[SR-Users] using bcrypt passwd hashing
Yuriy Gorlichenko
ovoshlook at gmail.com
Mon Nov 13 10:40:10 CET 2017
Hi Daniel
Some Single Sign On system.
for example in the system that has multiple services but all works via one
auth service by token for example.
So in this case i changed standart-auth-SIP scheme to the token-based-auth
scheme.
Offcource it is not for mainstream clients software.
2017-11-13 11:22 GMT+03:00 Daniel-Constantin Mierla <miconda at gmail.com>:
>
>
> On 12.11.17 10:33, Yuriy Gorlichenko wrote:
>
> You can realize any of auth methods by yourself and include it via config
> file/kemi on lua/by adding module
>
> forexample I added SSO auth without any troubles instead of basid MD5 for
> some projects.
>
> Out of curiosity, what do you refer by SSO?
>
> Cheers,
> Daniel
>
>
> 2017-11-11 18:49 GMT+03:00 Alex Balashov <abalashov at evaristesys.com>:
>
>> Do you know of any mainstream SIP UACs which support anything other than
>> standard MD5 digest auth?
>>
>> On November 10, 2017 7:11:26 PM EST, "Walter Martín Villalba" <
>> wvillalba at gmail.com> wrote:
>> >Hello,
>> >
>> >I did some searches online and talked to some colleagues and it seems
>> >Kamailio only supports the traditional HTTP digest authentication,
>> >which
>> >uses MD5. I would like to know if any of you has been successful in
>> >using
>> >bcrypt/scrypt/pbkdf2 passwd hashing, instead of MD5, which has been
>> >deemed
>> >as obsolete and insecure a long time ago. Perhaps you've written your
>> >own
>> >auth module, or just modified the config script to call some other
>> >credential checking routine using a custom python/perl script (I'm
>> >thinking
>> >of doing the latter, of nothing better is available).
>> >
>> >If any of you have done something like this, using bcrypt or any other
>> >current and secure hashing algorithm, I would appreciate some guidance.
>> > If
>> >you haven't, aren't you concerned about storing MD5 password hashes in
>> >your
>> >database?
>> >
>> >Note: if I can't find a good answer using this list, I will try the
>> >developer's list next.
>> >
>> >Thanks in advance,
>> >
>> >Martín.
>>
>>
>> -- Alex
>>
>> --
>> Sent via mobile, please forgive typos and brevity.
>>
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
>
>
>
> _______________________________________________
> Kamailio (SER) - Users Mailing Listsr-users at lists.kamailio.orghttps://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
>
> --
> Daniel-Constantin Mierlawww.twitter.com/miconda -- www.linkedin.com/in/miconda
> Kamailio Advanced Training, Nov 13-15, 2017, in Berlin - www.asipto.com
> Kamailio World Conference - www.kamailioworld.com
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20171113/aa33d4dd/attachment.html>
More information about the sr-users
mailing list