[Serusers] REGISTER Auth Failure Logging

Daniel-Constantin Mierla Daniel-Constantin.Mierla at fokus.fraunhofer.de
Sun Oct 3 20:35:07 CEST 2004 

The functions exported for use in the config file can return only three
values: -1 (false), 0 (drop current request), 1 (true).

You can use texops module to search for "Authorization" header, but you
can't check whether the challenge has been issued before or not without
some development.

Anyway, if the "Authorization" header is present and the www_authorize()
returns false then you have authentication failure.

Daniel

On 10/03/04 20:17, Michael Shuler wrote:

>I want to log ONLY authentication failures but I can't figure out how to
>detect a failure from www_authorize() after a www_challenge() has been
>issued.  Does www_authorize() return different values if the challenge info
>is already in there and it really did fail the lookup?  Looking at the
>source code I don't see where it does.  Here is what I propose gets added:
>
>www_authorize would return the following:
>
>-2 NEEDS_CHALLENGE
>-1 NOT_AUTHORIZED
> 0 ERROR
> 1 AUTHORIZED
>
>
>Line 174 of authorize.c in the auth_db module I added the following but it
>wouldn't compile and I'm not really sure why since its part of the enum:
>  case NO_CREDENTIALS    return -2;
>
>BUT if that did work here is an example of a piece of ser.cfg that would
>work...
>
>	if(method == "REGISTER" && uri == myself)
>      {
>                # Make sure they are a valid user on our proxy
>                if(www_authorize("bwsys.net", "sipfriends") == -2)
>                {
>                        www_challenge("bwsys.net", "1");
>                        break;
>                }
>		    elseif(www_authorize("bwsys.net", "sipfriends") == -1)
>		    {
>				xlog("L_INFO", "Authentication Failed For
>%ct, URI = %ru");
>		    }
>		    elseif(www_authorize("bwsys.net", "sipfriends") == 0)
>		    {
>				xlog("L_INFO", "Internal Authentication
>Failure For %ct, URI = %ru");
>		    }
>                else
>                {
>                        save("location");
>                        break;
>                };
>      };
>
>
>----------------------------------------
>
>Michael Shuler, C.E.O.
>BitWise Communications, Inc. (CLEC) And BitWise Systems, Inc. (ISP)
>682 High Point Lane
>East Peoria, IL 61611
>Office: (217) 585-0357
>Cell: (309) 657-6365
>Fax: (309) 213-3500
>E-Mail: mike at bwsys.net
>Customer Service: (877) 976-0711 
>
>_______________________________________________
>Serusers mailing list
>serusers at lists.iptel.org
>http://lists.iptel.org/mailman/listinfo/serusers
>
>  
>

More information about the sr-users mailing list