[Freeswitch-users] 302 redirect variable
João Mesquita
jmesquita at freeswitch.org
Sun Mar 4 07:14:13 MSK 2012
You won't get the user's password in plain text like that EVER. If we did that, we would be considered to be insanely insecure.
I am guessing you are using SIP only so you can take a look at the dialplan/public.xml file of the default configs. On the end of that file you will see that there is a verification to do dial plan based authentication.
Look for this extension in particular:
<extension name="check_auth" continue="true">
<condition field="${sip_authorized}" expression="^true$" break="never">
<anti-action application="respond" data="407"/>
</condition>
</extension>
<extension name="transfer_to_default">
<condition>
<action application="transfer" data="${destination_number} XML default"/>
</condition>
</extension>
Regards,
--
João Mesquita
Sent with Sparrow (http://www.sparrowmailapp.com/?sig)
On Friday, March 2, 2012 at 7:09 AM, Miha Zoubek wrote:
> Hi,
>
> in my directory I set variable password (<variable name="password" value="52166"/>) for every user.
>
> After I am doing 302 redirect in my public dialplan and transfer call to extension, I can not use varible pasword.
> How can I get varible password, so that I can authenticate call.
>
> public dialplan:
>
> <anti-action application="log" data="INFO ################# CALL FORWARD ################\n"/>
> <!-- <anti-action application="log" data=" INFO sip_redirect_contact_={ip_redirect_contact_}" /> -->
> <!-- <anti-action application="set" data="sip_redirect_contex=default" /> -->
> <anti-action application="info"/>
> <anti-action application="set" data="process_cdr=false"/>
> <anti-action application="execute_extension" data="IZVEDI_PREUSMERITEV XML default"/>
>
> default dialplan:
>
> <condition field="destination_number" expression="IZVEDI_PREUSMERITEV" />
> <condition field="${sip_redirect_contact_user_0}" expression="^0(\d+)$" >
> <action application="set" data="process_cdr=true"/>
> <action inline="true" application="set" data="CALLINGNUMBER=${sip_redirect_contact_user_0}"/>
> <action inline="true" application="set" data="USERNAME=${sip_req_user}"/>
>
>
>
>
> <action application="info"/>
>
> <action application="set" data="effective_caller_id_name=${sip_req_user}"/>
> <action application="set" data="origination_caller_id_name=${sip_req_user} "/>
>
>
> <action inline="true" application="set" data="PASSWD=${password}"/>
> <action application="execute_extension" data="RADIUS_ANI_AUTH XML default"/>
> <action application="enum" data="386${sip_redirect_contact_user_0:1} enumsbc.softnet.si (http://enumsbc.softnet.si)"/>
>
> <action application="bridge" data="{origination_callee_id_name='${effective_caller_id_name}'}${enum_auto_route}"/>
>
>
> <action application="info"/>
> <action application="bridge" data="sofia/external/386${sip_redirect_contact_user_0:1}@xxx.xxx.xxx.xxx" (mailto:sofia/external/386${sip_redirect_contact_user_0:1}@xxx.xxx.xxx.xxx) />
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org (mailto:consulting at freeswitch.org)
> http://www.freeswitchsolutions.com
>
>
>
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org (mailto:FreeSWITCH-users at lists.freeswitch.org)
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120304/6603fd7d/attachment-0001.html
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list