Re: [OpenSIPS-Users] Regrarding is_user_in problem in opensips-1.5
Hi Bogdan,
Thank You for reply. It was network mapping issue and not opensips
issue. I solved it.
On Mon, Aug 24, 2009 at 4:09 PM, Bogdan-Andrei Iancu wrote:
> Hi Ashwini,
>
> As your script shows, you do either IP auth (allow trusted) or digest
> auth , but "credentials" are present only after digest auth.
>
> So, if it is a trusted peer, there will be no digest auth, no
> credentials and is_user_in() will fail.
>
> My advice is to replace is_user_in("credentials"); with
> is_user_in("from"); - anyhow you required both FROM USERNAME and AUTH
> USERNAME to be the same when doing check_from().
>
> Regards,
> Bogdan
>
> ASHWINI NAIDU wrote:
> >
> > Hi Bogdan,
> >
> > Authen tication is done
> >
> > *# - auth_db params -
> > /* uncomment the following lines if you want to enable the DB based
> >authentication */
> > modparam("auth_db", "calculate_ha1", yes)
> > modparam("auth_db", "password_column", "password")
> > modparam("auth_db", "db_url",
> > "mysql://opensips:opensip...@localhost/opensips")
> > modparam("auth_db", "load_credentials", "")
> > *
> >
> > *if (is_from_local()){
> > # From an internal domain -> check the credentials and the FROM
> > if (method=="MESSAGE") {
> > log(1,"\n--> ROUTE
> > 3 MESSAGE Looop---\n");
> > route(17);
> > };
> >if(!allow_trusted()){
> > if (!proxy_authorize("","subscriber")) {
> > proxy_challenge("","0");
> > exit;
> > } else if(!check_from()) {
> > sl_send_reply("403", "Forbidden, use From=ID");
> > exit;
> > };
> > };
> > if (client_nat_test("3")) {
> > append_hf("P-hint: setflag7|forcerport|fix_contact\r\n");
> > setbflag(7);
> > force_rport();
> > fix_contact();
> > };
> > #unconditional call forward
> > if(avp_db_load("$ru/username","$avp(s:callfwd)")) {
> > avp_pushto("$ru", "$avp(s:callfwd)");
> > route(1);
> > exit;
> > }
> >
> > * *consume_credentials();*
> >
> > * if (uri=~"^sip:00[0-9]{6,20}@") {
> > if (is_user_in("Credentials","local")) {
> > route(6);
> > log(1,"\n*** I AM GOING TO ENTER ROUTE
> > 4");
> > route(4);
> > exit;
> > } else {
> > sl_send_reply("403", "No permissions for local calls");
> > exit;
> > };
> > };*
> >
> >
> > Can you tell me where i may be going wrong
> >
> >
> > This is the piece of script
> > On Fri, Aug 21, 2009 at 5:58 PM, Bogdan-Andrei Iancu
> > mailto:bog...@voice-system.ro>> wrote:
> >
> > HI Ashwini,
> >
> > If you wan to used the Credentials, then you need to be sure you did
> > authentication before (in script).
> >
> > Regards,
> > Bogdan
> >
> > ASHWINI NAIDU wrote:
> > > Hi all,
> > >
> > > I have installed opensips-1.5. I have applied the required
> > patch
> > > for group. When i use
> > >
> > >* is_user_in("Credentials", "local") { *
> > >
> > > I get the following error
> > >
> > > *ERROR:auth:consume_credentials: no authorized credentials found
> > > (error in scripts)
> > > Aug 21 17:09:30 debian /sbin/opensips[18916]:
> > > ERROR:group:get_username_domain: no authorized credentials found
> > > (error in scripts)
> > > Aug 21 17:09:30 debian /sbin/opensips[18916]:
> > ERROR:group:is_user_in:
> > > failed to get usern...@domain*
> > >
> > > Can anyone say what may be the problem.
