<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1264" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>hi guys,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>our university is using ldap as password
storage for the authentication of several services like webmail,
webproxy, etc. there are so little info regarding the implementation of
ldap and http digest authentication (which sip use). we are trying to implement
scenario where ser would authenticate vs a radius server, which in turn would
query the ldap.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>so far, we have only done authentication
between </FONT></DIV>
<DIV><FONT face=Arial size=2>ser<------->radius and
radius<------->ldap, </FONT></DIV>
<DIV><FONT face=Arial size=2>but not </FONT><FONT face=Arial
size=2>ser-->radius-->ldap</FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>i know that basic authentication would work but
poses a big risk of the sip passwords being sniffed out of the network. now
my question is, has anybody tried this kind of approach? still i think the best
solution would be an ldap module for ser, probably a basic authentication over
tls, coz</FONT><FONT face=Arial size=2> ldap's digest auth support
requires an sasl database </FONT><FONT face=Arial size=2>which i think adds
another point of failure. do you guys have any suggestion on how to
approach this challenge? </FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>~kelvin</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV></BODY></HTML>