[Serusers] REGISTER Auth Failure Logging
Michael Shuler
mike at bwsys.net
Sun Oct 3 20:17:24 CEST 2004
I want to log ONLY authentication failures but I can't figure out how to
detect a failure from www_authorize() after a www_challenge() has been
issued. Does www_authorize() return different values if the challenge info
is already in there and it really did fail the lookup? Looking at the
source code I don't see where it does. Here is what I propose gets added:
www_authorize would return the following:
-2 NEEDS_CHALLENGE
-1 NOT_AUTHORIZED
0 ERROR
1 AUTHORIZED
Line 174 of authorize.c in the auth_db module I added the following but it
wouldn't compile and I'm not really sure why since its part of the enum:
case NO_CREDENTIALS return -2;
BUT if that did work here is an example of a piece of ser.cfg that would
work...
if(method == "REGISTER" && uri == myself)
{
# Make sure they are a valid user on our proxy
if(www_authorize("bwsys.net", "sipfriends") == -2)
{
www_challenge("bwsys.net", "1");
break;
}
elseif(www_authorize("bwsys.net", "sipfriends") == -1)
{
xlog("L_INFO", "Authentication Failed For
%ct, URI = %ru");
}
elseif(www_authorize("bwsys.net", "sipfriends") == 0)
{
xlog("L_INFO", "Internal Authentication
Failure For %ct, URI = %ru");
}
else
{
save("location");
break;
};
};
----------------------------------------
Michael Shuler, C.E.O.
BitWise Communications, Inc. (CLEC) And BitWise Systems, Inc. (ISP)
682 High Point Lane
East Peoria, IL 61611
Office: (217) 585-0357
Cell: (309) 657-6365
Fax: (309) 213-3500
E-Mail: mike at bwsys.net
Customer Service: (877) 976-0711
More information about the sr-users
mailing list