[Serusers] SER and Asterisk authentication
Arek Bekiersz
sip at perceval.net
Fri Nov 25 19:45:08 CET 2005
Sure, in this case you need to add user into Radius/LDAP backend and
proceed as normally.
AFAIK there is no "third" solution here, except for "trusted" table.
--
Arek
Voipers Portugal wrote:
> Ok. That's the easy solution. However, that ain't protected againts IP
> spoofing problems. Isn't there a way to authenticate using users (with
> username and password)? So that, when Asterisk send an INVITE do SER,
> Asterisk should be a normal SER user, like any other user. I am using
> the following code to see if the invite is trusted or not:
>
> log(1, "INVITE not in table trusted\n");
> if (!radius_www_authorize("ser host")) {
> log(1, "INVITE not authorized, generating
> digest\n");
> www_challenge("ser host", "0");
> break;
> };
> log(1, "INVITE authorized\n");
>
> And this way, I think only the users that are in my LDAP database
> (contacted via radius) and registred to my ser host can make the calls.
> Am I correct?
More information about the sr-users
mailing list