I wounder if anyone successfully uses openSER 1.3.x with LDAP server (openLDAP). For me I work fine with Authenticating the uses while REGISTER request. However, I could not configure it to Authenticate call setup. in other words, an non register user can make a call setup. what comes to my mind is to use the same idea of authentication when RIGISTER request was issues with some modefications but when SIP proxy server send "407 Proxy Authentication Required" the client send ACK and stop.

=================================================

# account only INVITEs

if (is_method("INVITE")) {

xlog("L_NOTICE","Processing by INVITE handler ...\n");

route(4);

exit;

#setflag(1); # do accouting

}

.....

route[1] {

if (!t_relay()) {

sl_reply_error();

};

exit;

}

..........

rout[4]

{

if(is_present_hf("Authorization"))

{

# ldap search

if (!ldap_search("ldap://sipaccounts/ou=sip,dc=mysip,dc=com?sn,userPassword?one?(cn=$fU)"))

{

switch ($retcode)

{

case -1:

# no LDAP entry found

sl_send_reply("404", "User Not Found");

exit;

case -2:

# internal error

sl_send_reply("500", "Internal server error");

exit;

default:

exit;

}

}

ldap_result("sn/$avp(s:username)");

ldap_result("userPassword/$avp(s:password)");

if(!pv_proxy_authorize(""))

{

proxy_challenge(""/*realm*/,"0"/*qop*/);

exit;

}

route(1);

} else {

proxy_challenge("","1");

exit;

}

=================================================

do any one know how to authenticate call setup? do you think using RADIUS is better for authentication instead of LDAP authentication?

regards,

Ahmed ALALI