[Users] uri_radius and radius_does_user_exist() not working
Ovidiu Sas
sip.nslu at gmail.com
Tue Jan 9 20:04:05 CET 2007
Hi Toni,
Since you went through all this and you have fresh memories, you could
submit an update to the document or create a new page on the wiki.
Regards,
Ovidiu Sas
On 1/9/07, Toni Heinonen <toni.heinonen at gmail.com> wrote:
> Hello,
>
> yes I did. I realized it asks a different service type from my RADIUS
> server and I had to create separate records for uri_radius to work.
> Ie. when it authenticates users, /etc/freeradius/users must have a
> digest line, and then for uri_radius, you have to have another entry
> for each user that implements the service type "call check", which
> returns true even when there's no password (as there of course isn't
> when OpenSER simply asks if the username exists).
>
> It was kind of lame debugging and sniffing the traffic. Why couldn't
> this all + an uri_radius example be included in the OpenSER+RADIUS
> tutorial?
>
> Kindest,
> Toni
>
> On 1/9/07, Daniel-Constantin Mierla <daniel at voice-system.ro> wrote:
> > Hello,
> >
> > have you tried with freeradius in debug mode? It prints log messages
> > which may help to identify the problem.
> >
> > Cheers,
> > Daniel
> >
> >
> > On 01/03/07 01:31, Toni Heinonen wrote:
> > > Hi,
> > >
> > > I've been through the OpenSER + RADIUS configuration tutorial many,
> > > many times, and it works like a charm, except for the uri_radius
> > > module which I can't get to detect user existence with the
> > > radius_does_user_exist() function.
> > >
> > > I'm trying to decide whether to send a 404 or a 480, as such:
> > >
> > > if (!lookup("location")) {
> > > if(radius_does_uri_exist()) {
> > > sl_send_reply("480", "User offline");
> > > } else {
> > > sl_send_reply("404", "User not found");
> > > };
> > > };
> > >
> > > It worked identically with the uri_db module's does_user_exist()
> > > function. Now the RADIUS server doesn't seem to understand the
> > > Call-Check request. I have a dump here:
> > >
> > > http://tonih.iki.fi/temp/uri_radius.cap
> > >
> > > Can anyone guess why OpenSER always gives a 404 even for users that
> > > exist, but that are simply offline? The users are currently
> > > hand-configured into freeradius's text configuration file users.conf.
> > >
> > > PS. What have you found to be the best way to authenticate users from
> > > a domain? FreeRADIUS using Kerberos 5, LDAP or relaying to a
> > > Microsoft RADIUS (IAS) server?
> > >
> >
>
>
> --
> http://tonih.iki.fi/ ~ http://blogit.helsinki.fi/toni.heinonen/
> "The progress of a dynamic civilization depends on the special people
> who make play out of work. In their all-absorbing passion, they create
> the variations that, through trial and error, become the sources of
> progress. They make the discoveries that drive the infinite series."
> - Virginia Postrel
>
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
>
More information about the sr-users
mailing list