<div dir="ltr">Hello group,<div><br></div><div><br></div><div>I am attempting to add memcache auth validation in opensips 2.1. I was using http db which returns a string of the user password password. This was working prior to utilizing pv_www_authorize. I used this document as a guideline <a href="http://www.opensips.org/Documentation/Tutorials-MemoryCaching">http://www.opensips.org/Documentation/Tutorials-MemoryCaching</a></div><div><br></div><div>Here is my auth mod param config</div><div><div>loadmodule &quot;cachedb_local.so&quot;</div><div>loadmodule &quot;auth.so&quot;</div><div>loadmodule &quot;auth_db.so&quot;</div><div>modparam(&quot;auth&quot;,&quot;username_spec&quot;,&quot;$avp(i:54)&quot;)</div><div>modparam(&quot;auth&quot;,&quot;password_spec&quot;,&quot;$avp(i:55)&quot;)</div><div>modparam(&quot;auth&quot;,&quot;calculate_ha1&quot;,1)</div><div><br></div><div>modparam(&quot;auth_db&quot;, &quot;calculate_ha1&quot;, yes)</div><div><br></div><div>modparam(&quot;auth_db&quot;, &quot;password_column&quot;, &quot;password&quot;)</div><div>#modparam(&quot;auth_db&quot;, &quot;db_url&quot;,</div><div>modparam(&quot;auth_db&quot;, &quot;db_url&quot;,<br></div><div>  Â  Â  Â  Â &quot;<a href="http://mysubscriberdatabase.com">http://mysubscriberdatabase.com</a>&quot;)</div><div><br></div><div>modparam(&quot;auth_db&quot;, &quot;load_credentials&quot;, &quot;$avp(i:55)=password&quot;)</div></div><div><br></div><div><br></div><div><span class="" style="white-space:pre">        </span>if (is_method(&quot;REGISTER&quot;)) {</div><div><br></div><div><span class="" style="white-space:pre">                </span># indicate that the client supports DTLS</div><div><span class="" style="white-space:pre">                </span># so we know when he is called</div><div><span class="" style="white-space:pre">                </span>if (isflagset(SRC_WS))</div><div><span class="" style="white-space:pre">                        </span>setbflag(DST_WS);</div><div><br></div><div><span class="" style="white-space:pre">        </span>if ( isflagset(uac_ws) ) {</div><div><span class="" style="white-space:pre">        </span> Â  Â  Â  Â xlog(&quot;setting avp attribute in register for websocket \n&quot;);</div><div><br></div><div>  $avp(attr)=&quot;websocket&quot;; <span class="" style="white-space:pre">                        </span></div><div>}</div><div><span class="" style="white-space:pre">                </span></div><div><span class="" style="white-space:pre">                </span></div><div><span class="" style="white-space:pre">                        </span>if(cache_fetch(&quot;local&quot;,&quot;passwd_$tu&quot;,$avp(i:55))) {</div><div><span class="" style="white-space:pre">                        </span>xlog(&quot;$tU &#39;s credentials are stored in local cache using it for this register request \n&quot;); </div><div><span class="" style="white-space:pre">                </span>$avp(i:54) = $tU;</div><div><span class="" style="white-space:pre">                </span>xlog(&quot;SCRIPT: stored password is $avp(i:55)\n&quot;);</div><div><span class="" style="white-space:pre">                </span># perform auth from variables</div><div><span class="" style="white-space:pre">                </span># $avp(i:54) contains the username</div><div><span class="" style="white-space:pre">                </span># $avp(i:55) contains the password</div><div><span class="" style="white-space:pre">                </span>if (!pv_www_authorize(&quot;&quot;)) {</div><div><span class="" style="white-space:pre">                                </span>$var(rc2) = pv_www_authorize(&quot;&quot;);</div><div><span class="" style="white-space:pre">                        </span> Â  Â  Â  Â  Â  Â  Â # Â $var(rc2) = www_authorize(&quot;&quot;, &quot;subscriber&quot;);</div><div><span class="" style="white-space:pre">                                </span> Â  Â  Â  Â xlog(&quot;Return code is $var(rc2) \n&quot;);</div><div><span class="" style="white-space:pre">                                </span> Â  Â  Â  Â  Â  Â  Â  Â switch ( $var(rc2) ) {</div><div>  Â  case 1 :</div><div>  Â  Â  Â  Â  Â # if ( proto==TCP || Â 0 ) {</div><div>  Â  Â  Â  Â  Â # Â  Â  Â  Â  Â  Â  setflag(TCP_PERSISTENT); </div><div>  Â  Â  Â  Â  Â  # Â  Â  Â  Â  Â  Â  Â  Â  Â  Â setflag(6);</div><div>  Â  Â  Â  Â  Â  Â # Â  }</div><div>  Â  Â  Â  Â  Â Â </div><div><br></div><div>  Â  Â  Â  Â  Â  Â  Â  if (!save(&quot;location&quot;,&quot;f&quot;))</div><div>  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  sl_reply_error();</div><div><br></div><div>  Â  Â  Â  Â  Â  Â  Â  exit;</div><div><br></div><div><br></div><div>  Â  Â  Â  # success</div><div>  Â  Â  Â  break;</div><div>  Â  case -1:</div><div>  Â  Â  Â  sl_send_reply(&quot;404&quot;,&quot;User not found&quot;);</div><div>  Â  Â  Â  exit;</div><div>  Â  Â  Â  break;</div><div>  Â  case -2:</div><div>  Â  Â  Â  sl_send_reply(&quot;403&quot;,&quot;Forbidden (Bad auth)&quot;);</div><div>  Â  Â  Â  Â  Â  Â  Â  exit;</div><div>  Â  Â  