24 Nov
2007
24 Nov
'07
12:03 a.m.
Hello,
is there any chance to modify the authorization user name?
I have the following scenario. We do allow only lowercase usernames when
users are registering. So the md5 password is created and stored based
on lowercase letters.
When a user receives his account data he might enter his username in
camelcase in his user agent. So when he tries to register, it fails, as
the md5 hash based on the camelcased username is different.
I tried to use the perl module, put the username to lowercase and put it
back to OpenSER via avp_pushto. But Openser only allows $ru,$du,$br to
be modified.
Do I have a chance to modify $au?
Best regards
Peter
24 Nov
24 Nov
12:09 a.m.
Peter,
What is your interface to your authentication data? If you are pulling it
from a database, you might be able to issue the query in such a way that
the user-input username field is automatically lowercased prior to a
comparison.
-- Alex
On Fri, 23 Nov 2007, Peter P GMX wrote:
Hello,
is there any chance to modify the authorization user name?
I have the following scenario. We do allow only lowercase usernames when
users are registering. So the md5 password is created and stored based
on lowercase letters.
When a user receives his account data he might enter his username in
camelcase in his user agent. So when he tries to register, it fails, as
the md5 hash based on the camelcased username is different.
I tried to use the perl module, put the username to lowercase and put it
back to OpenSER via avp_pushto. But Openser only allows $ru,$du,$br to
be modified.
Do I have a chance to modify $au?
Best regards
Peter
_______________________________________________
Users mailing list
Users(a)lists.openser.org
http://lists.openser.org/cgi-bin/mailman/listinfo/users
--
Alex Balashov
Evariste Systems
Web : http://www.evaristesys.com/
Tel : +1-678-954-0670
Direct : +1-678-954-0671
12:10 a.m.
El Viernes, 23 de Noviembre de 2007, Peter P GMX escribió:
I have the following scenario. We do allow only
lowercase usernames when
users are registering. So the md5 password is created and stored based
on lowercase letters.
When a user receives his account data he might enter his username in
camelcase in his user agent.
Couldn't be possible just to warn the user to write his name in lowercase when
receiving the account data?
Note too that if you use "check_from"/"check_to" (to compare $fu with
$au) you
would have more problems is you want to allow camelcase names.
--
Iñaki Baz Castillo
12:14 a.m.
On Fri, 23 Nov 2007, Iñaki Baz Castillo wrote:
Couldn't be possible just to warn the user to
write his name in
lowercase when receiving the account data?
Indeed, that would be the best option. SIP's grammar *is*
case-sensitive per the RFC; OpenSER is just behaving in a fashion
consistent with that.
--
Alex Balashov
Evariste Systems
Web : http://www.evaristesys.com/
Tel : +1-678-954-0670
Direct : +1-678-954-0671
4:15 a.m.
Peter P GMX wrote:
Hello,
is there any chance to modify the authorization user name?
I have the following scenario. We do allow only lowercase usernames when
users are registering. So the md5 password is created and stored based
on lowercase letters.
When a user receives his account data he might enter his username in
camelcase in his user agent. So when he tries to register, it fails, as
the md5 hash based on the camelcased username is different.
I tried to use the perl module, put the username to lowercase and put it
back to OpenSER via avp_pushto. But Openser only allows $ru,$du,$br to
be modified.
Do I have a chance to modify $au?
The auth module of openser 1.3 (which will be released soon) contains
two new authentication functions that take any pseudo variables as
username/password input:
pv_www_authorize(realm):
http://www.openser.org/docs/modules/1.3.x/auth.html#AEN243
pv_proxy_authorize(realm):
http://www.openser.org/docs/modules/1.3.x/auth.html#AEN279
This should enable you to feed the username's uppercase version to the
authorize functions.
BTW: It would be nice to have an uppercase/lowercase string
transformation available.
/Christian
Best regards
Peter
_______________________________________________
Users mailing list
Users(a)lists.openser.org
http://lists.openser.org/cgi-bin/mailman/listinfo/users
3:19 p.m.
Hello Christian,
that seems to be a solution in conjunction with the perl module. When
will 1.3 be available?
