[OpenSIPS-Users] Authentication using LDAP attribute with MD5 hash.
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Tue Sep 15 15:15:40 CEST 2009
Hello João,
João Antunes wrote:
> Hi!
>
> I would like to know if it's possible to use the LDAP module along with
> the AUTH module to use LDAP for authenticating SIP users. Of course that
> an attribute with the MD5 hash is needed in the LDAP, but i already have
> that.
>
yes, you can have either raw text password, either the pre-calculated
HA1 (MD5).
> My preliminary research points me in the direction of making a query
> with the LDAP code to retrieve the hash and then use some function of
> AUTH like pv_www_authorize
> (http://www.opensips.org/html/docs/modules/1.5.x/auth.html#id271238)
> where the $vars were set through the query to the LDAP. Also I think i
> would have to set the parameter calculate_ha1
> (http://www.opensips.org/html/docs/modules/1.5.x/auth.html#id228275) not
> to calculate the ha1 as it's possible to use the hash as it is straight
> from the LDAP query. Am I right about this?
yes, that is perfectly correct.
> I figured that there should
> be already lots of people that implemented or tried to implement LDAP
> authentication with OPENSIPS without the need to use RADIUS, so here are
> my questions:
>
> Are the previous assumptions correct?
>
yes
> Is it possible to do LDAP authentication with OpenSIPS without the use
> of the RADIUS server?
if you do LDAP,why should you need RADIUS? the ldap support in OpenSIPS
can directly connect to a LDAP server.
> is it convenient to do so? is there some kind of
> catch for me not to have found anything related with that kind of direct
> authentication (without the use of RADIUS) with LDAP?
>
maybe because it is not such a complicated thing :) (as you discover by
yourself)
> Is this a good way to do this?
> Am I missing something on what i need to do, would that suffice, is
> there some kind of documentation, webpage, mail thread anybody can point
> me to?
>
for simple auth purposes, I think you already found all the info.
You might find useful the tutorial on auth with memcaching - there is an
example of how to use the pv_auth function:
http://www.opensips.org/Resources/DocsTutMemcache
Regards,
Bogdan
>
> Thanks in advance,
> João Antunes
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
More information about the Users
mailing list