[SR-Users] Re: How to proxy/authenticate on third party sip server?
intel at intrans.baku.az
intel at intrans.baku.az
Tue Jul 10 11:50:45 CEST 2012
Daniel-Constantin Mierla said:
> Hello,
>
> On 7/6/12 7:59 PM, intel at intrans.baku.az wrote:
>> Can anybody help me with configuration kamailio to authenticate call on
>> 3rd party server?
>>
>> I want to authenticate(and proxy) call's on other server.
>>
>> for example, user A have account on my server(let it be A at myserver.com)
>> and account on other server (let it be AA at hisserver.com)
>> myserver.com keeps A's credentials for AA at hisserver.com
>> when A is registered on myserver.com, he make call to B at othersip.com
>> (using myserver.com as a proxy)
>> Kamailio on myserver authenticate itself on hisserver as
>> AA at hisserver.com,
>> makes call to destination, and connect it to A.
>>
>> How can I setup kamailio for such behavior?
>> Which module should I use?
>> UAC seems can authenticate on another server, but I don't sure that it
>> do
>> what I want. (I've tried it, but without much success)
> indeed, the uac module is the one that can provide what you want, with
> some limitations in regard to cseq incrementation. You have to set a
> failure route and if the reply code is 407, the sent the realm/username
> and password to the avps specified by the appropriate module parameters
> -- the next tree at:
>
> *
> http://kamailio.org/docs/modules/stable/modules_k/uac.html#auth-realm-avp-id
>
> Then call uac_auth() and relay again.
You mean, i need set auth_*_avp with credentials. set failure route, send
request to auth_proxy (btw, how? ) and call uac_auth() in failure route,
correct?
I've tried to use uacreg sql table and uac_reg_request_to, but there was
some problems:
1) in uac_reg_request_to with mode 1 mistake (it found credentials only if
l_uuid==l_username)
i've opened ticket on bugtracker
http://sourceforge.net/tracker/?func=detail&aid=3540479&group_id=139143&atid=743020
2) uac_reg_request_to changes uri in request and instead INVITE
sip:B at othersip.com makes INVITE sip:AA at hisserver.com
if comment out
snprintf(ruri, MAX_URI_SIZE, "sip:%.*s@%.*s",
reg->r_username.len, reg->r_username.s,
reg->r_domain.len, reg->r_domain.s);
and so on seems working, but I'm don't sure that such modification don't
break something else
(pretty sure that breaks, but don't know where exactly :)
3)uacreg table loaded on startup, and AFAIK there is no way to modify it
dynamically,
so if you change something in this table you MUST restart kamailio (not
convinient)
I've tried to make RPC for adding new record in htable (using
reg_ht_add()), but it returns error and in log I can see
ERROR: uac [uac_reg.c:313]: no more shm
> Cheers,
> Daniel
>
>
> --
> Daniel-Constantin Mierla - http://www.asipto.com
> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
> Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 -
> http://asipto.com/u/katu
> Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 -
> http://asipto.com/u/kpw
>
>
--
More information about the sr-users
mailing list