<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<tt>Hi Tito,<br>
<br>
Have you double checked if the passwd you push to
pv_www_authorize() (from cache) is the correct one ?<br>
<br>
Best Regards,<br>
</tt>
<pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a></pre>
<div class="moz-cite-prefix">On 02.06.2015 01:58, Tito Cumpen wrote:<br>
</div>
<blockquote
cite="mid:CANZPVB5ygRCMkRL7i2M2unhB2EFHP2ay=NBpAGO+PVmkET_M4w@mail.gmail.com"
type="cite">
<div dir="ltr">my db http returns the password in plain string by
the way.</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Mon, Jun 1, 2015 at 6:57 PM, Tito
Cumpen <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:tito@xsvoce.com" target="_blank">tito@xsvoce.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Hello group,
<div><br>
</div>
<div><br>
</div>
<div>I am attempting to add memcache auth validation in
opensips 2.1. I was using http db which returns a string
of the user password password. This was working prior to
utilizing pv_www_authorize. I used this document as a
guideline <a moz-do-not-send="true"
href="http://www.opensips.org/Documentation/Tutorials-MemoryCaching"
target="_blank">http://www.opensips.org/Documentation/Tutorials-MemoryCaching</a></div>
<div><br>
</div>
<div>Here is my auth mod param config</div>
<div>
<div>loadmodule "cachedb_local.so"</div>
<div>loadmodule "auth.so"</div>
<div>loadmodule "auth_db.so"</div>
<div>modparam("auth","username_spec","$avp(i:54)")</div>
<div>modparam("auth","password_spec","$avp(i:55)")</div>
<div>modparam("auth","calculate_ha1",1)</div>
<div><br>
</div>
<div>modparam("auth_db", "calculate_ha1", yes)</div>
<div><br>
</div>
<div>modparam("auth_db", "password_column", "password")</div>
<div>#modparam("auth_db", "db_url",</div>
<div>modparam("auth_db", "db_url",<br>
</div>
<div> "<a moz-do-not-send="true"
href="http://mysubscriberdatabase.com"
target="_blank">http://mysubscriberdatabase.com</a>")</div>
<div><br>
</div>
<div>modparam("auth_db", "load_credentials",
"$avp(i:55)=password")</div>
</div>
<div><br>
</div>
<div><br>
</div>
<div><span style="white-space:pre-wrap"> </span>if
(is_method("REGISTER")) {</div>
<div><br>
</div>
<div><span style="white-space:pre-wrap"> </span>#
indicate that the client supports DTLS</div>
<div><span style="white-space:pre-wrap"> </span># so we
know when he is called</div>
<div><span style="white-space:pre-wrap"> </span>if
(isflagset(SRC_WS))</div>
<div><span style="white-space:pre-wrap"> </span>setbflag(DST_WS);</div>
<div><br>
</div>
<div><span style="white-space:pre-wrap"> </span>if (
isflagset(uac_ws) ) {</div>
<div><span style="white-space:pre-wrap"> </span>
xlog("setting avp attribute in register for websocket
\n");</div>
<div><br>
</div>
<div> $avp(attr)="websocket"; <span
style="white-space:pre-wrap"> </span></div>
<div>}</div>
<div><span style="white-space:pre-wrap"> </span></div>
<div><span style="white-space:pre-wrap"> </span></div>
<div><span style="white-space:pre-wrap"> </span>if(cache_fetch("local","passwd_$tu",$avp(i:55)))
{</div>
<div><span style="white-space:pre-wrap"> </span>xlog("$tU
's credentials are stored in local cache using it for
this register request \n"); </div>
<div><span style="white-space:pre-wrap"> </span>$avp(i:54)
= $tU;</div>
<div><span style="white-space:pre-wrap"> </span>xlog("SCRIPT:
stored password is $avp(i:55)\n");</div>
<div><span style="white-space:pre-wrap"> </span># perform
auth from variables</div>
<div><span style="white-space:pre-wrap"> </span>#
$avp(i:54) contains the username</div>
<div><span style="white-space:pre-wrap"> </span>#
$avp(i:55) contains the password</div>
<div><span style="white-space:pre-wrap"> </span>if
(!pv_www_authorize("")) {</div>
<div><span style="white-space:pre-wrap"> </span>$var(rc2)
= pv_www_authorize("");</div>
<div><span style="white-space:pre-wrap"> </span>
# $var(rc2) = www_authorize("", "subscriber");</div>
<div><span style="white-space:pre-wrap"> </span>
xlog("Return code is $var(rc2) \n");</div>
<div><span style="white-space:pre-wrap"> </span>
