[Serusers] Restrict registration to one user per login

Java Rockx javarockx at gmail.com
Wed Mar 23 16:16:25 CET 2005 

We're shipping UTstarcom iAN-02EX ATAs and these are fully remote
configurable as they query our Apache farm for their configuration
upon bootup (based on their MAC address).

So we have full control of the customer IAD, and the customer doesn't.

For softphones --- this is bad. Xten (eyebeam) AFAIK, do not have a
way to remotely configure them and therefore you have to give the SIP
proxy UID and PWD to the customer and we decided under no
circumstances will this be done on our network.

The solution for a softphone is to find one that will remotely
configure like the UTstarcom IAD. We're not shipping softphones so I
can't really help you there.

Regards,
Paul


On Wed, 23 Mar 2005 10:05:26 -0500, Dana Olson <rickaster at gmail.com> wrote:
> On Wed, 23 Mar 2005 09:14:42 -0500, Java Rockx <javarockx at gmail.com> wrote:
> > IMHO setting max_contacts is very dangerous because if you reboot your
> > SIP UA and your NAT device gives you a new port assignment, the you
> > will __fail__ to register if your previous contact AOR has not
> > expired.
> >
> > I think this is the hardest part of implementing a "per-seat"
> > configuration. You just don't know when a NAT will assign a new port
> > to a SIP UA.
> >
> > I gave up on this for this very reason. Our solution is to lock down
> > the SIP UAs and never let a customer get in to the settings (except
> > for the LAN/WAN settings).
> >
> > Regards,
> > Paul
> 
> Hey Paul, I hear you. I'm just saying that max_contacts is basically
> what we're attempting to accomplish, only in the stable banch of SER.
> And I've basically got it down to the point where the only time it
> locks me out is if A) someone is already logged in with that account,
> or B) my IP address changes. I also wrote a real quick CGI that will
> list all the users logged in, and if you click on any of them, it'll
> force them out of the location table, allowing someone else to login
> (or re-login, if the IP changed).
> 
> However, if my superiors find this to not be an acceptable solution,
> I'd like to know what you are using, and how did you lock it down? We
> tried with SJphone and had some success, but the quality just doesn't
> compare to eyeBeam. We managed to lockdown eyeBeam a bit, but users
> can still get into the settings. I'd appreciate your insight.
> --
> Dana
>

More information about the sr-users mailing list