22 Apr
2005
22 Apr
'05
2:16 p.m.
Jan Janak wrote:
On 21-04 21:08, Steve Blair wrote:
Perhaps I am missing the obvious. That is why I posted this message.
When I wrote I was
thinking: Suppose someone calling in from the PSTN via a gateway calls
a subscriber that has
setup call forwarding all to a PSTN number.
I need to know that this subscriber can indeed place calls to the PSTN
(either local, long distance
or international) before rewriting the called address and allowing the
call to proceed. I was assuming
is_user_in was appropriate for this type of checking but that fails.
I have a working 0.9.1 config to which I would
like add server side
features such as call forward all (cfwdall). I have a pretty good idea
how to handle cfwdall using avp_ops however I'm stuck on the
authentication.
If a subscriber has local calling permissions (acl=local) and cfwdall
their phone to a long distance number I need to respond with an
informative response.
In the INVITE processing in my config I have statements such as:
if (is_user_in("credentials", "ld")) {
setflag(11);
};
These checks fail with the following errors:
Apr 21 18:31:53 ser[498]: [SER]: AVP: Checking From gateway caller
Apr 21 18:31:53 ser[498]: check_username(): No authorized credentials
found (error in scripts)
Apr 21 18:31:53 ser[498]: check_username(): Call {www,proxy}_authorize
before calling
check_* function !
Apr 21 18:31:53 ser[498]: [SER]: Flag for UMVM redirect successful.
Apr 21 18:31:53 ser[498]: [SER]: AVP: Checking credentials
Apr 21 18:31:53 ser[498]: is_user_in(): No authorized credentials
found (error in scripts)
Checking the username without authentication does not make much sense
because the user could fake the contents of the header field. That's
why check_* functions require authorized credentials to be present.
I thought adding proxy_authorize("",
"subscriber")), check_to and
check_from calls prior
to the is_user_in check would address these errors but that hasn't
worked either.
If I want to set a flag if the caller is an authorized subscriber,
the callee is an
authorized subscriber and then use "is_user_in" to determine if the
called party has
a particular credential what am I missing?
I am not sure I understand "the callee is an authorized subscriber".
Digest authentication can only be performed for the caller, not the
callee, because there is no way of challenging the callee.
Jan.