<div dir="ltr">Bogdan,<div><br></div><div><br></div><div>The password is provided in plaintext by the db. The working scenario looks likes this :</div><div><br></div><div>







<p class=""><span class="">loadmodule &quot;auth.so&quot;</span></p>
<p class=""><span class="">loadmodule &quot;auth_db.so&quot;</span></p>
<p class=""><span class="">modparam(&quot;auth_db&quot;, &quot;calculate_ha1&quot;, yes)</span></p>
<p class=""><span class=""></span><br></p>
<p class=""><span class="">modparam(&quot;auth_db&quot;, &quot;password_column&quot;, &quot;password&quot;)</span></p>
<p class=""><span class="">#modparam(&quot;auth_db&quot;, &quot;db_url&quot;,</span></p>
<p class="">modparam(&quot;auth_db&quot;, &quot;db_url&quot;,<br></p>
<p class=""><span class="">         &quot;http:</span><span class="">//myauthdb&quot;)</span></p>
<p class=""><span class=""></span><br></p>
<p class=""><span class="">modparam(&quot;auth_db&quot;, &quot;load_credentials&quot;, &quot;&quot;)</span></p></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Jun 3, 2015 at 11:59 AM, Bogdan-Andrei Iancu <span dir="ltr">&lt;<a href="mailto:bogdan@opensips.org" target="_blank">bogdan@opensips.org</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div text="#000000" bgcolor="#FFFFFF">
    <tt>Tito,<br>
      <br>
      In DB, what do you have - the plain text passwd or the HA1 ?<br>
      <br>
      Regards,<br>
    </tt><span class="">
    <pre cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a href="http://www.opensips-solutions.com" target="_blank">http://www.opensips-solutions.com</a></pre>
    </span><div><div class="h5"><div>On 03.06.2015 18:56, Tito Cumpen wrote:<br>
    </div>
    <blockquote type="cite">
      <div dir="ltr">Bogdan,
        <div><br>
        </div>
        <div>The password is hashed into a numeric value it would seem.
          Though my http db provides the password in raw unhashed string
          when queried for the subscriber password. The debug shows that
          the md5 hashing is not being matched matching but I am not
          sure why since the save function is only called if <span style="font-size:12.8000001907349px"> (!www_authorize(&quot;&quot;,
            &quot;subscriber&quot;)) is succeeded. Maybe something is being left
            out?</span></div>
        <div><span style="font-size:12.8000001907349px"><br>
          </span></div>
        <div><span style="font-size:12.8000001907349px">Thanks,</span></div>
        <div><span style="font-size:12.8000001907349px"> Tito </span></div>
        <div><span style="font-size:12.8000001907349px"><br>
          </span></div>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On Wed, Jun 3, 2015 at 11:12 AM,
          Bogdan-Andrei Iancu <span dir="ltr">&lt;<a href="mailto:bogdan@opensips.org" target="_blank">bogdan@opensips.org</a>&gt;</span> wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div text="#000000" bgcolor="#FFFFFF"> <tt>Hi Tito,<br>
                <br>
                Have you double checked if the passwd you push to
                pv_www_authorize() (from cache) is the correct one ?<br>
                <br>
                Best Regards,<br>
              </tt>
              <pre cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a href="http://www.opensips-solutions.com" target="_blank">http://www.opensips-solutions.com</a></pre>
              <div>
                <div>
                  <div>On 02.06.2015 01:58, Tito Cumpen wrote:<br>
                  </div>
                </div>
              </div>
              <blockquote type="cite">
                <div>
                  <div>
                    <div dir="ltr">my db http returns the password in
                      plain string by the way.</div>
                    <div class="gmail_extra"><br>
                      <div class="gmail_quote">On Mon, Jun 1, 2015 at
                        6:57 PM, Tito Cumpen <span dir="ltr">&lt;<a href="mailto:tito@xsvoce.com" target="_blank">tito@xsvoce.com</a>&gt;</span>
                        wrote:<br>
                        <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                          <div dir="ltr">Hello group,
                            <div><br>
                            </div>
                            <div><br>
                            </div>
                            <div>I am attempting to add memcache auth
                              validation in opensips 2.1. I was using
                              http db which returns a string of the user
                              password password. This was working prior
                              to utilizing pv_www_authorize. I used this
                              document as a guideline <a href="http://www.opensips.org/Documentation/Tutorials-MemoryCaching" target="_blank">http://www.opensips.org/Documentation/Tutorials-MemoryCaching</a></div>
                            <div><br>
                            </div>
                            <div>Here is my auth mod param config</div>
                            <div>
                              <div>loadmodule &quot;cachedb_local.so&quot;</div>
                              <div>loadmodule &quot;auth.so&quot;</div>
                              <div>loadmodule &quot;auth_db.so&quot;</div>
                              <div>modparam(&quot;auth&quot;,&quot;username_spec&quot;,&quot;$avp(i:54)&quot;)</div>
                              <div>modparam(&quot;auth&quot;,&quot;password_spec&quot;,&quot;$avp(i:55)&quot;)</div>
                              <div>modparam(&quot;auth&quot;,&quot;calculate_ha1&quot;,1)</div>
                              <div><br>
                              </div>
                              <div>modparam(&quot;auth_db&quot;, &quot;calculate_ha1&quot;,
                                yes)</div>
                              <div><br>
                              </div>
                              <div>modparam(&quot;auth_db&quot;,
                                &quot;password_column&quot;, &quot;password&quot;)</div>
                              <div>#modparam(&quot;auth_db&quot;, &quot;db_url&quot;,</div>
                              <div>modparam(&quot;auth_db&quot;, &quot;db_url&quot;,<br>
                              </div>
                              <div>         &quot;<a href="http://mysubscriberdatabase.com" target="_blank">http://mysubscriberdatabase.com</a>&quot;)</div>
                              <div><br>
                              </div>
                              <div>modparam(&quot;auth_db&quot;,
                                &quot;load_credentials&quot;,
                                &quot;$avp(i:55)=password&quot;)</div>
                            </div>
                            <div><br>
                            </div>
                            <div><br>
                            </div>
                            <div><span style="white-space:pre-wrap"> </span>if

