VoIP Mailing List Archives
Mailing list archives for the VoIP community |
|
| View previous topic :: View next topic |
| Author |
Message |
leon at scarlet-intern...
Guest
|
 Posted: Mon Feb 16, 2009 7:51 am Post subject: [Freeswitch-users] ipauth - directory |
 |
|
Hi all,
I'd really like to know more about this too.
Currently, I have two sip_profiles:
- residential (where users can do authenticated registers and invites)
- transit (where other users can do un-authenticated invites)
Right now, FS is not aware of *who* is accessing the transit profile except for an acl that is set on this profile so unauthorized use is not possible.
But what should I do when I want to allow multiple parties (from different IP addresses) to send their invites to the transit profile, and still be able to differentiate between them ?
I'd like to set some variables, like an accountcode for example, on the basis of what IP address the INVITE originates from.
So, is it possible to not use digest authentication, but still use a dialplan-directory user with IP= field or some such ?
thanks a lot & kind regards,
Leon de Rooij
On Jan 14, 2009, at 4:36 PM, Apostolos Pantsiopoulos wrote:
|
|
| Back to top |
|
 |
anthony.minessale at g...
Guest
|
| Posted: Mon Feb 16, 2009 9:07 am Post subject: [Freeswitch-users] ipauth - directory |
|
|
you have 3 options.
on authenticated users, every <variable> tag in his account will be set on each call from that authenticated user.
1) make them register, this sets the variables automatically
2) use the ACL list with cidr=<cidr of where they will be coming from> this has the same effect with no auth needed.
3) use some other way to differentiate the user and use the set_user application in the dialplan to inherit that user's variables.
On Mon, Feb 16, 2009 at 6:49 AM, Leon de Rooij <leon@scarlet-internet.nl (leon@scarlet-internet.nl)> wrote:
| Quote: | Hi all,
I'd really like to know more about this too.
Currently, I have two sip_profiles:
- residential (where users can do authenticated registers and invites)
- transit (where other users can do un-authenticated invites)
Right now, FS is not aware of *who* is accessing the transit profile except for an acl that is set on this profile so unauthorized use is not possible.
But what should I do when I want to allow multiple parties (from different IP addresses) to send their invites to the transit profile, and still be able to differentiate between them ?
I'd like to set some variables, like an accountcode for example, on the basis of what IP address the INVITE originates from.
So, is it possible to not use digest authentication, but still use a dialplan-directory user with IP= field or some such ?
thanks a lot & kind regards,
Leon de Rooij
On Jan 14, 2009, at 4:36 PM, Apostolos Pantsiopoulos wrote:
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org (Freeswitch-users@lists.freeswitch.org)
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
--
Anthony Minessale II
FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/
AIM: anthm
MSN:anthony_minessale@hotmail.com ([email]MSN%3Aanthony_minessale@hotmail.com[/email])
GTALK/JABBER/PAYPAL:anthony.minessale@gmail.com ([email]PAYPAL%3Aanthony.minessale@gmail.com[/email])
IRC: irc.freenode.net #freeswitch
FreeSWITCH Developer Conference
sip:888@conference.freeswitch.org ([email]sip%3A888@conference.freeswitch.org[/email])
iax:guest@conference.freeswitch.org/888
googletalk:conf+888@conference.freeswitch.org ([email]googletalk%3Aconf%2B888@conference.freeswitch.org[/email])
pstn:213-799-1400 |
|
| Back to top |
|
|
leon at scarlet-intern...
Guest
|
| Posted: Wed Feb 18, 2009 9:06 am Post subject: [Freeswitch-users] ipauth - directory |
|
|
Hi Anthony,
I tried your second option, but how does it work with xml-curl then ? As far as I understand it, this doesn't work by doing a user-directory xml lookup at INVITE time, or does it ?
Or does it want to generate an ACL at FS startup and filling up all the allow-nodes by polling the entire domain, filtering out all users with CIDR entry and putting those in the ACL itself ?
If so, is that the reason why FS tries (at startup) to POST to the webserver with:
hostname=test§ion=directory&tag_name=domain&key_name=name&key_value=test.com&domain=test.com&purpose=network-list
?
Thanks & regards,
Leon
On Feb 16, 2009, at 3:04 PM, Anthony Minessale wrote:
| Quote: | you have 3 options.
on authenticated users, every <variable> tag in his account will be set on each call from that authenticated user.
1) make them register, this sets the variables automatically
2) use the ACL list with cidr=<cidr of where they will be coming from> this has the same effect with no auth needed.
3) use some other way to differentiate the user and use the set_user application in the dialplan to inherit that user's variables.
On Mon, Feb 16, 2009 at 6:49 AM, Leon de Rooij <leon@scarlet-internet.nl (leon@scarlet-internet.nl)> wrote:
| Quote: | Hi all,
I'd really like to know more about this too.
Currently, I have two sip_profiles:
- residential (where users can do authenticated registers and invites)
- transit (where other users can do un-authenticated invites)
Right now, FS is not aware of *who* is accessing the transit profile except for an acl that is set on this profile so unauthorized use is not possible.
But what should I do when I want to allow multiple parties (from different IP addresses) to send their invites to the transit profile, and still be able to differentiate between them ?