> > > --
> > > Thanking You,
> > > Ashwini BR Naidu
> > >
> >
>
> > >
> > > ___
> > > Users mailing list
> > > Users@lists.opensips.org
> > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> > >
> >
> >
> > ___
> > Users mailing list
> > Users@lists.opensips.org
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> >
> >
> >
> >
> > --
> > Thanking You,
> > Ashwini BR Naidu
> >
> >
> > ___
> > Users mailing list
> > Users@lists.opensips.org
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> >
>
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
--
Thanking You,
Ashwini BR Naidu
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/
Re: [OpenSIPS-Users] Regrarding is_user_in problem in opensips-1.5
Hi Ashwini,
As your script shows, you do either IP auth (allow trusted) or digest
auth , but "credentials" are present only after digest auth.
So, if it is a trusted peer, there will be no digest auth, no
credentials and is_user_in() will fail.
My advice is to replace is_user_in("credentials"); with
is_user_in("from"); - anyhow you required both FROM USERNAME and AUTH
USERNAME to be the same when doing check_from().
Regards,
Bogdan
ASHWINI NAIDU wrote:
>
> Hi Bogdan,
>
> Authen tication is done
>
> *# - auth_db params -
> /* uncomment the following lines if you want to enable the DB based
>authentication */
> modparam("auth_db", "calculate_ha1", yes)
> modparam("auth_db", "password_column", "password")
> modparam("auth_db", "db_url",
> "mysql://opensips:opensip...@localhost/opensips")
> modparam("auth_db", "load_credentials", "")
> *
>
> *if (is_from_local()){
> # From an internal domain -> check the credentials and the FROM
> if (method=="MESSAGE") {
> log(1,"\n--> ROUTE
> 3 MESSAGE Looop---\n");
> route(17);
> };
>if(!allow_trusted()){
> if (!proxy_authorize("","subscriber")) {
> proxy_challenge("","0");
> exit;
> } else if(!check_from()) {
> sl_send_reply("403", "Forbidden, use From=ID");
> exit;
> };
> };
> if (client_nat_test("3")) {
> append_hf("P-hint: setflag7|forcerport|fix_contact\r\n");
> setbflag(7);
> force_rport();
> fix_contact();
> };
> #unconditional call forward
> if(avp_db_load("$ru/username","$avp(s:callfwd)")) {
> avp_pushto("$ru", "$avp(s:callfwd)");
> route(1);
> exit;
> }
>
> * *consume_credentials();*
>
> * if (uri=~"^sip:00[0-9]{6,20}@") {
> if (is_user_in("Credentials","local")) {
> route(6);
> log(1,"\n*** I AM GOING TO ENTER ROUTE
> 4");
> route(4);
> exit;
> } else {
> sl_send_reply("403", "No permissions for local calls");
> exit;
> };
> };*
>
>
> Can you tell me where i may be going wrong
>
>
> This is the piece of script
> On Fri, Aug 21, 2009 at 5:58 PM, Bogdan-Andrei Iancu
> mailto:bog...@voice-system.ro>> wrote:
>
> HI Ashwini,
>
> If you wan to used the Credentials, then you need to be sure you did
> authentication before (in script).
>
> Regards,
> Bogdan
>
> ASHWINI NAIDU wrote:
> > Hi all,
> >
> > I have installed opensips-1.5. I have applied the required
> patch
> > for group. When i use
> >
> >* is_user_in("Credentials", "local") { *
> >
> > I get the following error
> >
> > *ERROR:auth:consume_credentials: no authorized credentials found
> > (error in scripts)
> > Aug 21 17:09:30 debian /sbin/opensips[18916]:
> > ERROR:group:get_username_domain: no authorized credentials found
> > (error in scripts)
> > Aug 21 17:09:30 debian /sbin/opensips[18916]:
> ERROR:group:is_user_in:
> > failed to get usern...@domain*
> >
> > Can anyone say what may be the problem.
