[SR-Users] ldap auth
Slava Bendersky
volga629 at networklab.ca
Sat Mar 22 07:22:27 CET 2014
Hello Everyone,
Trying setup ldap authentication. Always getting 401.
I tested and all avp getting value also domain part check working, look like challenge www in question.
Any help thank you in advance.
#!ifdef WITH_LDAP
route[LDAP] {
if(is_method("REGISTER")) {
if(!(is_present_hf("Authorization") || is_present_hf("Proxy-Authorization"))) {
# no credentials header - send back challenge
auth_challenge("$fd", "1");
exit;
}
# ldap search
ldap_search("ldap://sipaccounts/ou=People,dc=networklab,dc=loc?sipDomain,sipMobileExtension,userPassword?one?(&(objectClass=phonesipuser)(sipMobileExtension=$fU))");
$var(rc) = $rc;
if ($var(rc)<0) {
switch ($var(rc))
{
case -1:
# no LDAP entry found
sl_send_reply("404", "User Not Found");
exit;
case -2:
# internal error
sl_send_reply("500", "Internal server error");
exit;
default:
sl_send_reply("403", "Not allowed");
exit;
}
}
ldap_result("sipDomain/$avp(domain)");
ldap_result("sipMobileExtension/$avp(s:username)");
if (!ldap_result("userPassword/$avp(password)")) {
sl_send_reply("404", "User Not Found");
exit;
}
if ($fd != $avp(domain)) {
xlog("L_INFO", "Got ldap result $avp(domain). For user $avp(s:username) Not allowed $fd");
sl_send_reply("403","Not allowed $fd");
exit;
}
if (!pv_auth_check("$fd", "$avp(password)", "0", "1")) {
auth_challenge("$fd", "1");
exit;
sl_send_reply("200", "ok");
exit;
} else {
sl_send_reply("403","Not allowed");
exit;
}
if (!is_method("REGISTER|PUBLISH")) {
consume_credentials();
}
}
return;
}
#!endif
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20140322/562221b6/attachment-0001.html>
More information about the sr-users
mailing list