BTW: I am always wondering why such "normal" things as overwriting vars
and general string substutution is so limited in OpenSER. Besides
superficial documentation (everyone has to try and error and to reinvent
the whole thing by himself), the main job is research ing for tricky
workarounds in order to make things running. I am running a number of
Asterisk PBX (release version 1.2) -- and there it's so easy!
Kind regards
Peter
Christian Schlatter schrieb:
Peter P GMX wrote:
Hello,
is there any chance to modify the authorization user name?
I have the following scenario. We do allow only lowercase usernames when
users are registering. So the md5 password is created and stored based
on lowercase letters.
When a user receives his account data he might enter his username in
camelcase in his user agent. So when he tries to register, it fails, as
the md5 hash based on the camelcased username is different.
I tried to use the perl module, put the username to lowercase and put it
back to OpenSER via avp_pushto. But Openser only allows $ru,$du,$br to
be modified.
Do I have a chance to modify $au?
The auth module of openser 1.3 (which will be released soon) contains
two new authentication functions that take any pseudo variables as
username/password input:
pv_www_authorize(realm):
http://www.openser.org/docs/modules/1.3.x/auth.html#AEN243
pv_proxy_authorize(realm):
http://www.openser.org/docs/modules/1.3.x/auth.html#AEN279
This should enable you to feed the username's uppercase version to the
authorize functions.
BTW: It would be nice to have an uppercase/lowercase string
transformation available.
/Christian
Best regards
Peter
_______________________________________________
Users mailing list
Users(a)lists.openser.org
http://lists.openser.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users(a)lists.openser.org
http://lists.openser.org/cgi-bin/mailman/listinfo/users
4:20 p.m.
El Sábado, 24 de Noviembre de 2007, Peter P GMX escribió:
Hello Christian,
that seems to be a solution in conjunction with the perl module. When
will 1.3 be available?
BTW: I am always wondering why such "normal" things as overwriting vars
and general string substutution is so limited in OpenSER. Besides
superficial documentation (everyone has to try and error and to reinvent
the whole thing by himself), the main job is research ing for tricky
workarounds in order to make things running.
OpenSer is supposed to be a SIP proxy/regitrar/location/redirect server.
And SIP its cleraly defined in various RFC's. If someone wants to play with
variables that are defined in RFC as case-sensitive, and limit then to
lower-case then it's not an OpenSer issue.
I am running a number of
Asterisk PBX (release version 1.2) -- and there it's so easy!
Now try to do a serial/pararell forking in Asterisk, or try to register a SIP
user from various locations, or try to do a SIP spiral into Asterisk, and
tell us how easy/possible that is ;)
--
Iñaki Baz Castillo
7:48 p.m.
El Sábado, 24 de Noviembre de 2007, Peter P GMX
escribió:
I see that OpenSER can do a lot according to the RFCs asSIP
proxy/regitrar/location/redirect server.
On the other hand OpenSER could give some more flexibilty id the
user/implementer has the need to implement some things differently for
certain cases. Some guy recommended to do the whole authentication
outside Openser in order to get the needed flexibility.
My feeling is: With some more features on the API side, OpenSER could be
a swiss knife for SIP and services beyond telephony.
Hello Christian,
that seems to be a solution in conjunction with the perl module. When
will 1.3 be available?
BTW: I am always wondering why such "normal" things as overwriting vars
and general string substutution is so limited in OpenSER. Besides
superficial documentation (everyone has to try and error and to reinvent
the whole thing by himself), the main job is research ing for tricky
workarounds in order to make things running.
OpenSer is supposed to be a SIP proxy/regitrar/location/redirect server.
And SIP its cleraly defined in various RFC's. If someone wants to play with
variables that are defined in RFC as case-sensitive, and limit then to
lower-case then it's not an OpenSer issue.
I am running a number of
Asterisk PBX (release version 1.2) -- and there it's so easy!
Now try to do a serial/pararell forking in Asterisk, or try to register a SIP
user from various locations, or try to do a SIP spiral into Asterisk, and
tell us how easy/possible that is ;)
8:14 p.m.
