[SR-Users] Grab users password from WWW-Auth header

Sebastian Damm damm at sipgate.de
Fri Nov 13 14:21:02 CET 2015


Hello,

if your script can return the password for the user to Kamailio, you could
use the pv_*_authenticate functions. You can pass the password to check
against to these functions in a pseudo variable.

http://www.kamailio.net/docs/modules/4.3.x/modules/auth.html#auth.f.pv_www_authenticate

Best Regards,
Sebastian

On Fri, Nov 13, 2015 at 2:14 PM, Alexandru Covalschi <568691 at gmail.com>
wrote:

> UPD: If upper method is possible - I assume I can check if message has
> Auth header using
>
> if (has_credentials("myrealm")) {
>     ...
> }
> Can you please specify how to grab it?
>
>
> 2015-11-13 15:08 GMT+02:00 Alexandru Covalschi <568691 at gmail.com>:
>
>> Hello!
>> My problem is I need to do users authentication through API. So I need to
>> replace
>>
>> if (!www_authenticate("$td", "subscriber")) {
>> 	www_challenge("$td", "1");
>> }
>>
>> With
>>
>> if (!my_auth_script()) {
>> 	www_challenge("$td", "1");
>> }
>>
>> The main problem is - how can I grab or compare users password? I know
>> nonce, which I understand is MD5 salt. Can I, for example, grab users
>> password from API, then grab the MD5 string and the nonce user sent me,
>> calculate MD5 on base of API password and nonce - and then compare MD5
>> strings sent by user and calculated?
>>
>> --
>> Alexandru Covalschi
>> ABRISS-Solutions
>> VoIP engineer and system administrator
>> phone: +37367398493
>> web: http://abs-telecom.com/
>>
>
>
>
> --
> Alexandru Covalschi
> ABRISS-Solutions
> VoIP engineer and system administrator
> phone: +37367398493
> web: http://abs-telecom.com/
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20151113/2336bfe2/attachment.html>


More information about the sr-users mailing list