Fw: [Serusers] Multiple Domain Problem ser0.9.2

Rosario Pingaro rpingar at italycom.it
Sun Jun 12 22:41:08 CEST 2005


Another little steo ahead; disabling these two parameter:
#modparam("auth_db", "calculate_ha1", yes)
#modparam("auth_db", "password_column", "password")

I got the users authenticating only in their domain, so user(a) is only able 
to autenticate with domain(a).

Two problems still persist:
1. two users in different domains but same username get authenticated only 
the last inserted;
2. the credentials problems persist.

Rosario



----- Original Message ----- 
From: "Rosario Pingaro" <rpingar at italycom.it>
To: <serusers at lists.iptel.org>
Sent: Sunday, June 12, 2005 2:54 PM
Subject: Re: [Serusers] Multiple Domain Problem ser0.9.2


>I added just to try the domains to alias but it was not the problem, infact 
>alias only tell ser what domain hav to be included in "myself", I 
>accomplished that having the domain in my linux hosts file.
>
> For sure I added the user in the form you specified. So I have all the ser 
> db lokking good with the domain column filled.
>
> But the simptoms push me to think that the registrar module is not working 
> good. In fact also including modparam("registrar", "case_sensitive", 1)
> the digest authentication seems case insesitive!!!
>
> Any other HELP?
>
> Thanks
>
> Rosario
>
> ----- Original Message ----- 
> From: "Juan Priotti" <jpriotti at gmail.com>
> To: "Rosario Pingaro" <rpingar at italycom.it>
> Sent: Sunday, June 12, 2005 12:49 PM
> Subject: Re: [Serusers] Multiple Domain Problem ser0.9.2
>
>
>>I think you would need to add aliases in ser.cfg in this way:
>>
>> fifo="/tmp/ser_fifo"
>> alias=domain1.com domain2.com
>>
>> so authentication will not fail.
>> also when adding users:
>>
>> serctl add user1 at domain1.com "passwd" "email"
>>
>> ----- Original Message ----- 
>> From: Rosario Pingaro
>> To: serusers at lists.iptel.org
>> Sent: Sunday, June 12, 2005 1:34 PM
>> Subject: Fw: [Serusers] Multiple Domain Problem ser0.9.2
>>
>>
>> I'd like to add that I have added:
>> 1. domains using serctl domain add
>> 2. added users for domain a and users for domain b
>> 3. each user is authenticated without relation with the domain
>> 4. each user that is present in domain a and domain b get authentication
>> failed (registering in domain a and registrering in doamin b);
>>
>> thanks again.
>>
>> Rosario
>>
>> ----- Original Message ----- 
>> From: Rosario Pingaro
>> To: serusers at lists.iptel.org
>> Sent: Sunday, June 12, 2005 5:04 PM
>> Subject: [Serusers] Multiple Domain Problem ser0.9.2
>>
>>
>> I'd like to configure SER to host two different domains; the domains are
>> into the hst file of the linux machine.
>>
>> The problem is that SER autheticates the users indifferently from the 
>> domain
>> (I have enabled use_domain on both registrar and userloc), also if an 
>> user
>> is present on both domains i got an authentication failed.
>> I don't have alias because the doamin ar einto the linux' host file.
>>
>> If I remove a domain from the file and don't make an alias I get an error
>> about "too many hops" because ser doesn't recognize as myself.
>>
>> Please may you halp me to debug?
>>
>> Thanks
>>
>> Rosario
>>
>>
>>
>> These are some part of my ser.cfg
>>
>>
>>
>> #debug=6
>> fork=yes
>> log_stderror=no
>>
>>
>> check_via=no    # (cmd. line: -v)
>> dns=no           # (cmd. line: -r)
>> rev_dns=no      # (cmd. line: -R)
>> port=5060
>> children=4
>> fifo="/tmp/ser_fifo"
>> fifo_mode=0666
>> fifo_db_url="mysql://ser:hesloimgs@ns2.italycomnet.it/ser"
>> listen=213.178.216.45
>>
>> modparam("domain", "db_url", "mysql://ser:heslo@xxx.xxxxxx.it/ser")
>> modparam("domain", "db_mode", 1)
>> modparam("domain", "domain_table", "domain")
>> modparam("domain", "domain_col", "domain")
>> modparam("permissions", "db_url", "mysql://ser:heslo@xxx.xxxxxx.it/ser")
>> modparam("permissions", "db_mode", 1)
>> modparam("permissions", "trusted_table", "trusted")
>> modparam("uri_db", "db_url", "mysql://ser:heslo@xxx.xxxxxx.it/ser")
>> modparam("usrloc", "db_url", "mysql://ser:heslo@xxx.xxxxxx.it/ser")
>> modparam("usrloc", "db_mode", 1)
>> modparam("usrloc", "use_domain",1)
>> modparam("auth_db", "db_url", "mysql://ser:heslo@xxx.xxxxxx.it/ser")
>> modparam("auth_db", "calculate_ha1", yes)
>> modparam("auth_db", "password_column", "password")
>> modparam("registrar", "nat_flag", 6)
>> modparam("registrar", "use_domain",1)
>> modparam("nathelper", "natping_interval", 0)
>> modparam("nathelper", "rtpproxy_disable", 1)
>> modparam("mediaproxy","natping_interval",30)
>> modparam("acc", "db_url", "mysql://ser:heslo@xxx.xxxxxx.it/ser")
>> modparam("acc", "db_flag", 1)
>> modparam("acc", "db_missed_flag", 1)
>> modparam("acc", "failed_transactions", 1)
>> modparam("acc", "report_cancels", 1)
>> modparam("acc", "log_fmt", "cdfimorstup")
>> modparam("acc", "log_level", 1)
>> modparam("acc", "report_ack", 1)
>> modparam("rr", "enable_full_lr", 1)
>> modparam("tm", "fr_timer", 40)
>> modparam("tm", "fr_inv_timer", 60)
>> modparam("tm", "fr_inv_timer_avp", "inv_timeout")
>> modparam("tm", "wt_timer", 5)
>> modparam("group", "db_url", "mysql://ser:heslo@xxx.xxxxxx.it/ser")
>> #
>>
>> route[2] {
>>        sl_send_reply("100", "ci provo...");
>>        if (!search("^Contact:\ +\*") && client_nat_test("7"))  {
>>                setflag(6);
>>                fix_nated_register();
>>                force_rport();
>>        };
>>
>>        if (!www_authorize("", "subscriber")) {
>>                www_challenge("", "0");
>>                break;
>>        };
>>
>>
>> route[3] {
>>        if (client_nat_test("3")){
>>                setflag(7);
>>                force_rport();
>>                fix_nated_contact();
>>        };
>>        if (method=="INVITE" && !allow_trusted()) {
>>                if (!proxy_authorize("", "subscriber")) {
>>                        proxy_challenge("", "0");
>>                        break;
>>                } else if (!check_from()) {
>>                        sl_send_reply("403","Setta From=ID");
>>                        break;
>>                };
>>                consume_credentials();
>>        };
>>        lookup("aliases");
>>        if (uri!=myself) {
>>                route(5);
>>                route(1);
>>                break;
>>        };
>>
>>        if (!lookup("location") && !isflagset(4)) {
>>
>>
>>
>>
>>
>> _______________________________________________
>> Serusers mailing list
>> serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
>>
>>
>>
>>
>> _______________________________________________
>> Serusers mailing list
>> serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
>>
>>
>
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
> 





More information about the sr-users mailing list