关于opensips用户认证配置文件 opensips.cfg 使用介绍

opensips用户认证配置文件-opensips.cfg opensips.cfg配置文件，红色标记的为添加修改的部分，亲自测试！

#
# $id: opensips.cfg 9742 2013-02-05 10:24:48z vladut-paiu $
#
# opensips residential configuration script
#     by opensips solutions <team@opensips-solutions.com>
#
# this script was generated via "make menuconfig", from
#   the "residential" scenario.
# you can enable / disable more features / functionalities by
#   re-generating the scenario with different options.#
#
# please refer to the core cookbook at:
#      http://www.opensips.org/resources/docscookbooks
# for a explanation of possible statements, functions and parameters.
#

####### global parameters #########

debug=3
log_stderror=no
log_facility=log_local0

fork=yes
children=4

/* uncomment the following lines to enable debugging */
#debug=6
#fork=no
#log_stderror=yes

/* uncomment the next line to enable the auto temporary blacklisting of
   not available destinations (default disabled) */
#disable_dns_blacklist=no

/* uncomment the next line to enable ipv6 lookup after ipv4 dns
   lookup failures (default disabled) */
#dns_try_ipv6=yes

/* comment the next line to enable the auto discovery of local aliases
   based on revers dns on ips */
auto_aliases=no

# listen=udp:127.0.0.1:5060   # customize me
listen=udp:192.168.139.121:5060   # customize me

disable_tcp=yes

#disable_tls=yes

####### modules section ########

#set module path
mpath="//lib/opensips/modules/"

#### mysql
loadmodule "db_mysql.so"

#### signaling module
loadmodule "signaling.so"

#### stateless module
loadmodule "sl.so"

#### transaction module
loadmodule "tm.so"
modparam("tm", "fr_timer", 5)
modparam("tm", "fr_inv_timer", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)

#### record route module
loadmodule "rr.so"
/* do not append from tag to the rr (no need for this script) */
modparam("rr", "append_fromtag", 0)

#### max forward module
loadmodule "maxfwd.so"

#### sip msg operations module
loadmodule "sipmsgops.so"

#### fifo management interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)

#### uri module
loadmodule "uri.so"
modparam("uri", "use_uri_table", 0)

#### user location module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "nat")
modparam("usrloc", "db_url", "mysql://opensips:opensipsrw@localhost/opensips")
modparam("usrloc", "db_mode", 2)

#### registrar module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "tcp_persistent")

/* uncomment the next line not to allow more than 10 contacts per aor */
#modparam("registrar", "max_contacts", 10)

#### accounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
   if you enable this parameter, be sure the enable "append_fromtag"
   in "rr" module */
modparam("acc", "detect_direction", 0)
modparam("acc", "failed_transaction_flag", "acc_failed")
/* account triggers (flags) */
modparam("acc", "log_flag", "acc_do")
modparam("acc", "log_missed_flag", "acc_missed")

#### auth support
loadmodule "auth.so"
loadmodule "auth_db.so"
modparam("auth", "calculate_ha1", yes)
modparam("auth_db", "db_url", "mysql://opensips:opensipsrw@localhost/opensips")
modparam("auth_db", "password_column", "password")

####### routing logic ########

# main request routing logic

route{
 if (!mf_process_maxfwd_header("10")) {
  sl_send_reply("483","too many hops");
  exit;
 }

 if (has_totag()) {
  # sequential request withing a dialog should
  # take the path determined by record-routing
  if (loose_route()) {
   if (is_method("bye")) {
    setflag(acc_do); # do accounting ...
    setflag(acc_failed); # ... even if the transaction fails
   } else if (is_method("invite")) {
    # even if in most of the cases is useless, do rr for
    # re-invites alos, as some buggy clients do change route set
    # during the dialog.
    record_route();
   }

   # route it out to whatever destination was set by loose_route()
   # in $du (destination uri).
   route(relay);
  } else {
   if ( is_method("ack") ) {
    if ( t_check_trans() ) {
     # non loose-route, but stateful ack; must be an ack after
     # a 487 or e.g. 404 from upstream server
     t_relay();
     exit;
    } else {
     # ack without matching transaction ->
     # ignore and discard
     exit;
    }
   }
   sl_send_reply("404","not here");
  }
  exit;
 }

 # cancel processing
 if (is_method("cancel"))
 {
  if (t_check_trans())
   t_relay();
  exit;
 }

 t_check_trans();

 if ( !(is_method("register")  ) ) {
  if (from_uri==myself)
  {
  } else {
   # if caller is not local, then called number must be local
   if (!uri==myself) {
    send_reply("403","rely forbidden");
    exit;
   }
  }
 }

 # preloaded route checking
 if (loose_route()) {
  xlog("l_err",
  "attempt to route with preloaded route's [$fu/$tu/$ru/$ci]");
  if (!is_method("ack"))
   sl_send_reply("403","preload route denied");
  exit;
 }

 # record routing
 if (!is_method("register|message"))
  record_route();

 # account only invites
 if (is_method("invite")) {
  setflag(acc_do); # do accounting
 }

 if (!uri==myself) {
  append_hf("p-hint: outbound\r\n");
  route(relay);
 }

 # requests for my domain
 if (is_method("publish|subscribe"))
 {
  sl_send_reply("503", "service unavailable");
  exit;
 }

 if (is_method("register"))
 {
  #auth user using mysql db
   if (!www_authorize("192.168.139.121", "subscriber")) {
   www_challenge("192.168.139.121", "0");
          exit;
  }
  #end auth user

  if (   0 ) setflag(tcp_persistent);

  if (!save("location"))
   sl_reply_error();

  exit;
 }

 if ($ru==null) {
  # request with no username in ruri
  sl_send_reply("484","address incomplete");
  exit;
 }

 # do lookup with method filtering
 if (!lookup("location","m")) {
  t_newtran();
  t_reply("404", "not found");
  exit;
 }

 # when routing via usrloc, log the missed calls also
 setflag(acc_missed);
 route(relay);
}

route[relay] {
 # for invites enable some additional helper routes
 if (is_method("invite")) {
  t_on_branch("per_branch_ops");
  t_on_reply("handle_nat");
  #t_on_reply();
  t_on_failure("missed_call");
 }

 if (!t_relay()) {
  send_reply("500","internal error");
 };
 exit;
}

branch_route[per_branch_ops] {
 xlog("new branch at $ru\n");
}

onreply_route[handle_nat] {

 xlog("incoming reply\n");
}

failure_route[missed_call] {
 if (t_was_cancelled()) {
  exit;
 }

 # uncomment the following lines if you want to block client
 # redirect based on 3xx replies.
 ##if (t_check_status("3[0-9][0-9]")) {
 ##t_reply("404","not found");
 ## exit;
 ##}

}