[SR-Users] Authenticating xhttp request

Daniel-Constantin Mierla miconda at gmail.com
Fri Jun 14 15:20:59 CEST 2019 

Hello,

I would not expose the kamailio to API interactions triggered by the end
users, be careful not to block its activity.

Anyhow, you can use the www_challenge()/www_authenticate() function from
auth/auth_db modules that are using the records from subscriber table
perform HTTP digest authentication.

Cheers,
Daniel

On 14.06.19 09:14, Olli Attila wrote:
> Hello,
>
> I think it would be better to do the authentication with
> username/password. We are developing a web interface which will be
> used to alter dialplan & htable entries and after changes have been
> made, user would command the sip proxies to reload new data from the
> database via jasonrpc. With this design, user authentication would be
> more suitable.
>
> Cheers,
> Olli Attila
>
> pe 14. kesäk. 2019 klo 10.04 Daniel-Constantin Mierla
> (miconda at gmail.com) kirjoitti:
>> Hello,
>>
>> do you want to authenticate with ip addresses stored in database or with
>> username/password?
>>
>> Cheers,
>> Daniel
>>
>> On 13.06.19 08:12, Olli Attila wrote:
>>> Hello,
>>>
>>> I have this xhttp event_route on Kamailio that I am using to signal
>>> the proxy to reload dialplans and htable when necessary:
>>>
>>> event_route[xhttp:request] {
>>>     if(src_ip!=127.0.0.1) {
>>>         xhttp_reply("403", "Forbidden", "text/html",
>>>             "<html><body>Not allowed from $si</body></html>");
>>>         exit;
>>>         }
>>>         if ($hu =~ "^/RPC") {
>>>                 jsonrpc_dispatch();
>>>         } else {
>>>         xhttp_reply("200", "OK", "text/html",
>>>             "<html><body>Wrong URL $hu</body></html>");
>>>     }
>>>     return;
>>> }
>>>
>>> Now instead of returning 403 forbidden for requests coming from other
>>> src_ip than proxy itsef, I would like to authenticate the http request
>>> via proxy database. How can this be done if possible?
>>>
>>> Cheers,
>>> Olli
>>>
>>> _______________________________________________
>>> Kamailio (SER) - Users Mailing List
>>> sr-users at lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>> --
>> Daniel-Constantin Mierla -- www.asipto.com
>> www.twitter.com/miconda -- www.linkedin.com/in/miconda
>>
>
-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda

More information about the sr-users mailing list