I'd like to set some variables, like an accountcode for example, on the basis of what IP address the INVITE originates from.
So, is it possible to not use digest authentication, but still use a dialplan-directory user with IP= field or some such ?
thanks a lot & kind regards,
Leon de Rooij
On Jan 14, 2009, at 4:36 PM, Apostolos Pantsiopoulos wrote:
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org (Freeswitch-users@lists.freeswitch.org)
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
--
Anthony Minessale II
FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/
AIM: anthm
MSN:anthony_minessale@hotmail.com ([email]MSN%3Aanthony_minessale@hotmail.com[/email])
GTALK/JABBER/PAYPAL:anthony.minessale@gmail.com ([email]PAYPAL%3Aanthony.minessale@gmail.com[/email])
IRC: irc.freenode.net #freeswitch
FreeSWITCH Developer Conference
sip:888@conference.freeswitch.org ([email]sip%3A888@conference.freeswitch.org[/email])
iax:guest@conference.freeswitch.org/888
googletalk:conf+888@conference.freeswitch.org ([email]googletalk%3Aconf%2B888@conference.freeswitch.org[/email])
pstn:213-799-1400
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org (Freeswitch-users@lists.freeswitch.org)
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
|
|
| Back to top |
|
|
anthony.minessale at g...
Guest
|
| Posted: Wed Feb 18, 2009 9:16 am Post subject: [Freeswitch-users] ipauth - directory |
|
|
yes that is correct.
On Wed, Feb 18, 2009 at 8:03 AM, Leon de Rooij <leon@scarlet-internet.nl (leon@scarlet-internet.nl)> wrote:
| Quote: | Hi Anthony,
I tried your second option, but how does it work with xml-curl then ? As far as I understand it, this doesn't work by doing a user-directory xml lookup at INVITE time, or does it ?
Or does it want to generate an ACL at FS startup and filling up all the allow-nodes by polling the entire domain, filtering out all users with CIDR entry and putting those in the ACL itself ?
If so, is that the reason why FS tries (at startup) to POST to the webserver with:
hostname=test§ion=directory&tag_name=domain&key_name=name&key_value=test.com&domain=test.com&purpose=network-list
?
Thanks & regards,
Leon
On Feb 16, 2009, at 3:04 PM, Anthony Minessale wrote:
| Quote: | you have 3 options.
on authenticated users, every <variable> tag in his account will be set on each call from that authenticated user.
1) make them register, this sets the variables automatically
2) use the ACL list with cidr=<cidr of where they will be coming from> this has the same effect with no auth needed.
3) use some other way to differentiate the user and use the set_user application in the dialplan to inherit that user's variables.
On Mon, Feb 16, 2009 at 6:49 AM, Leon de Rooij <leon@scarlet-internet.nl (leon@scarlet-internet.nl)> wrote:
| Quote: | Hi all,
I'd really like to know more about this too.
Currently, I have two sip_profiles:
- residential (where users can do authenticated registers and invites)
- transit (where other users can do un-authenticated invites)
Right now, FS is not aware of *who* is accessing the transit profile except for an acl that is set on this profile so unauthorized use is not possible.
But what should I do when I want to allow multiple parties (from different IP addresses) to send their invites to the transit profile, and still be able to differentiate between them ?
I'd like to set some variables, like an accountcode for example, on the basis of what IP address the INVITE originates from.
So, is it possible to not use digest authentication, but still use a dialplan-directory user with IP= field or some such ?
thanks a lot & kind regards,
Leon de Rooij
On Jan 14, 2009, at 4:36 PM, Apostolos Pantsiopoulos wrote:
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org (Freeswitch-users@lists.freeswitch.org)
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
--
Anthony Minessale II
FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/
AIM: anthm
MSN:anthony_minessale@hotmail.com ([email]MSN%3Aanthony_minessale@hotmail.com[/email])
GTALK/JABBER/PAYPAL:anthony.minessale@gmail.com ([email]PAYPAL%3Aanthony.minessale@gmail.com[/email])
IRC: irc.freenode.net #freeswitch
FreeSWITCH Developer Conference
sip:888@conference.freeswitch.org ([email]sip%3A888@conference.freeswitch.org[/email])
iax:guest@conference.freeswitch.org/888
googletalk:conf+888@conference.freeswitch.org ([email]googletalk%3Aconf%2B888@conference.freeswitch.org[/email])
pstn:213-799-1400
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org (Freeswitch-users@lists.freeswitch.org)
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org (Freeswitch-users@lists.freeswitch.org)
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
--
Anthony Minessale II
FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/
AIM: anthm
MSN:anthony_minessale@hotmail.com ([email]MSN%3Aanthony_minessale@hotmail.com[/email])
GTALK/JABBER/PAYPAL:anthony.minessale@gmail.com ([email]PAYPAL%3Aanthony.minessale@gmail.com[/email])
IRC: irc.freenode.net #freeswitch
FreeSWITCH Developer Conference
sip:888@conference.freeswitch.org ([email]sip%3A888@conference.freeswitch.org[/email])
iax:guest@conference.freeswitch.org/888
googletalk:conf+888@conference.freeswitch.org ([email]googletalk%3Aconf%2B888@conference.freeswitch.org[/email])
pstn:213-799-1400 |
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
Search
