– Kamailio SIP Server –

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
examples:restrict-calls-to-registered-users [2011/08/19 09:02]
92.112.119.221
examples:restrict-calls-to-registered-users [2012/03/22 13:41] (current)
80.250.1.245 removed spam
Line 1: Line 1:
 +====== How to restrict calls to only registered users ======
 +
 +
 +There are a couple of ways to authenticate INVITEs.
 +
 +Using membership in the grp table you can try the following:
 +
 +  if (!is_user_in("​From",​ "​active"​)) {
 +    exit;
 +  };
 +
 +You need to insert a username, domain and grp="​active"​ into the grp table for the above test to pass.
 +
 +If you would like to use AVP's, the following example might work for you:
 +
 +  if (avp_db_load("​$from/​username",​ "​s:​active"​)) {
 +    if (!avp_check("​s:​active",​ "​eq/​y/​i"​)) {
 +    exit;
 +    };
 +  };
 +
 +You need to insert a username, domain, attribute="​active",​ value="​y"​ in the usr_preferences for the above test to pass.
 +
 +Another (or additional) test would be to execute the following logic:
 +
 +  if (is_method("​INVITE"​) && !allow_trusted()) {
 +    if (!proxy_authorize("",​ "​subscriber"​)) {
 +      proxy_challenge("",​ "​0"​);​
 +      exit;
 +    } else if (!check_from()) {
 +      sl_send_reply("​403",​ "​Unauthorized:​ From username does not match digest credentials"​);​
 +      exit;
 +    } else {
 +      append_rpid_hf();​
 +    };
 +      consume_credentials();​
 +  };
 +
 +It is possible to use all three methods above at the same time to provide granular control over INVITEs. ​