pv_proxy_authorize cache

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

pv_proxy_authorize cache

Mike Tesliuk-4

Hello there,


Im trying to implement a proxy_authorize using cache without success.


is that possible to perform the cache using proxy_authorize ? on the example [1] i see the www_challenge() no proxy_challenge, is that correct ?


on my test im doing this (below):


modparam("auth","username_spec", "$avp(usuario)")
modparam("auth","password_spec", "$avp(senha)")
modparam("auth_db", "load_credentials", "$avp(senha)=password")


$avp(usuario) = $fU;

if(cache_fetch("redis","passwd_$fU",$avp(senha))) {
	if(!pv_proxy_authorize("")){
		proxy_challenge("","0");
		exit;
	}
}else{
	if(!proxy_authorize("")){
		proxy_challenge("","0");
		exit;
	}

	
	cache_store("redis","passwd_$fU","$avp(senha)",3600);

}

But with this rule i do not get the user authenticated.

what im doing wrong ? :)


Thanks in advice 




[1] - https://www.opensips.org/Documentation/Tutorials-MemoryCaching#toc3

--


​Atenciosamente,
WSU TECNOLOGIA
Mike Tesliuk
Rua Visconde do Rio Branco 1630 . Sala 1302 . Curitiba . PR  
12387 SW 125th ter, Miami, Florida 33186 - USA

tel +55 (41) 3941.0650   +1 (786) 719.6253
website  |  mapa  |  [hidden email]    
.


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

signature.asc (859 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: pv_proxy_authorize cache

Bogdan-Andrei Iancu-2
Hi Mike,

depending on your SIP flow, you can use either www_ (if a REGISTER) or proxy_ (if a non-REGISTER) functions.

In your script snip, you must populate both auth username and password before the calling the auth function. I do not see the $avp(usuario) set (probably with $fU ??) . Also, if the password is plain/text, be use you properly set the calculate_ha1 parameter.

Best regards,
Bogdan-Andrei Iancu
  OpenSIPS Founder and Developer
  http://www.opensips-solutions.com

OpenSIPS Bootcamp 2017, Houston, US
  http://opensips.org/training/OpenSIPS_Bootcamp_2017.html
On 07/24/2017 11:21 PM, Mike Tesliuk wrote:

Hello there,


Im trying to implement a proxy_authorize using cache without success.


is that possible to perform the cache using proxy_authorize ? on the example [1] i see the www_challenge() no proxy_challenge, is that correct ?


on my test im doing this (below):


modparam("auth","username_spec", "$avp(usuario)")
modparam("auth","password_spec", "$avp(senha)")
modparam("auth_db", "load_credentials", "$avp(senha)=password")


$avp(usuario) = $fU;

if(cache_fetch("redis","passwd_$fU",$avp(senha))) {
	if(!pv_proxy_authorize("")){
		proxy_challenge("","0");
		exit;
	}
}else{
	if(!proxy_authorize("")){
		proxy_challenge("","0");
		exit;
	}

	
	cache_store("redis","passwd_$fU","$avp(senha)",3600);

}

But with this rule i do not get the user authenticated.

what im doing wrong ? :)


Thanks in advice 




[1] - https://www.opensips.org/Documentation/Tutorials-MemoryCaching#toc3

--


​Atenciosamente,
WSU TECNOLOGIA
Mike Tesliuk
Rua Visconde do Rio Branco 1630 . Sala 1302 . Curitiba . PR  
12387 SW 125th ter, Miami, Florida 33186 - USA

tel +55 (41) 3941.0650   +1 (786) 719.6253
website  |  mapa  |  [hidden email]    
.



_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: pv_proxy_authorize cache

Mike Tesliuk-4

Hello Bogdan,  the $avp(usuario) is populated with the $fU as you think, the password is using the calculate parameter , but my question was if the pv_proxy_authorize is supposed to work, because on the example was used the www_ , and on my tests  do not work, but i will double check my configuration an try again.


thank you very much


Em 25/07/17 09:45, Bogdan-Andrei Iancu escreveu:
Hi Mike,

depending on your SIP flow, you can use either www_ (if a REGISTER) or proxy_ (if a non-REGISTER) functions.

In your script snip, you must populate both auth username and password before the calling the auth function. I do not see the $avp(usuario) set (probably with $fU ??) . Also, if the password is plain/text, be use you properly set the calculate_ha1 parameter.

