Can anybody help me with configuration kamailio to authenticate call on 3rd party server?
I want to authenticate(and proxy) call's on other server.
for example, user A have account on my server(let it be A@myserver.com) and account on other server (let it be AA@hisserver.com) myserver.com keeps A's credentials for AA@hisserver.com when A is registered on myserver.com, he make call to B@othersip.com (using myserver.com as a proxy) Kamailio on myserver authenticate itself on hisserver as AA@hisserver.com, makes call to destination, and connect it to A.
How can I setup kamailio for such behavior? Which module should I use? UAC seems can authenticate on another server, but I don't sure that it do what I want. (I've tried it, but without much success)
Hello,
On 7/6/12 7:59 PM, intel@intrans.baku.az wrote:
Can anybody help me with configuration kamailio to authenticate call on 3rd party server?
I want to authenticate(and proxy) call's on other server.
for example, user A have account on my server(let it be A@myserver.com) and account on other server (let it be AA@hisserver.com) myserver.com keeps A's credentials for AA@hisserver.com when A is registered on myserver.com, he make call to B@othersip.com (using myserver.com as a proxy) Kamailio on myserver authenticate itself on hisserver as AA@hisserver.com, makes call to destination, and connect it to A.
How can I setup kamailio for such behavior? Which module should I use? UAC seems can authenticate on another server, but I don't sure that it do what I want. (I've tried it, but without much success)
indeed, the uac module is the one that can provide what you want, with some limitations in regard to cseq incrementation. You have to set a failure route and if the reply code is 407, the sent the realm/username and password to the avps specified by the appropriate module parameters -- the next tree at:
* http://kamailio.org/docs/modules/stable/modules_k/uac.html#auth-realm-avp-id
Then call uac_auth() and relay again.
Cheers, Daniel
Daniel-Constantin Mierla said:
Hello,
On 7/6/12 7:59 PM, intel@intrans.baku.az wrote:
Can anybody help me with configuration kamailio to authenticate call on 3rd party server?
I want to authenticate(and proxy) call's on other server.
for example, user A have account on my server(let it be A@myserver.com) and account on other server (let it be AA@hisserver.com) myserver.com keeps A's credentials for AA@hisserver.com when A is registered on myserver.com, he make call to B@othersip.com (using myserver.com as a proxy) Kamailio on myserver authenticate itself on hisserver as AA@hisserver.com, makes call to destination, and connect it to A.
How can I setup kamailio for such behavior? Which module should I use? UAC seems can authenticate on another server, but I don't sure that it do what I want. (I've tried it, but without much success)
indeed, the uac module is the one that can provide what you want, with some limitations in regard to cseq incrementation. You have to set a failure route and if the reply code is 407, the sent the realm/username and password to the avps specified by the appropriate module parameters -- the next tree at:
http://kamailio.org/docs/modules/stable/modules_k/uac.html#auth-realm-avp-id
Then call uac_auth() and relay again.
You mean, i need set auth_*_avp with credentials. set failure route, send request to auth_proxy (btw, how? ) and call uac_auth() in failure route, correct?
I've tried to use uacreg sql table and uac_reg_request_to, but there was some problems: 1) in uac_reg_request_to with mode 1 mistake (it found credentials only if l_uuid==l_username) i've opened ticket on bugtracker http://sourceforge.net/tracker/?func=detail&aid=3540479&group_id=139... 2) uac_reg_request_to changes uri in request and instead INVITE sip:B@othersip.com makes INVITE sip:AA@hisserver.com if comment out snprintf(ruri, MAX_URI_SIZE, "sip:%.*s@%.*s", reg->r_username.len, reg->r_username.s, reg->r_domain.len, reg->r_domain.s); and so on seems working, but I'm don't sure that such modification don't break something else (pretty sure that breaks, but don't know where exactly :) 3)uacreg table loaded on startup, and AFAIK there is no way to modify it dynamically, so if you change something in this table you MUST restart kamailio (not convinient) I've tried to make RPC for adding new record in htable (using reg_ht_add()), but it returns error and in log I can see ERROR: uac [uac_reg.c:313]: no more shm
Cheers, Daniel
-- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 - http://asipto.com/u/katu Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 - http://asipto.com/u/kpw
On 7/10/12 11:50 AM, intel@intrans.baku.az wrote:
Daniel-Constantin Mierla said:
Hello,
On 7/6/12 7:59 PM, intel@intrans.baku.az wrote:
Can anybody help me with configuration kamailio to authenticate call on 3rd party server?
