Hi guys, I have tried to integrate kamailio and ldap.It seems like both are taking to each other. Here the purpose of ldap is for back-end support for sip user authentication rather than kamailio database.However i am able to log in but could not make call between sip users.I could not figure out what i am missing.
Here is the routing block for ldap in my kamailio.cfg
request_route { route(LDAPAUTH);
}
---
route[LDAPAUTH]
{ if(is_method("REGISTER")) { if(is_present_hf("Authorization")) { if (!ldap_search("ldap://sipaccounts/ou=MyUsers,dc=example,dc=com?cn,userPassword?one?(cn=$fU)")) { switch ($retcode) { case -1: sl_send_reply("404", "User Not Found"); exit; case -2: sl_send_reply("500", "Internal server error"); exit; default: exit; } } ldap_result("cn/$avp(username)"); ldap_result("userPassword/$avp(password)"); route(REGISTRAR); if (!pv_www_authenticate("$td", "$avp(password)", "4")) { www_challenge("$td", "1"); exit; } sl_send_reply("200", "ok"); exit; } else { www_challenge("$td", "1"); exit; } } }
Are you using Kamailio’s usrloc module? If so, at what point do you save(‘location’)?
From: sr-users [mailto:sr-users-bounces@lists.sip-router.org] On Behalf Of Safdar Khan Sent: 21 January 2016 12:24 To: Kamailio (SER) - Users Mailing List sr-users@lists.sip-router.org Subject: [SR-Users] Kamailio and openLDAP integration.
Hi guys, I have tried to integrate kamailio and ldap.It seems like both are taking to each other. Here the purpose of ldap is for back-end support for sip user authentication rather than kamailio database.However i am able to log in but could not make call between sip users.I could not figure out what i am missing.
Here is the routing block for ldap in my kamailio.cfg
request_route { route(LDAPAUTH);
} --- route[LDAPAUTH] { if(is_method("REGISTER")) { if(is_present_hf("Authorization")) { if (!ldap_search("ldap://sipaccounts/ou=MyUsers,dc=example,dc=com?cn,userPassword?one?(cn=$fU)")) { switch ($retcode) { case -1: sl_send_reply("404", "User Not Found"); exit; case -2: sl_send_reply("500", "Internal server error"); exit; default: exit; } } ldap_result("cn/$avp(username)"); ldap_result("userPassword/$avp(password)"); route(REGISTRAR); if (!pv_www_authenticate("$td", "$avp(password)", "4")) { www_challenge("$td", "1"); exit; } sl_send_reply("200", "ok"); exit; } else { www_challenge("$td", "1"); exit; } } }
Hi Phil, Thanks for quick reply and to point to right direction. It is working now and i can make calls.As you have asked the save('location'). Well it was at his default location like
route_request{
route(REGISTRAR); }
route[REGISTRAR] { if (!is_method("REGISTER")) return; if(isflagset(FLT_NATS)) { setbflag(FLB_NATB); #!ifdef WITH_NATSIPPING setbflag(FLB_NATSIPPING); #!endif } if (!save("location")) sl_reply_error(); exit; }
what i have done is, i just comment out the default #route(REGISTRAR) and i call the same block from route[LDAPAUTH] as given below
route[LDAPAUTH]
{
if(is_method("REGISTER")) { if(is_present_hf("Authorization")) {if
(!ldap_search("ldap://sipaccounts/ou=MyUsers,dc=example,dc=com?cn,userPassword?one?(cn=$fU)"))
{ switch ($retcode) { case -1: sl_send_reply("404", "User Not Found"); exit; case -2: sl_send_reply("500", "Internal server error"); exit; default: exit; } } ldap_result("cn/$avp(username)"); ldap_result("userPassword/$avp(password)"); if (!pv_www_authenticate("$td", "$avp(password)", "4")){
www_challenge("$td", "1"); exit; }route(REGISTRAR);
sl_send_reply("200", "ok");exit; } else { www_challenge("$td", "1"); exit; } }}
I would like to know what could be the pros and cons in this scenarion?
On Thu, Jan 21, 2016 at 6:06 PM, Phil Lavin phil.lavin@synety.com wrote:
Are you using Kamailio’s usrloc module? If so, at what point do you save(‘location’)?
*From:* sr-users [mailto:sr-users-bounces@lists.sip-router.org] *On Behalf Of *Safdar Khan *Sent:* 21 January 2016 12:24 *To:* Kamailio (SER) - Users Mailing List sr-users@lists.sip-router.org *Subject:* [SR-Users] Kamailio and openLDAP integration.
