Hi Diego,
According to the log you posted (at the end of your email), the
Proxy-Authorization was at least computed (the hdr is actually printed).
If you do a t_relay() there, you should have the header in the new
outgoing INVITE.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 26.03.2014 20:36, Diego Barberio wrote:
Hi Bogdan,
I followed your sugestion and found the follwing error:
Mar 26 12:53:15 [12396] DBG:uac:uac_auth: no credential for realm
"ctelpbx"
So, I added the following lines to my configuration script:
modparam("uac","auth_username_avp", "$avp(user)")
modparam("uac","auth_password_avp", "$avp(pass)")
modparam("uac","auth_realm_avp", "$avp(realm)")
route{
$avp(user)="268";
$avp(pass)="123456";
$avp(realm)="ctelpbx";
Opensips is still not sending the invite with the Proxy-Authorizatin
header, and now the log is showing this:
Mar 26 16:14:32 [5178] DBG:uac:uac_auth: picked reply is 0xb6b68b68,
code 407
Mar 26 16:14:32 [5178] DBG:core:parse_headers: flags=20000000000
Mar 26 16:14:32 [5178] DBG:core:parse_authenticate_body:
<algorithm>="MD5" state=7
Mar 26 16:14:32 [5178] DBG:core:parse_authenticate_body:
<realm>="ctelpbx" state=2
Mar 26 16:14:32 [5178] DBG:core:parse_authenticate_body:
<nonce>="6f0a2c46" state=3
Mar 26 16:14:32 [5178] DBG:uac_auth:build_authorization_hdr: hdr is
<Proxy-Authorization: Digest username="268", realm="ctelpbx",
nonce="6f0a2c46", uri="sip:[email protected]:5060
<http://sip:[email protected]:5060>",
response="fc3cfd31f4a053d5d16b5ae8f463830d", algorithm=MD5
>
Mar 26 16:14:32 [5178] DBG:core:parse_headers: flags=ffffffffffffffff
Mar 26 16:14:32 [5178] DBG:core:buf_init: initializing...
Any suggestion?
Thanks
Diego
On Fri, Mar 7, 2014 at 8:50 AM, Bogdan-Andrei Iancu
<[email protected] <mailto:[email protected]>> wrote:
Hi Diego,
Set debug = 4 and watch the logs from the uac_auth() function
(also the return code) - I assume the function did not find any
credentials (on the server side) to match the authentication
challenge (the matching is done based on the realm).
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 05.03.2014 19:38, Diego Barberio wrote:
Hi Stefano, Vlad
Thank you for your response I tried your suggestion but still
doesn't work. This is a snippet from my script:
modparam("uac_auth","credential","268:192.168.2.98:password")
t_on_failure("2");
t_relay();
failure_route[2] {
if(t_check_status("407")){
uac_auth();
xlog("In failure route 2\n");
}
}
According to the log, the uac_auth function is being called but
the following INVITEs doesn't include the Proxy-Authorization header
What am I missing?
Thanks
Diego
On Mon, Feb 24, 2014 at 2:12 PM, Vlad Paiu <[email protected]
<mailto:[email protected]>> wrote:
Hello,
The registrant module is to be used only for generating
REGISTER requests ( with auth included ).
For proxied calls, you need to use the uac and uac_auth
modules ( [1] ) for adding the auth headers - call uac_auth()
( [2] ) function within failure route when receiving a challenge.
[1]
http://www.opensips.org/html/docs/modules/1.11.x/uac_auth.html
[2]
http://www.opensips.org/html/docs/modules/1.11.x/uac.html#id250288
Best Regards
Vlad Paiu
OpenSIPS Developer
http://www.opensips-solutions.com
On 24.02.2014 17:33, Stefano Pisani wrote:
You can use module UAC_AUTH
Il 24/02/2014 16.18, Diego Barberio ha scritto:
Hi all,
I have opensips registered to an IP-PBX using registrant
module and I want to make an outbound call to that PBX
through the proxy.
I'm sending and INVITE from my application to the proxy
with a From that is actually registered by the proxy,
however OpenSIPs is not adding the Proxy-Authorization
header so the INVITE is rejected with a 401 Unauthorized
and that response is forwarded to my application.
I just want opensips to add the Proxy-Authorization header
so the call is not rejected by the IP-PBX. Is it possible
to achieve this?
Thanks
Diego
_______________________________________________
Users mailing list
[email protected] <mailto:[email protected]>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected] <mailto:[email protected]>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected] <mailto:[email protected]>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected] <mailto:[email protected]>
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
