On 10 Apr 2015, at 09:23, Marek Moravcik <marekmorav...@imafex.sk> wrote:
> Hello, > > I'd like to authenticate Kamailio users in LDAP. But it looks like > Kamailio need to download password from LDAP and authenticate > user on it's own. Is there any possibility to send password to LDAP > and let LDAP to say, if the user can be sign in? For MD5 Digest challenge-response authentication the cleartext password is needed. We do not get any cleartext password from the client, so the SIP auth server needs to calculate a hash based on the nonce (the challenge), the authentication realm and the secret. This hash is compared with the hash we get from the client. This is a good reason to run LDAP over TLS. /O _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
