关于opensips用户认证配置文件 opensips.cfg 使用介绍

opensips用户认证配置文件-opensips.cfg opensips.cfg配置文件,红色标记的为添加修改的部分,亲自测试!

#
# $Id: opensips.cfg 9742 2013-02-05 10:24:48Z vladut-paiu $
#
# OpenSIPS residential configuration script
#     by OpenSIPS Solutions <team@opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
#   the "Residential" scenario.
# You can enable / disable more features / functionalities by
#   re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
#      http://www.opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#

####### Global Parameters #########

debug=3
log_stderror=no
log_facility=LOG_LOCAL0

fork=yes
children=4

/* uncomment the following lines to enable debugging */
#debug=6
#fork=no
#log_stderror=yes

/* uncomment the next line to enable the auto temporary blacklisting of
   not available destinations (default disabled) */
#disable_dns_blacklist=no

/* uncomment the next line to enable IPv6 lookup after IPv4 dns
   lookup failures (default disabled) */
#dns_try_ipv6=yes

/* comment the next line to enable the auto discovery of local aliases
   based on revers DNS on IPs */
auto_aliases=no

# listen=udp:127.0.0.1:5060   # CUSTOMIZE ME
listen=udp:192.168.139.121:5060   # CUSTOMIZE ME

disable_tcp=yes

#disable_tls=yes

####### Modules Section ########

#set module path
mpath="//lib/opensips/modules/"

#### MySQL
loadmodule "db_mysql.so"

#### SIGNALING module
loadmodule "signaling.so"

#### StateLess module
loadmodule "sl.so"

#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timer", 5)
modparam("tm", "fr_inv_timer", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)

#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)

#### MAX ForWarD module
loadmodule "maxfwd.so"

#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"

#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)

#### URI module
loadmodule "uri.so"
modparam("uri", "use_uri_table", 0)

#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "NAT")
modparam("usrloc", "db_url", "mysql://opensips:opensipsrw@localhost/opensips")
modparam("usrloc", "db_mode", 2)

#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")

/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)

#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
   if you enable this parameter, be sure the enable "append_fromtag"
   in "rr" module */
modparam("acc", "detect_direction", 0)
modparam("acc", "failed_transaction_flag", "ACC_FAILED")
/* account triggers (flags) */
modparam("acc", "log_flag", "ACC_DO")
modparam("acc", "log_missed_flag", "ACC_MISSED")

#### Auth support
loadmodule "auth.so"
loadmodule "auth_db.so"
modparam("auth", "calculate_ha1", yes)
modparam("auth_db", "db_url", "mysql://opensips:opensipsrw@localhost/opensips")
modparam("auth_db", "password_column", "password")

####### Routing Logic ########

# main request routing logic

route{
 if (!mf_process_maxfwd_header("10")) {
  sl_send_reply("483","Too Many Hops");
  exit;
 }

if (has_totag()) {
  # sequential request withing a dialog should
  # take the path determined by record-routing
  if (loose_route()) {
   if (is_method("BYE")) {
    setflag(ACC_DO); # do accounting ...
    setflag(ACC_FAILED); # ... even if the transaction fails
   } else if (is_method("INVITE")) {
    # even if in most of the cases is useless, do RR for
    # re-INVITEs alos, as some buggy clients do change route set
    # during the dialog.
    record_route();
   }

# route it out to whatever destination was set by loose_route()
   # in $du (destination URI).
   route(relay);
  } else {
   if ( is_method("ACK") ) {
    if ( t_check_trans() ) {
     # non loose-route, but stateful ACK; must be an ACK after
     # a 487 or e.g. 404 from upstream server
     t_relay();
     exit;
    } else {
     # ACK without matching transaction ->
     # ignore and discard
     exit;
    }
   }
   sl_send_reply("404","Not here");
  }
  exit;
 }

