[SR-Users] UAC and realm

Johan Wilfer lists at jttech.se
Tue Nov 20 10:25:15 CET 2012


I've done some tests with the UAC module to authenticate to a remote 
proxy. I've based my config on this example: 
http://docs.huihoo.com/opensips/tutorials/uac/ar01s06.html (example 9)

I have found that if I send a call from a asterisk via kamailio to my 
remote proxy the realm the remote proxy uses is the ip-address of the 
asterisk-server (aaa.bbb.ccc.ddd). Like this:

WWW-Authenticate: Digest 

If I have a param like this, the auth works:

But as I would like to use more than one remote proxy (=more than one 
provider) per asterisk server this needs some more work.

Is there a way to get UAC to ignore the realm from the remote proxy and 
send the auth anyway?

Alternate paths I've examined:
1. Rewrite from-domain to get the provider to use another realm:
      uac_replace_from("sip:$fU at example.com");

      Works, but I don't think this is a very good solution.

2. Use auth_username_avp / auth_password_avp / auth_realm_avp to
    feed the uac_auth()-function the right credentials.


      in the failure route:
      $avp(s:uac_user) = "username";
      $avp(s:uac_pass) = "password";
      $avp(s:uac_realm) = "aaa.bbb.ccc.ddd";

      This works as well, but I would like to either get the realm
      the remote proxy sends and use it or make uac ignore the realm.
      The realm is unimportant as we already know what proxy we are
      talking to.

      I've tried $hdr(WWW-Authenticate) but it evaluates to null.

Any ideas how to do this?


Johan Wilfer

More information about the sr-users mailing list