Hello,
is there any chance to modify the authorization user name?
I have the following scenario. We do allow only lowercase usernames when users are registering. So the md5 password is created and stored based on lowercase letters. When a user receives his account data he might enter his username in camelcase in his user agent. So when he tries to register, it fails, as the md5 hash based on the camelcased username is different.
I tried to use the perl module, put the username to lowercase and put it back to OpenSER via avp_pushto. But Openser only allows $ru,$du,$br to be modified.
Do I have a chance to modify $au?
Best regards Peter
Peter,
What is your interface to your authentication data? If you are pulling it from a database, you might be able to issue the query in such a way that the user-input username field is automatically lowercased prior to a comparison.
-- Alex
On Fri, 23 Nov 2007, Peter P GMX wrote:
Hello,
is there any chance to modify the authorization user name?
I have the following scenario. We do allow only lowercase usernames when users are registering. So the md5 password is created and stored based on lowercase letters. When a user receives his account data he might enter his username in camelcase in his user agent. So when he tries to register, it fails, as the md5 hash based on the camelcased username is different.
I tried to use the perl module, put the username to lowercase and put it back to OpenSER via avp_pushto. But Openser only allows $ru,$du,$br to be modified.
Do I have a chance to modify $au?
Best regards Peter
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
-- Alex Balashov Evariste Systems Web : http://www.evaristesys.com/ Tel : +1-678-954-0670 Direct : +1-678-954-0671
El Viernes, 23 de Noviembre de 2007, Peter P GMX escribió:
I have the following scenario. We do allow only lowercase usernames when users are registering. So the md5 password is created and stored based on lowercase letters. When a user receives his account data he might enter his username in camelcase in his user agent.
Couldn't be possible just to warn the user to write his name in lowercase when receiving the account data?
Note too that if you use "check_from"/"check_to" (to compare $fu with $au) you would have more problems is you want to allow camelcase names.
On Fri, 23 Nov 2007, Iñaki Baz Castillo wrote:
Couldn't be possible just to warn the user to write his name in lowercase when receiving the account data?
Indeed, that would be the best option. SIP's grammar *is* case-sensitive per the RFC; OpenSER is just behaving in a fashion consistent with that.
-- Alex Balashov Evariste Systems Web : http://www.evaristesys.com/ Tel : +1-678-954-0670 Direct : +1-678-954-0671
Peter P GMX wrote:
Hello,
is there any chance to modify the authorization user name?
I have the following scenario. We do allow only lowercase usernames when users are registering. So the md5 password is created and stored based on lowercase letters. When a user receives his account data he might enter his username in camelcase in his user agent. So when he tries to register, it fails, as the md5 hash based on the camelcased username is different.
I tried to use the perl module, put the username to lowercase and put it back to OpenSER via avp_pushto. But Openser only allows $ru,$du,$br to be modified.
Do I have a chance to modify $au?
The auth module of openser 1.3 (which will be released soon) contains two new authentication functions that take any pseudo variables as username/password input:
pv_www_authorize(realm): http://www.openser.org/docs/modules/1.3.x/auth.html#AEN243
pv_proxy_authorize(realm): http://www.openser.org/docs/modules/1.3.x/auth.html#AEN279
This should enable you to feed the username's uppercase version to the authorize functions.
BTW: It would be nice to have an uppercase/lowercase string transformation available.
/Christian
Best regards Peter
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
Hello Christian,
that seems to be a solution in conjunction with the perl module. When will 1.3 be available?
BTW: I am always wondering why such "normal" things as overwriting vars and general string substutution is so limited in OpenSER. Besides superficial documentation (everyone has to try and error and to reinvent the whole thing by himself), the main job is research ing for tricky workarounds in order to make things running. I am running a number of Asterisk PBX (release version 1.2) -- and there it's so easy!
Kind regards Peter
Christian Schlatter schrieb:
Peter P GMX wrote:
Hello,
is there any chance to modify the authorization user name?
I have the following scenario. We do allow only lowercase usernames when users are registering. So the md5 password is created and stored based on lowercase letters. When a user receives his account data he might enter his username in camelcase in his user agent. So when he tries to register, it fails, as the md5 hash based on the camelcased username is different.
I tried to use the perl module, put the username to lowercase and put it back to OpenSER via avp_pushto. But Openser only allows $ru,$du,$br to be modified.
Do I have a chance to modify $au?
The auth module of openser 1.3 (which will be released soon) contains two new authentication functions that take any pseudo variables as username/password input:
pv_www_authorize(realm): http://www.openser.org/docs/modules/1.3.x/auth.html#AEN243
pv_proxy_authorize(realm): http://www.openser.org/docs/modules/1.3.x/auth.html#AEN279
This should enable you to feed the username's uppercase version to the authorize functions.
BTW: It would be nice to have an uppercase/lowercase string transformation available.
/Christian
Best regards Peter
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
El Sábado, 24 de Noviembre de 2007, Peter P GMX escribió:
Hello Christian,
that seems to be a solution in conjunction with the perl module. When will 1.3 be available?
BTW: I am always wondering why such "normal" things as overwriting vars and general string substutution is so limited in OpenSER. Besides superficial documentation (everyone has to try and error and to reinvent the whole thing by himself), the main job is research ing for tricky workarounds in order to make things running.
