On 21-04 21:08, Steve Blair wrote:
I have a working 0.9.1 config to which I would like add server side features such as call forward all (cfwdall). I have a pretty good idea how to handle cfwdall using avp_ops however I'm stuck on the authentication.
If a subscriber has local calling permissions (acl=local) and cfwdall their phone to a long distance number I need to respond with an informative response.
In the INVITE processing in my config I have statements such as:
if (is_user_in("credentials", "ld")) { setflag(11); };These checks fail with the following errors:
Apr 21 18:31:53 ser[498]: [SER]: AVP: Checking From gateway caller Apr 21 18:31:53 ser[498]: check_username(): No authorized credentials found (error in scripts) Apr 21 18:31:53 ser[498]: check_username(): Call {www,proxy}_authorize before calling check_* function ! Apr 21 18:31:53 ser[498]: [SER]: Flag for UMVM redirect successful. Apr 21 18:31:53 ser[498]: [SER]: AVP: Checking credentials Apr 21 18:31:53 ser[498]: is_user_in(): No authorized credentials found (error in scripts)
Checking the username without authentication does not make much sense because the user could fake the contents of the header field. That's why check_* functions require authorized credentials to be present.
I thought adding proxy_authorize("", "subscriber")), check_to and check_from calls prior to the is_user_in check would address these errors but that hasn't worked either.
If I want to set a flag if the caller is an authorized subscriber, the callee is an authorized subscriber and then use "is_user_in" to determine if the called party has a particular credential what am I missing?
I am not sure I understand "the callee is an authorized subscriber". Digest authentication can only be performed for the caller, not the callee, because there is no way of challenging the callee.
Jan.