[OpenSIPS-Users] BLF authorize

Bogdan-Andrei Iancu bogdan at opensips.org
Mon Apr 24 10:53:57 EDT 2017


Hi

Your script is authorizing just the creation of a subscription (to BLF). 
Onces the subscription is created, there will be no authorization 
anymore and the NOTIFY'es will be sent out. As a subscription is 
periodically refreshed (see the Expire hdr), your auth check will be 
performed upon the next sequential SUBSCRIBE.

Regards,

Bogdan-Andrei Iancu
   OpenSIPS Founder and Developer
   http://www.opensips-solutions.com

OpenSIPS Summit May 2017 Amsterdam
   http://www.opensips.org/events/Summit-2017Amsterdam.html

On 04/24/2017 11:13 AM, maatohewetbi wrote:
> I've just added BLF to my Opensips 1.11.9 and it seems to work ok, but I want
> to start another thing: I want to authorize users, I want to let user to
> monitor only certain users. I've just added this to my script:
>
> /
>   route[handle_presence]
> {
> avp_db_query("select user_id from user where sip_login='$fU'",
> "$avp(from)");
> avp_db_query("select user_id from user where sip_login='$tU'", "$avp(to)");
> if ($avp(from)==$avp(to))
> {
>
>      if(!t_newtran()){
>      sl_reply_error();
>      exit;
>      }
>
>      if (is_method("PUBLISH")) {
>      handle_publish();
>      } else
>
>      if (is_method("SUBSCRIBE")) {
>      handle_subscribe();
>      }
>
>      exit;
> }
> else
> {
> xlog("BLF - unauthorized");
>      send_reply("405","Method Not Allowed");
>      exit;
> }
> }/
>
> but it seems that after changing user_id, without restarting Opensips NOTIFY
> messages still go to unauthorized user. So I've also added:
>
> / if (is_method("NOTIFY")) {
>      xlog("NOTIFY");
>      avp_db_query("select user_id from user where sip_login='$fU'",
> "$avp(from)");
>      avp_db_query("select user_id from user where sip_login='$tU'",
> "$avp(to)");
>      if (!$avp(from)==$avp(to)) {
>      xlog("NOTIFY to unauthorized user!");
>      exit;
> }
>      }/
>
> and it still doesn't work. It looks like NOTIFY messages don't go through
> this script. How to make it work without XCAP server?
>
>
>
> --
> View this message in context: http://opensips-open-sip-server.1449251.n2.nabble.com/BLF-authorize-tp7607123.html
> Sent from the OpenSIPS - Users mailing list archive at Nabble.com.
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users




More information about the Users mailing list