div><span style="white-space:pre-wrap"> </span>setbflag(DST_WS);</div><div><br></div><div><span style="white-space:pre-wrap"> </span>if ( isflagset(uac_ws) ) {</div><div><span style="white-space:pre-wrap"> </span> xlog("setting avp attribute in register for websocket \n");</div><div><br></div><div> $avp(attr)="websocket"; <span style="white-space:pre-wrap"> </span></div><div>}</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>if(cache_fetch("local","passwd_$tu",$avp(i:55))) {</div><div><span style="white-space:pre-wrap"> </span>xlog("$tU 's credentials are stored in local cache using it for this register request \n"); </div><div><span style="white-space:pre-wrap"> </span>$avp(i:54) = $tU;</div><div><span style="white-space:pre-wrap"> </span>xlog("SCRIPT: stored password is $avp(i:55)\n");</div><div><span style="white-space:pre-wrap"> </span># perform auth from variables</div><div><span style="white-space:pre-wrap"> </span># $avp(i:54) contains the username</div><div><span style="white-space:pre-wrap"> </span># $avp(i:55) contains the password</div><div><span style="white-space:pre-wrap"> </span>if (!pv_www_authorize("")) {</div><div><span style="white-space:pre-wrap"> </span>$var(rc2) = pv_www_authorize("");</div><div><span style="white-space:pre-wrap"> </span> # $var(rc2) = www_authorize("", "subscriber");</div><div><span style="white-space:pre-wrap"> </span> xlog("Return code is $var(rc2) \n");</div><div><span style="white-space:pre-wrap"> </span> switch ( $var(rc2) ) {</div><div> case 1 :</div><div> # if ( proto==TCP || 0 ) {</div><div> # setflag(TCP_PERSISTENT); </div><div> # setflag(6);</div><div> # }</div><div> </div><div><br></div><div> if (!save("location","f"))</div><div> sl_reply_error();</div><div><br></div><div> exit;</div><div><br></div><div><br></div><div> # success</div><div> break;</div><div> case -1:</div><div> sl_send_reply("404","User not found");</div><div> exit;</div><div> break;</div><div> case -2:</div><div> sl_send_reply("403","Forbidden (Bad auth)");</div><div> exit;</div><div> break;</div><div> case -3:</div><div> www_challenge("", "0");</div><div> exit;</div><div> #sl_send_reply("403","Forbidden auth ID");</div><div> #break;</div><div> default:</div><div> www_challenge("", "0");</div><div> exit;</div><div><br></div><div>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span>};</div><div><br></div><div><span style="white-space:pre-wrap"> </span></div><div> if (!save("location","f"))</div><div> sl_reply_error();</div><div><br></div><div> exit;</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>}else{<span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>xlog("could not find the auth info in local cache for $tU\n"); <span style="white-space:pre-wrap"> </span> </div><div><span style="white-space:pre-wrap"> </span>xlog("accessing the external db for auth info");</div><div><span style="white-space:pre-wrap"> </span> # authenticate the REGISTER requests</div><div> if (!www_authorize("", "subscriber"))</div><div> {</div><div> xlog("new challenger $tU\n");</div><div><br></div><div><br></div><div> # www_challenge("", "0");</div><div><br></div><div><br></div><div><br></div><div> $var(rc) = www_authorize("", "subscriber");</div><div> xlog("Return code is $var(rc) \n");</div><div><br></div><div> switch ( $var(rc) ) {</div><div> case 1 :</div><div> # if ( proto==TCP || 0 ) {</div><div> # setflag(TCP_PERSISTENT); </div><div> # setflag(6);</div><div> # }</div><div> # $avp(me) = $(tU{s.tolower});</div><div><br></div><div> cache_store("local","passwd_$tu","$avp(i:55)",1200);</div><div><br></div><div> if (!save("location","f"))</div><div> sl_reply_error();</div><div><br></div><div> exit;</div><div><br></div><div><br></div><div> # success</div><div> break;</div><div> case -1:</div><div> sl_send_reply("404","User not found");</div><div> exit;</div><div> break;</div><div> case -2:</div><div> sl_send_reply("403","Forbidden (Bad auth)");</div><div> exit;</div><div> break;</div><div> case -3:</div><div> www_challenge("", "0");</div><div> exit;</div><div> #sl_send_reply("403","Forbidden auth ID");</div><div> #break;</div><div> default:</div><div> www_challenge("", "0");</div><div> exit;</div><div><br></div><div>} </div><div>}</div><div><br></div><div><span style="white-space:pre-wrap"> </span>xlog("should be storing local now that it has been authorized\n");</div><div><span style="white-space:pre-wrap"> </span> cache_store("local","passwd_$tu","$avp(i:55)",1200);</div><div><span style="white-space:pre-wrap"> </span>}</div><div><br></div><div>if (!save("location","f"))</div><div><span style="white-space:pre-wrap"> </span>sl_reply_error();</div><div><br></div><div><span style="white-space:pre-wrap"> </span>exit;</div><div><span style="white-space:pre-wrap"> </span></div><div>} </div><div><br></div><div><br></div><div><br></div><div>The issue is the pv__www_authorize method after the verification wether the password is stored locally always returns -2 which means the password is incorrect. Can anyone provide any guidence as to why this is ?</div><div><br></div><div><br></div><div>Thanks,<br>Tito</div></div>
</blockquote></div><br></div>