On Tuesday 24 November 2015 18:32:49 Alexandru Covalschi wrote:
> Now I'm seeking help with such question - as I understand, currently anyone
> can register or auth his requests by using same Authorization header for
> all purposes. So, I mean, someone can grab Auth header from the user's
> packet
Well, reopening that thread seaking for some help again :(
The solution is working pretty nice, and my config looks like that
# authenticate requests
if has_credentials(""){
$var(y) = @msg.header.Authorization;
xlog
Many thanks for you help Sebastian!
2015-11-13 19:13 GMT+02:00 Sebastian Damm :
>
> On Fri, Nov 13, 2015 at 3:43 PM, Alexandru Covalschi <568...@gmail.com>
> wrote:
>
>> What if I don't need a plaintext password on Kamailio? I mean, I don't
>> want to user pv_www_authenticate or other auth functi
On Fri, Nov 13, 2015 at 3:43 PM, Alexandru Covalschi <568...@gmail.com>
wrote:
> What if I don't need a plaintext password on Kamailio? I mean, I don't
> want to user pv_www_authenticate or other auth functions again - I need to
> fully control AUTH on API. Is it ok to just send 200 OK to client i
What if I don't need a plaintext password on Kamailio? I mean, I don't want
to user pv_www_authenticate or other auth functions again - I need to fully
control AUTH on API. Is it ok to just send 200 OK to client if API tells me
that password is ok?
2015-11-13 16:39 GMT+02:00 Sebastian Damm :
> He
Hello,
it't been a while since I worked with external scripts, but you can exec
external scripts. See:
http://www.kamailio.net/docs/modules/4.3.x/modules/exec.html
The documentation says, you can access header fields of the packet via
environment variables. So you can get the WWW-Authorize header
So it should be like
...
if (!has_credentials("myrealm")) {
www_challenge("$td", "1");
}
else {
if (!my_script()){
sl_send_reply("401", "Not Authorized");
}
}
...
2015-11-13 16:13 GMT+02:00 Alexandru Covalschi <568...@gmail.com>:
> simple send_reply("200", "OK
simple send_reply("200", "OK");, sorry
2015-11-13 16:02 GMT+02:00 Alexandru Covalschi <568...@gmail.com>:
> Thanks for your reply! But the problem is - I need to provide to API
> user's login and password. Kamailio doesn't know them. So my idea was to
> transmit to API the salt and encrypted pass
Thanks for your reply! But the problem is - I need to provide to API user's
login and password. Kamailio doesn't know them. So my idea was to transmit
to API the salt and encrypted password. Would that work? I see it that way
1. User sends register request.
2. Kamailio sends to API salt and ecnr.pa
Hello,
if your script can return the password for the user to Kamailio, you could
use the pv_*_authenticate functions. You can pass the password to check
against to these functions in a pseudo variable.
http://www.kamailio.net/docs/modules/4.3.x/modules/auth.html#auth.f.pv_www_authenticate
Best
UPD: If upper method is possible - I assume I can check if message has Auth
header using
if (has_credentials("myrealm")) {
...
}
Can you please specify how to grab it?
2015-11-13 15:08 GMT+02:00 Alexandru Covalschi <568...@gmail.com>:
> Hello!
> My problem is I need to do users authenticati
Hello!
My problem is I need to do users authentication through API. So I need to
replace
if (!www_authenticate("$td", "subscriber")) {
www_challenge("$td", "1");
}
With
if (!my_auth_script()) {
www_challenge("$td", "1");
}
The main problem is - how can I grab or compare users pa
12 matches
Mail list logo