I want to authenticate(and proxy) call's on other server.
for example, user A have account on my server(let it be A@myserver.com) and account on other server (let it be AA@hisserver.com) myserver.com keeps A's credentials for AA@hisserver.com when A is registered on myserver.com, he make call to B@othersip.com (using myserver.com as a proxy) Kamailio on myserver authenticate itself on hisserver as AA@hisserver.com, makes call to destination, and connect it to A.
How can I setup kamailio for such behavior? Which module should I use? UAC seems can authenticate on another server, but I don't sure that it do what I want. (I've tried it, but without much success)
indeed, the uac module is the one that can provide what you want, with some limitations in regard to cseq incrementation. You have to set a failure route and if the reply code is 407, the sent the realm/username and password to the avps specified by the appropriate module parameters -- the next tree at:
http://kamailio.org/docs/modules/stable/modules_k/uac.html#auth-realm-avp-id
Then call uac_auth() and relay again.
You mean, i need set auth_*_avp with credentials. set failure route, send request to auth_proxy (btw, how? ) and call uac_auth() in failure route, correct?
t_relay() is one of the functions to sent the request further.
I've tried to use uacreg sql table and uac_reg_request_to, but there was some problems:
- in uac_reg_request_to with mode 1 mistake (it found credentials only if
l_uuid==l_username) i've opened ticket on bugtracker http://sourceforge.net/tracker/?func=detail&aid=3540479&group_id=139... 2) uac_reg_request_to changes uri in request and instead INVITE sip:B@othersip.com makes INVITE sip:AA@hisserver.com if comment out snprintf(ruri, MAX_URI_SIZE, "sip:%.*s@%.*s", reg->r_username.len, reg->r_username.s, reg->r_domain.len, reg->r_domain.s); and so on seems working, but I'm don't sure that such modification don't break something else (pretty sure that breaks, but don't know where exactly :) 3)uacreg table loaded on startup, and AFAIK there is no way to modify it dynamically, so if you change something in this table you MUST restart kamailio (not convinient) I've tried to make RPC for adding new record in htable (using reg_ht_add()), but it returns error and in log I can see ERROR: uac [uac_reg.c:313]: no more shm
If you have a lot of records, you need to allocate more shared memory, via -m command line parameter.
uacreg is to register for incoming calls, it is not used for authentication of outgoing calls. Use uac_auth() instead, as I said in previous email.
Cheers, Daniel
Daniel-Constantin Mierla said:
On 7/10/12 11:50 AM, intel@intrans.baku.az wrote:
Daniel-Constantin Mierla said:
Hello,
On 7/6/12 7:59 PM, intel@intrans.baku.az wrote:
Can anybody help me with configuration kamailio to authenticate call on 3rd party server?
I want to authenticate(and proxy) call's on other server.
for example, user A have account on my server(let it be A@myserver.com) and account on other server (let it be AA@hisserver.com) myserver.com keeps A's credentials for AA@hisserver.com when A is registered on myserver.com, he make call to B@othersip.com (using myserver.com as a proxy) Kamailio on myserver authenticate itself on hisserver as AA@hisserver.com, makes call to destination, and connect it to A.
How can I setup kamailio for such behavior? Which module should I use? UAC seems can authenticate on another server, but I don't sure that it do what I want. (I've tried it, but without much success)
indeed, the uac module is the one that can provide what you want, with some limitations in regard to cseq incrementation. You have to set a failure route and if the reply code is 407, the sent the realm/username and password to the avps specified by the appropriate module parameters -- the next tree at:
http://kamailio.org/docs/modules/stable/modules_k/uac.html#auth-realm-avp-id
Then call uac_auth() and relay again.