# CANCEL processing
 if (is_method("CANCEL"))
 {
  if (t_check_trans())
   t_relay();
  exit;
 }

t_check_trans();

if ( !(is_method("REGISTER")  ) ) {
  if (from_uri==myself)
  {
  } else {
   # if caller is not local, then called number must be local
   if (!uri==myself) {
    send_reply("403","Rely forbidden");
    exit;
   }
  }
 }

# preloaded route checking
 if (loose_route()) {
  xlog("L_ERR",
  "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");
  if (!is_method("ACK"))
   sl_send_reply("403","Preload Route denied");
  exit;
 }

# record routing
 if (!is_method("REGISTER|MESSAGE"))
  record_route();

# account only INVITEs
 if (is_method("INVITE")) {
  setflag(ACC_DO); # do accounting
 }

if (!uri==myself) {
  append_hf("P-hint: outbound\r\n");
  route(relay);
 }

# requests for my domain
 if (is_method("PUBLISH|SUBSCRIBE"))
 {
  sl_send_reply("503", "Service Unavailable");
  exit;
 }

if (is_method("REGISTER"))
 {
  #auth user using mysql DB
   if (!www_authorize("192.168.139.121", "subscriber")) {
   www_challenge("192.168.139.121", "0");
          exit;
  }
  #end auth user

if (   0 ) setflag(TCP_PERSISTENT);

if (!save("location"))
   sl_reply_error();

exit;
 }

if ($rU==NULL) {
  # request with no Username in RURI
  sl_send_reply("484","Address Incomplete");
  exit;
 }

# do lookup with method filtering
 if (!lookup("location","m")) {
  t_newtran();
  t_reply("404", "Not Found");
  exit;
 }

# when routing via usrloc, log the missed calls also
 setflag(ACC_MISSED);
 route(relay);
}

route[relay] {
 # for INVITEs enable some additional helper routes
 if (is_method("INVITE")) {
  t_on_branch("per_branch_ops");
  t_on_reply("handle_nat");
  #t_on_reply();
  t_on_failure("missed_call");
 }

if (!t_relay()) {
  send_reply("500","Internal Error");
 };
 exit;
}

branch_route[per_branch_ops] {
 xlog("new branch at $ru\n");
}

onreply_route[handle_nat] {

xlog("incoming reply\n");
}

failure_route[missed_call] {
 if (t_was_cancelled()) {
  exit;
 }

# uncomment the following lines if you want to block client
 # redirect based on 3xx replies.
 ##if (t_check_status("3[0-9][0-9]")) {
 ##t_reply("404","Not found");
 ## exit;
 ##}

}

(0)

相关推荐

  • 关于opensips用户认证配置文件 opensips.cfg 使用介绍

    opensips用户认证配置文件-opensips.cfg opensips.cfg配置文件,红色标记的为添加修改的部分,亲自测试! ## $Id: opensips.cfg 9742 2013-02-05 10:24:48Z vladut-paiu $## OpenSIPS residential configuration script#     by OpenSIPS Solutions <team@opensips-solutions.com>## This script was ge

  • 基于ubuntu中使用mysql实现opensips用户认证的解决方法

    1 MySQL支持 1.1 MySQL模块支持 默认安装时,不包含MySQL模块. opensipsctlrc文件中包含了数据库配置的信息,要想让opensips支持mysql数据库,在编译安装的时候 就要支持mysql模块.方法如下: (1)修改opensips中的Makefile.conf,在exclude_modules中去掉db_mysql,在include_modules中 添加db_mysql,然后重新编译安装.要添加支持的模块都可以这样操作. (2)编译时指定,make inclu

  • Nginx用户认证配置方法详解(域名/目录)

    Nginx可以为某一个域名单独加用户认证,具体做法如下: 1. 生成用户认证的用户名和密码: 复制代码 代码如下: #wget -c soft.vpser.net/lnmp/ext/htpasswd.sh;bash htpasswd.sh 根据提示输入: 用户名:密码:文件名: 脚本会自动生成认证文件,auth.conf内容如下: 复制代码 代码如下: /usr/local/nginx/conf/auth.conf 2. 为Nginx添加auth认证配置 下面以某域名下面的auth目录为例,在域

