[Serusers] Authorization Woes
Jan Janak
jan at iptel.org
Sat Nov 15 10:11:39 CET 2003
Hello,
use username without domain as authentication username (just steve, not
steve at northnet.net.nz).
Jan.
On 15-11 09:31, Steve wrote:
> Hey There,
>
> Just started out playing with SIP and have ser setup and installed.
>
> With no authorization turned on I can add users who can register and
> exchange SIP messages quite happily.
>
> However, when I turn on Digest Authorization (as per the HowTo at
> http://iptel.org/ser/serhowto.html ) and set up mysql support then
> everything goes west and I get the following with the client unable to
> authenticate.
>
>
> U 210.48.7.165:5060 -> 210.56.32.70:5060
> REGISTER sip:northnet.net.nz SIP/2.0..Via: SIP/2.0/UDP
> 210.48.7.165:5060;rport;branch=z9hG4bKF5
> 33461207ED45518BD06CC883DA12B6..From: Steve Phillips
> <sip:steve at northnet.net.nz>..To: Steve Phi
> llips <sip:steve at northnet.net.nz>..Contact: "Steve Phillips"
> <sip:steve at 210.48.7.165:5060>..Cal
> l-ID: CBA1BCA27E6E4FB1A5CD56AEB8AF68E5 at northnet.net.nz..CSeq: 65211
> REGISTER..Expires: 1800..Au
> thorization: Digest
> username="steve at northnet.net.nz",realm="northnet.net.nz",nonce="3fb53a5c784
> daf64daafd882ad51d0667868fcf9",response="4e84bfebe6f61cde314a5c80c8d99152",uri="sip:northnet.ne
> t.nz"..Max-Forwards: 70..User-Agent: X-PRO build 1082..Content-Length:
> 0....
> #
> U 210.56.32.70:5060 -> 210.48.7.165:5060
> SIP/2.0 401 Unauthorized..Via: SIP/2.0/UDP
> 210.48.7.165:5060;rport=5060;branch=z9hG4bKF53346120
> 7ED45518BD06CC883DA12B6..From: Steve Phillips
> <sip:steve at northnet.net.nz>..To: Steve Phillips <
> sip:steve at northnet.net.nz>;tag=b27e1a1d33761e85846fc98f5f3a7e58.98f6..Call-ID:
> CBA1BCA27E6E4FB1
> A5CD56AEB8AF68E5 at northnet.net.nz..CSeq: 65211
> REGISTER..WWW-Authenticate: Digest realm="northne
> t.net.nz", nonce="3fb53a5e97447a2dfe64a2c86809f15463256661"..Server: Sip
> EXpress router (0.8.11
> (i386/linux))..Content-Length: 0..Warning: 392 210.56.32.70:5060 "Noisy
> feedback tells: pid=2
> 9724 req_src_ip=210.48.7.165 req_src_port=5060
> in_uri=sip:northnet.net.nz out_uri=sip:northnet.
> net.nz
> via_cnt==1"....
>
>
> The relevant line from the database is
>
> | 4a1d150618efa5168610e011e4df6359 | steve | northnet.net.nz |
> MyPass | | | | steve at northnet.net.nz |
> 2003-11-10 15:59:40 | 2003-11-10 18:30:08 | |
> o | | | 4a1d150618efa5168610e011e4df6359 |
> 144a40855c0cdf26b25af1562cd337c | admin | 0 | Pacific/Auckland |
>
>
> Version of ser is 0.8.11
>
> The changes I made to the "REGISTER" section in the config (I am guessing
> this is where the issue is) are as follows..
>
> if (uri=~"northnet.net.nz") {
>
> if (method=="REGISTER") {
>
> # Uncomment this if you want to use digest authentication
> if (!www_authorize("northnet.net.nz",
> "subscriber")) {
> www_challenge("northnet.net.nz", "0");
> break;
> };
>
> save("location");
> break;
> };
>
> # native SIP destinations are handled using our USRLOC DB
> if (!lookup("location")) {
> sl_send_reply("404", "Not Found");
> break;
> };
> };
>
> Previous to this I have the auth and auth_db modules uncommented, along
> with the mysql module and the two "auth_parms" listed in teh the default
> config file uncommented as well. (all as per the HowTo instructions..)
>
> help.. unsure what to try next :-)
>
> --
> Steve.
>
>
>
>
>
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
More information about the sr-users
mailing list