Peter,
Peter P GMX wrote:
Hello Christian,
that seems to be a solution in conjunction with the perl module. When
will 1.3 be available?
1.3 is planned for November-December time frame.
BTW: I am always wondering why such "normal" things as overwriting vars
and general string substutution is so limited in OpenSER. Besides
superficial documentation (everyone has to try and error and to reinvent
the whole thing by himself), the main job is research ing for tricky
workarounds in order to make things running. I am running a number of
Asterisk PBX (release version 1.2) -- and there it's so easy!
I'd say asterisk is easier to understand because it follows the
traditional PBX model, whereas openser is a real SIP proxy. You need a
basic understand of how SIP works in order to deploy openser. One should
e.g. be familiar with the differences between SIP transactions, dialogs,
and sessions.
I've worked with many different SIP proxy products, commercial and open
source, and openser/ser is by far the most flexible one. There is always
room for improvements, but you won't find another proxy that provides
such low level access to the SIP message routing engine.
Asterisk, on the other hand, works on a much higher layer. All you can
do is modifying calls, you don't get access to individual SIP messages.
This simplifies the configuration but limits its usefulness.
/Christian
Kind regards
Peter
Christian Schlatter schrieb:
> Peter P GMX wrote:
>
>> Hello,
>>
>> is there any chance to modify the authorization user name?
>>
>> I have the following scenario. We do allow only lowercase usernames
>> when users are registering. So the md5 password is created and stored
>> based on lowercase letters.
>> When a user receives his account data he might enter his username in
>> camelcase in his user agent. So when he tries to register, it fails,
>> as the md5 hash based on the camelcased username is different.
>>
>> I tried to use the perl module, put the username to lowercase and put
>> it back to OpenSER via avp_pushto. But Openser only allows
>> $ru,$du,$br to be modified.
>>
>> Do I have a chance to modify $au?
>>
>
> The auth module of openser 1.3 (which will be released soon) contains
> two new authentication functions that take any pseudo variables as
> username/password input:
>
> pv_www_authorize(realm):
> http://www.openser.org/docs/modules/1.3.x/auth.html#AEN243
>
> pv_proxy_authorize(realm):
> http://www.openser.org/docs/modules/1.3.x/auth.html#AEN279
>
> This should enable you to feed the username's uppercase version to the
> authorize functions.
>
> BTW: It would be nice to have an uppercase/lowercase string
> transformation available.
>
> /Christian
>
>
>
>> Best regards
>> Peter
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users(a)lists.openser.org
>> http://lists.openser.org/cgi-bin/mailman/listinfo/users
>>
>
>
> _______________________________________________
> Users mailing list
> Users(a)lists.openser.org
> http://lists.openser.org/cgi-bin/mailman/listinfo/users
>
>
26 Nov
26 Nov
12:46 p.m.
Peter P GMX schrieb:
Hello,
is there any chance to modify the authorization user name?
I have the following scenario. We do allow only lowercase usernames when
users are registering. So the md5 password is created and stored based
on lowercase letters.
When a user receives his account data he might enter his username in
camelcase in his user agent. So when he tries to register, it fails, as
the md5 hash based on the camelcased username is different.
I think there is no way to fix this. The SIP client calculates the
response value based on the username (authentication username if client
allows to enter it too) entered by the user.
If you are using pre-calculated hashes at openser the response sent by
the SIP client and the response calculated by openser will allways
differ if the user uses camelcase.
regards
klaus
I tried to use the perl module, put the username to lowercase and put it
back to OpenSER via avp_pushto. But Openser only allows $ru,$du,$br to
be modified.
Do I have a chance to modify $au?
Best regards
Peter
_______________________________________________
Users mailing list
Users(a)lists.openser.org
http://lists.openser.org/cgi-bin/mailman/listinfo/users
6206
days inactive
6209
days old
10 comments
6 participants
participants (6)
-
Alex Balashov -
Christian Schlatter -
Iñaki Baz Castillo -
jh@tutpro.com -
Klaus Darilion -
Peter P GMX