Â  break;</div><div>  Â  Â  Â  Â  case -3:</div><div>  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â www_challenge(&quot;&quot;, &quot;0&quot;);</div><div>  Â  Â  Â  exit;</div><div>  Â  Â  Â  #sl_send_reply(&quot;403&quot;,&quot;Forbidden auth ID&quot;);</div><div>  Â  Â  Â  #break;</div><div>  Â  default:</div><div>  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â www_challenge(&quot;&quot;, &quot;0&quot;);</div><div>  Â  Â  Â  Â  Â  Â  Â  exit;</div><div><br></div><div>}</div><div><br></div><div><span class="" style="white-space:pre">        </span>};</div><div><br></div><div><span class="" style="white-space:pre">                </span></div><div>  Â  Â  Â  Â if (!save(&quot;location&quot;,&quot;f&quot;))</div><div>  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  sl_reply_error();</div><div><br></div><div>  Â  Â  Â  Â  Â  Â  Â  exit;</div><div><span class="" style="white-space:pre">                        </span></div><div><span class="" style="white-space:pre">        </span>}else{<span class="" style="white-space:pre">        </span></div><div><span class="" style="white-space:pre">                </span></div><div><span class="" style="white-space:pre">        </span>xlog(&quot;could not find the auth info in local cache for $tU\n&quot;); <span class="" style="white-space:pre">        </span> </div><div><span class="" style="white-space:pre">        </span>xlog(&quot;accessing the external db for auth info&quot;);</div><div><span class="" style="white-space:pre">                </span> Â  # authenticate the REGISTER requests</div><div>  Â  Â  Â  Â  Â  Â  Â  if (!www_authorize(&quot;&quot;, &quot;subscriber&quot;))</div><div>  Â  Â  Â  Â  Â  Â  Â  {</div><div>  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  xlog(&quot;new challenger Â $tU\n&quot;);</div><div><br></div><div><br></div><div>  Â  Â  Â  Â  Â  Â  Â  # Â  Â  Â  www_challenge(&quot;&quot;, &quot;0&quot;);</div><div><br></div><div><br></div><div><br></div><div>  Â  Â  Â  Â  Â  Â  Â  $var(rc) = www_authorize(&quot;&quot;, &quot;subscriber&quot;);</div><div>  Â  Â  Â  xlog(&quot;Return code is $var(rc) \n&quot;);</div><div><br></div><div>  Â  Â  Â  switch ( $var(rc) ) {</div><div>  Â  case 1 :</div><div>  Â  Â  Â  Â  Â # if ( proto==TCP || Â 0 ) {</div><div>  Â  Â  Â  Â  Â # Â  Â  Â  Â  Â  Â  setflag(TCP_PERSISTENT); </div><div>  Â  Â  Â  Â  Â  # Â  Â  Â  Â  Â  Â  Â  Â  Â  Â setflag(6);</div><div>  Â  Â  Â  Â  Â  Â # Â  }</div><div>  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  # Â  Â  Â  Â $avp(me) = $(tU{s.tolower});</div><div><br></div><div>  Â  Â  Â  Â  Â  Â  Â cache_store(&quot;local&quot;,&quot;passwd_$tu&quot;,&quot;$avp(i:55)&quot;,1200);</div><div><br></div><div>  Â  Â  Â  Â  Â  Â  Â  if (!save(&quot;location&quot;,&quot;f&quot;))</div><div>  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  sl_reply_error();</div><div><br></div><div>  Â  Â  Â  Â  Â  Â  Â  exit;</div><div><br></div><div><br></div><div>  Â  Â  Â  # success</div><div>  Â  Â  Â  break;</div><div>  Â  case -1:</div><div>  Â  Â  Â  sl_send_reply(&quot;404&quot;,&quot;User not found&quot;);</div><div>  Â  Â  Â  exit;</div><div>  Â  Â  Â  break;</div><div>  Â  case -2:</div><div>  Â  Â  Â  sl_send_reply(&quot;403&quot;,&quot;Forbidden (Bad auth)&quot;);</div><div>  Â  Â  Â  Â  Â  Â  Â  exit;</div><div>  Â  Â  Â  break;</div><div>  Â  Â  Â  Â  case -3:</div><div>  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â www_challenge(&quot;&quot;, &quot;0&quot;);</div><div>  Â  Â  Â  exit;</div><div>  Â  Â  Â  #sl_send_reply(&quot;403&quot;,&quot;Forbidden auth ID&quot;);</div><div>  Â  Â  Â  #break;</div><div>  Â  default:</div><div>  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â www_challenge(&quot;&quot;, &quot;0&quot;);</div><div>  Â  Â  Â  Â  Â  Â  Â  exit;</div><div><br></div><div>} </div><div>}</div><div><br></div><div><span class="" style="white-space:pre">                        </span>xlog(&quot;should be storing local now that it has been authorized\n&quot;);</div><div><span class="" style="white-space:pre">                        </span> Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â  Â cache_store(&quot;local&quot;,&quot;passwd_$tu&quot;,&quot;$avp(i:55)&quot;,1200);</div><div><span class="" style="white-space:pre">                        </span>}</div><div><br></div><div>if (!save(&quot;location&quot;,&quot;f&quot;))</div><div><span class="" style="white-space:pre">                        </span>sl_reply_error();</div><div><br></div><div><span class="" style="white-space:pre">                </span>exit;</div><div><span class="" style="white-space:pre">                        </span></div><div>} Â </div><div><br></div><div><br></div><div><br></div><div>The issue is the pv__www_authorize method after the verification wether the password is stored locally always returns -2 which means the password is incorrect. Can anyone provide any guidence as to why this is ?</div><div><br></div><div><br></div><div>Thanks,<br>Tito</div></div>