Hi guys,
I have tried to integrate kamailio and ldap.It seems like both are taking to each other. Here the purpose of ldap is for back-end support for sip user authentication rather than kamailio database.However i am able to log in but could not make call between sip users.I could not figure out what i am missing.
Here is the routing block for ldap in my kamailio.cfg
request_route { route(LDAPAUTH);
}
route[LDAPAUTH] { if(is_method("REGISTER")) { if(is_present_hf("Authorization")) { if (!ldap_search("ldap://sipaccounts/ou=MyUsers,dc=example,dc=com?cn,userPassword?one?(cn=$fU)")) { switch ($retcode) { case -1: sl_send_reply("404", "User Not Found"); exit; case -2: sl_send_reply("500", "Internal server error"); exit; default: exit; } } ldap_result("cn/$avp(username)"); ldap_result("userPassword/$avp(password)"); route(REGISTRAR); if (!pv_www_authenticate("$td", "$avp(password)", "4")) { www_challenge("$td", "1"); exit; } sl_send_reply("200", "ok"); exit; } else { www_challenge("$td", "1"); exit; } } }
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Hello,
you should not have sl_send_reply() after calling the route (REGISTRAR) -- I am referring to the part:
route(REGISTRAR);
sl_send_reply("200", "ok"); exit;
Cheers, Daniel
On 21/01/16 14:41, Safdar Khan wrote:
Hi Phil, Thanks for quick reply and to point to right direction. It is working now and i can make calls.As you have asked the save('location'). Well it was at his default location like
route_request{ route(REGISTRAR); } --- route[REGISTRAR] { if (!is_method("REGISTER")) return; if(isflagset(FLT_NATS)) { setbflag(FLB_NATB); #!ifdef WITH_NATSIPPING setbflag(FLB_NATSIPPING); #!endif } if (!save("location")) sl_reply_error(); exit; }what i have done is, i just comment out the default #route(REGISTRAR) and i call the same block from route[LDAPAUTH] as given below
route[LDAPAUTH] { if(is_method("REGISTER")) { if(is_present_hf("Authorization")) { if (!ldap_search("ldap://sipaccounts/ou=MyUsers,dc=example,dc=com?cn,userPassword?one?(cn=$fU)")) { switch ($retcode) { case -1: sl_send_reply("404", "User Not Found"); exit; case -2: sl_send_reply("500", "Internal server error"); exit; default: exit; } } ldap_result("cn/$avp(username)"); ldap_result("userPassword/$avp(password)"); if (!pv_www_authenticate("$td", "$avp(password)", "4")) { www_challenge("$td", "1"); exit; } route(REGISTRAR); sl_send_reply("200", "ok"); exit; } else { www_challenge("$td", "1"); exit; } } }I would like to know what could be the pros and cons in this scenarion?
On Thu, Jan 21, 2016 at 6:06 PM, Phil Lavin <phil.lavin@synety.com mailto:phil.lavin@synety.com> wrote:
Are you using Kamailio’s usrloc module? If so, at what point do you save(‘location’)? *From:*sr-users [mailto:sr-users-bounces@lists.sip-router.org <mailto:sr-users-bounces@lists.sip-router.org>] *On Behalf Of *Safdar Khan *Sent:* 21 January 2016 12:24 *To:* Kamailio (SER) - Users Mailing List <sr-users@lists.sip-router.org <mailto:sr-users@lists.sip-router.org>> *Subject:* [SR-Users] Kamailio and openLDAP integration. Hi guys, I have tried to integrate kamailio and ldap.It seems like both are taking to each other. Here the purpose of ldap is for back-end support for sip user authentication rather than kamailio database.However i am able to log in but could not make call between sip users.I could not figure out what i am missing. Here is the routing block for ldap in my kamailio.cfg request_route { route(LDAPAUTH); } --- route[LDAPAUTH] { if(is_method("REGISTER")) { if(is_present_hf("Authorization")) { if (!ldap_search("ldap://sipaccounts/ou=MyUsers,dc=example,dc=com?cn,userPassword?one?(cn=$fU)")) { switch ($retcode) { case -1: sl_send_reply("404", "User Not Found"); exit; case -2: sl_send_reply("500", "Internal server error"); exit; default: exit; } } ldap_result("cn/$avp(username)"); ldap_result("userPassword/$avp(password)"); route(REGISTRAR); if (!pv_www_authenticate("$td", "$avp(password)", "4")) { www_challenge("$td", "1"); exit; } sl_send_reply("200", "ok"); exit; } else { www_challenge("$td", "1"); exit; } } } _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org <mailto:sr-users@lists.sip-router.org> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-
Daniel-Constantin Mierla -
Phil Lavin -
Safdar Khan