Hi Abdul,
Besides the digest auth, there is no other standard auth mechanism for
SIP, AFAIK.
If you have control over the SIP UAC, of course, you could try to build
your own auth mechanism - OpenSIPS offers enough flexibility in terms of
both header manipulation and data computing.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
OpenSIPS Summit May 2017 Amsterdam
http://www.opensips.org/events/Summit-2017Amsterdam.html
On 03/07/2017 10:26 AM, Abdul Basit wrote:
Hi,
I have a scenario where I will create password HASH = SALT + STRING
and save SALT and resulted HASH only in DB.
I will transport random STRING value to my custom sip application as
password.
Digest authentication is not comply with this requirement.
Is that any supported authentication mechanism that can fulfill this
requirement.
or is there any more appropriate authentication mechanism by
opensips/kamailio?
One of the objectives is in case DB will compromise, users passwords
will not available because random STRING will not store in DB.
Looking forward for suggestions and comments.
--
regards,
abdul basit
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
