Hi,
I have moved on to looking at verifying auth credentials, for simplicity I
want to use a known user and password so no need to use an injection file.
I have tried two ways both have the same consistent output of verifyauth
equals false.
Option 1:
<!-- get authuser name -->
<ereg regexp="Digest .*username=\"([^\"]*)\""
search_in="hdr"
header="Authorization:"
assign_to="discardR25,authuser"
/>
<log message="Received AUTH from user [$authuser]"/>
<!-- Assign the variable passwd with the known valid password -->
<assignstr assign_to="passwd" value="0123456789" />
<verifyauth assign_to="authvalid" username="[$authuser]"
password="[$passwd]" />
<log message="verifyauth test output [$authvalid]"/>
Option 2:
<verifyauth assign_to="authvalid" username="93531265"
password="PASSWORD" />
<log message="verifyauth test output [$authvalid]"/>
In each case these snippits are after the recv the second REGISTER meesage
and inside the
<recv request="REGISTER" >
<action>
...
...
...
</action>
</recv>
Thanks
Paul
------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft
_______________________________________________
Sipp-users mailing list
Sipp-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sipp-users
