Hi Henning, > On Dec 15, 2022, at 11:51 AM, Henning Westerholt <h...@gilawa.com> wrote: > > Hi Alex, > it might not help you much, but recently I was implementing a similar > structure in one larger migration project, and it seems to work fine. > I am not using any special flags for the challenge etc.. > It’s basically like this (pseudo-code) > route{ > if no auth user -> auth_challenge() > else -> http_async_query(API, AUTH) > } > route[AUTH] { > get API result for password > if API failure -> auth_challenge() > else -> pv_auth_check(..) > route(next steps) > }
Yeah, that's more or less what I've got, except the first part. I don't auth_challenge() every request because some requests are allowed by static IP, and I don't know whether to auth_challenge() them unless I am already in the async resume context. I have eliminated the independent credentials query. At this point my process is more: request_route { ... http_async_query(API, RESUME) } route[RESUME] { if(method == "INVITE") { if(has_auth_attrib()) { if(!pv_auth_check(...)) { auth_challenge("realm", "1"); exit; } } # Get more routing info. http_async_query(API, RESUME2) return; } } route[RESUME2} { t_relay() etc } -- Alex -- Alex Balashov | Principal | Evariste Systems LLC Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/ __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: