[Freeswitch-users] Force digest auth even if acl authenticated

Luiz Fernando Softov fernando at softov.com.br
Sun Jun 28 17:24:46 MSD 2015


In profile


apply-register-acl

Allow users to register from a particular cidr without authenticating

You can set acl in user xml, if the user don't have acl, then it make a
digest


Directory settings:

<user id="1000" number-alias="1000" cidr="12.34.56.78/32,20.0.0.0/8">

Used with in conjunction with apply-inbound-acl and apply-register-acl

<param name="auth-acl" value="1.2.3.0/8"/>

Used in conjunction with auth-calls

Em domingo, 28 de junho de 2015, Luiz Fernando Softov <
fernandosoftov at gmail.com
<javascript:_e(%7B%7D,'cvml','fernandosoftov at gmail.com');>> escreveu:

> In profile
>
>
> apply-register-acl
>
> Allow users to register from a particular cidr without authenticating
>
> Directory settings:
>
> <user id="1000" number-alias="1000" cidr="12.34.56.78/32,20.0.0.0/8">
>
> Used with in conjunction with apply-inbound-acl and apply-register-acl
>
> <param name="auth-acl" value="1.2.3.0/8"/>
>
> Used in conjunction with auth-calls
>
>
>
> Em domingo, 28 de junho de 2015, Luiz Fernando Softov <
> fernandosoftov at gmail.com> escreveu:
>
>> You can set acl in user xml, if the user don't have acl, then it make a
>> digest
>>
>> Em domingo, 28 de junho de 2015, John Nash <john.nash778 at gmail.com>
>> escreveu:
>>
>>> I can always disable ACL and allow packets from certain Ips only at
>>> iptables level but just wanted to check if it can be done some easy way.
>>>
>>> On Sun, Jun 28, 2015 at 4:16 PM, John Nash <john.nash778 at gmail.com>
>>> wrote:
>>>
>>>> Yes if I remove ACL it will auth by digest but I want to keep acl so
>>>> that requests from unwanted ips are rejected straight away.
>>>>
>>>> On Sun, Jun 28, 2015 at 4:10 PM, Stanislav Sinyagin <
>>>> ssinyagin at gmail.com> wrote:
>>>>
>>>>> But why do you need the acl then? If you remove it, you will get all
>>>>> requests authenticated.
>>>>>  On Jun 28, 2015 12:36 PM, "John Nash" <john.nash778 at gmail.com> wrote:
>>>>>
>>>>>> I am using acl but I also want to authenticate all Invites with
>>>>>> digest challenge. The default config does not behave this way. Once my
>>>>>> Invite is authenticated by acl it no longer sends 407.
>>>>>>
>>>>>> Is there any way?
>>>>>>
>>>>>> John
>>>>>>
>>>>>>
>>>>>> _________________________________________________________________________
>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>> consulting at freeswitch.org
>>>>>> http://www.freeswitchsolutions.com
>>>>>>
>>>>>> Official FreeSWITCH Sites
>>>>>> http://www.freeswitch.org
>>>>>> http://confluence.freeswitch.org
>>>>>> http://www.cluecon.com
>>>>>>
>>>>>> FreeSWITCH-users mailing list
>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>> UNSUBSCRIBE:
>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>> http://www.freeswitch.org
>>>>>>
>>>>>
>>>>>
>>>>> _________________________________________________________________________
>>>>> Professional FreeSWITCH Consulting Services:
>>>>> consulting at freeswitch.org
>>>>> http://www.freeswitchsolutions.com
>>>>>
>>>>> Official FreeSWITCH Sites
>>>>> http://www.freeswitch.org
>>>>> http://confluence.freeswitch.org
>>>>> http://www.cluecon.com
>>>>>
>>>>> FreeSWITCH-users mailing list
>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>> UNSUBSCRIBE:
>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>> http://www.freeswitch.org
>>>>>
>>>>
>>>>
>>>
>>
>> --
>> Luiz Fernando Softov
>> http://www.softov.com.br
>> fernando at softov.com.br
>>
>
>
> --
> Luiz Fernando Softov
> http://www.softov.com.br
> fernando at softov.com.br
>


-- 
Luiz Fernando Softov
http://www.softov.com.br
fernando at softov.com.br
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20150628/23014ecb/attachment.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list