                              (is_method(&quot;REGISTER&quot;)) {</div>
                            <div><br>
                            </div>
                            <div><span style="white-space:pre-wrap"> </span>#
                              indicate that the client supports DTLS</div>
                            <div><span style="white-space:pre-wrap"> </span>#
                              so we know when he is called</div>
                            <div><span style="white-space:pre-wrap"> </span>if

                              (isflagset(SRC_WS))</div>
                            <div><span style="white-space:pre-wrap"> </span>setbflag(DST_WS);</div>
                            <div><br>
                            </div>
                            <div><span style="white-space:pre-wrap"> </span>if
                              ( isflagset(uac_ws) ) {</div>
                            <div><span style="white-space:pre-wrap"> </span>
                                     xlog(&quot;setting avp attribute in
                              register for websocket \n&quot;);</div>
                            <div><br>
                            </div>
                            <div>  $avp(attr)=&quot;websocket&quot;; <span style="white-space:pre-wrap"> </span></div>
                            <div>}</div>
                            <div><span style="white-space:pre-wrap"> </span></div>
                            <div><span style="white-space:pre-wrap"> </span></div>
                            <div><span style="white-space:pre-wrap"> </span>if(cache_fetch(&quot;local&quot;,&quot;passwd_$tu&quot;,$avp(i:55)))

                              {</div>
                            <div><span style="white-space:pre-wrap"> </span>xlog(&quot;$tU

                              &#39;s credentials are stored in local cache
                              using it for this register request \n&quot;); </div>
                            <div><span style="white-space:pre-wrap"> </span>$avp(i:54)

                              = $tU;</div>
                            <div><span style="white-space:pre-wrap"> </span>xlog(&quot;SCRIPT:

                              stored password is $avp(i:55)\n&quot;);</div>
                            <div><span style="white-space:pre-wrap"> </span>#
                              perform auth from variables</div>
                            <div><span style="white-space:pre-wrap"> </span>#
                              $avp(i:54) contains the username</div>
                            <div><span style="white-space:pre-wrap"> </span>#
                              $avp(i:55) contains the password</div>
                            <div><span style="white-space:pre-wrap"> </span>if