Best regards,
Bogdan-Andrei Iancu
  OpenSIPS Founder and Developer
  http://www.opensips-solutions.com

OpenSIPS Bootcamp 2017, Houston, US
  http://opensips.org/training/OpenSIPS_Bootcamp_2017.html
On 07/24/2017 11:21 PM, Mike Tesliuk wrote:

Hello there,


Im trying to implement a proxy_authorize using cache without success.


is that possible to perform the cache using proxy_authorize ? on the example [1] i see the www_challenge() no proxy_challenge, is that correct ?


on my test im doing this (below):


modparam("auth","username_spec", "$avp(usuario)")
modparam("auth","password_spec", "$avp(senha)")
modparam("auth_db", "load_credentials", "$avp(senha)=password")


$avp(usuario) = $fU;

if(cache_fetch("redis","passwd_$fU",$avp(senha))) {
	if(!pv_proxy_authorize("")){
		proxy_challenge("","0");
		exit;
	}
}else{
	if(!proxy_authorize("")){
		proxy_challenge("","0");
		exit;
	}

	
	cache_store("redis","passwd_$fU","$avp(senha)",3600);

}

But with this rule i do not get the user authenticated.

what im doing wrong ? :)


Thanks in advice 




[1] - https://www.opensips.org/Documentation/Tutorials-MemoryCaching#toc3

--


​Atenciosamente,
WSU TECNOLOGIA
Mike Tesliuk
Rua Visconde do Rio Branco 1630 . Sala 1302 . Curitiba . PR  
12387 SW 125th ter, Miami, Florida 33186 - USA

tel +55 (41) 3941.0650   +1 (786) 719.6253
website  |  mapa  |  [hidden email]    
.



_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


--


​Atenciosamente,
WSU TECNOLOGIA
Mike Tesliuk
Rua Visconde do Rio Branco 1630 . Sala 1302 . Curitiba . PR  
12387 SW 125th ter, Miami, Florida 33186 - USA

tel +55 (41) 3941.0650   +1 (786) 719.6253
website  |  mapa  |  [hidden email]    
.


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users

signature.asc (859 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: pv_proxy_authorize cache

Bogdan-Andrei Iancu-2
The difference between www_ and proxy_ comes to what SIP headers they are looking for (in the SIP message) for reading the auth answer (Proxy-Authorize versus Authorize). Otherwise, in terms of auth algorithm, they are the same.

Regards,

Bogdan-Andrei Iancu
  OpenSIPS Founder and Developer
  http://www.opensips-solutions.com

OpenSIPS Bootcamp 2017, Houston, US
  http://opensips.org/training/OpenSIPS_Bootcamp_2017.html
On 07/25/2017 04:01 PM, Mike Tesliuk wrote:

Hello Bogdan,  the $avp(usuario) is populated with the $fU as you think, the password is using the calculate parameter , but my question was if the pv_proxy_authorize is supposed to work, because on the example was used the www_ , and on my tests  do not work, but i will double check my configuration an try again.


thank you very much


Em 25/07/17 09:45, Bogdan-Andrei Iancu escreveu:
Hi Mike,

depending on your SIP flow, you can use either www_ (if a REGISTER) or proxy_ (if a non-REGISTER) functions.

In your script snip, you must populate both auth username and password before the calling the auth function. I do not see the $avp(usuario) set (probably with $fU ??) . Also, if the password is plain/text, be use you properly set the calculate_ha1 parameter.

Best regards,
Bogdan-Andrei Iancu
  OpenSIPS Founder and Developer
  http://www.opensips-solutions.com

OpenSIPS Bootcamp 2017, Houston, US
  http://opensips.org/training/OpenSIPS_Bootcamp_2017.html
On 07/24/2017 11:21 PM, Mike Tesliuk wrote:

Hello there,


Im trying to implement a proxy_authorize using cache without success.


is that possible to perform the cache using proxy_authorize ? on the example [1] i see the www_challenge() no proxy_challenge, is that correct ?


on my test im doing this (below):


modparam("auth","username_spec", "$avp(usuario)")
modparam("auth","password_spec", "$avp(senha)")
modparam("auth_db", "load_credentials", "$avp(senha)=password")


$avp(usuario) = $fU;

if(cache_fetch("redis","passwd_$fU",$avp(senha))) {
	if(!pv_proxy_authorize("")){
		proxy_challenge("","0");
		exit;
	}
}else{
	if(!proxy_authorize("")){
		proxy_challenge("","0");
		exit;
	}

	
	cache_store("redis","passwd_$fU","$avp(senha)",3600);

}

But with this rule i do not get the user authenticated.

what im doing wrong ? :)


Thanks in advice 




[1] - https://www.opensips.org/Documentation/Tutorials-MemoryCaching#toc3

--


​Atenciosamente,
WSU TECNOLOGIA
Mike Tesliuk
Rua Visconde do Rio Branco 1630 . Sala 1302 . Curitiba . PR  
12387 SW 125th ter, Miami, Florida 33186 - USA

tel +55 (41) 3941.0650   +1 (786) 719.6253
website  |  mapa  |  [hidden email]    
.



_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users


--


​Atenciosamente,
WSU TECNOLOGIA
Mike Tesliuk
Rua Visconde do Rio Branco 1630 . Sala 1302 . Curitiba . PR  
12387 SW 125th ter, Miami, Florida 33186 - USA

tel +55 (41) 3941.0650   +1 (786) 719.6253
website  |  mapa  |  [hidden email]    
.



_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Loading...