UAC AUTH Module

Bogdan-Andrei Iancu

Ovidiu Sas

Edited by

Ovidiu Sas

Edited by

Bogdan-Andrei Iancu

Copyright © 2011 VoIP Embedded, Inc.

Copyright © 2013 www.opensips-solutions.com

Revision History
Revision $Revision: 8101 $$Date$

Table of Contents

1. Admin Guide
1.1. Overview
1.2. Dependencies
1.2.1. OpenSIPS Modules
1.2.2. External Libraries or Applications
1.3. Exported Parameters
1.3.1. credential (string)
1.3.2. auth_realm_avp (string)
1.3.3. auth_username_avp (string)
1.3.4. auth_password_avp (string)

List of Examples

1.1. Set credential parameter
1.2. Set auth_realm_avp parameter
1.3. Set auth_username_avp parameter
1.4. Set auth_password_avp parameter

Chapter 1. Admin Guide

1.1. Overview

UAC AUTH (User Agent Client Authentication) module provides a common API for building authentication headers.

It also provides a common set of authentication credetials to be used by other modules.

Known limitations in this version:

  • authentication does not support qop auth-int, just qop auth;

1.2. Dependencies

1.2.1. OpenSIPS Modules

  • None.

1.2.2. External Libraries or Applications

The following libraries or applications must be installed before running OpenSIPS with this module loaded:

  • None

1.3. Exported Parameters

1.3.1. credential (string)

Contains a multiple definition of credentials used to perform authentication.

NOTE that the password can be provided as a plain text password or as a precalculated HA1 as a hexa (lower case) string (of 32 chars) prefixed with "0x" (so a total of 34 chars).

This parameter is required if UAC authentication is used.

Example 1.1. Set credential parameter

...
modparam("uac_auth","credential","username:domain:password")
modparam("uac_auth","credential","username:domain:0xc17ba8157756f263d07e158504204629")
...

1.3.2. auth_realm_avp (string)

The definition of an AVP that might contain the realm to be used to perform authentication.

If you define it, you also need to define auth_username_avp (Section 1.3.3, “auth_username_avp (string)”) and auth_username_avp (Section 1.3.4, “auth_password_avp (string)”).

Example 1.2. Set auth_realm_avp parameter

...
modparam("uac_auth","auth_realm_avp","$avp(10)")
...

1.3.3. auth_username_avp (string)

The definition of an AVP that might contain the username to be used to perform authentication.

If you define it, you also need to define auth_realm_avp (Section 1.3.2, “auth_realm_avp (string)”) and auth_username_avp (Section 1.3.4, “auth_password_avp (string)”).

Example 1.3. Set auth_username_avp parameter

...
modparam("uac_auth","auth_username_avp","$avp(11)")
...

1.3.4. auth_password_avp (string)

The definition of an AVP that might contain the password to be used to perform authentication. The password can be provided as a plain text password or as a precalculated HA1 as a hexa (lower case) string (of 32 chars) prefixed with "0x" (so a total of 34 chars) (for example "0xc17ba8157756f263d07e158504204629")

If you define it, you also need to define auth_password_avp (Section 1.3.4, “auth_password_avp (string)”) and auth_username_avp (Section 1.3.4, “auth_password_avp (string)”).

Example 1.4. Set auth_password_avp parameter

...
modparam("uac_auth","auth_password_avp","$avp(12)")
...