[OpenSIPS-Users] SIP password auth mechanism
Abdul Basit
basit.engg at gmail.com
Wed Mar 8 11:53:35 EST 2017
Hi Bogdan,
I am using PJSIP as UAC and Opensips as UAS with radius for AAA.
I wanted to avoid getting into the code but let me check the flexibility.
Thank you for your reply :)
--
regards,
abdul basit
On Wed, Mar 8, 2017 at 1:34 AM, Bogdan-Andrei Iancu <bogdan at opensips.org>
wrote:
> Hi Abdul,
>
> Besides the digest auth, there is no other standard auth mechanism for
> SIP, AFAIK.
>
> If you have control over the SIP UAC, of course, you could try to build
> your own auth mechanism - OpenSIPS offers enough flexibility in terms of
> both header manipulation and data computing.
>
> Regards,
>
> Bogdan-Andrei Iancu
> OpenSIPS Founder and Developer
> http://www.opensips-solutions.com
>
> OpenSIPS Summit May 2017 Amsterdam
> http://www.opensips.org/events/Summit-2017Amsterdam.html
>
> On 03/07/2017 10:26 AM, Abdul Basit wrote:
>
> Hi,
>
> I have a scenario where I will create password HASH = SALT + STRING and
> save SALT and resulted HASH only in DB.
>
> I will transport random STRING value to my custom sip application as
> password.
>
> Digest authentication is not comply with this requirement.
>
> Is that any supported authentication mechanism that can fulfill this
> requirement.
> or is there any more appropriate authentication mechanism by
> opensips/kamailio?
>
> One of the objectives is in case DB will compromise, users passwords will
> not available because random STRING will not store in DB.
>
> Looking forward for suggestions and comments.
>
> --
> regards,
>
> abdul basit
>
>
> _______________________________________________
> Users mailing listUsers at lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20170308/c46f8766/attachment-0001.html>
More information about the Users
mailing list