This module contains all authentication related functions for an IMS environment. The module does not depend on the base Kamailio auth modules as other auth modules do. Instead ims_auth is dependent on the CDP (C Diameter Peer) modules for communicating with HSS as specified in 3GPP specs.
| Parámetro | Tipo | Descripción |
|---|---|---|
| name | string | 3.2. auth_data_hash_size (integer) 3.3. auth_vector_timeout (integer) 3.4. auth_data_timeout (int) 3.5. av_request_at_once (integer) 3.6. av_request_at_sync (integer) 3.7. registration_default_algorit |
| auth_data_hash_size | integer | 3.3. auth_vector_timeout (integer) 3.4. auth_data_timeout (int) 3.5. av_request_at_once (integer) 3.6. av_request_at_sync (integer) 3.7. registration_default_algorithm (string) 3.8. registration_qop ( |
| auth_vector_timeout | integer | 3.4. auth_data_timeout (int) 3.5. av_request_at_once (integer) 3.6. av_request_at_sync (integer) 3.7. registration_default_algorithm (string) 3.8. registration_qop (string) 3.9. cxdx_forced_peer (stri |
| auth_data_timeout | int | 3.5. av_request_at_once (integer) 3.6. av_request_at_sync (integer) 3.7. registration_default_algorithm (string) 3.8. registration_qop (string) 3.9. cxdx_forced_peer (string) 3.10. cxdx_dest_realm (st |
| av_request_at_once | integer | 3.6. av_request_at_sync (integer) 3.7. registration_default_algorithm (string) 3.8. registration_qop (string) 3.9. cxdx_forced_peer (string) 3.10. cxdx_dest_realm (string) 3.11. cxdx_dest_host (string |
| av_request_at_sync | integer | 3.7. registration_default_algorithm (string) 3.8. registration_qop (string) 3.9. cxdx_forced_peer (string) 3.10. cxdx_dest_realm (string) 3.11. cxdx_dest_host (string) 3.12. max_nonce_reuse (integer) |
| registration_default_algorithm | string | 3.8. registration_qop (string) 3.9. cxdx_forced_peer (string) 3.10. cxdx_dest_realm (string) 3.11. cxdx_dest_host (string) 3.12. max_nonce_reuse (integer) 3.13. add_authinfo_hdr (integer) 3.14. ignore |
| registration_qop | string | 3.9. cxdx_forced_peer (string) 3.10. cxdx_dest_realm (string) 3.11. cxdx_dest_host (string) 3.12. max_nonce_reuse (integer) 3.13. add_authinfo_hdr (integer) 3.14. ignore_failed_auth (integer) 3.15. av |
| cxdx_forced_peer | string | 3.10. cxdx_dest_realm (string) 3.11. cxdx_dest_host (string) 3.12. max_nonce_reuse (integer) 3.13. add_authinfo_hdr (integer) 3.14. ignore_failed_auth (integer) 3.15. av_check_only_impu (integer) 3.16 |
| cxdx_dest_realm | string | 3.11. cxdx_dest_host (string) 3.12. max_nonce_reuse (integer) 3.13. add_authinfo_hdr (integer) 3.14. ignore_failed_auth (integer) 3.15. av_check_only_impu (integer) 3.16. av_mode (integer) |
| cxdx_dest_host | string | 3.12. max_nonce_reuse (integer) 3.13. add_authinfo_hdr (integer) 3.14. ignore_failed_auth (integer) 3.15. av_check_only_impu (integer) 3.16. av_mode (integer) |
| max_nonce_reuse | integer | 3.13. add_authinfo_hdr (integer) 3.14. ignore_failed_auth (integer) 3.15. av_check_only_impu (integer) 3.16. av_mode (integer) |
| add_authinfo_hdr | integer | 3.14. ignore_failed_auth (integer) 3.15. av_check_only_impu (integer) 3.16. av_mode (integer) |
| ignore_failed_auth | integer | 3.15. av_check_only_impu (integer) 3.16. av_mode (integer) |
| av_check_only_impu | integer | 3.16. av_mode (integer) |
| av_mode | integer | 3.1. name (string) |
| name | string | This is the name of the SCSCF as identified in communication with the HSS (Server-Name AVP of MAR). |
| auth_data_hash_size | integer | This is the size of the hash table used to store auth vectors (AV). Default value is fine for most people. Use the parameter if you really need to change it. |
