[Serusers] Re: Authorizing IM requests
Vaclav Kubart
vaclav.kubart at iptel.org
Wed May 31 08:28:44 CEST 2006
Hi,
yes I did, but I had forgotten...
You can NOT use EyeBeam to work with message authorization - it will
NEVER set the rules which are needed by SER. You can do this only
manually on XCAP server.
I try to look on the userloc problem, but don't know when.
Vaclav
On Tue, May 30, 2006 at 05:29:27PM +0300, ?lker Aktuna (Koç.net) wrote:
> Hi Vaclav,
>
> Did you receive my following email ?
>
> Btw, I still couldn't find the neccessary db structure for using
> usrloc with db support. Can you point me to the right person who knows
> the required db structure ?
>
> Thanks,
> ilker
>
> ________________________________
>
> From: ?lker Aktuna (Koç.net)
> Sent: Monday, May 29, 2006 12:52 PM
> To: 'Vaclav Kubart'
> Cc: samuel; serusers at iptel.org
> Subject: RE: Authorizing IM requests
>
>
>
>
> Well, then what can I use in the following line to authorize IM messages ?
>
> if (authorize_message("https://sip.koc.net/xcap")) {
>
> Eyebeam updates file /xcap/privacy-lists/user/privacy-lists.xml when I change the "privacy" configuration on Eyebeam client.
>
> Thanks,
> ilker
>
> -----Original Message-----
> From: Vaclav Kubart [mailto:vaclav.kubart at iptel.org]
> Sent: Friday, May 26, 2006 4:48 PM
> To: ?lker Aktuna (Koç.net)
> Cc: samuel; serusers at iptel.org
> Subject: Re: Authorizing IM requests
>
> Yes, I meant, that this will not work together.
>
> I don't know. Privacy-lists are something eyeBeam's internal or something standardized?
>
> Im-rules are SER internal.
>
> Vaclav
>
> On Fri, May 26, 2006 at 04:43:35PM +0300, ?lker Aktuna (Koç.net) wrote:
> > Do you mean it won't work with privacy-lists ?
> > What can I try ?
> >
> > Thanks,
> > ilker
> >
> > -----Original Message-----
> > From: Vaclav Kubart [mailto:vaclav.kubart at iptel.org]
> > Sent: Friday, May 26, 2006 4:40 PM
> > To: ?lker Aktuna (Koç.net)
> > Cc: samuel; serusers at iptel.org
> > Subject: Re: Authorizing IM requests
> >
> > EyeBeam won't use im-rules and SER won't use with privacy-lists. It something else.
> >
> > Vaclav
> >
> > On Fri, May 26, 2006 at 02:24:42PM +0300, ?lker Aktuna (Koç.net) wrote:
> > > Hi Samuel,
> > >
> > > Now that presence is working I'm checking xcap possibilities.
> > > I see that IM xcap authorization is not working.
> > >
> > > I don't know what to use in:
> > > >if (authorize_message("im-rules.xml")){
> > >
> > > My client (Eyebeam) does not use im-rules.xml , but it uses
> > > privacy-lists.xml and that file is in privacy-lists folder. How
> > > should I change the configuration line to use this file ?
> > >
> > > Regards,
> > > ilker
> > >
> > > -----Original Message-----
> > > From: samuel [mailto:samu60 at gmail.com]
> > > Sent: Tuesday, May 16, 2006 5:26 PM
> > > To: Vaclav Kubart
> > > Cc: ?lker Aktuna (Koç.net); serusers at iptel.org
> > > Subject: Re: [Serusers] PA error sending notifies
> > >
> > > 2006/5/16, Vaclav Kubart <vaclav.kubart at iptel.org>:
> > > > reply inline...
> > > > > If you are using XCAP authentication for MESSAGEs, there's a
> > > > > function called authorize_message that needs to have as
> > > > > parameter the file name of the IM ruleset.
