[sr-dev] [kamailio/kamailio] Custom Username Authentication (#1817)

Daniel-Constantin Mierla notifications at github.com
Fri Jan 25 10:19:30 CET 2019


In my opinion this does not make sense.

The username value is taken from the `username` field of `(Proxy-)Authorization` header and that is the value the UAC used to build the Digest response. If you use a different value, practically the authentication fails. The Digest response has the username hashed inside, the HA1 being `MD5(username:realm:password)`. To have a successful authentication, the same username must be used by server side as well.

If you just need to load the password by matching a different username, then sqlops can be used to do any kind of query. Anyhow pv_www_authenticate() doesn't do any database query.

In case you want to achieve something else, I would suggest to discuss first on sr-users mailing list to properly understand the needs. Again, this one with a custom username contradicts the authentication algorithm specs. I am closing this one for now, it can be reopened if there is a different conclusion after discussions on sr-users mailing list.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/1817#issuecomment-457508046
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20190125/6740ac0c/attachment.html>


More information about the sr-dev mailing list