[Spce-user] xcap authentication issue with jitsi auto provisinoing

Barry Flanagan barry at flanagan.ie
Fri Jun 28 06:03:36 EDT 2013


On 22 May 2013 12:48, Andreas Granig <agranig at sipwise.com> wrote:

> Hi Barry,
>
> An update has been pushed to 2.8, you might want to try again the
> auto-provisioning. Again, the restriction still applies that if you've an
> SRV record behind your SIP domain, it will still not work, as Jitsi doesn't
> do SRV for XCAP URIs. Should work in most other cases now though.
>
>
Would it not be better to standardize the XCAP host name to be xcap.$domain
and have nginx strip the "xcap." before setting P-NGCP-XCAP-Host? This
would mean that sites using SRV would work, as well as all other scenarios.

Maybe a config option use_xcap_subdomain which, if set to yes, includes the
logic in nginx.conf to strip it, and in csc.conf adds a parameter which is
checked for in JitsiProvisioning.pm and if yes, then set $xcap_ip =
xcap.$domain.

I really don't want to have to use a subdomain in our SIP URIs - that's
what SRV records are for, and also with the convergence of messaging
with CUSAX it seems silly to be stuck using a URI sip.domain.com for XMPP.

-Barry

 Andreas
>
>
> On 05/22/2013 12:53 PM, Andreas Granig wrote:
>
>> Hi,
>>
>> On 05/17/2013 02:03 PM, Barry Flanagan wrote:
>>
>>> On 17 May 2013 12:51, Oliver Vermeulen <oliver at oliverv.com
>>> <mailto:oliver at oliverv.com>> wrote:
>>>
>>>     Change authentication to username at sipdomain and passwd ,
>>>     provisioning put only username and password.____
>>>
>>>     __
>>>
>>>
>>> I'm not sure what you mean. Change which? Provisioning credentials in
>>> Jitsi are currently user at domain. SIP authentication is working fine. It
>>> is only xcap auth which fails.
>>>
>>
>> The problem with the Jitsi auto-provisioning and XCAP is that it
>> currently uses the IP of the load-balancer as host part of the URL,
>> instead of the SIP domain of the user.
>>
>> What you can try is making a csc.conf.customtt.tt2 in
>> /etc/ngcp-config/templates/**etc/ngcp-www-csc/ and change the "host" to
>> the SIP domain you're using. A more flexible way is to modify
>> /usr/share/perl5/Sipwise/**JitsiProvisioning.pm and change this line:
>>
>>    my $xcap_ip = $cfg->{uaprovisioning}->{xcap}**->{host};
>>
>> to something like
>>
>>     my $xcap_ip = $domain;
>>
>> The problem with that approach is that it only works if the domain part
>> of your SIP URI resolves to your CE IP in an A or AAAA record and
>> doesn't point to a different host via SRV (e.g. your SIP domain is
>> sip.example.org, and this resolves to the IP of the CE, instead of
>> having an SRV record sip.example.org resolving to something else like
>> ce.sip.example.org, because Jitsi doesn't do an SRV lookup for the XCAP
>> host).
>>
>> In any case, the second approach should work quite well in cases without
>> SRV. We're going to push a fix for that in the next days.
>>
>> Andreas
>>
>>
>>
>> ______________________________**_________________
>> Spce-user mailing list
>> Spce-user at lists.sipwise.com
>> http://lists.sipwise.com/**listinfo/spce-user<http://lists.sipwise.com/listinfo/spce-user>
>>
>
> ______________________________**_________________
> Spce-user mailing list
> Spce-user at lists.sipwise.com
> http://lists.sipwise.com/**listinfo/spce-user<http://lists.sipwise.com/listinfo/spce-user>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/mailman/private/spce-user_lists.sipwise.com/attachments/20130628/d94a8a43/attachment.html>


More information about the Spce-user mailing list