> > > > > For user sam, in xcap-root/im-rules/users/sam/im-rules.xml there
> > > > > are the rules for this function. The XML file is similar to the
> > > > > presence-rules but has important differences (correct me if I'm
> > > > > wrong,
> > > > > Vaclav!!!):
> > > > > *it only has a blacklist parameter (no whitelist!!)
> > > >
> > > > It doesn't depend on name of the rule (blacklist/whitelist/...) it
> > > > depends on the action (block, ...). You can have as many rules as
> > > > you want, but to explicitly enable something (whitelist) is
> > > > needless because MESSSAGEs are allowed by default (at the end of
> > > > the presence handbook I tried to describe im-rules the same way as
> > > > presence-rules are described in their draft).
> > > >
> > > > > *the namespace is different (so be carefull in copy&paste from
> > > > > the
> > > > > presence-rules!!!) and, as Vaclav poitned out "proprietary" from
> > > > > iptel.
> > > >
> > > > And the action element name differs: <im-handling> is used instead
> > > > of <sub-handling>.
> > > >
> > >
> > > Uops...I haven't noticed :P thanks!
> > >
> > > > Vaclav
> > > >
> > > > >
> > > > > About the structure I have: x86 debian testing. Libraries
> > > > > versions I don't know exactly but the ones in the testing
> > > > > repository EXCEPT a library which I had to get for serweb from
> > > > > the stable version...but it's not affecting SER part.
> > > > >
> > > > > Samuel.
> > > > > 2006/5/16, ?lker Aktuna (Koç. net ) <ilkera at koc.net>:
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >Hi,
> > > > > >
> > > > > >What did you mean by following:
> > > > > >
> > > > > >>Instead of
> > > > > >>>
> > > > > >>> if (authorize_message("http://localhost/xcap")) {
> > > > > >>
> > > > > >>there should be
> > > > > >>
> > > > > >>if (authorize_message("im-rules.xml")){
> > > > > >
> > > > > >Btw, did you receive my email with following questions :
> > > > > >
> > > > > >>> I have the same problem with notification and other presence
> > > > > >>> messages
> > > > > >with you.
> > > > > >>> Can you tell me which Linux distribution you are using Ser on ?
> > > > > >>> Also please include version numbers for libraries that are
> > > > > >>> required by
> > > > > >Ser.
> > > > > >>>
> > > > > >>> I am trying to find similarities between yours and my ser server.
> > > > > >
> > > > > >Regards,
> > > > > >ilker
> > > > > >
> > > > > >-----Original Message-----
> > > > > >From: serusers-bounces at iptel.org
> > > > > >[mailto:serusers-bounces at iptel.org] On Behalf Of samuel
> > > > > >Sent: Monday, May 15, 2006 7:13 PM
> > > > > >To: Vaclav Kubart
> > > > > >Cc: serusers at iptel.org
> > > > > >Subject: Re: [Serusers] PA error sending notifies
> > > > > >
> > > > > >Let's see if I can finish the e-mail before gmail decides it's
> > > > > >enough...:P
> > > > > >
> > > > > >006/5/15, samuel <samu60 at gmail.com>:
> > > > > >> Following with the handbook...
> > > > > >
> > > > > >>
> > > > > >> the authorize message in the sample confgi files has as
> > > > > >> parameter the xcap root while it should have the xml file containing the auth.rules.
> > > > > >
> > > > > >
> > > > > >Instead of
> > > > > >
> > > > > >>
> > > > > >> if (authorize_message("http://localhost/xcap")) {
> > > > > >
> > > > > >there should be
> > > > > >
> > > > > >if (authorize_message("im-rules.xml")){
> > > > > >
> > > > > >>
> > > > > >>
> > > > > >>
> > > > > >> 2006/5/15, samuel <samu60 at gmail.com>:
> > > > > >> > First of all, I have to thank you for the time you spent
> > > > > >> > writing the handbook, it's really really helpfull....I wish
> > > > > >> > all SER related parts had this docs..
> > > > > >> >
> > > > > >> > I'll try to get familiar with the code of the notifications
> > > > > >> > and I'll try to find something....which I don't thing so :P.
> > > > > >> > I'll also merge the two functionalities (proxy + presence)
> > > > > >> > in a unique config file to see if it works.
> > > > > >> > I hope I can provide more info these following days.
> > > > > >> >
> > > > > >> > About the missing things in the presence handbook, probably
> > > > > >> > the most important is the new xcap module because in the
> > > > > >> > sample config files it's missing.
> > > > > >> > Another thing is that in the XCAP structure description,
> > > > > >> > the im-rules directory is missing, which might lead to
> > > > > >> > misunderstandings. I downloaded the structure from the
> > > > > >> > iptel's ftp and inside the im-rules there were several
> > > > > >> > files corresponding to presence-rules which should be
> > > > > >> > either removed or updated with the im-rules namespaces and removing the whitelist.
> > > > > >> >
> > > > > >> > Thanks,
> > > > > >> >
> > > > > >> > Samuel.
> > > > > >> >
> > > > > >> >
> > > > > >> >
> > > > > >> >
> > > > > >> > 2006/5/15, Vaclav Kubart <vaclav.kubart at iptel.org>:
> > > > > >> > > Hi,
> > > > > >> > > this problem I'm trying to solve with Ilker Aktuna. I try
> > > > > >> > > to simulate it on my machine and let you know. Or if you
> > > > > >> > > solve it,
> > > > > >please
> > > > > >let me know.
> > > > > >> > > :-)
> > > > > >> > >
> > > > > >> > > Please, could you tell me, what things you were missing
> > > > > >> > > in presence handbook? I'm trying to do it as useful as
> > > > > >> > > possible and whatever ideas are welcome...
> > > > > >> > >
> > > > > >> > > Vaclav
> > > > > >> > >
> > > > > >> > > On Mon, May 15, 2006 at 01:38:02PM +0200, samuel wrote:
> > > > > >> > > > Hi all,
> > > > > >> > > >
> > > > > >> > > > I recently had a few hours and start installing the
> > > > > >> > > > presence staff and I have to say that I have it amost
> > > > > >> > > > workign thanks to the presence handbook, the mailing
> > > > > >> > > > list and, obviously, a little bit of code review..:P
> > > > > >> > > >
> > > > > >> > > > I have two SER instances, the "proxy" and the "presence server"
> > > > > >> > > > (both with last CVS code) co-located in the same host
> > > > > >> > > > and I have an issue when the "presence server" tries to
> > > > > >> > > > send the NOTIFY requests. Below there's an attched log
> > > > > >> > > > showing the problem (on IP a.b.c.d I've got the two instances):
> > > > > >> > > >
> > > > > >> > > > 3(30682) DEBUG notify.c:378: sending winfo notify
> > > > > >> > > > 3(30682) DEBUG notify.c:383: winfo document created
> > > > > >> > > > 3(30682) DEBUG notify.c:391: creating headers
> > > > > >> > > > 3(30682) DEBUG notify.c:398: headers created
> > > > > >> > > > 3(30682) DEBUG:tm:t_uac:
> > > > > >> > > >
> > > > > >next_hop=<sip:a.b.c.d;transport=tcp;ftag=c77b3f33;lr=on>
> > > > > >> > > > 3(30682) t_uac: no socket found
> > > > > >> > > > 3(30682) DEBUG notify.c:402: request sent with result
> > > > > >> > > > -7
> > > > > >> > > > 3(30682) ERROR: notify.c:404: Can't send watcherinfo
> > > > > >> > > > notification (-7)
> > > > > >> > > >
> > > > > >> > > > This problem appears in other places, not only in the
> > > > > >> > > > notifications for winfo so probably there's somthing in
> > > > > >> > > > the selection of the outgoing socket directing to the local IP.
> > > > > >> > > >
> > > > > >> > > > >From the proxy part I just ust t_forward_nonack for the "SIMPLE"
> > > > > >> > > > messages with record route....maybe adding the port in
> > > > > >> > > > the record route should help?
