[OpenSIPS-Users] Issues using memcache auth

Tito Cumpen tito at xsvoce.com
Tue Jun 2 00:57:48 CEST 2015


Hello group,


I am attempting to add memcache auth validation in opensips 2.1. I was
using http db which returns a string of the user password password. This
was working prior to utilizing pv_www_authorize. I used this document as a
guideline http://www.opensips.org/Documentation/Tutorials-MemoryCaching

Here is my auth mod param config
loadmodule "cachedb_local.so"
loadmodule "auth.so"
loadmodule "auth_db.so"
modparam("auth","username_spec","$avp(i:54)")
modparam("auth","password_spec","$avp(i:55)")
modparam("auth","calculate_ha1",1)

modparam("auth_db", "calculate_ha1", yes)

modparam("auth_db", "password_column", "password")
#modparam("auth_db", "db_url",
modparam("auth_db", "db_url",
         "http://mysubscriberdatabase.com")

modparam("auth_db", "load_credentials", "$avp(i:55)=password")


if (is_method("REGISTER")) {

# indicate that the client supports DTLS
# so we know when he is called
if (isflagset(SRC_WS))
setbflag(DST_WS);

if ( isflagset(uac_ws) ) {
        xlog("setting avp attribute in register for websocket \n");

  $avp(attr)="websocket";
}
 if(cache_fetch("local","passwd_$tu",$avp(i:55))) {
xlog("$tU 's credentials are stored in local cache using it for this
register request \n");
$avp(i:54) = $tU;
xlog("SCRIPT: stored password is $avp(i:55)\n");
# perform auth from variables
# $avp(i:54) contains the username
# $avp(i:55) contains the password
if (!pv_www_authorize("")) {
$var(rc2) = pv_www_authorize("");
              #  $var(rc2) = www_authorize("", "subscriber");
        xlog("Return code is $var(rc2) \n");
                switch ( $var(rc2) ) {
    case 1 :
           # if ( proto==TCP ||  0 ) {
           #             setflag(TCP_PERSISTENT);
            #                    setflag(6);
             #   }


                if (!save("location","f"))
                        sl_reply_error();

                exit;


        # success
        break;
    case -1:
        sl_send_reply("404","User not found");
        exit;
        break;
    case -2:
        sl_send_reply("403","Forbidden (Bad auth)");
                exit;
        break;
          case -3:
                                               www_challenge("", "0");
        exit;
        #sl_send_reply("403","Forbidden auth ID");
        #break;
    default:
                               www_challenge("", "0");
                exit;

}

};

         if (!save("location","f"))
                        sl_reply_error();

                exit;
 }else{
 xlog("could not find the auth info in local cache for $tU\n");
xlog("accessing the external db for auth info");
   # authenticate the REGISTER requests
                if (!www_authorize("", "subscriber"))
                {
                                                xlog("new challenger
 $tU\n");


                #       www_challenge("", "0");



                $var(rc) = www_authorize("", "subscriber");
        xlog("Return code is $var(rc) \n");

        switch ( $var(rc) ) {
    case 1 :
           # if ( proto==TCP ||  0 ) {
           #             setflag(TCP_PERSISTENT);
            #                    setflag(6);
             #   }
                                        #        $avp(me) =
$(tU{s.tolower});

               cache_store("local","passwd_$tu","$avp(i:55)",1200);

                if (!save("location","f"))
                        sl_reply_error();

                exit;


        # success
        break;
    case -1:
        sl_send_reply("404","User not found");
        exit;
        break;
    case -2:
        sl_send_reply("403","Forbidden (Bad auth)");
                exit;
        break;
          case -3:
                                               www_challenge("", "0");
        exit;
        #sl_send_reply("403","Forbidden auth ID");
        #break;
    default:
                               www_challenge("", "0");
                exit;

}
}

xlog("should be storing local now that it has been authorized\n");
                        cache_store("local","passwd_$tu","$avp(i:55)",1200);
}

if (!save("location","f"))
sl_reply_error();

exit;
}



The issue is the pv__www_authorize method after the verification wether the
password is stored locally always returns -2 which means the password is
incorrect. Can anyone provide any guidence as to why this is ?


Thanks,
Tito
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20150601/8a3816eb/attachment-0001.htm>


More information about the Users mailing list