Hi
We are facing problem using the authentication module of SER.
First we enabled the database to mysql and set the db_mode in userloc to
2.
Then we added a user through the serctl add <username> <password>
<emailid>
Now, in the config file , we load the auth moduel and the auth_db module,
and try to authorize the REGISTER attempts using www_authorize()
procedure.
But every time we are returned a message that Authorisation failed.
However if we remove teh authorisation functionality from the config file,
the subscriber is shown in the location table of ser database.
CAN ANYONE HELP ME IN UNDERSTANDING WHAT IS HAPPENING, and How do i make
the authorisation procedure work?
3(27177) SIP Request:
3(27177) method: <REGISTER>
3(27177) uri: <sip:10.128.16.254>
3(27177) version: <SIP/2.0>
3(27177) parse_headers: flags=1
3(27177) Found param type 235, <rport> = <n/a>; state=6
3(27177) Found param type 232, <branch> =
<z9hG4bK2DD03B6ACD9544A89ACF7C48EF87CEFB>; state=16
3(27177) end of header reached, state=5
3(27177) parse_headers: Via found, flags=1
3(27177) parse_headers: this is the first via
3(27177) After parse_msg...
3(27177) preparing to run routing scripts...
3(27177) parse_headers: flags=128
3(27177) end of header reached, state=9
3(27177) DEBUG: get_hdr_field: <To> [35]; uri=[sip:[EMAIL PROTECTED]
3(27177) DEBUG: to body [rakesh <sip:[EMAIL PROTECTED]>
]
3(27177) get_hdr_field: cseq <CSeq>: <34836> <REGISTER>
3(27177) DEBUG:maxfwd:is_maxfwd_present: value = 70
3(27177) DBG:maxfwd:process_maxfwd_header: value 70 decreased to 16
3(27177) parse_headers: flags=256
3(27177) DEBUG: get_hdr_body : content_length=0
3(27177) found end of header
3(27177) find_first_route: No Route headers found
3(27177) loose_route: There is no Route HF
3(27177) grep_sock_info - checking if host==us: 13==13 && [10.128.16.254]
== [10.128.16.254]
3(27177) grep_sock_info - checking if port 5060 matches port 5060
3(27177) parse_headers: flags=-1
3(27177) check_via_address(10.128.16.149, 10.128.16.149, 0)
3(27177) check_nonce(): comparing
[46973120b5e52ab0043489c086504ae54af9d299] and
[46973120b5e52ab0043489c086504ae54af9d299]
3(27177) check_response(): Our result =
'a20c4795c00787c796addb4fff02bc15'
3(27177) check_response(): Authorization failed
3(27177) build_auth_hf(): 'WWW-Authenticate: Digest
realm="10.128.16.254", nonce="46973120b5e52ab0043489c086504ae54af9d299"
'
3(27177) parse_headers: flags=-1
3(27177) check_via_address(10.128.16.149, 10.128.16.149, 0)
3(27177) DEBUG:destroy_avp_list: destroying list 0
3(27177) receive_msg: cleaning up
the config file used is attached with the mail
Wish I could get a solution asap...
Thanks!
Parminder Nayyar
#
# $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
#
# Uncomment these lines to enter debugging mode
#
debug=9
fork=yes
log_stderror=yes
listen=10.128.16.254
port=5060
children=4
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
fifo="/tmp/ser_fifo"
fifo_db_url="mysql://ser:[EMAIL PROTECTED]/ser"
# ------------------ module loading ----------------------------------
loadmodule "/export/home/mins/SER/lib/ser/modules/mysql.so"
loadmodule "/export/home/mins/SER/lib/ser/modules/sl.so"
loadmodule "/export/home/mins/SER/lib/ser/modules/tm.so"
loadmodule "/export/home/mins/SER/lib/ser/modules/rr.so"
loadmodule "/export/home/mins/SER/lib/ser/modules/maxfwd.so"
loadmodule "/export/home/mins/SER/lib/ser/modules/usrloc.so"
loadmodule "/export/home/mins/SER/lib/ser/modules/registrar.so"
loadmodule "/export/home/mins/SER/lib/ser/modules/auth.so"
loadmodule "/export/home/mins/SER/lib/ser/modules/auth_db.so"
loadmodule "/export/home/mins/SER/lib/ser/modules/uri_db.so"
# ----------------- setting module-specific parameters ---------------
modparam("auth_db|usrloc", "db_url", "mysql://ser:[EMAIL PROTECTED]/ser")
modparam("auth_db", "calculate_ha1", 0)
modparam("auth_db", "password_column", "password")
modparam("usrloc", "db_mode", 1)
modparam("rr", "enable_full_lr", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route{
#
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
#
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if ( msg:len > max_len ) {
sl_send_reply("513", "Message too big");
break;
};
#
# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
#
if(method!="REGISTER") {
record_route();
};
#
# loose-route processing
#
if (loose_route()) {
t_relay();
break;
};
# Call Type Processing Section
if(uri!=myself) {
route(1);
break;
};
if(method=="ACK") {
route(1);
break;
} else if(method == "INVITE") {
route(3);
break;
} else if(method == "REGISTER") {
route(2);
break;
};
lookup("aliases");
if(uri!=myself) {
route(1);
break;
};
if( !lookup("location")) {
sl_send_reply("404", "User Not Found");
break;
};
route(1);
}
# -----------------------------------------------------------------
# Default Message Handler
# -----------------------------------------------------------------
route[1] {
if (!t_relay()) {
sl_reply_error();
};
}
# -----------------------------------------------------------------
# REGISTER Message Handler
# ----------------------------------------------------------------
route[2] {
sl_send_reply("100", "Trying");
if (!www_authorize("10.128.16.254","subscriber")) {
www_challenge("10.128.16.254","0");
break;
};
if (!check_to()) {
sl_send_reply("401", "Unauthorized");
break;
};
consume_credentials();
if (!save("location")) {
sl_reply_error();
};
}
# -----------------------------------------------------------------
# INVITE Message Handler
# -----------------------------------------------------------------
route[3] {
if (!proxy_authorize("","subscriber")) {
proxy_challenge("","0");
break;
}
# else if (!check_from()) {
# sl_send_reply("403", "Use From=ID");
# break;
# };
consume_credentials();
lookup("aliases");
if (uri!=myself) {
route(1);
break;
};
if (!lookup("location")) {
sl_send_reply("404", "User Not Found");
break;
};
route(1);
}
_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users
