< Previous by Date	Date Index	Next by Date >
< Previous in Thread	Thread Index	Next in Thread >

Re: [reSIProcate-users] Authorization by Proxy to Gateway

From: Roman Rybalko <resiprocate@xxxxxxxxxxx>
Date: Tue, 27 Mar 2018 19:05:55 +0300

I'm thinking of writing a Lemur-plugin for that.

I will hook a response, check if it has aWWW-Authenticate/Proxy-Authenticate challenge, if it does I dig apassword out of UserStore and resend the request with an Authorizationheader added.


It seems rather simple. What am I missing?

Though I don't know yet how to pick a user/password pair if there areseveral ones in UserStore for a realm.

Perhaps I will also need another rewriting plugin to fix To/Fromheaders. May be such plugin already exists somewhere?


Regards,
Roman Rybalko

*From:* Scott Godin
*Sent:*  Tuesday, March 27, 2018 4:31PM +0300
*To:* Roman Rybalko
*Cc:* Resiprocate-users
*Subject:* Re: [reSIProcate-users] Authorization by Proxy to Gateway

repro is a strict SIP Proxy, it will not provide credentials to another
server/UA, it will only pass them along.  I think you have the following
options:
1.  Disable authentication on repro.
2.  Disable authentication on the gateway.
3.  Use an ACL/whitelist on the gateway, so that it will not challenge
any requests from the repro proxy/domain.

Scott

References:
- Re: [reSIProcate-users] Authorization by Proxy to Gateway
  - From: Scott Godin

Prev by Date: Re: [reSIProcate-users] Authorization by Proxy to Gateway
Next by Date: Re: [reSIProcate-users] Authorization by Proxy to Gateway
Previous by thread: Re: [reSIProcate-users] Authorization by Proxy to Gateway
Next by thread: Re: [reSIProcate-users] Authorization by Proxy to Gateway
Index(es):
- Date
- Thread