[Freeswitch-users] How to distinguish between Authenticated sip and not authenticated users

Anton VG anton.vazir at gmail.com
Fri Sep 30 22:53:52 MSD 2011


Brian, thanks for advice on IRC, it helped to do what I wanted.

Regards,
Anton

2011/9/29 Anton VG <anton.vazir at gmail.com>:
> Brian have suggested on IRC to use dialplan auth via
>
> <condition field="${sip_authorized}" expression="^true$" break="never">
>     <anti-action application="respond" data="407"/>
> </condition>
>
> seems it can do the trick.
>
> 2011/9/29 Anthony Minessale <anthony.minessale at gmail.com>:
>> This seems odd....
>>
>> So you are making a global ACL to 0.0.0.0 which will let everyone in.
>> This takes precedence over the auth calls because you are passing the
>> ACL which is a means of authorization so you are never using the
>> actual challenge based auth at all.   Of course they will all appear
>> as sip_authorized=true
>>
>> you do have the variable sip_acl_authed_by to tell which acl you passed.
>>
>> This has come up today in irc too, its daft to try to mix authed and
>> non-auth calls on the same profile.
>> Just make your authenticated users use a dedicated profile and the
>> non-authenticated ones use another.
>>
>>
>>
>> On Wed, Sep 28, 2011 at 1:49 PM, Muhammad Naseer Bhatti
>> <nbhatti at gmail.com> wrote:
>>> Hello Anton,
>>> I tried this before and ended up in the same situation. the event
>>> variable_sip_authorized, for some reason always return true. What I
>>> did in my cause, since I am using the variable_sip_auth_username to
>>> match the username for my billing, this does the trick. I don't know
>>> if this is a bug or something, but it works this way.
>>>
>>> Thanks
>>>
>>> On Wed, Sep 28, 2011 at 8:01 PM, Anton VG <anton.vazir at gmail.com> wrote:
>>>> Guys,
>>>>
>>>> trying to distinguish between authenticated SIP user and not
>>>> authenticated, still no luck
>>>>
>>>> I would like to allow anyone to call my FS users via SIP, so there are
>>>> registered users and everyone else
>>>>
>>>> so I have allowed
>>>>
>>>> <param name="auth-calls" value="true"/>
>>>> <param name="apply-inbound-acl" value="allow_all"/>
>>>>
>>>> acl.xml:
>>>>    <list name="allow_all" default="allow">
>>>>      <node type="allow" cidr="0.0.0.0/0"/>
>>>>    </list>
>>>> Any call passes through, by always have
>>>>
>>>> [CHANNEL_CREATE] event
>>>> variable_sip_authorized: true
>>>>
>>>> in event headers. But I would like to know if user is authorized or not.
>>>>
>>>> if I disable authentication by setting this to false
>>>>
>>>> <param name="auth-calls" value="false"/>
>>>>
>>>> all calls do not have any auth headers.
>>>>
>>>> Any clue?
>>>>
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>>
>>>
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>
>>
>>
>> --
>> Anthony Minessale II
>>
>> FreeSWITCH http://www.freeswitch.org/
>> ClueCon http://www.cluecon.com/
>> Twitter: http://twitter.com/FreeSWITCH_wire
>>
>> AIM: anthm
>> MSN:anthony_minessale at hotmail.com
>> GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com
>> IRC: irc.freenode.net #freeswitch
>>
>> FreeSWITCH Developer Conference
>> sip:888 at conference.freeswitch.org
>> googletalk:conf+888 at conference.freeswitch.org
>> pstn:+19193869900
>>
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>



Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list