michael@17: LCR module authentication extention (contribution)
michael@17: 
michael@17: Rationale
michael@17: 
michael@17: An orthoganal approach to abstract authentication logic out of the
michael@17: routing script improves administration by keeping unnecessarily hard
michael@17: coded authentication credentials out of the routing script.
michael@17: 
michael@17: Usage
michael@17: 
michael@17: The new lcr module parameters which achieve this are 'auth_realm_avp',
michael@17: 'auth_username_avp', and 'auth_password_avp'. To specify where the lcr
michael@17: module should write these values set the parameters like so:
michael@17: 
michael@17:   modparam("lcr", "auth_realm_avp", "$avp(s:arealm)")
michael@17:   modparam("lcr", "auth_username_avp", "$avp(s:auser)")
michael@17:   modparam("lcr", "auth_password_avp", "$avp(s:apass)")
michael@17: 
michael@17: Typically these parameters are used in conjunction with the uac modules
michael@17: uac_auth() function, which uses similar variables which are specified in
michael@17: a similar manner. In fact, the parameters of both lcr and uac modules
michael@17: can be specified at the same time like so:
michael@17: 
michael@17:   modparam("uac|lcr", "auth_realm_avp", "$avp(s:arealm)")
michael@17:   modparam("uac|lcr", "auth_username_avp", "$avp(s:auser)")
michael@17:   modparam("uac|lcr", "auth_password_avp", "$avp(s:apass)")
michael@17: 
michael@17: In addition to the existing column module parameters, specify the name
michael@17: of each of the new gw table columns like so:
michael@17: 
michael@17:   modparam("lcr", "user_column", "user")
michael@17:   modparam("lcr", "realm_column", "realm")
michael@17:   modparam("lcr", "passwd_column", "passwd")
michael@17: 
michael@17: At this point the new functionality of the lcr module is ready to be
michael@17: used. Enter values into the gw table with its new columns and call the
michael@17: standard lcr module functions load_gws() and next_gw().
michael@17: 
michael@17: Result
michael@17: 
michael@17: After calling load_gws() and next_gw(), inspect the variables associated
michael@17: with the user, realm, and password columns (see the modparam entries) to
michael@17: find that the lcr module can now hand off authentication credentials to
michael@17: other modules with ease.
michael@17: 
michael@17: Location
michael@17: 
michael@17: http://scm.europalab.com/contrib/opensips/
michael@17: http://scm.europalab.com/contrib/file/tip/opensips/
michael@17: http://scm.europalab.com/contrib/file/tip/opensips/lcr-auth.txt
michael@17: http://scm.europalab.com/contrib/file/tip/opensips/lcr-auth.diff
michael@17: 
michael@17: Instructions
michael@17: 
michael@17: To integrate this contributed logic into the source code tree of
michael@17: a OpenSIPS distribution, download the unified diff and use the
michael@17: patch(1) command:
michael@17: 
michael@17:   $ cd /tmp && mkdir lcr-patch && cd lcr-patch
michael@17:   $ wget http://scm.europalab.com/contrib/raw-file/tip/opensips/lcr-auth.diff
michael@17:   $ tar zxf /tmp/opensips-<version>-tls.tar.gz
michael@17:   $ cd opensips-<version>-tls
michael@17:   $ patch -p0 <../lcr-auth.diff
michael@17: 
michael@17: Disclaimer
michael@17: 
michael@17: This software contribution is based on source code from OpenSIPS SVN
michael@17: revision 6590. The author makes no guarantees as to this contribution.
michael@17: A user who downloads and executes it does so at his own risk.
michael@17: 
michael@17: Michael Schloh von Bennewitz
michael@17: http://michael.schloh.com/
michael@17: Wednsday, 10. February 2010