Hello Jesus,
On Wed, 6 Aug 2003 02:27 am, Jesus Rodriguez wrote: > Hello, > > There is some example about setting up SIP Digest authentication? I'm > trying to configure a b2bua (Vovida) and radiator authentication but it > doesn't work. I always get "Bad password": This does not look like a Radus SIP authentication. It looks like a conventional PAP authentication. SIP authentication sends Radius attributes like: Digest-Attributes and possibly: Digest-User-Name Digest-Realm Digest-Nonce etc... You can find out what the PAP password being sent in this request is by enabling PasswordLogFileName in your Handler or Realm. Cheers. > > *** Received from 10.20.0.5 port 1024 .... > Code: Access-Request > Identifier: 78 > Authentic: H<214><213><199><147>(<196>b<135><231><188>53<252><151><198> > Attributes: > User-Name = "1000" > User-Password = > "o}<28>]<249><5><24>tT<149><187><168><171><243>}<210><4>@1X<31>@_<246><28>< >182><231><168><140>R<233><137>" NAS-IP-Address = 10.20.0.5 > NAS-Port = 1000 > Called-Station-Id = "637589919" > Calling-Station-Id = "1000" > > Tue Aug 5 16:25:02 2003: DEBUG: Handling request with Handler > 'NAS-IP-Address=10.20.0.5' > Tue Aug 5 16:25:02 2003: DEBUG: Deleting session for 1000, 10.20.0.5, > 1000 Tue Aug 5 16:25:02 2003: DEBUG: Handling with Radius::AuthFILE: > Tue Aug 5 16:25:02 2003: DEBUG: Radius::AuthFILE looks for match with 1000 > Tue Aug 5 16:25:02 2003: DEBUG: Radius::AuthFILE REJECT: Bad Password > Tue Aug 5 16:25:02 2003: INFO: Access rejected for 1000: Bad Password > Tue Aug 5 16:25:02 2003: DEBUG: Packet dump: > *** Sending to 10.20.0.5 port 1024 .... > Code: Access-Reject > Identifier: 78 > Authentic: H<214><213><199><147>(<196>b<135><231><188>53<252><151><198> > Attributes: > Reply-Message = "Request Denied" > Session-Timeout = 15 > > I'm using the simplest configuration model in Radiator: > > <Handler NAS-IP-Address=10.20.0.5> > > AcctLogFileName %L/detail-b2bua-%y%m%d > > <AuthBy FILE> > Filename %D/users > </AuthBy FILE> > </Handler> > > And this is the user 1000 entry in users file: > > 1000 User-Password = "1000" > Session-Timeout = 60 > > One of my doubts is if i can use clear text passwords with SIP Digest > authentication. > > This is the "Proxy-Authorization" line of the INVITE: > > Proxy-Authorization: Digest > username="1000",realm="citem.com",nonce="3f2fd1ac0c62d52ecf72c69f5d967bee43 >10c1f8",response="2a4c4bc49581d5e32071ddfeec372ffc",uri="sip:[EMAIL PROTECTED] >.com" > > And this is the username and password sent by b2bua to radiator: > > 20030805-175052.521 [06151] DBUG bcWorker: AuthAgent.cxx:106 Setting UID > (1000), password (2a4c4bc49581d5e32071ddfeec372ffc) from > Proxy-Authorization header > > Thanks. > > Saludos > JesusR. > > ------------------------------- > Jesus Rodriguez > Endercom Comunicaciones, S.L. > [EMAIL PROTECTED] > http://www.endercom.com > Tel. +34 934424293 > ------------------------------- > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
