[OpenSIPS-Users] presence blf

Bogdan-Andrei Iancu bogdan at opensips.org
Mon Oct 29 08:29:16 EDT 2018 

Hi Salva,

In failure route, you should check first for the 407 (btw, you do not 
have to go via the onreply route, you can use only failure_route, 
directly). If so, call uac_auth(), but be sure you the $avp(10), 
$avp(11) and $avp(12) *already* contain the values for realm, username 
and password. You can load that info from a DB for example.

Best regards,

Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
   http://www.opensips-solutions.com
OpenSIPS Bootcamp 2018
   http://opensips.org/training/OpenSIPS_Bootcamp_2018/

On 10/27/2018 06:42 AM, Slava Bendersky wrote:
> Hello Bogdan,
> The issue that opensips is not handling user authentication, password 
> is stored in 3cx. Is there are way set avp or into cache intial 
> credentials ?
> I come up with something like this.
> My though  was.
>
> modparam("uac_auth","auth_realm_avp","$avp(10)")
> modparam("uac_auth","auth_username_avp","$avp(11)")
> modparam("uac_auth","auth_password_avp","$avp(12)")
>
> route[PUBLISH_407] {
>         if(is_method("PUBLISH") && 
> has_body("application/dialog-info+xml") && $avp(DLG_dir)=="frompbx") {
>                 xlog("L_INFO", "[$rm] from $si\n");
>                 t_on_reply("6");
> }
>
> onreply_route[6] {
>         if(is_method("PUBLISH") && t_check_status("407")) {
>                 xlog("L_INFO", "OnReply_Route6: [$rm] Direction: [FS 
> ~> Client] asked for 407\n");
>                 t_on_failure("SUPPLY_AUTH");
>         }
> }
>
> failure_route[SUPPLY_AUTH] {
> *don't know how to supply credential  yet*
>         uac_auth();
> }
>
> volga629
>
> ------------------------------------------------------------------------
> *From: *"Bogdan-Andrei Iancu" <bogdan at opensips.org>
> *To: *"OpenSIPS users mailling list" <users at lists.opensips.org>, 
> "Slava Bendersky" <volga629 at networklab.ca>
> *Sent: *Friday, October 26, 2018 5:28:09 AM
> *Subject: *Re: [OpenSIPS-Users] presence blf
>
> Hi Slava,
>
> Sorry for the mistyping your name :D....one wrong character and 
> something a bit weird resulted :D.
>
> Regards,
> Bogdan-Andrei Iancu
>
> OpenSIPS Founder and Developer
>    http://www.opensips-solutions.com
> OpenSIPS Bootcamp 2018
>    http://opensips.org/training/OpenSIPS_Bootcamp_2018/
> On 10/26/2018 09:34 AM, Bogdan-Andrei Iancu wrote:
>
>     Hi Slave,
>
>     If you cannot do an IP authentication / whitelisting for OpenSIPS
>     in 3CX, you could use the uac_auth module and the uac_auth()
>     function to perform user side authentication in OpenSIPS. See
>     http://www.opensips.org/html/docs/modules/2.4.x/uac.html
>     http://www.opensips.org/html/docs/modules/2.4.x/uac_auth.html
>
>     Best regards,
>
>     Bogdan-Andrei Iancu
>
>     OpenSIPS Founder and Developer
>        http://www.opensips-solutions.com
>     OpenSIPS Bootcamp 2018
>        http://opensips.org/training/OpenSIPS_Bootcamp_2018/
>
>     On 10/25/2018 09:49 PM, Slava Bendersky wrote:
>
>         Hello Everyone,
>         I am trying make BLF working and how opensips should handle
>         PUBLISH where server reply 407 ?
>         Do we need forward to end point ?
>         Opensips send PUBLISH then 3CX send 407 and conversation done.
>         Here some trace
>
>         [root at aitossbc01 ~]# cat BLF.txt
>         2018/10/25 12:22:19.148093 10.100.104.10:5060 -> 10.2.24.124:5060
>         PUBLISH sip:120 at domain.tld:5060 SIP/2.0
>         Via: SIP/2.0/UDP 10.100.104.10:5060;branch=z9hG4bK9f23.99096732.0
>         To: sip:120 at domain.tld:5060
>         From:
>         <sip:120 at domain.tld:5060>;tag=4c20d2ebf66939afcc7c67fb6893f1be-672a
>         CSeq: 10 PUBLISH
>         Call-ID: 0324183200c79905-20534 at 10.100.104.10
>         Max-Forwards: 70
>         Content-Length: 549
>         User-Agent: OpenSIPS (3.0.0-dev (x86_64/linux))
>         Event: dialog
>         Expires: 3601
>         Content-Type: application/dialog-info+xml
>
>         <?xml version="1.0"?>
>         <dialog-info xmlns="urn:ietf:params:xml:ns:dialog-info"
>         state="partial" entity="sip:120 at domain.tld:5060"><dialog
>         id="0_3095066305 at 192.168.88.146"
>         call-id="0_3095066305 at 192.168.88.146"
>         direction="recipient"><state>confirmed</state><remote><identity>sip:221 at domain.tld:5060</identity><target
>         uri="sip:221 at domain.tld:5060"/></remote><local><identity>sip:120 at domain.tld:5060</identity><target
>         uri="sip:120 at domain.tld:5060"/></local></dialog></dialog-info>
>
>
>         2018/10/25 12:22:19.198773 10.2.24.124:5060 -> 10.100.104.10:5060
>         SIP/2.0 407 Proxy Authentication Required
>         Via: SIP/2.0/UDP 10.100.104.10:5060;branch=z9hG4bK9f23.99096732.0
>         Proxy-Authenticate: Digest
>         nonce="414d53595bd1fbcb12:61835c52c28e8a89737c489e16fa5965",algorithm=MD5,realm="3CXPhoneSystem"
>         To: <sip:120 at domain.tld:5060>;tag=d9bb492f
>         From:
>         <sip:120 at domain.tld:5060>;tag=4c20d2ebf66939afcc7c67fb6893f1be-672a
>         Call-ID: 0324183200c79905-20534 at 10.100.104.10
>         CSeq: 10 PUBLISH
>         User-Agent: 3CXPhoneSystem 15.5.15502.6 (15502)
>         Content-Length: 0
>
>
>         _______________________________________________
>         Users mailing list
>         Users at lists.opensips.org
>         http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
>
>     _______________________________________________
>     Users mailing list
>     Users at lists.opensips.org
>     http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20181029/1eadf283/attachment-0001.html>

More information about the Users mailing list