[OpenSIPS-Users] Authentication problem

Daniel Goepp dan at goepp.net
Thu Dec 24 20:15:40 CET 2009


Definitely turned off:

# ----- uri params -----
modparam("uri", "use_uri_table", 0)

But thanks for the comment, that helped me find exactly what the problem was
and I fixed it.

-dg


On Thu, Dec 24, 2009 at 11:06 AM, Bogdan-Andrei Iancu <
bogdan at voice-system.ro> wrote:

> The db_check_from() (if use_uac_table is turned off) will simply check
> if the username from the FROM hdr is the same with the authentication
> username.
>
> Regards,
> Bogdan
>
> Daniel Goepp wrote:
> > Yes, the section in the script was not modified from the default, so
> > it is:
> >
> >         if (!(method=="REGISTER") && is_from_local())  /*multidomain
> > version*/
> >         {
> >                 if (!proxy_authorize("", "subscriber")) {
> >                         proxy_challenge("", "0");
> >                         exit;
> >                 }
> >                 if (!db_check_from()) {
> >                         sl_send_reply("403","Forbidden auth ID");
> >                         exit;
> >                 }
> >
> >                 consume_credentials();
> >                 # caller authenticated
> >         }
> >
> > I am thinking perhaps this is to do with the domain, I don't see a
> > query in my sql trace log showing a query for domain, and the domain
> > of the request is in memory and the DB.  I did have an initial problem
> > where I was getting the "Preload Route denied", but I added the IP of
> > the server to the domain list, and that went away.
> >
> > Thanks
> >
> > -dg
> >
> >
> > On Thu, Dec 24, 2009 at 12:13 AM, Bogdan-Andrei Iancu
> > <bogdan at voice-system.ro <mailto:bogdan at voice-system.ro>> wrote:
> >
> >     Hi Daniel,
> >
> >     The auth part is not sending by itself a 403 -> probably this is
> >     explicitly sent from the script, so you need to check what function
> is
> >     failing triggering the 403 in script -> is it the db_check_to()  ?
> >
> >     Regards,
> >     Bogdan
> >
> >     Daniel Goepp wrote:
> >     > I am having another issue with this latest version also, and I
> >     believe
> >     > it could perhaps be related to my last post.  Very straight forward
> >     > here, I have just two users on this new lab system.
> >     >
> >     > The problem:
> >     >
> >     > First register comes in, challenged with 401 no problem, then a
> >     > register with auth header, which is responded to with:
> >     >
> >     > SIP/2.0 403 Forbidden auth ID.
> >     >
> >     > I did an SQL trace, and the query is select password from
> subscriber
> >     > where username='2001':
> >     >
> >     > When I execute manually, no problem:
> >     >
> >     > mysql> select password from subscriber where username='2001';
> >     > +----------+
> >     > | password |
> >     > +----------+
> >     > | 2001     |
> >     > +----------+
> >     >
> >     > Did something change recently regarding how users are auth'd?
> >      This is
> >     > a very very basic setup, pretty much out of the box.  And ideas
> >     about
> >     > what boneheaded thing I have done here?
> >     >
> >     > Thanks
> >
>
>
> --
> Bogdan-Andrei Iancu
> www.voice-system.ro
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20091224/745fa4ef/attachment-0001.htm 


More information about the Users mailing list