[SR-Users] Authenticating xhttp request
Daniel-Constantin Mierla
miconda at gmail.com
Fri Jun 14 15:20:59 CEST 2019
Hello,
I would not expose the kamailio to API interactions triggered by the end
users, be careful not to block its activity.
Anyhow, you can use the www_challenge()/www_authenticate() function from
auth/auth_db modules that are using the records from subscriber table
perform HTTP digest authentication.
Cheers,
Daniel
On 14.06.19 09:14, Olli Attila wrote:
> Hello,
>
> I think it would be better to do the authentication with
> username/password. We are developing a web interface which will be
> used to alter dialplan & htable entries and after changes have been
> made, user would command the sip proxies to reload new data from the
> database via jasonrpc. With this design, user authentication would be
> more suitable.
>
> Cheers,
> Olli Attila
>
> pe 14. kesäk. 2019 klo 10.04 Daniel-Constantin Mierla
> (miconda at gmail.com) kirjoitti:
>> Hello,
>>
>> do you want to authenticate with ip addresses stored in database or with
>> username/password?
>>
>> Cheers,
>> Daniel
>>
>> On 13.06.19 08:12, Olli Attila wrote:
>>> Hello,
>>>
>>> I have this xhttp event_route on Kamailio that I am using to signal
>>> the proxy to reload dialplans and htable when necessary:
>>>
>>> event_route[xhttp:request] {
>>> if(src_ip!=127.0.0.1) {
>>> xhttp_reply("403", "Forbidden", "text/html",
>>> "<html><body>Not allowed from $si</body></html>");
>>> exit;
>>> }
>>> if ($hu =~ "^/RPC") {
>>> jsonrpc_dispatch();
>>> } else {
>>> xhttp_reply("200", "OK", "text/html",
>>> "<html><body>Wrong URL $hu</body></html>");
>>> }
>>> return;
>>> }
>>>
>>> Now instead of returning 403 forbidden for requests coming from other
>>> src_ip than proxy itsef, I would like to authenticate the http request
>>> via proxy database. How can this be done if possible?
>>>
>>> Cheers,
>>> Olli
>>>
>>> _______________________________________________
>>> Kamailio (SER) - Users Mailing List
>>> sr-users at lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>> --
>> Daniel-Constantin Mierla -- www.asipto.com
>> www.twitter.com/miconda -- www.linkedin.com/in/miconda
>>
>
--
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
More information about the sr-users
mailing list