[Freeswitch-users] ipauth - directory

Leon de Rooij leon at scarlet-internet.nl
Wed Feb 18 06:03:52 PST 2009 

Hi Anthony,

I tried your second option, but how does it work with xml-curl then ?  
As far as I understand it, this doesn't work by doing a user-directory  
xml lookup at INVITE time, or does it ?

Or does it want to generate an ACL at FS startup and filling up all  
the allow-nodes by polling the entire domain, filtering out all users  
with CIDR entry and putting those in the ACL itself ?

If so, is that the reason why FS tries (at startup) to POST to the  
webserver with:
hostname 
= 
test 
&section 
= 
directory 
&tag_name 
= 
domain 
&key_name=name&key_value=test.com&domain=test.com&purpose=network-list

?

Thanks & regards,

Leon


On Feb 16, 2009, at 3:04 PM, Anthony Minessale wrote:

> you have 3 options.
> on authenticated users, every <variable> tag in his account will be  
> set on each call from that authenticated user.
>
> 1) make them register, this sets the variables automatically
> 2) use the ACL list with cidr=<cidr of where they will be coming  
> from> this has the same effect with no auth needed.
> 3) use some other way to differentiate the user and use the set_user  
> application in the dialplan to inherit that user's variables.
>
>
>
> On Mon, Feb 16, 2009 at 6:49 AM, Leon de Rooij <leon at scarlet-internet.nl 
> > wrote:
> Hi all,
>
> I'd really like to know more about this too.
>
> Currently, I have two sip_profiles:
>
> - residential (where users can do authenticated registers and invites)
> - transit (where other users can do un-authenticated invites)
>
> Right now, FS is not aware of *who* is accessing the transit profile  
> except for an acl that is set on this profile so unauthorized use is  
> not possible.
>
> But what should I do when I want to allow multiple parties (from  
> different IP addresses) to send their invites to the transit  
> profile, and still be able to differentiate between them ?
>
> I'd like to set some variables, like an accountcode for example, on  
> the basis of what IP address the INVITE originates from.
>
> So, is it possible to not use digest authentication, but still use a  
> dialplan-directory user with IP= field or some such ?
>
> thanks a lot & kind regards,
>
> Leon de Rooij
>
>
>
> On Jan 14, 2009, at 4:36 PM, Apostolos Pantsiopoulos wrote:
>
>> Yes I know that. But what does the "ip=" setting do?
>>
>> Brian West wrote:
>>>
>>> cidr= and the domains acl in acl.conf.xml then apply that ACL to the
>>> sofia profile.
>>>
>>> /b
>>>
>>> On Jan 14, 2009, at 9:15 AM, Apostolos Pantsiopoulos wrote:
>>>
>>>
>>>> I noticed an "ip=" setting in the brian.xml sample file.
>>>> The comments state that this is used for ipauth (IP based
>>>> authentication?)
>>>>
>>>> What exactly is this setting. I cannot find anything in the wiki
>>>> about it.
>>>> Does it replace the use of the
>>>>
>>>> <param name="auth-calls" value="false"/> + ACL
>>>>
>>>> mechanism for IP authentication?
>>>>
>>> _______________________________________________
>>> Freeswitch-users mailing list
>>> Freeswitch-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>
>>
>> -- 
>> -------------------------------------------
>> Apostolos Pantsiopoulos
>> Kinetix Tele.com R & D
>> email: regs at kinetix.gr
>> -------------------------------------------
>> _______________________________________________
>> Freeswitch-users mailing list
>> Freeswitch-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
>
> -- 
> Anthony Minessale II
>
> FreeSWITCH http://www.freeswitch.org/
> ClueCon http://www.cluecon.com/
>
> AIM: anthm
> MSN:anthony_minessale at hotmail.com
> GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com
> IRC: irc.freenode.net #freeswitch
>
> FreeSWITCH Developer Conference
> sip:888 at conference.freeswitch.org
> iax:guest at conference.freeswitch.org/888
> googletalk:conf+888 at conference.freeswitch.org
> pstn:213-799-1400
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20090218/17eecf9a/attachment-0002.html

More information about the FreeSWITCH-users mailing list