[SR-Users] Disable basic authentication?
Skip Morse
gmorse at godaddy.com
Mon Jun 11 18:29:54 CEST 2018
Awesome, thanks for the clarification!
From: Daniel-Constantin Mierla <miconda at gmail.com>
Sent: Sunday, June 10, 2018 11:35 PM
To: Kamailio (SER) - Users Mailing List <sr-users at lists.kamailio.org>; Skip Morse <gmorse at godaddy.com>
Subject: Re: [SR-Users] Disable basic authentication?
Hello,
SIP uses only digest auth, basic auth is not implemented by clients or servers.
Cheers,
Daniel
On 08.06.18 21:41, Skip Morse wrote:
Hi All,
I couldn't get a clear answer from the documentation. Based on the description of www_authenticate and proxy_authenticate:
" The function verifies credentials according to RFC2617. If the credentials are verified successfully then the function will succeed and mark the credentials as authorized (marked credentials can be later used by some other functions). If the function was unable to verify the credentials for some reason then it will fail and the script should call www_challenge which will challenge the user again."
The RFC outlines basic and digest auth. Is there a way to disable the ability for a UA to use basic auth? Or maybe these is disabled already?
I'm likely understanding this wrong, it seems to me that it's allowed for a UA to auth with basic even if the challenge is for digest. Any clarification would be helpful.
Thanks!
-Skip
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users at lists.kamailio.org<mailto:sr-users at lists.kamailio.org>
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla -- www.asipto.com<http://www.asipto.com>
www.twitter.com/miconda<http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda<http://www.linkedin.com/in/miconda>
Kamailio World Conference -- www.kamailioworld.com<http://www.kamailioworld.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20180611/64dcfbfb/attachment.html>
More information about the sr-users
mailing list