– Kamailio SIP Server –

Differences

This shows you the differences between two versions of the page.

--- examples:restrict-calls-to-registered-users [2011/08/19 07:02] – 92.112.119.221
+++ examples:restrict-calls-to-registered-users [2012/03/22 12:41] (current) – removed spam 80.250.1.245
@@ Line 1: / Line 1: @@
+====== How to restrict calls to only registered users ======
+There are a couple of ways to authenticate INVITEs.
+Using membership in the grp table you can try the following:
+  if (!is_user_in("From", "active")) {
+    exit;
+  };
+You need to insert a username, domain and grp="active" into the grp table for the above test to pass.
+If you would like to use AVP's, the following example might work for you:
+  if (avp_db_load("$from/username", "s:active")) {
+    if (!avp_check("s:active", "eq/y/i")) {
+    exit;
+    };
+  };
+You need to insert a username, domain, attribute="active", value="y" in the usr_preferences for the above test to pass.
+Another (or additional) test would be to execute the following logic:
+  if (is_method("INVITE") && !allow_trusted()) {
+    if (!proxy_authorize("", "subscriber")) {
+      proxy_challenge("", "0");
+      exit;
+    } else if (!check_from()) {
+      sl_send_reply("403", "Unauthorized: From username does not match digest credentials");
+      exit;
+    } else {
+      append_rpid_hf();
+    };
+      consume_credentials();
+  };
+It is possible to use all three methods above at the same time to provide granular control over INVITEs.

Trace: