Here's an example from our config:
#!subst "/DB_USER/xxxxxxxx/"
#!subst "/DB_PASSWORD/xxxxxxxxxx/"
event_route[xhttp:request] {
# Challenge for authentication credentials DB_NAME and DB_PASSWORD.
xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] Received HTTP request $rm
$hu from $si:$sp\n");
if(is_present_hf("Authorization") && defined $au && $au ne
"DB_USER") {
xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] !> Invalid user:
$au\n");
sl_send_reply("403", "Forbidden");
exit;
}
# The challenge does not send a qop= parameter, in order to ease
# the burden on the client.
if(!pv_www_authenticate("$Ri", "DB_PASSWORD", "0", "POST")) {
switch($rc) {
case -1:
xlog("L_INFO", "[R-XHTTP-REQUEST:$ci]
!> Generic authentication error\n");
sl_send_reply("403", "Forbidden");
break;
case -2:
xlog("L_INFO", "[R-XHTTP-REQUEST:$ci]
!> Invalid password -- rejecting\n");
sl_send_reply("403", "Forbidden");
break;
default:
xlog("L_INFO", "[R-XHTTP-REQUEST:$ci]
!> Unauthorised -- issuing authentication challenge\n");
www_challenge("$Ri", "0");
}
exit;
}
xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] -> Authorised user: $au\n");
consume_credentials();
-- Alex
--
Alex Balashov | Principal | Evariste Systems LLC
303 Perimeter Center North, Suite 300
Atlanta, GA 30346
United States
Tel: +1-800-250-5920 (toll-free) / +1-678-954-0671 (direct)
Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
