Hello,
The script you posted is doing the digest authentication (password
based). If you want to to do IP based authentication you should use the
permissions module (see the "address" table). First try to auth based on
IP and if the IP in unknown fallback to digest auth.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 24.01.2014 02:10, Alec Doran-Twyford wrote:
Hi,
I'm currently working on authentication below is the snipped of code
used in our opensips.cfg which I believe handles all the
authentication and registering work.
With these setting only one of our endpoints works which is a SIP
phone programme called PhonerLite and the other SIP phone don't work
(unless I change the Domain IP address in the table to the Opensips
Servers IP address and FreePBX never works.
The end goal is to be able to authenticate by using just the Endpoints
IP address or else by having the IP address and a Username and Password.
## EC - auth
loadmodule "auth.so"
loadmodule "auth_db.so"
loadmodule "db_mysql.so"
#loadmodule "alias_db.so"
modparam("auth_db", "db_url", "mysql://opensips:test@localhost/opensips")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "load_credentials", "$avp(cred)=rpid;email_address")
modparam("auth_db", "password_column", "password")
# EC - enable domain auth
modparam("auth_db", "use_domain", 1)
loadmodule "domain.so"
modparam("domain", "db_url", "mysql://opensips:test@localhost/opensips")
route{
if (!is_method("REGISTER")) {
# EC - auth
if (!proxy_authorize("", "subscriber")) {
xlog("proxy challenge!");
proxy_challenge("", "0"); # Realm will be autogenerated
exit;
}
if (!db_check_from()) {
xlog("forbidden!");
sl_send_reply("403","Forbidden auth ID");
exit;
}
consume_credentials();
}
#
if (is_method("REGISTER")){
if (!www_authorize("", "subscriber")) {
xlog("www challenge!");
www_challenge("", "0"); # Realm will be autogenerated
exit;
}
if (!db_check_from()) {
xlog("forbidden!");
sl_send_reply("403","Forbidden auth ID");
exit;
}
xlog("register!");
if (!save("location")) {
xlog("failed to save location!");
sl_reply_error();
}
exit;
}
}
If anyone can help that would be great! or else point me in the
direction of examples of different authentication would be greatly
appreciated .
Thanks
Alec Doran-Twyford
| Junior Support Enginner for IVSTel
| E-mail: a.dorantwyf...@ivstel.com <mailto:a.dorantwyf...@ivstel.com>
| Phone: +61 2 9288 8890 <tel:%2B61%202%209288%208890> |
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
