[OpenSIPS-Users] using avops for authentication

Gabriel Bermudez elgabo81 at gmail.com
Wed Jul 14 23:45:19 CEST 2010


Hi Bodgan,

Thanks for your answer, is there a way to know if $au is set or check
for the WWW-Authenticate header? If it isn't I can www_challenge the
user for credentials.  After some trial and error I managed to
authenticate my users, I setted calculate_ha1 param to 1

modparam("auth", "calculate_ha1", 1)

Again, thanks for your help.

Regards,

2010/7/14 Bogdan-Andrei Iancu <bogdan at voice-system.ro>
>
> Hi Gabriel,
>
> I guess the problem is at:
>    $var(username)=$au;
>
> as without doing auth, $au is not defined (parsed) yet.
> better try:
>    $var(username)=$fU;
>
> Regards,
> Bogdan
>
> Gabriel Bermudez wrote:
> > Hi,
> >
> > I need to authenticate and register users that are stored on the
> > opensips db AND a different database.  For that I have the following code
> >
> >     if (is_method("REGISTER") && $fu=~"^sip:[0-9]{10}@")
> >     {
> >         # authenticate the REGISTER based on a different DB
> >         xlog("getting valid credentials for calling card $fu");
> >         avp_db_query("select userpass from anothertable where
> > username='$au'", "$avp(s:password)", "1");
> >         $var(username)=$au; *# line 392*
> >         xlog("credentials for user $var(username) : $avp(s:password)");
> >         if(!pv_www_authorize(""))
> >         {
> >                         www_challenge("", "0");
> >                         xlog("registration from $fu has been challenged");
> >                         exit;
> >         }
> >         xlog("$fu authorized!!!");
> >         if (!db_check_to())
> >         {
> >                 sl_send_reply("403","Forbidden auth ID");
> >                 exit;
> >         }
> >
> >         if (!save("location"))
> >                 sl_reply_error();
> >
> >         xlog("location saved for $fu");
> >         exit;
> >     }
> >     if (is_method("REGISTER") && $fu=~"^sip:[0-9]{9}@")
> >     {
> >         # authenticate the REGISTER requests (uncomment to enable auth)
> >         if (!www_authorize("", "subscriber"))
> >         {
> >             www_challenge("", "0");
> >             xlog("registration from $fu has been challenged");
> >             exit;
> >         }
> >
> >         if (!db_check_to())
> >         {
> >             sl_send_reply("403","Forbidden auth ID");
> >             exit;
> >         }
> >
> >         if (!save("location"))
> >             sl_reply_error();
> >
> >         xlog("location saved for $fu");
> >         exit;
> >     }
> >
> > if the username part of the From header has 10 digits the script will
> > try to authenticate against the other DB, but it won't go further than
> > the pv_www_authorize line because on the logs I get the following.
> >
> > Jul 13 21:28:00 opensips /usr/sbin/opensips[3139]: getting valid
> > credentials for user sip:9999999999 at xx.xx.xx.xx
> > Jul 13 21:28:00 opensips /usr/sbin/opensips[3139]:
> > ERROR:core:do_assign: no value in right expression
> > Jul 13 21:28:00 opensips /usr/sbin/opensips[3139]:
> > ERROR:core:do_assign: error at line: 397
> > Jul 13 21:28:00 opensips /usr/sbin/opensips[3139]: credentials for
> > user 0 : <null>
> > Jul 13 21:28:01 opensips /usr/sbin/opensips[3141]: getting valid
> > credentials for user sip:9999999999 at xx.xx.xx.xx
> > Jul 13 21:28:01 opensips /usr/sbin/opensips[3141]: credentials for
> > user 9999999999 : 9999999999
> >
> > I don't know if I'm doing something really wrong or maybe the ERROR
> > message has something to do with this auth failure.  Please can
> > someone clarify this issue.
> > Thanks,
> >
> >
> > Kind regards,
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Users mailing list
> > Users at lists.opensips.org
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> >
>
>
> --
> Bogdan-Andrei Iancu
> OpenSIPS Bootcamp
> 20 - 24 September 2010, Frankfurt, Germany
> www.voice-system.ro
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users



More information about the Users mailing list