You mean, i need set auth_*_avp with credentials. set failure route, send request to auth_proxy (btw, how? ) and call uac_auth() in failure route, correct?
t_relay() is one of the functions to sent the request further.
I mean how set next hop not to final destination, but to auth_proxy?
I've tried to use uacreg sql table and uac_reg_request_to, but there was some problems:
- in uac_reg_request_to with mode 1 mistake (it found credentials only
if l_uuid==l_username) i've opened ticket on bugtracker http://sourceforge.net/tracker/?func=detail&aid=3540479&group_id=139... 2) uac_reg_request_to changes uri in request and instead INVITE sip:B@othersip.com makes INVITE sip:AA@hisserver.com if comment out snprintf(ruri, MAX_URI_SIZE, "sip:%.*s@%.*s", reg->r_username.len, reg->r_username.s, reg->r_domain.len, reg->r_domain.s); and so on seems working, but I'm don't sure that such modification don't break something else (pretty sure that breaks, but don't know where exactly :) 3)uacreg table loaded on startup, and AFAIK there is no way to modify it dynamically, so if you change something in this table you MUST restart kamailio (not convinient) I've tried to make RPC for adding new record in htable (using reg_ht_add()), but it returns error and in log I can see ERROR: uac [uac_reg.c:313]: no more shm
If you have a lot of records, you need to allocate more shared memory, via -m command line parameter.
19 records in table -OK 1 record in table and try to add using RPC (self modified uac_reg.c) - no more shm. I think than there is not shortage of shared memory, but something forgotten in function for RPC. Here is src
static void rpc_uac_reg_add(rpc_t* rpc, void* ctx) { reg_uac_t reg ; str l_uuid, l_username, l_domain, r_username, r_domain, realm, auth_username, auth_password, auth_proxy; int expire;
if(_reg_htable==NULL) { rpc->fault(ctx, 500, "Not enabled"); return; }
if (rpc->scan(ctx, "SSSSSSSSSd", &l_uuid, &l_username, &l_domain, &r_username, &r_domain, &realm, &auth_username, &auth_password, &auth_proxy, &expire) < 0) { return; } memset(®, 0, sizeof(reg_uac_t));; /* check for NULL values ?!?! */ reg.l_uuid=l_uuid; reg.l_username=l_username; reg.l_domain=l_domain; reg.r_username=r_username; reg.r_domain=r_domain; reg.realm=realm; reg.auth_username=auth_username; reg.auth_password=auth_password; reg.auth_proxy=auth_proxy; reg.expires = expire;
if(reg_ht_add(®)<0) { rpc->fault(ctx, 500, "Error adding reg to htable"); return; }
}
uacreg is to register for incoming calls, it is not used for authentication of outgoing calls. Use uac_auth() instead, as I said in previous email.
I'll try.
Cheers, Daniel
-- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 - http://asipto.com/u/katu Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 - http://asipto.com/u/kpw
On 7/10/12 12:14 PM, intel@intrans.baku.az wrote:
Daniel-Constantin Mierla said:
On 7/10/12 11:50 AM, intel@intrans.baku.az wrote:
Daniel-Constantin Mierla said:
Hello,
On 7/6/12 7:59 PM, intel@intrans.baku.az wrote:
Can anybody help me with configuration kamailio to authenticate call on 3rd party server?
I want to authenticate(and proxy) call's on other server.
for example, user A have account on my server(let it be A@myserver.com) and account on other server (let it be AA@hisserver.com) myserver.com keeps A's credentials for AA@hisserver.com when A is registered on myserver.com, he make call to B@othersip.com (using myserver.com as a proxy) Kamailio on myserver authenticate itself on hisserver as AA@hisserver.com, makes call to destination, and connect it to A.
How can I setup kamailio for such behavior? Which module should I use? UAC seems can authenticate on another server, but I don't sure that it do what I want. (I've tried it, but without much success)
indeed, the uac module is the one that can provide what you want, with some limitations in regard to cseq incrementation. You have to set a failure route and if the reply code is 407, the sent the realm/username and password to the avps specified by the appropriate module parameters -- the next tree at:
*http://kamailio.org/docs/modules/stable/modules_k/uac.html#auth-realm-avp-id
Then call uac_auth() and relay again.
