|
Hi, I run SER with Radius/MySQL for authentication and
accounting. Things are pretty much in place except for group
checking. I have something like this in my ser.cfg: …….. modparam("auth_radius",
"radius_config", "/etc/radiusclient-ng/radiusclient.conf") modparam("group_radius",
"use_domain", 1) ………..
if (uri=~"^sip:[0-9]{8}@") { # Domestic PSTN
if (!radius_is_user_in("credentials", "ld")) {
sl_send_reply("403", "No permission for domestic calls");
return;
};
route(4);
return;
}; ………… When I look at Radius debug log I can see that when
ser sends a request to radius, radius wants to do digest on it and then the
complete request fails and call can’t go through. Output looks something
like this: …… rad_recv: Access-Request packet from host
127.0.0.1:34027, id=18, length=72 User-Name
= "[EMAIL PROTECTED]" Sip-Group
= "voicemail"
Service-Type = Group-Check NAS-Port
= 0
NAS-IP-Address = 127.0.0.1 Processing the authorize section of
radiusd.conf …. ** bunch of sql statements ….. …. modcall: group authorize returns ok for request 17 rad_check_password: Found Auth-Type
Digest auth: type "digest" Processing the authenticate section of
radiusd.conf modcall: entering group authenticate for request 17 ERROR: No Digest-Nonce: Cannot perform Digest
authentication modcall[authenticate]: module
"digest" returns invalid for request 17 modcall: group authenticate returns invalid for
request 17 auth: Failed to validate the user. In databases I have following: mysql> SELECT id,UserName,Attribute,Value,op FROM
radreply WHERE Username = '[EMAIL PROTECTED]' ORDER BY id; +----+-----------------------+--------------+-------------+----+ | id |
UserName
| Attribute | Value | op
| +----+-----------------------+--------------+-------------+----+ | 18 | [EMAIL PROTECTED] | Service-Type |
Group-Check | := | +----+-----------------------+--------------+-------------+----+ 1 row in set (0.00 sec) mysql> SELECT id,UserName,Attribute,Value,op FROM
radcheck WHERE Username = '[EMAIL PROTECTED]' ORDER BY id; +----+-----------------------+---------------+------------------------------------+----+ | id |
UserName
| Attribute | Value
|
op | +----+-----------------------+---------------+------------------------------------+----+ | 23 | [EMAIL PROTECTED] | User-Password |
$1$d7XAeahG$9f17cb8JaKj8R1z9GpwG4/ | := | | 25 | [EMAIL PROTECTED] |
Sip-Rpid |
81000
| = | | 30 | [EMAIL PROTECTED] |
Auth-Type |
Digest
| := | +----+-----------------------+---------------+------------------------------------+----+ mysql> SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FR roupName ORDER BY radgroupcheck.id; +----+-----------+-----------+--------+----+ | id | GroupName | Attribute | Value | op | +----+-----------+-----------+--------+----+ | 12 | voicemail | Auth-Type | Accept | := | +----+-----------+-----------+--------+----+ Has anyone had a chance to do something like this
with success? I am stuck at the moment – any help is greatly appreciated. Thanks. /Vel |
_______________________________________________ Users mailing list [email protected] http://openser.org/cgi-bin/mailman/listinfo/users
