Hi Ashling,

I've just recently gotten this working myself!

In your Ser.cfg you seem to have both of the following lines uncommented.

# -- usrloc params -- modparam("usrloc", "db_mode", 0) # Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2)

You need to choose one or the other.

Barring that have you checked that ser_mysql tables are installed correctly by querying them as per the How To Doc?

Finally! You could try hardening your MySQL server by changing the mysql root PW and removeing the anonymous userids. It's detailed in the My SQL Docs on www.mysql.com

I'm no expert but I did all the above and registration works well now.

Good Luck! Darren

PS Anyone out there had a chance to look at my post re registered users not being able to see/call each other?? I'm stumped! ----- Original Message ----- From: "Ashling O'Driscoll" ashling.odriscoll@cit.ie To: serusers@lists.iptel.org Sent: Monday, November 01, 2004 9:32 AM Subject: [Serusers] authentication (or lack there of)

Hi,

Even though the mysql database is working fine (i.e. I can add users etc) and I've uncommented the authentication lines in the ser.cfg file, my ser still allows any UA to register. I have included my config file below. Any ideas?

Really appreciate the help Im getting from this list, Aisling.

# $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script #

# ----------- global configuration parameters

#debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E)

alias=172.16.3.12 #alias=10.10.10.12 #alias=10.0.1.4 #alias=192.168.3.77 #alias=cit.ie

/* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */

check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) port=5060 #children=4 fifo="/tmp/ser_fifo"

# ------------------ module loading

# Uncomment this if you want to use SQL database loadmodule "/usr/local/lib/ser/modules/mysql.so"

loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so"

# Uncomment this if you want digest authentication # mysql.so must be loaded ! loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so"

# ----------------- setting module-specific parameters

# -- usrloc params --

modparam("usrloc", "db_mode", 0)

# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line modparam("usrloc", "db_mode", 2)

# -- auth params -- # Uncomment if you are using auth module # modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # modparam("auth_db", "password_column", "password"

# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)

# ------------------------- request routing logic

# main routing logic

route{

# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
     sl_send_reply("483","Too Many Hops");
     break;
};
if ( msg:len  > max_len ) {
     sl_send_reply("513",  "Message too big");
     break;
};

# we record-route all messages -- to make sure that
# subsequent messages will go through our proxy; that's
# particularly good if upstream and downstream entities
# use different transport protocol
record_route();
# loose-route processing
if (loose_route()) {
     t_relay();
     break;
};

# if the request is for other domain use UsrLoc
# (in case, it does not work, use the following command
# with proper names and addresses in it)
if (uri==myself) {

     if (method=="REGISTER" {

# Uncomment this if you want to use digest authentication if (!www_authorize("172.16.3.12", "subscriber")) { www_challenge("172.16.3.12", "0"); break; };

          save("location");
          break;
     };

     # native SIP destinations are handled using our USRLOC DB
     if (!lookup("location")) {
          sl_send_reply("404",  "Not Found");
          break;
     };
};

#inserted by klaus
if (method=="INVITE"){
     record_route();
     force_rtp_proxy();
     /* set up reply processing */
     t_on_reply("1");
};

# forward to current uri now; use stateful forwarding; that
# works reliably even if we forward from TCP to UDP
if (!t_relay()) {
     sl_reply_error();
};

}

# inserted by klaus #all incoming replies for t_onrepli-ed transactions enter here onreply-route[1]{ if(status=~"[12][0-9][0-9]" force_rtp_proxy(); }

-------------------Legal

Disclaimer---------------------------------------

The above electronic mail transmission is confidential and intended only

for the person to whom it is addressed. Its contents may be protected by legal and/or professional privilege. Should it be received by you in error please contact the sender at the above quoted email address. Any unauthorised form of reproduction of this message is strictly prohibited. The Institute does not guarantee the security of any information electronically transmitted and is not liable if the information contained in this communication is not a proper and complete record of the message as transmitted by the sender nor for any delay in its receipt.

--------------

---

Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers