[Serusers] Authentication Problem(s)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greetings, My goal is to configure MSN clients to login to my SER setup such that all users are required to enter a password. I have three computers on the same LAN: two clients running MSN and a third running SER. The box running SER is also running a DNS server, defining the fictitious TLD 'team3.' In that domain I've defined several hosts, the SER server being mouse.team3. DNS appears to be working properly from all clients on the LAN because I can ping mouse.team3 from anywhere in the LAN. I've tried defining the SER domain to be either mouse.team3 or team3. (I still don't know which one is correct) I used serctl to add a few users to the domain. Then, when I try to login using said users, MSN gives the following message: "Signing in to Communications Service failed because the service is temporarily unavailable. Please try again later." However, if I comment out the following lines from ser.cfg, no authentication is done and all clients can login: if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("mouse.team3", "subscriber")) { www_challenge("mouse.team3", "0"); break; }; save("location"); break; }; I need authentication to be enabled, so this latter approach will not work. I Googled for the MSN message, but that was no help. I'm at a loss for what's wrong with those few lines. Any help would be *greatly* appreciated. Best Regards - -Chris - ----begin ser.cfg---- # # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script # # ----------- global configuration parameters ------------------------ #debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E) /* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */ check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) #port=5060 #children=4 fifo="/tmp/ser_fifo" alias="mouse.team3" # ------------------ module loading ---------------------------------- # Uncomment this if you want to use SQL database loadmodule "/usr/lib/ser/modules/mysql.so" loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so" # Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/lib/ser/modules/auth.so" loadmodule "/usr/lib/ser/modules/auth_db.so" # ----------------- setting module-specific parameters --------------- # -- usrloc params -- #modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2) # -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password") # -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1) # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol record_route(); # loose-route processing if (loose_route()) { t_relay(); break; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri == myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("mouse.team3", "subscriber")) { www_challenge("mouse.team3", "0"); break; }; save("location"); break; }; # native SIP destinations are handled using our USRLOC DB if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; # forward to current uri now; use stateful forwarding; that # works reliably even if we forward from TCP to UDP if (!t_relay()) { sl_reply_error(); }; } - ----end ser.cfg---- - -- Chris Bookholt cgbookho(a)ncsu.edu PGP Key: http://chris.kavefish.net/pubkey.asc