[SR-Users] RADIUS authentication

Thu Dec 20 16:10:25 CET 2012

Moacir Ferreira writes:

> Anyway, it is tricky but M$ (I liked the $ thing here) can do MD5. I
> "would love" to see a "#!define WITH_RADIUS" at kakailio.cfg but we
> don't have it.

i used to use radius authentication with kamailio for years, but
recently gave up on it due to extra complexity/load introduced by
radius queries.  if that does not bother you, then there is absolutely
no reason why radius auth and other radius functions would not work fine
in k.

> However, as long as I understood, the RADIUS module is moving to
> obsolete as the AUTH module now also includes the RADIUS
> functionalities.

i think you have misunderstood things.  modules_k/auth_radius and
misc_radius that i used to use, are not going to be obsoleted.

here are the calls that i used to make:

    if (!radius_proxy_authorize("$var(uri_domain)", "$var(uri_user)")) {
        switch ($rc) {
        ...

    if (!radius_www_authorize("$td")) {
        switch ($rc) {
        ...

    if (radius_does_uri_user_exist()) {
        ...
        radius_load_callee_avps();

    if (radius_does_uri_exist()) {
        ...

    if (!radius_does_uri_exist()) {
        ...

in addition, i had implemented private radius_test function that i used
to check health of radius backend:

    if (is_method("OPTIONS")) {
        if ($fU == "sipsak") {
            if (radius_test()) {
               options_reply();
            } else {
               xlog("L_ERR", "$rm <$ru> failed radius_test\n");
               send_reply("500", "Server Internal Error");
            };

hope this helps,

-- juha