[Serusers] Question about radius_proxy_authorize()
Marian Dumitru
marian.dumitru at voice-sistem.ro
Fri Oct 8 19:43:40 CEST 2004
Hi Ricardo
what you have to take care is to make distinction between calls with no
auth credentials and the ones with wrong credentials. Otherwise your
clients will never get the challenge and they will never be able to auth
them self.
you can try something like this :
if ( !radius_proxy_authorize("")) {
if ( !is_present_hf("Proxy-Authorization") ) {
proxy_challenge("", "1");
} else {
log (1, "LOG: Llamada no AUTORIZADA\n");
# here do what you need before redirecting
# to announcement
t_relay_to("","");
}
break;
};
the bad part of this approach is a user who already used a bad password
will never have again the chance to provide the good one and will be all
the time redirected to announcement server.
Best regards,
Marian Dumitru
--
Voice Sistem
http://www.voice-sistem.ro
Ricardo Martinez wrote:
> Hello.
> I have a question regarding to the authorization of a call via
> radius. Is there a way to forward the INVITE to a mediaserver, for example
> Asterisk and this play a message for the unauthorized request?. For example
> : "You don't have permission to make this call", this forward message is
> depending on the answer from the Radius Server.
>
> if (method=="INVITE" && search("^From:
> <sip:.*@mydomain.com>")) {
> if ( !radius_proxy_authorize("")) {
> proxy_challenge("", "1");
> log (1, "LOG: Llamada no AUTORIZADA\n");
> break;
> };
> };
>
> Is there a way?
>
> Thanks in advance
>
> Best Regards
>
> Ricardo Martnez.
>
>
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>
More information about the sr-users
mailing list