[SR-Users] n00b question -- RADIUS authentication.
Måns Nilsson
mansaxel at besserwisser.org
Mon May 5 15:33:22 CEST 2014
Subject: Re: [SR-Users] n00b question -- RADIUS authentication. Date: Mon, May 05, 2014 at 12:09:54PM +0200 Quoting Daniel-Constantin Mierla (miconda at gmail.com):
> Hello,
>
> you should just use www_challenge() to send back the 401 response.
>
> Here is a old tutorial, from the time when the project was named
> openser, but could be a good reading anyhow:
>
> - http://www.kamailio.org/docs/openser-radius-1.0.x.html
>
> The authentication part is pretty much the same.
And the error too -- exactly the same symptoms are produced.
I also tried with another setup;
if (is_method("REGISTER") )
{
# authenticate requests
xlog("L_INFO", "authenticate [$fd]\n");
### RADIUS ###
if(!radius_proxy_authorize("$fd"))
{
proxy_challenge("$fd", "1");
}
# user authenticated - remove auth header
if(!is_method("REGISTER|PUBLISH"))
consume_credentials();
}
This produces a 407 error; but other than that, things are identical.
The core question is why the positive reply from the RADIUS server isn't
accepted as such. (could this be a problem with the dictionary?)
Stumblingly grateful,
--
Måns Nilsson primary/secondary/besserwisser/machina
MN-1334-RIPE +46 705 989668
My LESLIE GORE record is BROKEN ...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20140505/4be2c4cd/attachment.pgp>
More information about the sr-users
mailing list