So it should be like ... if (!has_credentials("myrealm")) { www_challenge("$td", "1"); }
else { if (!my_script()){ sl_send_reply("401", "Not Authorized"); } } ... 2015-11-13 16:13 GMT+02:00 Alexandru Covalschi <568...@gmail.com>: > simple send_reply("200", "OK");, sorry > > 2015-11-13 16:02 GMT+02:00 Alexandru Covalschi <568...@gmail.com>: > >> Thanks for your reply! But the problem is - I need to provide to API >> user's login and password. Kamailio doesn't know them. So my idea was to >> transmit to API the salt and encrypted password. Would that work? I see it >> that way >> 1. User sends register request. >> 2. Kamailio sends to API salt and ecnr.passwd >> 3. API recalculates MD5 on its side and compares with encr.passwd >> 4. Sends OK if it's ok, huh >> 5. I receive OK from API and send simple 200 OK to user >> >> Do you see any logical mistakes here? Do I need some speacial 200 OK to >> approve registration, or simple send_reply("401", "OK"); is enough? >> >> >> 2015-11-13 15:21 GMT+02:00 Sebastian Damm <d...@sipgate.de>: >> >>> Hello, >>> >>> if your script can return the password for the user to Kamailio, you >>> could use the pv_*_authenticate functions. You can pass the password to >>> check against to these functions in a pseudo variable. >>> >>> >>> http://www.kamailio.net/docs/modules/4.3.x/modules/auth.html#auth.f.pv_www_authenticate >>> >>> Best Regards, >>> Sebastian >>> >>> On Fri, Nov 13, 2015 at 2:14 PM, Alexandru Covalschi <568...@gmail.com> >>> wrote: >>> >>>> UPD: If upper method is possible - I assume I can check if message has >>>> Auth header using >>>> >>>> if (has_credentials("myrealm")) { >>>> ... >>>> } >>>> Can you please specify how to grab it? >>>> >>>> >>>> 2015-11-13 15:08 GMT+02:00 Alexandru Covalschi <568...@gmail.com>: >>>> >>>>> Hello! >>>>> My problem is I need to do users authentication through API. So I need >>>>> to replace >>>>> >>>>> if (!www_authenticate("$td", "subscriber")) { >>>>> www_challenge("$td", "1"); >>>>> } >>>>> >>>>> With >>>>> >>>>> if (!my_auth_script()) { >>>>> www_challenge("$td", "1"); >>>>> } >>>>> >>>>> The main problem is - how can I grab or compare users password? I know >>>>> nonce, which I understand is MD5 salt. Can I, for example, grab users >>>>> password from API, then grab the MD5 string and the nonce user sent me, >>>>> calculate MD5 on base of API password and nonce - and then compare MD5 >>>>> strings sent by user and calculated? >>>>> >>>>> -- >>>>> Alexandru Covalschi >>>>> ABRISS-Solutions >>>>> VoIP engineer and system administrator >>>>> phone: +37367398493 >>>>> web: http://abs-telecom.com/ >>>>> >>>> >>>> >>>> >>>> -- >>>> Alexandru Covalschi >>>> ABRISS-Solutions >>>> VoIP engineer and system administrator >>>> phone: +37367398493 >>>> web: http://abs-telecom.com/ >>>> >>>> _______________________________________________ >>>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list >>>> sr-users@lists.sip-router.org >>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users >>>> >>>> >>> >>> _______________________________________________ >>> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list >>> sr-users@lists.sip-router.org >>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users >>> >>> >> >> >> -- >> Alexandru Covalschi >> ABRISS-Solutions >> VoIP engineer and system administrator >> phone: +37367398493 >> web: http://abs-telecom.com/ >> > > > > -- > Alexandru Covalschi > ABRISS-Solutions > VoIP engineer and system administrator > phone: +37367398493 > web: http://abs-telecom.com/ > -- Alexandru Covalschi ABRISS-Solutions VoIP engineer and system administrator phone: +37367398493 web: http://abs-telecom.com/
_______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users