<html>
  <head>
    <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <tt>Hi Abdul,<br>
      <br>
      Besides the digest auth, there is no other standard auth mechanism
      for SIP, AFAIK.<br>
      <br>
      If you have control over the SIP UAC, of course, you could try to
      build your own auth mechanism - OpenSIPS offers enough flexibility
      in terms of both header manipulation and data computing.<br>
      <br>
      Regards,<br>
    </tt>
    <pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
  OpenSIPS Founder and Developer
  <a class="moz-txt-link-freetext" href="http://www.opensips-solutions.com">http://www.opensips-solutions.com</a>

OpenSIPS Summit May 2017 Amsterdam
  <a class="moz-txt-link-freetext" href="http://www.opensips.org/events/Summit-2017Amsterdam.html">http://www.opensips.org/events/Summit-2017Amsterdam.html</a>
</pre>
    <div class="moz-cite-prefix">On 03/07/2017 10:26 AM, Abdul Basit
      wrote:<br>
    </div>
    <blockquote
cite="mid:CAGQG5MY85h4MGRghhOLxnXaS11tvO8QAhUSK4UFUX4Pqdm0HWg@mail.gmail.com"
      type="cite">
      <div dir="ltr">
        <div>
          <div>
            <div>Hi,<br>
              <br>
            </div>
            I have a scenario where I will create password <span
              style="color:rgb(153,0,0)">HASH</span> = <span
              style="color:rgb(153,0,0)">SALT</span> + <span
              style="color:rgb(32,18,77)">STRING</span> and save <span
              style="color:rgb(153,0,0)">SALT</span> and resulted <span
              style="color:rgb(153,0,0)">HASH</span> only in DB.<br>
            <br>
            I will transport random <span style="color:rgb(12,52,61)">STRING</span>
            value to my custom sip application as password.<br>
            <br>
          </div>
          Digest authentication is not comply with this requirement.<br>
          <br>
          Is that any supported authentication mechanism that can
          fulfill this requirement.<br>
        </div>
        or is there any more appropriate authentication mechanism by
        opensips/kamailio? <br>
        <div>
          <div><br>
          </div>
          <div>One of the objectives is in case DB will compromise,
            users passwords will not available because random <span
              style="color:rgb(12,52,61)">STRING will not store in DB.<br>
            </span></div>
          <div><br>
          </div>
          <div>Looking forward for suggestions and comments.<br>
            <br clear="all">
          </div>
          <div>
            <div>
              <div>
                <div class="gmail_extra">
                  <div>
                    <div class="gmail_signature">
                      <div><font size="2"><span
                            style="font-family:verdana,sans-serif"><span
                              style="color:rgb(39,78,19)">--<br>
                              regards,</span></span></font></div>
                      <font size="2"><span
                          style="font-family:verdana,sans-serif"><span
                            style="color:rgb(39,78,19)"><br>
                            abdul basit<br>
                          </span></span></font></div>
                  </div>
                </div>
              </div>
            </div>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>
<a class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>