[OpenSIPS-Users] LDAP authentication issue

Tristan tristan at telemaque.fr
Wed Jun 3 10:49:12 CEST 2009 

Morning Leon,

Effectively the ldap_result writes the values requested by an 
ldap_search  in the avp specified.
The value returned as a result depends on what you stored in your directory.
If it's a hash, then you get an hash. If it's a text value, then you get 
that text value....


Simple exemple:
------------------------------------------------------------------------------------------------------------------------------------
modparam("auth", "username_spec", "$var(username)")
modparam("auth", "password_spec", "$avp(s:password)")

$var(username)=$fU;
ldap_search("ldap://sipaccounts/ou=people,dc=company,dc=fr??sub?cn=$fU");
ldap_result("sip_password/$avp(s:password)");

if (! pv_proxy_authorize("")) {
    proxy_challenge("", "1");
}
------------------------------------------------------------------------------------------------------------------------------------

@Henry: The ldap module only binds with the username/password specified 
in config file, not with a dynamic one.

Regards,

Gled

Leon Li a écrit :
> Hi Henry,
>
> Correct me if I understand is wrong. As in LDAP module, ldap_search will
> search the given LDAP URL and store results. Then
> ldap_result("ldap_attr/avp_spec") will write LDAP values into AVPs and
> compare with the one send by SIP request. So I think at least
> ldap_result should return a hashed password? 
>
> Thanks
> Leon  
>
> -----Original Message-----
> From: users-bounces at lists.opensips.org
> [mailto:users-bounces at lists.opensips.org] On Behalf Of Gavin Henry
> Sent: Wednesday, 3 June 2009 1:07 AM
> To: users at lists.opensips.org
> Subject: Re: [OpenSIPS-Users] LDAP authentication issue
>
> Why do you need to get the password? How does the LDAP module do it's
> authentication checks?
>
> Usually an LDAP client will just bind with the username and password
> supplied by client and if successful you've passed the test. There are
> other ways, but I need to check what the LDAP module docs.
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>

More information about the Users mailing list