| auth_vector_timeout | integer | This is the time, in seconds, that a SENTauth vector is valid for. If there is no response ... |
| auth_data_timeout | int | Time, in seconds, a used auth vector is valid for. |
| av_request_at_once | integer | How many auth vectors to request in MAR. |
| av_request_at_sync | integer | How many auth vectors to request at sync. Default value is 1. |
| registration_default_algorithm | string | The default authentication algorithm to use for registration if one is not specified. |
| registration_qop | string | The QOP options to put in the authorisation challenges. |
| cxdx_forced_peer | string | FQDN of Diameter Peer (HSS) to use for communication (MAR). If you use this, the routing defined in your diameter xml configuration file (CDP) will be ignored and as a result you will lose the benefit |
| cxdx_dest_realm | string | Destination realm to be used in Diameter messages to HSS |
| cxdx_dest_host | string | Destination Host to be used in Diameter-MAR messages to HSS |
| max_nonce_reuse | integer | Defines, how many times a nonce can be reused (provided nc is incremented) |
| add_authinfo_hdr | integer | Should an Authentication-Info header be added on 200 OK responses? |
| ignore_failed_auth | integer | Ignore invalid passwords (only IMPI/IMPU is checked). |
4.2. ims_www_authenticate(realm) 4.3. ims_www_challenge(route_block, realm) 4.4. ims_www_challenge(route_block, realm, algorithm) 4.5. ims_proxy_challenge(route_block, realm, table) 4.6. ims_proxy_authenticate(realm, table) 4.7. ims_auth_data_set(key
4.3. ims_www_challenge(route_block, realm) 4.4. ims_www_challenge(route_block, realm, algorithm) 4.5. ims_proxy_challenge(route_block, realm, table) 4.6. ims_proxy_authenticate(realm, table) 4.7. ims_auth_data_set(key, op, op_c, amf) 4.8. ims_auth_da
4.4. ims_www_challenge(route_block, realm, algorithm) 4.5. ims_proxy_challenge(route_block, realm, table) 4.6. ims_proxy_authenticate(realm, table) 4.7. ims_auth_data_set(key, op, op_c, amf) 4.8. ims_auth_data_reset()
4.5. ims_proxy_challenge(route_block, realm, table) 4.6. ims_proxy_authenticate(realm, table) 4.7. ims_auth_data_set(key, op, op_c, amf) 4.8. ims_auth_data_reset()
4.6. ims_proxy_authenticate(realm, table) 4.7. ims_auth_data_set(key, op, op_c, amf) 4.8. ims_auth_data_reset()
4.7. ims_auth_data_set(key, op, op_c, amf) 4.8. ims_auth_data_reset()
4.8. ims_auth_data_reset()
4.1. ims_www_authorize(realm, table)
The function verifies credentials according to RFC2617. If the credentials are verified successfully then the function will succeed and mark the credentials as authorized (marked credentials can be later used by some other functions). If the function
It is the same function as www_authenticate(realm, table). This name is kept for backward compatibility, since it was named this way first time by it actually does user authentication.
Name alias: proxy_authorize(realm, table)
Same as 4.3 except here there is the additional option to specify the authorisation algorithm * algorithm - The algorithm to be used when challenging the client. Can be AKAv1-MD5, AKAv2-MD5, MD5, or HSS-Selected. If left as an empty string, the defau
Name alias: proxy_authorize(realm, table)
It is same function as proxy_authenticate(realm, table). This name is kept for backward compatibility, since it was named this way first time but it actually does user authentication.
Set the key, op, op_c and amf to be used for AKAv1-MD5 authentication when av_mode parameter is set to 1 (authentication vector generated locally). It has to be used before the function for doing authentication.
Reset the authentication attributes when av_mode parameter is set to 1.
Copyright © 2007 FhG FOKUS
Copyright © 2012 Smile Communications
Copyright © 2015 ng-voice GmbH
