[Serusers] Authenticating INVITE requests method
Rafael J. Risco G.V.
rafael.risco at gmail.com
Wed Mar 23 21:51:47 CET 2005
Hello
I am doing some security improvements to my configuration because I´ve
realized that everyone can sends calls to PSTN gateways and other
registered users even if the caller fails to register in SER, so now I
instruct SER to check the username and password of the CALLER in every
INVITE request like that:
if (method=="INVITE") {
if (!www_authorize("mydomain", "subscriber")) {
www_challenge("mydomain", "0");
break;
};
};
well it works but not when calls are generated in my gateway Cisco
AS5350 (these GWs dont have register comand) so I need some advice to
"exclude" gateway IP for this authorization process.
thanks
Rafael
--
rrgv
More information about the sr-users
mailing list