> > --
> > Thanking You,
> > Ashwini BR Naidu
> >
>
> >
> > ___
> > Users mailing list
> > Users@lists.opensips.org
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> >
>
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
>
> --
> Thanking You,
> Ashwini BR Naidu
>
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Re: [OpenSIPS-Users] Regrarding is_user_in problem in opensips-1.5
Hi Bogdan,
Authen tication is done
*# - auth_db params -
/* uncomment the following lines if you want to enable the DB based
authentication */
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "db_url", "mysql://opensips:opensip...@localhost
/opensips")
modparam("auth_db", "load_credentials", "")
*
*if (is_from_local()){
# From an internal domain -> check the credentials and the FROM
if (method=="MESSAGE") {
log(1,"\n--> ROUTE 3
MESSAGE Looop---\n");
route(17);
};
if(!allow_trusted()){
if (!proxy_authorize("","subscriber")) {
proxy_challenge("","0");
exit;
} else if(!check_from()) {
sl_send_reply("403", "Forbidden, use From=ID");
exit;
};
};
if (client_nat_test("3")) {
append_hf("P-hint: setflag7|forcerport|fix_contact\r\n");
setbflag(7);
force_rport();
fix_contact();
};
#unconditional call forward
if(avp_db_load("$ru/username","$avp(s:callfwd)")) {
avp_pushto("$ru", "$avp(s:callfwd)");
route(1);
exit;
}
* *consume_credentials();*
* if (uri=~"^sip:00[0-9]{6,20}@") {
if (is_user_in("Credentials","local")) {
route(6);
log(1,"\n*** I AM GOING TO ENTER ROUTE 4");
route(4);
exit;
} else {
sl_send_reply("403", "No permissions for local calls");
exit;
};
};*
Can you tell me where i may be going wrong
This is the piece of script
On Fri, Aug 21, 2009 at 5:58 PM, Bogdan-Andrei Iancu wrote:
> HI Ashwini,
>
> If you wan to used the Credentials, then you need to be sure you did
> authentication before (in script).
>
> Regards,
> Bogdan
>
> ASHWINI NAIDU wrote:
> > Hi all,
> >
> > I have installed opensips-1.5. I have applied the required patch
> > for group. When i use
> >
> >* is_user_in("Credentials", "local") { *
> >
> > I get the following error
> >
> > *ERROR:auth:consume_credentials: no authorized credentials found
> > (error in scripts)
> > Aug 21 17:09:30 debian /sbin/opensips[18916]:
> > ERROR:group:get_username_domain: no authorized credentials found
> > (error in scripts)
> > Aug 21 17:09:30 debian /sbin/opensips[18916]: ERROR:group:is_user_in:
> > failed to get usern...@domain*
> >
> > Can anyone say what may be the problem.
> > --
> > Thanking You,
> > Ashwini BR Naidu
> >
> >
> > ___
> > Users mailing list
> > Users@lists.opensips.org
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> >
>
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
--
Thanking You,
Ashwini BR Naidu
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Re: [OpenSIPS-Users] Regrarding is_user_in problem in opensips-1.5
HI Ashwini,
If you wan to used the Credentials, then you need to be sure you did
authentication before (in script).
Regards,
Bogdan
ASHWINI NAIDU wrote:
> Hi all,
>
> I have installed opensips-1.5. I have applied the required patch
> for group. When i use
>
>* is_user_in("Credentials", "local") { *
>
> I get the following error
>
> *ERROR:auth:consume_credentials: no authorized credentials found
> (error in scripts)
> Aug 21 17:09:30 debian /sbin/opensips[18916]:
> ERROR:group:get_username_domain: no authorized credentials found
> (error in scripts)
> Aug 21 17:09:30 debian /sbin/opensips[18916]: ERROR:group:is_user_in:
> failed to get usern...@domain*
>
> Can anyone say what may be the problem.
> --
> Thanking You,
> Ashwini BR Naidu
>
>
> ___
> Users mailing list
> Users@lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
[OpenSIPS-Users] Regrarding is_user_in problem in opensips-1.5
Hi all,
I have installed opensips-1.5. I have applied the required patch for
group. When i use
* is_user_in("Credentials", "local") { *
I get the following error
*ERROR:auth:consume_credentials: no authorized credentials found (error in
scripts)
Aug 21 17:09:30 debian /sbin/opensips[18916]:
ERROR:group:get_username_domain: no authorized credentials found (error in
scripts)
Aug 21 17:09:30 debian /sbin/opensips[18916]: ERROR:group:is_user_in: failed
to get usern...@domain*
Can anyone say what may be the problem.
--
Thanking You,
Ashwini BR Naidu
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
