[SR-Users] Authentication Feature Question
Daniel-Constantin Mierla
miconda at gmail.com
Tue Jan 3 16:07:47 CET 2012
Hello,
you can simply use 'domain.com' as realm parameter to authentication
function instead of $fd. Also build ha1 and ha1b with domain.com and
then you are safe no matter which sip server is used.
Of course you can build the realm by striping first token before '.' in
$fd and pass it to authentication functions, but not sure if makes sense
since it should be always domain.com
Cheers,
Daniel
On 1/3/12 3:15 PM, Ali Jawad wrote:
> Hi
> After some research it seems to me that the only way to achieve this
> is to "try" and change how hashing is done in the source code, a
> little bit too ambitious for me, and it means I will have loads of
> problems each time an upgrade is released.
>
> Or
>
> Use pseudovariables to fix the value of the $fd value to something
> constant, while this worked for values like $var(y) I was not able to
> assign/strip $fd to remove the subdomain part.
>
> Any input please ?
>
> Regards
>
> On Tue, Jan 3, 2012 at 2:06 PM, Ali Jawad<ali.jawad at splendor.net> wrote:
>> Hi
>> I do have 3 Kamailio servers, one for mobile phone registrations, one
>> for softphone registrations and one for SIP device registrations. Each
>> of those devices connects to it's perspective kamailio server
>>
>> sip1.domain.com
>> sip2.domain.com
>> sip3.domain.com
>>
>> All 3 Kamailio servers share the same database, and users can use
>> their kamailio user/pwd on any of the devices, now I want to use
>> encrypted passwords and remove clear text passwords from the database.
>> I did test with one server and all is fine,however if a user want to
>> register from the second kamailio server it does not work, basically
>> because the db domain entry from which the hash is created is
>> sip1.domain.com and stored in the db, while the user connects from to
>> sip2.domain.com this eventually generates a different hash.
>>
>> Is there anyway to overcome this ? Can I exclude Domain from Hash
>> generation ? Any other option that allows me to do the above ?
>>
>> Thanks
>
>
--
Daniel-Constantin Mierla -- http://www.asipto.com
http://linkedin.com/in/miconda -- http://twitter.com/miconda
More information about the sr-users
mailing list