switch ( $var(rc2) ) {</div>
<div> case 1 :</div>
<div> # if ( proto==TCP || 0 ) {</div>
<div> # setflag(TCP_PERSISTENT); </div>
<div> # setflag(6);</div>
<div> # }</div>
<div> </div>
<div><br>
</div>
<div> if (!save("location","f"))</div>
<div> sl_reply_error();</div>
<div><br>
</div>
<div> exit;</div>
<div><br>
</div>
<div><br>
</div>
<div> # success</div>
<div> break;</div>
<div> case -1:</div>
<div> sl_send_reply("404","User not found");</div>
<div> exit;</div>
<div> break;</div>
<div> case -2:</div>
<div> sl_send_reply("403","Forbidden (Bad auth)");</div>
<div> exit;</div>
<div> break;</div>
<div> case -3:</div>
<div>
www_challenge("", "0");</div>
<div> exit;</div>
<div> #sl_send_reply("403","Forbidden auth ID");</div>
<div> #break;</div>
<div> default:</div>
<div> www_challenge("",
"0");</div>
<div> exit;</div>
<div><br>
</div>
<div>}</div>
<div><br>
</div>
<div><span style="white-space:pre-wrap"> </span>};</div>
<div><br>
</div>
<div><span style="white-space:pre-wrap"> </span></div>
<div> if (!save("location","f"))</div>
<div> sl_reply_error();</div>
<div><br>
</div>
<div> exit;</div>
<div><span style="white-space:pre-wrap"> </span></div>
<div><span style="white-space:pre-wrap"> </span>}else{<span
style="white-space:pre-wrap"> </span></div>
<div><span style="white-space:pre-wrap"> </span></div>
<div><span style="white-space:pre-wrap"> </span>xlog("could
not find the auth info in local cache for $tU\n"); <span
style="white-space:pre-wrap"> </span> </div>
<div><span style="white-space:pre-wrap"> </span>xlog("accessing
the external db for auth info");</div>
<div><span style="white-space:pre-wrap"> </span> #
authenticate the REGISTER requests</div>
<div> if (!www_authorize("", "subscriber"))</div>
<div> {</div>
<div>
xlog("new challenger $tU\n");</div>
<div><br>
</div>
<div><br>
</div>
<div> # www_challenge("", "0");</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div> $var(rc) = www_authorize("",
"subscriber");</div>
<div> xlog("Return code is $var(rc) \n");</div>
<div><br>
</div>
<div> switch ( $var(rc) ) {</div>
<div> case 1 :</div>
<div> # if ( proto==TCP || 0 ) {</div>
<div> # setflag(TCP_PERSISTENT); </div>
<div> # setflag(6);</div>
<div> # }</div>
<div> #
$avp(me) = $(tU{s.tolower});</div>
<div><br>
</div>
<div>
cache_store("local","passwd_$tu","$avp(i:55)",1200);</div>
<div><br>
</div>
<div> if (!save("location","f"))</div>
<div> sl_reply_error();</div>
<div><br>
</div>
<div> exit;</div>
<div><br>
</div>
<div><br>
</div>
<div> # success</div>
<div> break;</div>
<div> case -1:</div>
<div> sl_send_reply("404","User not found");</div>
<div> exit;</div>
<div> break;</div>
<div> case -2:</div>
<div> sl_send_reply("403","Forbidden (Bad auth)");</div>
<div> exit;</div>
<div> break;</div>
<div> case -3:</div>
<div>
www_challenge("", "0");</div>
<div> exit;</div>
<div> #sl_send_reply("403","Forbidden auth ID");</div>
<div> #break;</div>
<div> default:</div>
<div> www_challenge("",
"0");</div>
<div> exit;</div>
<div><br>
</div>
<div>} </div>
<div>}</div>
<div><br>
</div>
<div><span style="white-space:pre-wrap"> </span>xlog("should
be storing local now that it has been authorized\n");</div>
<div><span style="white-space:pre-wrap"> </span>
cache_store("local","passwd_$tu","$avp(i:55)",1200);</div>
<div><span style="white-space:pre-wrap"> </span>}</div>
<div><br>
</div>
<div>if (!save("location","f"))</div>
<div><span style="white-space:pre-wrap"> </span>sl_reply_error();</div>
<div><br>
</div>
<div><span style="white-space:pre-wrap"> </span>exit;</div>
<div><span style="white-space:pre-wrap"> </span></div>
<div>} </div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>The issue is the pv__www_authorize method after the
verification wether the password is stored locally
always returns -2 which means the password is incorrect.
Can anyone provide any guidence as to why this is ?</div>
<div><br>
</div>
<div><br>
</div>
<div>Thanks,<br>
Tito</div>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>
<a class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</blockquote>
<br>
</body>
</html>