  • asp.net5中用户认证与授权(2)

    上篇文章给大家介绍了asp.net5中用户认证与授权(1),基础建立好了,紧接着就要创建对基础类进行操作的类,也就是实现基础类的增删改查当然,为了使用asp.net5的认证机制,这些都是通过特定的接口来实现的. 比如,对于角色来说,角色管理要实现的接口如下: public interface IQueryableRoleStore<TRole> : IRoleStore<TRole>, IDisposable where TRole : class { IQueryable<

  • 深入理解Django中内置的用户认证

    前言 本文主要给大家介绍了关于Django中内置用户认证的相关内容,分享出来供大家参考学习,下面话不多说了,来一起看看详细的介绍吧. 认证登陆 在进行用户登陆验证的时候,如果是自己写代码,就必须要先查询数据库,看用户输入的用户名是否存在于数据库中: 如果用户存在于数据库中,然后再验证用户输入的密码,这样一来就要自己编写大量的代码. 事实上,Django已经提供了内置的用户认证功能. 在使用"python manage.py makemigrationss"和"python m

  • Apache服务器的用户认证

    经常上网的读者会遇到这种情况:访问一些网站的某些资源时,浏览器弹出一个对话框,要求输入用户名和密码来获取对资源的访问.这就是用户认证的一种技术.用户认证是保护网络系统资源的第一道防线,它控制着所有登录并检查访问用户的合法性,其目标是仅让合法用户以合法的权限访问网络系统的资源.基本的用户认证技术是"用户名+密码". Apache是目前流行的Web服务器,可运行在Linux.Unix.Windows等操作系统下,它可以很好地解决"用户名+密码"的认证问题.Apache用

  • spring cloud-给Eureka Server加上安全的用户认证详解

    前言 在前面的一篇文章中spring cloud中启动Eureka Server我们启动了Eureka Server,然后在浏览器中输入http://localhost:8761/后,直接回车,就进入了spring cloud的服务治理页面,这么做在生产环境是极不安全的,下面,我们就给Eureka Server加上安全的用户认证. 一.添加spring-security支持 <dependency> <groupId>org.springframework.boot</gro

  • 配置Linux使用LDAP用户认证的方法

    我这里使用的是CentOS完成的LDAP用户管理,可能与网上的大部分教程不同,不过写出来了,那么是肯定能用的了,不过会有部分文件,忘指教. 这里使用的 OPENLdap 配合 CentOS7 完成的用户管理,需要配置 nssswitch .pam 和 sssd 3个服务,需要先有一定的了解才能完成本文的配置. 基础配置# 1.完成yum源的配置 mkdir /root/back tar -Jcvf /root/back/yum.repos.d-`date '+(%Y.%m.%d_%H:%M:%S

  • Spring Cloud OAuth2 实现用户认证及单点登录的示例代码

    OAuth 2 有四种授权模式,分别是授权码模式(authorization code).简化模式(implicit).密码模式(resource owner password credentials).客户端模式(client credentials),具体 OAuth2 是什么,可以参考这篇文章.(http://www.ruanyifeng.com/blog/2014/05/oauth_2_0.html) 本文我们将使用授权码模式和密码模式两种方式来实现用户认证和授权管理. OAuth2 其

  • YII2框架中自定义用户认证模型,完成登陆和注册操作示例

    本文实例讲述了YII2框架中自定义用户认证模型,完成登陆和注册操作.分享给大家供大家参考,具体如下: 有些时候我们需要自已定义用户类,操作自已建的用户表,来完成登陆和注册功能. 用户表结构如下,当然可以根据自已的需要添加或删除: CREATE TABLE `tb_user` ( `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT '用户ID', `name` varchar(32) DEFAULT '' COMMENT '用户名', `pw

随机推荐