Hi all Is it possible to authenticate both username,realm,password and alias with module authdb. Is an option like use_domain ??
Thanks cerit
Hello,
On 07/04/06 13:17, Fatih Cerit wrote:
Hi all Is it possible to authenticate both username,realm,password and alias with module authdb. Is an option like use_domain ??
the alias shows usually as callee address and you cannot authenticate the callee. Maybe I haven't got properly your question, in this case, please detail a bit what you need.
Cheers, Daniel
Thanks cerit
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
Hi Daniel
Here is 2 sample output of cisco ata186. The diffrence of request 2 is UseLoginID option marked at ata's config. If you check this option cisco sends an other username. This make a security problem because I am not authenticating UA with 1122334455 part of the request. This causes if a user authenticated with username ip and realm she have a freedom of using any alias at request 2. Is there any solution? Is it possible to add something to the db_auth module like use_callers_alias and query like where alias='1122334455' ?
Also callee's alias suits me to authenticate INVITEs.....
thanks Cerit
Request 1 -----------------------------------------------------------------------------
REGISTER sip:10.0.0.12 SIP/2.0 Via: SIP/2.0/UDP 10.0.0.14:5060 From: sip:1122334455@10.0.0.12;user=phone;tag=2427142844 To: sip:1122334455@10.0.0.12;user=phone Call-ID: 1429834209@10.0.0.14 CSeq: 2 REGISTER Contact: sip:1122334455@10.0.0.14:5060;user=phone;transport=udp;expires=3600 User-Agent: Cisco ATA 186v2.16 ata18x (030509a) Authorization: Digest username="1122334455",realm="10.0.0.12",nonce="44afef73f2c473946f81d203b45c4dcd1a78e0ae",uri="sip:10.0.0.12",response="16e5d3bed2d73598203d3a407fe57009",qop=auth,nc=00000001,cnonce="35509adc" Content-Length: 0
Request 2 ----------------------------------------------------------------------------- REGISTER sip:10.0.0.12 SIP/2.0 Via: SIP/2.0/UDP 10.0.0.14:5060 From: sip:1122334455@10.0.0.12;user=phone;tag=3900740504 To: sip:1122334455@10.0.0.12;user=phone Call-ID: 935846403@10.0.0.14 CSeq: 2 REGISTER Contact: sip:1122334455@10.0.0.14:5060;user=phone;transport=udp;expires=3600 User-Agent: Cisco ATA 186v2.16 ata18x (030509a) Authorization: Digest username="tests",realm="10.0.0.12",nonce="44afefdb3ddf735d6092d6e037f764996c5f5bb4",uri="sip:10.0.0.12",response="5b75736c99cf2578b873370fb9a98885",qop=auth,nc=00000001,cnonce="e355c8b8" Content-Length: 0
----- Original Message ----- From: "Daniel-Constantin Mierla" daniel@voice-system.ro To: "Fatih Cerit" fatih@intersan.com.tr Cc: users@openser.org Sent: Friday, July 07, 2006 11:28 AM Subject: Re: [Users] SQL digest authentication
Hello,
On 07/04/06 13:17, Fatih Cerit wrote:
Hi all Is it possible to authenticate both username,realm,password and alias with module authdb. Is an option like use_domain ??
the alias shows usually as callee address and you cannot authenticate the callee. Maybe I haven't got properly your question, in this case, please detail a bit what you need.
Cheers, Daniel
Thanks cerit
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
-
Daniel-Constantin Mierla -
Fatih Cerit