                              (!pv_www_authorize(&quot;&quot;)) {</div>
                            <div><span style="white-space:pre-wrap"> </span>$var(rc2)

                              = pv_www_authorize(&quot;&quot;);</div>
                            <div><span style="white-space:pre-wrap"> </span>
                                           #  $var(rc2) =
                              www_authorize(&quot;&quot;, &quot;subscriber&quot;);</div>
                            <div><span style="white-space:pre-wrap"> </span>
                                     xlog(&quot;Return code is $var(rc2)
                              \n&quot;);</div>
                            <div><span style="white-space:pre-wrap"> </span>
                                             switch ( $var(rc2) ) {</div>
                            <div>    case 1 :</div>
                            <div>           # if ( proto==TCP ||  0 ) {</div>
                            <div>           #            
                              setflag(TCP_PERSISTENT); </div>
                            <div>            #                  
                               setflag(6);</div>
                            <div>             #   }</div>
                            <div>            </div>
                            <div><br>
                            </div>
                            <div>                if
                              (!save(&quot;location&quot;,&quot;f&quot;))</div>
                            <div>                       
                              sl_reply_error();</div>
                            <div><br>
                            </div>
                            <div>                exit;</div>
                            <div><br>
                            </div>
                            <div><br>
                            </div>
                            <div>        # success</div>
                            <div>        break;</div>
                            <div>    case -1:</div>
                            <div>        sl_send_reply(&quot;404&quot;,&quot;User not
                              found&quot;);</div>
                            <div>        exit;</div>
                            <div>        break;</div>
                            <div>    case -2:</div>
                            <div>        sl_send_reply(&quot;403&quot;,&quot;Forbidden
                              (Bad auth)&quot;);</div>
                            <div>                exit;</div>
                            <div>        break;</div>
                            <div>          case -3:</div>
                            <div>                                       
                                     www_challenge(&quot;&quot;, &quot;0&quot;);</div>
                            <div>        exit;</div>
                            <div>        #sl_send_reply(&quot;403&quot;,&quot;Forbidden
                              auth ID&quot;);</div>
                            <div>        #break;</div>
                            <div>    default:</div>
                            <div>                             
                               www_challenge(&quot;&quot;, &quot;0&quot;);</div>
                            <div>                exit;</div>
                            <div><br>
                            </div>
                            <div>}</div>
                            <div><br>
                            </div>
                            <div><span style="white-space:pre-wrap"> </span>};</div>
                            <div><br>
                            </div>
                            <div><span style="white-space:pre-wrap"> </span></div>
                            <div>         if (!save(&quot;location&quot;,&quot;f&quot;))</div>
                            <div>                       
                              sl_reply_error();</div>
                            <div><br>
                            </div>
                            <div>                exit;</div>
                            <div><span style="white-space:pre-wrap"> </span></div>
                            <div><span style="white-space:pre-wrap"> </span>}else{<span style="white-space:pre-wrap"> </span></div>
                            <div><span style="white-space:pre-wrap"> </span></div>
                            <div><span style="white-space:pre-wrap"> </span>xlog(&quot;could

                              not find the auth info in local cache for
                              $tU\n&quot;); <span style="white-space:pre-wrap"> </span> </div>
                            <div><span style="white-space:pre-wrap"> </span>xlog(&quot;accessing

