diff --git a/src/modules/auth_db/auth_db_mod.c b/src/modules/auth_db/auth_db_mod.c
index faea44f612b..ce8baae8381 100644
--- a/src/modules/auth_db/auth_db_mod.c
+++ b/src/modules/auth_db/auth_db_mod.c
@@ -82,6 +82,7 @@ static int version_table_check = 1;
int calc_ha1 = 0;
int use_domain = 0; /* Use also domain when looking up in table */
+int force_generate_avps = 0; /* Even when user failed to authenticate */
db1_con_t* auth_db_handle = 0; /* database connection handle */
db_func_t auth_dbf;
@@ -128,6 +129,7 @@ static param_export_t params[] = {
{"use_domain", INT_PARAM, &use_domain },
{"load_credentials", PARAM_STRING, &credentials_list },
{"version_table", INT_PARAM, &version_table_check },
+ {"force_generate_avps", INT_PARAM, &force_generate_avps},
{0, 0, 0}
};
diff --git a/src/modules/auth_db/authorize.c b/src/modules/auth_db/authorize.c
index b45a2d128a3..4f8d9674549 100644
--- a/src/modules/auth_db/authorize.c
+++ b/src/modules/auth_db/authorize.c
@@ -294,13 +294,21 @@ static int digest_authenticate_hdr(sip_msg_t* msg, str *realm,
goto end;
}
+ /* Even when user failed to authenticate */
+ if (force_generate_avps) {
+ generate_avps(msg, result);
+ }
+
/* Recalculate response, it must be same to authorize successfully */
rauth = auth_api.check_response(&(cred->digest), method, ha1);
if(rauth==AUTHENTICATED) {
ret = AUTH_OK;
switch(auth_api.post_auth(msg, h, ha1)) {
case AUTHENTICATED:
- generate_avps(msg, result);
+ /* Only when user succeded to authenticate */
+ if (!force_generate_avps) {
+ generate_avps(msg, result);
+ }
break;
default:
ret = AUTH_ERROR;
diff --git a/src/modules/auth_db/authorize.h b/src/modules/auth_db/authorize.h
index e3638a25afa..fd26f39e75e 100644
--- a/src/modules/auth_db/authorize.h
+++ b/src/modules/auth_db/authorize.h
@@ -28,6 +28,8 @@
#include "../../core/parser/msg_parser.h"
#include "api.h"
+extern int force_generate_avps;
+
int auth_db_init(const str* db_url);
int auth_db_bind(const str* db_url);
void auth_db_close(void);
diff --git a/src/modules/auth_db/doc/auth_db_admin.xml b/src/modules/auth_db/doc/auth_db_admin.xml
index 654c889415d..422738e8690 100644
--- a/src/modules/auth_db/doc/auth_db_admin.xml
+++ b/src/modules/auth_db/doc/auth_db_admin.xml
@@ -300,6 +300,24 @@ modparam("auth_db", "version_table", 0)
+
+ force_generate_avps (integer)
+
+ If set to different than 0, the module will fetch user DB attributes even if authentication failed.
+
+
+ Default value is 0
(don't fetch user DB attributes if authentication failed).
+
+
+ force_generate_avps parameter usage
+
+...
+modparam("auth_db", "force_generate_avps", 1)
+...
+
+
+
+