You mean, i need set auth_*_avp with credentials. set failure route, send request to auth_proxy (btw, how? ) and call uac_auth() in failure route, correct?
t_relay() is one of the functions to sent the request further.
I mean how set next hop not to final destination, but to auth_proxy?
I've tried to use uacreg sql table and uac_reg_request_to, but there was some problems:
- in uac_reg_request_to with mode 1 mistake (it found credentials only
if l_uuid==l_username) i've opened ticket on bugtracker http://sourceforge.net/tracker/?func=detail&aid=3540479&group_id=139... 2) uac_reg_request_to changes uri in request and instead INVITE sip:B@othersip.com makes INVITE sip:AA@hisserver.com if comment out snprintf(ruri, MAX_URI_SIZE, "sip:%.*s@%.*s", reg->r_username.len, reg->r_username.s, reg->r_domain.len, reg->r_domain.s); and so on seems working, but I'm don't sure that such modification don't break something else (pretty sure that breaks, but don't know where exactly :) 3)uacreg table loaded on startup, and AFAIK there is no way to modify it dynamically, so if you change something in this table you MUST restart kamailio (not convinient) I've tried to make RPC for adding new record in htable (using reg_ht_add()), but it returns error and in log I can see ERROR: uac [uac_reg.c:313]: no more shm
If you have a lot of records, you need to allocate more shared memory, via -m command line parameter.
19 records in table -OK 1 record in table and try to add using RPC (self modified uac_reg.c) - no more shm.
can you set debug=3 in you config file, try again and send all log messages of the operation here?
Cheers, DAniel
Daniel-Constantin Mierla said:
On 7/10/12 12:14 PM, intel@intrans.baku.az wrote:
Daniel-Constantin Mierla said:
On 7/10/12 11:50 AM, intel@intrans.baku.az wrote:
Daniel-Constantin Mierla said:
Hello,
On 7/6/12 7:59 PM, intel@intrans.baku.az wrote:
Can anybody help me with configuration kamailio to authenticate call on 3rd party server?
I want to authenticate(and proxy) call's on other server.
for example, user A have account on my server(let it be A@myserver.com) and account on other server (let it be AA@hisserver.com) myserver.com keeps A's credentials for AA@hisserver.com when A is registered on myserver.com, he make call to B@othersip.com (using myserver.com as a proxy) Kamailio on myserver authenticate itself on hisserver as AA@hisserver.com, makes call to destination, and connect it to A.
How can I setup kamailio for such behavior? Which module should I use? UAC seems can authenticate on another server, but I don't sure that it do what I want. (I've tried it, but without much success)
indeed, the uac module is the one that can provide what you want, with some limitations in regard to cseq incrementation. You have to set a failure route and if the reply code is 407, the sent the realm/username and password to the avps specified by the appropriate module parameters -- the next tree at:
*http://kamailio.org/docs/modules/stable/modules_k/uac.html#auth-realm-avp-id
Then call uac_auth() and relay again.
You mean, i need set auth_*_avp with credentials. set failure route, send request to auth_proxy (btw, how? ) and call uac_auth() in failure route, correct?
t_relay() is one of the functions to sent the request further.
I mean how set next hop not to final destination, but to auth_proxy?
I've tried to use uacreg sql table and uac_reg_request_to, but there was some problems:
- in uac_reg_request_to with mode 1 mistake (it found credentials
only if l_uuid==l_username) i've opened ticket on bugtracker http://sourceforge.net/tracker/?func=detail&aid=3540479&group_id=139... 2) uac_reg_request_to changes uri in request and instead INVITE sip:B@othersip.com makes INVITE sip:AA@hisserver.com if comment out snprintf(ruri, MAX_URI_SIZE, "sip:%.*s@%.*s", reg->r_username.len, reg->r_username.s, reg->r_domain.len, reg->r_domain.s); and so on seems working, but I'm don't sure that such modification don't break something else (pretty sure that breaks, but don't know where exactly :) 3)uacreg table loaded on startup, and AFAIK there is no way to modify it dynamically, so if you change something in this table you MUST restart kamailio (not convinient) I've tried to make RPC for adding new record in htable (using reg_ht_add()), but it returns error and in log I can see ERROR: uac [uac_reg.c:313]: no more shm
If you have a lot of records, you need to allocate more shared memory, via -m command line parameter.
