I have ser running as a SIP proxy for SIP to SIP calls, and use digest authentication with MySQL for users. I'd like to add the ability for users to place calls to the PSTN through a switch that needs user authentication for PSTN invite requests. I have the same users set up in SER and on the switch, and if an invite request is made to SER for a PSTN number, I rewrite the host and t_relay it to the switch. My question is as follows: is SER able to forward user authentication info to the switch with the invite request? It's not obvious to me if or how this can be done...
John
SER keeps the authentication info in INVITEs and relays it further by default. The questions is whether the switch would be able to authenticate the user or not if the challenge was generated by ser.
It would be better to set another trust relation between ser and switch, based on ip, for example -- all requests coming from ser's ip are trustfully.
Daniel
On 6/20/2004 3:29 AM, John A. Hull wrote:
I have ser running as a SIP proxy for SIP to SIP calls, and use digest authentication with MySQL for users. I'd like to add the ability for users to place calls to the PSTN through a switch that needs user authentication for PSTN invite requests. I have the same users set up in SER and on the switch, and if an invite request is made to SER for a PSTN number, I rewrite the host and t_relay it to the switch. My question is as follows: is SER able to forward user authentication info to the switch with the invite request? It's not obvious to me if or how this can be done...
John
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
I'll look at the trust relationship with the switch. That's a good idea.
On Mon, 2004-06-21 at 05:56, Daniel-Constantin Mierla wrote:
SER keeps the authentication info in INVITEs and relays it further by default. The questions is whether the switch would be able to authenticate the user or not if the challenge was generated by ser.
It would be better to set another trust relation between ser and switch, based on ip, for example -- all requests coming from ser's ip are trustfully.
Daniel
On 6/20/2004 3:29 AM, John A. Hull wrote:
I have ser running as a SIP proxy for SIP to SIP calls, and use digest authentication with MySQL for users. I'd like to add the ability for users to place calls to the PSTN through a switch that needs user authentication for PSTN invite requests. I have the same users set up in SER and on the switch, and if an invite request is made to SER for a PSTN number, I rewrite the host and t_relay it to the switch. My question is as follows: is SER able to forward user authentication info to the switch with the invite request? It's not obvious to me if or how this can be done...
John
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
John A. Hull wrote:
I have ser running as a SIP proxy for SIP to SIP calls, and use digest authentication with MySQL for users. I'd like to add the ability for users to place calls to the PSTN through a switch that needs user authentication for PSTN invite requests. I have the same users set up in SER and on the switch, and if an invite request is made to SER for a PSTN number, I rewrite the host and t_relay it to the switch. My question is as follows: is SER able to forward user authentication info to the switch with the invite request? It's not obvious to me if or how this can be done...
It will forward this info automatically. SER doesn't strip any auth-related headers when forwarding the message leaving them "as is", so that your router should have no problem with using them for auth purposes.
-Maxim
Thanks for the info. The problem is that I was using kphone, which doesn't send the authorization info. I switched to an Xten phone and it worked perfectly.
On Mon, 2004-06-21 at 08:44, Maxim Sobolev wrote:
John A. Hull wrote:
I have ser running as a SIP proxy for SIP to SIP calls, and use digest authentication with MySQL for users. I'd like to add the ability for users to place calls to the PSTN through a switch that needs user authentication for PSTN invite requests. I have the same users set up in SER and on the switch, and if an invite request is made to SER for a PSTN number, I rewrite the host and t_relay it to the switch. My question is as follows: is SER able to forward user authentication info to the switch with the invite request? It's not obvious to me if or how this can be done...
It will forward this info automatically. SER doesn't strip any auth-related headers when forwarding the message leaving them "as is", so that your router should have no problem with using them for auth purposes.
-Maxim
-
Daniel-Constantin Mierla -
John A. Hull -
Maxim Sobolev