– Kamailio SIP Server –

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

old-content:how_to_restrict_calls_to_only_registered_users [2005/12/25 01:00] (current)
Line 1: Line 1:
 +There are a couple of ways to authenticate INVITEs.
  
 +Using membership in the grp table you can try the following:
 +
 +  if (!is_user_in("​From",​ "​active"​)) {
 +    exit;
 +  };
 +
 +You need to insert a username, domain and grp="​active"​ into the grp table for the above test to pass.
 +
 +If you would like to use AVP's, the following example might work for you:
 +
 +  if (avp_db_load("​$from/​username",​ "​s:​active"​)) {
 +    if (!avp_check("​s:​active",​ "​eq/​y/​i"​)) {
 +    exit;
 +    };
 +  };
 +
 +You need to insert a username, domain, attribute="​active",​ value="​y"​ in the usr_preferences for the above test to pass.
 +
 +Another (or additional) test would be to execute the following logic:
 +
 +  if (is_method("​INVITE"​) && !allow_trusted()) {
 +    if (!proxy_authorize("",​ "​subscriber"​)) {
 +      proxy_challenge("",​ "​0"​);​
 +      exit;
 +    } else if (!check_from()) {
 +      sl_send_reply("​403",​ "​Unauthorized:​ From username does not match digest credentials"​);​
 +      exit;
 +    } else {
 +      append_rpid_hf();​
 +    };
 +      consume_credentials();​
 +  };
 +
 +It is possible to use all three methods above at the same time to provide granular control over INVITEs. ​