[presence] About Watcher Information Event package (A to B)

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

[presence] About Watcher Information Event package (A to B)

Iñaki Baz Castillo
Hi, RFC 3857 states in section 3.1:

  The policy of the server is such that it allows B to subscribe to its
   own watcher information.

Would OpenSIPS presence module disallow (by itself) if user A tries to
subscribe to watcher information of user B?
Or must this authorization be checked in the script?

Thanks.


--
Iñaki Baz Castillo <[hidden email]>

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: [presence] About Watcher Information Event package (A to B)

Iñaki Baz Castillo
El Lunes, 15 de Junio de 2009, Iñaki Baz Castillo escribió:

> Hi, RFC 3857 states in section 3.1:
>
>   The policy of the server is such that it allows B to subscribe to its
>    own watcher information.
>
> Would OpenSIPS presence module disallow (by itself) if user A tries to
> subscribe to watcher information of user B?
> Or must this authorization be checked in the script?
>
> Thanks.


Opss, Section 3.1 shows an example in which an application server subscribes
to the watcher information of an user:

 3.2.  Blacklist Alerts

   Applications can subscribe to watcher information in order to provide
   value-added features.  An example application is "blacklist alerts".
   In this scenario, an application server maintains a list of known
   "bad guys".  A user, Joe, signs up for service with the application
   provider, presumably by going to a web page and entering in his
   presence URI.  The application server subscribes to the watcher
   information for Joe's presence.  When someone attempts to SUBSCRIBE
   to Joe's user presence, the application learns of this subscription
   as a result of its watcher info subscription.  It checks the
   watcher's URI against the database of known bad guys.  If there is a
   match, it sends email to Joe letting him know about this.

   For this application to work, Joe needs to make sure that the
   application is allowed to subscribe to his presence.winfo.

--
Iñaki Baz Castillo <[hidden email]>

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: [presence] About Watcher Information Event package (A to B)

Adrian Georgescu
In reply to this post by Iñaki Baz Castillo
The sane configuration is to authorize the SUBSCRIBE for presence.winfo same for Register and make sure the credentials match the From URI.

Adrian

On Jun 15, 2009, at 1:19 AM, Iñaki Baz Castillo wrote:

Hi, RFC 3857 states in section 3.1:

 The policy of the server is such that it allows B to subscribe to its
  own watcher information.

Would OpenSIPS presence module disallow (by itself) if user A tries to
subscribe to watcher information of user B?
Or must this authorization be checked in the script?

Thanks.


--
Iñaki Baz Castillo <[hidden email]>

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: [presence] About Watcher Information Event package (A to B)

Adrian Georgescu
In reply to this post by Iñaki Baz Castillo
Hi Inaki,

This use case does not concern another regular SIP subscribe but the administrator of the system. I would say that the best way to achieve this with OpenSIPS would to select from the watcher database rather than composing Subscribe from an administrator tool.

Adrian


On Jun 15, 2009, at 1:22 AM, Iñaki Baz Castillo wrote:

El Lunes, 15 de Junio de 2009, Iñaki Baz Castillo escribió:
Hi, RFC 3857 states in section 3.1:

 The policy of the server is such that it allows B to subscribe to its
  own watcher information.

Would OpenSIPS presence module disallow (by itself) if user A tries to
subscribe to watcher information of user B?
Or must this authorization be checked in the script?

Thanks.


Opss, Section 3.1 shows an example in which an application server subscribes
to the watcher information of an user:

3.2.  Blacklist Alerts

  Applications can subscribe to watcher information in order to provide
  value-added features.  An example application is "blacklist alerts".
  In this scenario, an application server maintains a list of known
  "bad guys".  A user, Joe, signs up for service with the application
  provider, presumably by going to a web page and entering in his
  presence URI.  The application server subscribes to the watcher
  information for Joe's presence.  When someone attempts to SUBSCRIBE
  to Joe's user presence, the application learns of this subscription
  as a result of its watcher info subscription.  It checks the
  watcher's URI against the database of known bad guys.  If there is a
  match, it sends email to Joe letting him know about this.

  For this application to work, Joe needs to make sure that the
  application is allowed to subscribe to his presence.winfo.

--
Iñaki Baz Castillo <[hidden email]>

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: [presence] About Watcher Information Event package (A to B)

Iñaki Baz Castillo
In reply to this post by Adrian Georgescu
2009/6/15 Adrian Georgescu <[hidden email]>:
> The sane configuration is to authorize the SUBSCRIBE for presence.winfo same
> for Register and make sure the credentials match the From URI.

Ok, so it's flexible and requires scripting.
Thanks.


--
Iñaki Baz Castillo
<[hidden email]>

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users