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >_______________________________________________________________
> > > > > >__
> > > > > >__
> > > > > >_______________________________________________________________
> > > > > >__ __ _______ Bu e-posta mesaji kisiye ozel olup, gizli
> > > > > >bilgiler iceriyor olabilir. Eger bu e-posta mesaji size
> > > > > >yanlislikla ulasmissa, icerigini hic bir sekilde kullanmayiniz
> > > > > >ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini
> > > > > >kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj
> > > > > >kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde,
> > > > > >herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para
> > > > > >karsiligi satilamaz. Bu e-posta mesaji viruslere karsi
> > > > > >anti-virus sistemleri tarafindan taranmistir. Ancak yollayici,
> > > > > >bu e-posta mesajinin - virus koruma sistemleri ile kontrol
> > > > > >ediliyor olsa bile - virus icermedigini garanti etmez ve
> > > > > >meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez.
> > > > > >This message is intended solely for the use of the individual
> > > > > >or entity to whom it is addressed , and may contain
> > > > > >confidential information. If you are not the intended recipient
> > > > > >of this message or you receive this mail in error, you should
> > > > > >refrain from making any use of the contents and from opening
> > > > > >any attachment. In that case, please notify the sender
> > > > > >immediately and return the message to the sender, then, delete and destroy all copies.
> > > > > >This e-mail message, can not be copied, published or sold for any reason.
> > > > > >This e-mail message has been swept by anti-virus systems for
> > > > > >the presence of computer viruses. In doing so, however, sender
> > > > > >cannot warrant that virus or other forms of data corruption may
> > > > > >not be present and do not take any responsibility in any occurrence.
> > > > > >_______________________________________________________________
> > > > > >__
> > > > > >__
> > > > > >_______________________________________________________________
> > > > > >__
> > > > > >__
> > > > > >_______
> > > > > >
> > > >
> > >
> > >
> > >
> > >
> > >
> > > <http://387555.sigclick.mailinfo.com/sigclick/05090E04/0C024D08/0708
> > > 45
> > > 03/06191971.jpg>
> > > ____________________________________________________________________
> > > __
> > > ____________________________________________________________________
> > > __ _ Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor
> > > olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez.
> > > This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain confidential information. If you are not the intended recipient of this message or you receive this mail in error, you should refrain from making any use of the contents and from opening any attachment. In that case, please notify the sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the presence of computer viruses. In doing so, however, sender cannot warrant that virus or other forms of data corruption may not be present and do not take any responsibility in any occurrence.
> > > ____________________________________________________________________
> > > __
> > > ____________________________________________________________________
> > > __
> > > _
> >
> >
> >
> >
> >
> > <http://387555.sigclick.mailinfo.com/sigclick/000A0404/02044D0A/010A4F
> > 03/23231711.jpg>
> > ______________________________________________________________________
> > ______________________________________________________________________
> > _ Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor
> > olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez.
> > This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain confidential information. If you are not the intended recipient of this message or you receive this mail in error, you should refrain from making any use of the contents and from opening any attachment. In that case, please notify the sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the presence of computer viruses. In doing so, however, sender cannot warrant that virus or other forms of data corruption may not be present and do not take any responsibility in any occurrence.
> > ______________________________________________________________________
> > ______________________________________________________________________
> > _
>
>
>
>
> <http://387555.sigclick.mailinfo.com/sigclick/07090307/00054909/02014800/14142505.jpg>
> _____________________________________________________________________________________________________________________________________________
> Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez.
> This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain confidential information. If you are not the intended recipient of this message or you receive this mail in error, you should refrain from making any use of the contents and from opening any attachment. In that case, please notify the sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the presence of computer viruses. In doing so, however, sender cannot warrant that virus or other forms of data corruption may not be present and do not take any responsibility in any occurrence.
> _____________________________________________________________________________________________________________________________________________
More information about the sr-users
mailing list