                              the external db for auth info&quot;);</div>
                            <div><span style="white-space:pre-wrap"> </span>
                                # authenticate the REGISTER requests</div>
                            <div>                if (!www_authorize(&quot;&quot;,
                              &quot;subscriber&quot;))</div>
                            <div>                {</div>
                            <div>                                       
                                      xlog(&quot;new challenger  $tU\n&quot;);</div>
                            <div><br>
                            </div>
                            <div><br>
                            </div>
                            <div>                #      
                              www_challenge(&quot;&quot;, &quot;0&quot;);</div>
                            <div><br>
                            </div>
                            <div><br>
                            </div>
                            <div><br>
                            </div>
                            <div>                $var(rc) =
                              www_authorize(&quot;&quot;, &quot;subscriber&quot;);</div>
                            <div>        xlog(&quot;Return code is $var(rc)
                              \n&quot;);</div>
                            <div><br>
                            </div>
                            <div>        switch ( $var(rc) ) {</div>
                            <div>    case 1 :</div>
                            <div>           # if ( proto==TCP ||  0 ) {</div>
                            <div>           #            
                              setflag(TCP_PERSISTENT); </div>
                            <div>            #                  
                               setflag(6);</div>
                            <div>             #   }</div>
                            <div>                                       
                              #        $avp(me) = $(tU{s.tolower});</div>
                            <div><br>
                            </div>
                            <div>             
                               cache_store(&quot;local&quot;,&quot;passwd_$tu&quot;,&quot;$avp(i:55)&quot;,1200);</div>
                            <div><br>
                            </div>
                            <div>                if
                              (!save(&quot;location&quot;,&quot;f&quot;))</div>
                            <div>                       
                              sl_reply_error();</div>
                            <div><br>
                            </div>
                            <div>                exit;</div>
                            <div><br>
                            </div>
                            <div><br>
                            </div>
                            <div>        # success</div>
                            <div>        break;</div>
                            <div>    case -1:</div>
                            <div>        sl_send_reply(&quot;404&quot;,&quot;User not
                              found&quot;);</div>
                            <div>        exit;</div>
                            <div>        break;</div>
                            <div>    case -2:</div>
                            <div>        sl_send_reply(&quot;403&quot;,&quot;Forbidden
                              (Bad auth)&quot;);</div>
                            <div>                exit;</div>
                            <div>        break;</div>
                            <div>          case -3:</div>
                            <div>                                       
                                     www_challenge(&quot;&quot;, &quot;0&quot;);</div>
                            <div>        exit;</div>
                            <div>        #sl_send_reply(&quot;403&quot;,&quot;Forbidden
                              auth ID&quot;);</div>
                            <div>        #break;</div>
                            <div>    default:</div>
                            <div>                             
                               www_challenge(&quot;&quot;, &quot;0&quot;);</div>
                            <div>                exit;</div>
                            <div><br>
                            </div>
                            <div>} </div>
                            <div>}</div>
                            <div><br>
                            </div>
                            <div><span style="white-space:pre-wrap"> </span>xlog(&quot;should

                              be storing local now that it has been
                              authorized\n&quot;);</div>
                            <div><span style="white-space:pre-wrap"> </span>
                                                   
                               cache_store(&quot;local&quot;,&quot;passwd_$tu&quot;,&quot;$avp(i:55)&quot;,1200);</div>
                            <div><span style="white-space:pre-wrap"> </span>}</div>
                            <div><br>
                            </div>
                            <div>if (!save(&quot;location&quot;,&quot;f&quot;))</div>
                            <div><span style="white-space:pre-wrap"> </span>sl_reply_error();</div>
                            <div><br>
                            </div>
                            <div><span style="white-space:pre-wrap"> </span>exit;</div>
                            <div><span style="white-space:pre-wrap"> </span></div>
                            <div>}  </div>
                            <div><br>
                            </div>
                            <div><br>
                            </div>
                            <div><br>
                            </div>
                            <div>The issue is the pv__www_authorize
                              method after the verification wether the
                              password is stored locally always returns
                              -2 which means the password is incorrect.
                              Can anyone provide any guidence as to why
                              this is ?</div>
                            <div><br>
                            </div>
                            <div><br>
                            </div>
                            <div>Thanks,<br>
                              Tito</div>
                          </div>
                        </blockquote>
                      </div>
                      <br>
                    </div>
                    <br>
                    <fieldset></fieldset>
                    <br>
                  </div>
                </div>
                <pre>_______________________________________________
Users mailing list
<a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
              </blockquote>
              <br>
            </div>
          </blockquote>
        </div>
        <br>
      </div>
    </blockquote>
    <br>
  </div></div></div>

</blockquote></div><br></div>