[SR-Users] Http authentification with JSON-RPC command

Alex Balashov abalashov at evaristesys.com
Mon Oct 5 19:12:58 CEST 2015


Here's an example from our config:

#!subst "/DB_USER/xxxxxxxx/"
#!subst "/DB_PASSWORD/xxxxxxxxxx/"

event_route[xhttp:request] {
         # Challenge for authentication credentials DB_NAME and DB_PASSWORD.

         xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] Received HTTP request $rm 
$hu from $si:$sp\n");

         if(is_present_hf("Authorization") && defined $au && $au ne 
"DB_USER") {
                 xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] !> Invalid user: 
$au\n");
                 sl_send_reply("403", "Forbidden");
                 exit;
         }

         # The challenge does not send a qop= parameter, in order to ease
         # the burden on the client.

         if(!pv_www_authenticate("$Ri", "DB_PASSWORD", "0", "POST")) {
                 switch($rc) {
                         case -1:
                                 xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] 
!> Generic authentication error\n");
                                 sl_send_reply("403", "Forbidden");
                                 break;

                         case -2:
                                 xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] 
!> Invalid password -- rejecting\n");
                                 sl_send_reply("403", "Forbidden");
                                 break;

                         default:
                                 xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] 
!> Unauthorised -- issuing authentication challenge\n");
                                 www_challenge("$Ri", "0");
                 }

                 exit;
         }

         xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] -> Authorised user: $au\n");

         consume_credentials();

-- Alex

-- 
Alex Balashov | Principal | Evariste Systems LLC
303 Perimeter Center North, Suite 300
Atlanta, GA 30346
United States

Tel: +1-800-250-5920 (toll-free) / +1-678-954-0671 (direct)
Web: http://www.evaristesys.com/, http://www.csrpswitch.com/



More information about the sr-users mailing list