19 records in table -OK 1 record in table and try to add using RPC (self modified uac_reg.c) - no more shm.
can you set debug=3 in you config file, try again and send all log messages of the operation here?
debug=4
kamctl sercmd uac.reg_add 1 2 3 4 5 6 7 8 sip:85.132.76.182:36999 100 database engine 'DB_BERKELEY' loaded Control engine 'FIFO' loaded entering ser_cmd uac.reg_add 1 2 3 4 5 6 7 8 sip:85.132.76.182:36999 100 error: 500 - Error adding reg to htable
in log:
Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl [../../io_wait.h:390]: DBG: io_watch_add(0x7fc0e9310680, 15, 3, 0x2066670), fd_no=1 Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl [io_listener.c:453]: handle_stream read: new connection (1) on /tmp/kamailio_ctl Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: ERROR: uac [uac_reg.c:313]: no more shm Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl [io_listener.c:506]: handle_stream read: eof on /tmp/kamailio_ctl Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl [../../io_wait.h:617]: DBG: io_watch_del (0x7fc0e9310680, 15, -1, 0x10) fd_no=2 called
uac_reg.c is modified, so line 313 in it is not exist in distribution sources. there is
nr = (reg_uac_t*)shm_malloc(sizeof(reg_uac_t) + len); if(nr==NULL) { LM_ERR("no more shm\n");// 313 is here! return -1; }
the full source of function in previous message.
Cheers, DAniel
-- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 - http://asipto.com/u/katu Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 - http://asipto.com/u/kpw
intel@intrans.baku.az said:
Daniel-Constantin Mierla said:
On 7/10/12 12:14 PM, intel@intrans.baku.az wrote:
Daniel-Constantin Mierla said:
On 7/10/12 11:50 AM, intel@intrans.baku.az wrote:
Daniel-Constantin Mierla said:
Hello,
On 7/6/12 7:59 PM, intel@intrans.baku.az wrote: > Can anybody help me with configuration kamailio to authenticate > call > on > 3rd party server? > > I want to authenticate(and proxy) call's on other server. > > for example, user A have account on my server(let it be > A@myserver.com) > and account on other server (let it be AA@hisserver.com) > myserver.com keeps A's credentials for AA@hisserver.com > when A is registered on myserver.com, he make call to > B@othersip.com > (using myserver.com as a proxy) > Kamailio on myserver authenticate itself on hisserver as > AA@hisserver.com, > makes call to destination, and connect it to A. > > How can I setup kamailio for such behavior? > Which module should I use? > UAC seems can authenticate on another server, but I don't sure that > it > do > what I want. (I've tried it, but without much success) indeed, the uac module is the one that can provide what you want, with some limitations in regard to cseq incrementation. You have to set a failure route and if the reply code is 407, the sent the realm/username and password to the avps specified by the appropriate module parameters -- the next tree at:
*http://kamailio.org/docs/modules/stable/modules_k/uac.html#auth-realm-avp-id
Then call uac_auth() and relay again.
You mean, i need set auth_*_avp with credentials. set failure route, send request to auth_proxy (btw, how? ) and call uac_auth() in failure route, correct?
t_relay() is one of the functions to sent the request further.
I mean how set next hop not to final destination, but to auth_proxy?
I've tried to use uacreg sql table and uac_reg_request_to, but there was some problems:
- in uac_reg_request_to with mode 1 mistake (it found credentials
only if l_uuid==l_username) i've opened ticket on bugtracker http://sourceforge.net/tracker/?func=detail&aid=3540479&group_id=139... 2) uac_reg_request_to changes uri in request and instead INVITE sip:B@othersip.com makes INVITE sip:AA@hisserver.com if comment out snprintf(ruri, MAX_URI_SIZE, "sip:%.*s@%.*s", reg->r_username.len, reg->r_username.s, reg->r_domain.len, reg->r_domain.s); and so on seems working, but I'm don't sure that such modification don't break something else (pretty sure that breaks, but don't know where exactly :) 3)uacreg table loaded on startup, and AFAIK there is no way to modify it dynamically, so if you change something in this table you MUST restart kamailio (not convinient) I've tried to make RPC for adding new record in htable (using reg_ht_add()), but it returns error and in log I can see ERROR: uac [uac_reg.c:313]: no more shm
If you have a lot of records, you need to allocate more shared memory, via -m command line parameter.
