[Serusers] ldap+radius+ser

Kelvin Chua kchua at up.edu.ph
Thu Oct 16 04:12:08 CEST 2003


hi guys,

our university is using ldap as password storage for the authentication of several services like webmail, webproxy, etc. there are so little info regarding the implementation of ldap and http digest authentication (which sip use). we are trying to implement scenario where ser would authenticate vs a radius server, which in turn would query the ldap.

so far, we have only done authentication between 
ser<------->radius and radius<------->ldap, 
but not ser-->radius-->ldap 

i know that basic authentication would work but poses a big risk of the sip passwords being sniffed out of the network. now my question is, has anybody tried this kind of approach? still i think the best solution would be an ldap module for ser, probably a basic authentication over tls, coz ldap's digest auth support requires an sasl database which i think adds another point of failure. do you guys have any suggestion on how to approach this challenge? 

~kelvin

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20031016/212228f6/attachment.htm>


More information about the sr-users mailing list