[OpenSIPS-Devel] SSO integration = Custom auth module?
Sukhoroslov Denis
DSukhoroslov at scartel.ru
Mon Sep 8 13:07:30 CEST 2008
Hi,
Our company provides mobile internet via WiMAX network. There are many
services that can be accessed by our mobile clients via HTTP protocol.
Now we'd like to provide VoIP (and probably other IMS services in the
future) via SIP protocol. On the server side we're planning to use
OpenSIPS. All our HTTP services are integrated with one common
authentication module, so we have SSO between HTTP clients. Is it
possible to integrate SIP services with SSO as well?
This is how I can see it:
- We have a custom VoIP client app. During authentication
procedure with SIP server the app will append SSO token (if any) to the
REGISTER request. SSO token can be obtained from our common mobile SSO
token store.
- The auth module on the server side should check SSO token
first. If the token exists the auth module should communicate with SSO
server and validate token. If token is valid then the user considered as
authenticated and server must respond with 200 OK.
- If the token doesn't exist or is not valid then the regular
SIP authentication procedure starts. Auth module must respond with 401
Unauthorized.
- Client will provide login/password. Auth module will ask SSO
server to perform authentication.
- In case of success SSO server will open a new SSO session and
respond with new SSO token. Auth module must append the token to the
200 OK response.
- Client app stores SSO token to its common store.
Is it possible to provide such functionality with OpenSIPS, what do you
think? Do I need to develop a custom auth module for this, or can I use
some existing functionality? Any pointers or links on how to develop and
deploy custom modules would be very helpful.
Thanks, Denis.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/devel/attachments/20080908/23482874/attachment.htm
More information about the Devel
mailing list