Well, nevermind, problem solved, i found http://www.linux.org/docs/ldp/howto/archived/LDAP-Implementation-HOWTO/ssl.html that talks about stunnel, if anyone has a better solution though..
Regards, João Antunes On Sat, Sep 19, 2009 at 3:38 PM, Joao Antunes <[email protected]> wrote: > Just to make sure i'm correct about this, the ldap module of OpenSIPS > doesn't support TCP SSL connections aka TLS connections? > > Is there any way to go around this?! Something like a wrapper, has > anybody done that and can provide me some pointers? > > Thanks in advance, > João Antunes > > On Tue, Sep 15, 2009 at 2:15 PM, Bogdan-Andrei Iancu > <[email protected]> wrote: >> Hello João, >> >> >> João Antunes wrote: >>> >>> Hi! >>> >>> I would like to know if it's possible to use the LDAP module along with >>> the AUTH module to use LDAP for authenticating SIP users. Of course that >>> an attribute with the MD5 hash is needed in the LDAP, but i already have >>> that. >>> >> >> yes, you can have either raw text password, either the pre-calculated HA1 >> (MD5). >>> >>> My preliminary research points me in the direction of making a query >>> with the LDAP code to retrieve the hash and then use some function of >>> AUTH like pv_www_authorize >>> (http://www.opensips.org/html/docs/modules/1.5.x/auth.html#id271238) >>> where the $vars were set through the query to the LDAP. Also I think i >>> would have to set the parameter calculate_ha1 >>> (http://www.opensips.org/html/docs/modules/1.5.x/auth.html#id228275) not >>> to calculate the ha1 as it's possible to use the hash as it is straight >>> from the LDAP query. Am I right about this? >> >> yes, that is perfectly correct. >>> >>> I figured that there should >>> be already lots of people that implemented or tried to implement LDAP >>> authentication with OPENSIPS without the need to use RADIUS, so here are >>> my questions: >>> >>> Are the previous assumptions correct? >>> >> >> yes >>> >>> Is it possible to do LDAP authentication with OpenSIPS without the use >>> of the RADIUS server? >> >> if you do LDAP,why should you need RADIUS? the ldap support in OpenSIPS can >> directly connect to a LDAP server. >>> >>> is it convenient to do so? is there some kind of >>> catch for me not to have found anything related with that kind of direct >>> authentication (without the use of RADIUS) with LDAP? >>> >> >> maybe because it is not such a complicated thing :) (as you discover by >> yourself) >>> >>> Is this a good way to do this? >>> Am I missing something on what i need to do, would that suffice, is >>> there some kind of documentation, webpage, mail thread anybody can point >>> me to? >>> >> >> for simple auth purposes, I think you already found all the info. >> >> You might find useful the tutorial on auth with memcaching - there is an >> example of how to use the pv_auth function: >> http://www.opensips.org/Resources/DocsTutMemcache >> >> Regards, >> Bogdan >>> >>> Thanks in advance, >>> João Antunes >>> >>> >>> _______________________________________________ >>> Users mailing list >>> [email protected] >>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >>> >>> >> >> > _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
