[SR-Users] Http authentification with JSON-RPC command

Loïc Boissy boissy at digigram.com
Tue Oct 6 16:31:14 CEST 2015 

Hello,

Great!
Thank you for your help.
Loic

2015-10-05 19:12 GMT+02:00 Alex Balashov <abalashov at evaristesys.com>:

> Here's an example from our config:
>
> #!subst "/DB_USER/xxxxxxxx/"
> #!subst "/DB_PASSWORD/xxxxxxxxxx/"
>
> event_route[xhttp:request] {
>         # Challenge for authentication credentials DB_NAME and DB_PASSWORD.
>
>         xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] Received HTTP request $rm
> $hu from $si:$sp\n");
>
>         if(is_present_hf("Authorization") && defined $au && $au ne
> "DB_USER") {
>                 xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] !> Invalid user:
> $au\n");
>                 sl_send_reply("403", "Forbidden");
>                 exit;
>         }
>
>         # The challenge does not send a qop= parameter, in order to ease
>         # the burden on the client.
>
>         if(!pv_www_authenticate("$Ri", "DB_PASSWORD", "0", "POST")) {
>                 switch($rc) {
>                         case -1:
>                                 xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] !>
> Generic authentication error\n");
>                                 sl_send_reply("403", "Forbidden");
>                                 break;
>
>                         case -2:
>                                 xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] !>
> Invalid password -- rejecting\n");
>                                 sl_send_reply("403", "Forbidden");
>                                 break;
>
>                         default:
>                                 xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] !>
> Unauthorised -- issuing authentication challenge\n");
>                                 www_challenge("$Ri", "0");
>                 }
>
>                 exit;
>         }
>
>         xlog("L_INFO", "[R-XHTTP-REQUEST:$ci] -> Authorised user: $au\n");
>
>         consume_credentials();
>
> -- Alex
>
> --
> Alex Balashov | Principal | Evariste Systems LLC
> 303 Perimeter Center North, Suite 300
> Atlanta, GA 30346
> United States
>
> Tel: +1-800-250-5920 (toll-free) / +1-678-954-0671 (direct)
> Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20151006/cd509aea/attachment.html>

More information about the sr-users mailing list