19 records in table -OK 1 record in table and try to add using RPC (self modified uac_reg.c) - no more shm.
can you set debug=3 in you config file, try again and send all log messages of the operation here?
debug=4
kamctl sercmd uac.reg_add 1 2 3 4 5 6 7 8 sip:85.132.76.182:36999 100 database engine 'DB_BERKELEY' loaded Control engine 'FIFO' loaded entering ser_cmd uac.reg_add 1 2 3 4 5 6 7 8 sip:85.132.76.182:36999 100 error: 500 - Error adding reg to htable
in log:
Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl [../../io_wait.h:390]: DBG: io_watch_add(0x7fc0e9310680, 15, 3, 0x2066670), fd_no=1 Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl [io_listener.c:453]: handle_stream read: new connection (1) on /tmp/kamailio_ctl Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: ERROR: uac [uac_reg.c:313]: no more shm Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl [io_listener.c:506]: handle_stream read: eof on /tmp/kamailio_ctl Jul 10 15:29:07 dsdb01 /usr/sbin/kamailio[526]: DEBUG: ctl [../../io_wait.h:617]: DBG: io_watch_del (0x7fc0e9310680, 15, -1, 0x10) fd_no=2 called
uac_reg.c is modified, so line 313 in it is not exist in distribution sources. there is
nr = (reg_uac_t*)shm_malloc(sizeof(reg_uac_t) + len); if(nr==NULL) { LM_ERR("no more shm\n");// 313 is here! return -1; }the full source of function in previous message.
Sorry, i've mistaken. this is part of standard function reg_ht_add(), not my addition
BTW, I also wrote RPCS uac.reg_dump_byuuid and uac.reg_dump_byuser to get just one record from hash table, to where should I send patches for including this fuctionality in mainstream?
Cheers, DAniel
-- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 - http://asipto.com/u/katu Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 - http://asipto.com/u/kpw
--
intel@intrans.baku.az said:
Daniel-Constantin Mierla said:
On 7/10/12 11:50 AM, intel@intrans.baku.az wrote:
Daniel-Constantin Mierla said:
Hello,
On 7/6/12 7:59 PM, intel@intrans.baku.az wrote:
Can anybody help me with configuration kamailio to authenticate call on 3rd party server?
I want to authenticate(and proxy) call's on other server.
for example, user A have account on my server(let it be A@myserver.com) and account on other server (let it be AA@hisserver.com) myserver.com keeps A's credentials for AA@hisserver.com when A is registered on myserver.com, he make call to B@othersip.com (using myserver.com as a proxy) Kamailio on myserver authenticate itself on hisserver as AA@hisserver.com, makes call to destination, and connect it to A.
How can I setup kamailio for such behavior? Which module should I use? UAC seems can authenticate on another server, but I don't sure that it do what I want. (I've tried it, but without much success)
indeed, the uac module is the one that can provide what you want, with some limitations in regard to cseq incrementation. You have to set a failure route and if the reply code is 407, the sent the realm/username and password to the avps specified by the appropriate module parameters -- the next tree at:
http://kamailio.org/docs/modules/stable/modules_k/uac.html#auth-realm-avp-id
Then call uac_auth() and relay again.
You mean, i need set auth_*_avp with credentials. set failure route, send request to auth_proxy (btw, how? ) and call uac_auth() in failure route, correct?
t_relay() is one of the functions to sent the request further.
I mean how set next hop not to final destination, but to auth_proxy?
rewritehostport("hisserver.com:port"); in config enough or need additional modifications of request?
-
Daniel-Constantin Mierla -
intel@intrans.baku.az