OpenSer is supposed to be a SIP proxy/regitrar/location/redirect server. And SIP its cleraly defined in various RFC's. If someone wants to play with variables that are defined in RFC as case-sensitive, and limit then to lower-case then it's not an OpenSer issue.
I am running a number of Asterisk PBX (release version 1.2) -- and there it's so easy!
Now try to do a serial/pararell forking in Asterisk, or try to register a SIP user from various locations, or try to do a SIP spiral into Asterisk, and tell us how easy/possible that is ;)
El Sábado, 24 de Noviembre de 2007, Peter P GMX escribió:
Hello Christian,
that seems to be a solution in conjunction with the perl module. When will 1.3 be available?
BTW: I am always wondering why such "normal" things as overwriting vars and general string substutution is so limited in OpenSER. Besides superficial documentation (everyone has to try and error and to reinvent the whole thing by himself), the main job is research ing for tricky workarounds in order to make things running.
OpenSer is supposed to be a SIP proxy/regitrar/location/redirect server. And SIP its cleraly defined in various RFC's. If someone wants to play with variables that are defined in RFC as case-sensitive, and limit then to lower-case then it's not an OpenSer issue.
I see that OpenSER can do a lot according to the RFCs asSIP proxy/regitrar/location/redirect server. On the other hand OpenSER could give some more flexibilty id the user/implementer has the need to implement some things differently for certain cases. Some guy recommended to do the whole authentication outside Openser in order to get the needed flexibility. My feeling is: With some more features on the API side, OpenSER could be a swiss knife for SIP and services beyond telephony.
I am running a number of Asterisk PBX (release version 1.2) -- and there it's so easy!
Now try to do a serial/pararell forking in Asterisk, or try to register a SIP user from various locations, or try to do a SIP spiral into Asterisk, and tell us how easy/possible that is ;)
You are right, I cannot do that with an Asterisk. These are distinct products designed for different things. But: If I can do the job with an Asterisk, I will do it with an Asterisk due to the flexibility. If not, I will use OpenSR.
I believe that the perl module is a great step towards flexibility. But what's really missing for my daily life is to comfortably pass (all) variables back to OpenSER. Why should we limit this (of course it creates effort)?
Peter,
Peter P GMX wrote:
Hello Christian,
that seems to be a solution in conjunction with the perl module. When will 1.3 be available?
1.3 is planned for November-December time frame.
BTW: I am always wondering why such "normal" things as overwriting vars and general string substutution is so limited in OpenSER. Besides superficial documentation (everyone has to try and error and to reinvent the whole thing by himself), the main job is research ing for tricky workarounds in order to make things running. I am running a number of Asterisk PBX (release version 1.2) -- and there it's so easy!
I'd say asterisk is easier to understand because it follows the traditional PBX model, whereas openser is a real SIP proxy. You need a basic understand of how SIP works in order to deploy openser. One should e.g. be familiar with the differences between SIP transactions, dialogs, and sessions.
I've worked with many different SIP proxy products, commercial and open source, and openser/ser is by far the most flexible one. There is always room for improvements, but you won't find another proxy that provides such low level access to the SIP message routing engine.
Asterisk, on the other hand, works on a much higher layer. All you can do is modifying calls, you don't get access to individual SIP messages. This simplifies the configuration but limits its usefulness.
/Christian
Kind regards Peter
Christian Schlatter schrieb:
Peter P GMX wrote:
Hello,
is there any chance to modify the authorization user name?
I have the following scenario. We do allow only lowercase usernames when users are registering. So the md5 password is created and stored based on lowercase letters. When a user receives his account data he might enter his username in camelcase in his user agent. So when he tries to register, it fails, as the md5 hash based on the camelcased username is different.
I tried to use the perl module, put the username to lowercase and put it back to OpenSER via avp_pushto. But Openser only allows $ru,$du,$br to be modified.
Do I have a chance to modify $au?
The auth module of openser 1.3 (which will be released soon) contains two new authentication functions that take any pseudo variables as username/password input:
pv_www_authorize(realm): http://www.openser.org/docs/modules/1.3.x/auth.html#AEN243
pv_proxy_authorize(realm): http://www.openser.org/docs/modules/1.3.x/auth.html#AEN279
This should enable you to feed the username's uppercase version to the authorize functions.
BTW: It would be nice to have an uppercase/lowercase string transformation available.
/Christian
Best regards Peter
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
Peter P GMX schrieb:
Hello,
is there any chance to modify the authorization user name?
I have the following scenario. We do allow only lowercase usernames when users are registering. So the md5 password is created and stored based on lowercase letters. When a user receives his account data he might enter his username in camelcase in his user agent. So when he tries to register, it fails, as the md5 hash based on the camelcased username is different.
I think there is no way to fix this. The SIP client calculates the response value based on the username (authentication username if client allows to enter it too) entered by the user.
If you are using pre-calculated hashes at openser the response sent by the SIP client and the response calculated by openser will allways differ if the user uses camelcase.
regards klaus
I tried to use the perl module, put the username to lowercase and put it back to OpenSER via avp_pushto. But Openser only allows $ru,$du,$br to be modified.
Do I have a chance to modify $au?
Best regards Peter
Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
-
Alex Balashov -
Christian Schlatter -
Iñaki Baz Castillo -
jh@tutpro.com -
Klaus Darilion -
Peter P GMX