On Thursday 31 October 2013, Charles Chance wrote: > On 31 Oct 2013 08:53, "Alex Hermann" <[email protected]> wrote: > > If not, then, imho, the admin already has plenty of possibilities > > (IP-based, > > > digest, TLS cert) to do authentication before calling that function. > > Why force one method if we can just leave it up to the admin to choose > > whatever fits best in his situation. > > But aren't we allowing the admin to potentially shoot themselves in the > foot, as Olle puts it?
Of course, but there are plenty ways to shoot oneself. Kamailio is not an end- user application. I see it more like a compiler than a word-processor. Certain capabilities are required to make an application with it. I prefer the freedom to choose whatever method fits best in my situation/application. I like the current way in which the admin decides how INVITE, PUBLISH, XMLRPC, DMQ, etc are authenticated and/or authorized. None of the (C-)code handling those methods need special authentication routines implemented, it can all be done from within the script. Implementing additional authorization methods inside DMQ will limit choice and create a higher burden on maintenance of the module. There are already to much functions in Kamailio which had only 1 specific use case in mind, where everyone needing a little bit different behavior implemented it separately. Look for example at the many ways to get and/or format date-time values. Let's not add even more. -- Greetings, Alex Hermann _______________________________________________ sr-dev mailing list [email protected] http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
