| < Previous by Date | Date Index | Next by Date > |
| Thread Index |
Hi,I've been looking at ServerAuthManager in DUM and felt that it would be useful to:
a) provide a way for subclasses to specify the realm to be sent in a challenge
b) allow subclasses to over-ride authorizedForThisIdentity and thereby determine which requests are authorized using their own algorithm
I have attached my patches below.I am also looking at whether ServerAuthManager can perform optional authentication - in other words, some sessions require authentication while others don't. Is the stack intended to be used in such a way?
A typical example is: - peer A is authenticated by username/password - peer B is authenticated by IP- peer C is not authenticated, but is allowed to make calls to a restricted set of URIs - he is only sent a 407 challenge if the URI he is calling matches a particular pattern
Regards,
Daniel
Index: resip/dum/ServerAuthManager.cxx
===================================================================
--- resip/dum/ServerAuthManager.cxx (revision 5828)
+++ resip/dum/ServerAuthManager.cxx (working copy)
@@ -186,7 +186,11 @@
return ((fromUri.user() == user) && (fromUri.host() == realm));
}
+const Data& ServerAuthManager::getChallengeRealm(const SipMessage& msg) {
+ return msg.header(h_RequestLine).uri().host();
+}
+
// return true if request has been consumed
ServerAuthManager::Result
ServerAuthManager::handle(SipMessage* sipMsg)
Index: resip/dum/ServerAuthManager.hxx
===================================================================
--- resip/dum/ServerAuthManager.hxx (revision 5828)
+++ resip/dum/ServerAuthManager.hxx (working copy)
@@ -49,9 +49,10 @@
typedef std::map<Data, SipMessage*> MessageMap;
MessageMap mMessages;
- bool authorizedForThisIdentity(const resip::Data &user,
+ virtual bool authorizedForThisIdentity(const resip::Data &user,
const resip::Data &realm,
resip::Uri &fromUri);
+ virtual const Data& getChallengeRealm(const SipMessage& msg);
};
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature