[OpenSIPS-Users] Custom RADIUS digest auth. request

Bogdan-Andrei Iancu bogdan at opensips.org
Mon Jun 27 13:55:33 CEST 2011


Salut Tiberiu,

Normally, the auth username is taken from TO hdr (for REGISTER) or from 
FROM hdr (non-REGISTER) - both username and domain part. So probably, in 
your case,  the IP comes from the FROM hdr.

Also, opensips allows you to pass a custom SIP URI for auth, as a second 
optional param to the aaa_proxy_auth() :
         http://www.opensips.org/html/docs/modules/1.6.x/auth_aaa.html

Currently this is not supported for aaa_www_auth() (for REGISTER) can be 
simply done, if this solves your problem.

Regards,
Bogdan


On 06/24/2011 05:25 PM, Tiberiu Breana wrote:
> Hello.
>
> I'm trying to simulate a mobility situation where a User Agent Client 
> is connecting to a foreign SIP proxy. My setup is something like this:
>
> UA ---> F-SIP ---> F-AAA
>                                     |
>                                     |
>               H-SIP ---> H-AAA
>
> The user is registered on the H-AAA server. I want to authenticate him 
> through H-AAA, but the aaa_www_authorize function sends the username 
> as "user@<Foreign SIP IP>", regardless of what username I choose in my 
> softphone. So there's no way to detect the user's home domain (that my 
> UAC provides).
>
> I know I could make a custom radius_send_auth, but I wanted to follow 
> protocol and keep the digest mechanism for registering. Or is there a 
> way to make a custom digest auth to work with the register process?
>
> Any advice is appreciated!
>
> Regards,
> Tiberiu
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users


-- 
Bogdan-Andrei Iancu
OpenSIPS solutions and "know-how"

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20110627/a8d2d1bc/attachment-0001.htm>


More information about the Users mailing list